PC feels bad. Many infections:Trojan.Win32.Generic.pak!cobra, Trojan.Win32.Generic!BT
Hi there, some days ago my PC get infected by Skype. Windows popped up and the program sent message to all my contact list.
Since then all my antimalware software start finding many infections a day.
Note: Windows automatic update is disabled and I can't enable it. Further in account manager I found an account named "ASP.NET Machine A...". I don't know what is this for.
As in the forum rules I installed and run the latest version of Ad-aware and run DDS. Here below the logs.
Thanks for all the help you could give.
toros
Since then all my antimalware software start finding many infections a day.
Note: Windows automatic update is disabled and I can't enable it. Further in account manager I found an account named "ASP.NET Machine A...". I don't know what is this for.
As in the forum rules I installed and run the latest version of Ad-aware and run DDS. Here below the logs.
Thanks for all the help you could give.
toros
0
-
[quote]Further in account manager I found an account named "ASP.NET Machine A...". I don't know what is this for.[/quote]That is normal.
Please, paste logs directly into your answer instead of attaching them.
Please, follow the instructions on http://www.bleepingcomputer.com/combofix/how-to-use-combofix for installing and running ComboFix.
Read carefully and note the "Disclaimer of warranty"!
Paste the content of the log into your answer.0 -
Hi CeciliaB,
so late because I was out for some days.
Here the logs you asked for.
Thanks so much for helping me.
toros
xxx DDS.txt:
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by alessio at 17:51:36 on 2012-02-08
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.2047.1185 [GMT 1:00]
.
AV: eScan Anti-Virus (AV) Edition per Windows *Disabled/Updated* {E25EE26A-7512-411E-BAF6-D9AFA504A475}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
FW: eScan Anti-Virus (AV) Edition per Windows *Disabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Programmi\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe
c:\progra~1\escan\EconSer.exe
C:\DOCUME~1\ALLUSE~1\DATIAP~1\MICROW~1\eScanBD\avpmapp.exe
c:\progra~1\escan\eConceal.exe
C:\PROGRA~1\eScan\TRAYSSER.EXE
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\eScan\consctl.exe
C:\PROGRA~1\FILECO~1\MICROW~1\Agent\MWASER.EXE
C:\PROGRA~1\FILECO~1\MICROW~1\Agent\MWAgent.exe
C:\Programmi\File comuni\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Programmi\Viewpoint\Common\ViewpointService.exe
C:\Programmi\Autodesk Network License Manager\lmgrd.exe
C:\Programmi\Autodesk Network License Manager\adskflex.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Programmi\Analog Devices\SoundMAX\SMax4.exe
C:\Programmi\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\SSLEmptyCache.exe
C:\PROGRA~1\eScan\TRAYICOS.EXE
C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\File comuni\LightScribe\LightScribeControlPanel.exe
C:\PROGRA~1\eScan\Vista\eScanMon.exe
C:\Programmi\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\Lavasoft\Ad-Aware\AAWTray.exe
C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
C:\Documents and Settings\alessio\Dati applicazioni\Dropbox\bin\Dropbox.exe
C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\File comuni\Java\Java Update\jucheck.exe
C:\Programmi\Adobe\Reader 9.0\Reader\AcroRd32Info.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.it/
uSearch Page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mSearch Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
mSearchAssistant = hxxp://www.google.com/ie
mURLSearchHooks: H - No File
BHO: HelperObject Class: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\programmi\techsmith\snagit 8\SnagItBHO.dll
BHO: AC-Pro: {0fb6a909-6086-458f-bd92-1f8ee10042a0} - c:\programmi\autocompletepro\AutocompletePro.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\programmi\file comuni\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\programmi\google\google toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\programmi\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\programmi\google\googletoolbarnotifier\5.7.7227.1100\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\programmi\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\programmi\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
TB: SnagIt: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\programmi\techsmith\snagit 8\SnagItIEAddin.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\programmi\google\google toolbar\GoogleToolbar_32.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
uRun: [LightScribe Control Panel] c:\programmi\file comuni\lightscribe\LightScribeControlPanel.exe -hidden
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\programmi\file comuni\ahead\lib\NMBgMonitor.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] "c:\programmi\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [JMB36X IDE Setup] c:\windows\jm\JMInsIDE.exe
mRun: [JMB36X Configure] c:\windows\system32\JMRaidSetup.exe boot
mRun: [Acrobat Assistant 7.0] "c:\programmi\adobe\acrobat 7.0\distillr\Acrotray.exe"
mRun: [NeroFilterCheck] c:\programmi\file comuni\ahead\lib\NeroCheck.exe
mRun: [SoundMax] "c:\programmi\analog devices\soundmax\SMax4.exe" /tray
mRun: [SoundMAXPnP] c:\programmi\analog devices\core\smax4pnp.exe
mRun: [SSLEmptyCache] c:\windows\system32\SSLEmptyCache.exe
mRun: [eScan Updater] c:\progra~1\escan\TRAYICOS.EXE /App
mRun: [MailScan Dispatcher] "c:\progra~1\escan\LAUNCH.EXE" /startup
mRun: [Adobe Reader Speed Launcher] "c:\programmi\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\programmi\file comuni\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\programmi\quicktime\qttask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\programmi\file comuni\java\java update\jusched.exe"
mRun: [APSDaemon] "c:\programmi\file comuni\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\programmi\itunes\iTunesHelper.exe"
StartupFolder: c:\docume~1\alessio\menuav~1\progra~1\esecuz~1\dropbox.lnk - c:\documents and settings\alessio\dati applicazioni\dropbox\bin\Dropbox.exe
StartupFolder: c:\docume~1\alluse~1\menuav~1\progra~1\esecuz~1\adobeg~1.lnk - c:\programmi\file comuni\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\menuav~1\progra~1\esecuz~1\avviov~1.lnk - c:\windows\installer\{ac76ba86-1034-4700-7760-000000000002}\SC_Acrobat.exe
IE: Converti destinazione link in Adobe PDF - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti destinazione link in PDF esistente - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti in Adobe PDF - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti in PDF esistente - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti link selezionati in Adobe PDF - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Converti link selezionati in PDF esistente - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Converti selezione a PDF esistente - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti selezione in Adobe PDF - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&sporta in Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\programmi\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\programmi\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {15D151C8-5180-43C1-9360-4D794663BD6E} - hxxp://www.crs.regione.lombardia.it/components/OcsKitCittadino.cab
DPF: {3263F297-5CB9-4D8C-A2DB-CDFB8C69CB6D} - hxxp://www.crs.regione.lombardia.it/components/OcxCertUpdate.cab
DPF: {3BB1D69B-A780-4BE1-876E-F3D488877135} - hxxp://download.microsoft.com/download/B/8/1/B819F609-76B3-42C6-8B66-D85CC971DCF9/VirtualEarth3D.cab
DPF: {4384AA75-43AB-4095-84F9-C5B35EC62B5D} - hxxp://www.crs.regione.lombardia.it/components/OcxCrsInfo.cab
DPF: {877E14A6-0ACF-4509-8CF3-E4A0F4ED46F4} - hxxp://supportsiss.lispa.it/components/pdlc.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: Interfaces\{3D377DF3-EE1F-4154-8E0B-868F1450E22F} : NameServer = 212.216.112.112
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\programmi\skype\toolbars\internet explorer\skypeieplugin.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: eSLogOn - eSLogOn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Eudora's Shell Extension: {edb0e980-90bd-11d4-8599-0008c7d3b6f8} - c:\programmi\qualcomm\eudora\EuShlExt.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\programmi\file comuni\lightscribe\LSRunOnce.exe"
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2012-2-8 64512]
R2 ArcGIS License Manager;ArcGIS License Manager;c:\progra~1\esri\license\arcgis9x\lmgrd.exe [2009-7-10 1372160]
R2 EconService;eConServ;c:\progra~1\escan\EconSer.exe [2010-5-5 842760]
R2 eScan-trayicos;eScan Server-Updater;c:\progra~1\escan\TRAYSSER.EXE [2010-5-5 272904]
R2 eScan Monitor Service;eScan Monitor Service;c:\docume~1\alluse~1\datiap~1\microw~1\escanbd\avpmapp.exe [2010-5-5 1336504]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\programmi\lavasoft\ad-aware\AAWService.exe [2011-12-23 2152152]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\programmi\viewpoint\common\ViewpointService.exe [2009-1-20 24652]
R2 viz 2005;viz 2005;c:\programmi\autodesk network license manager\lmgrd.exe [2002-10-17 607232]
R3 econceal;MicroWorld Technologies Network Service;c:\windows\system32\drivers\econceal.sys [2010-5-5 26632]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\programmi\lavasoft\ad-aware\kernexplorer.sys [2011-12-23 15232]
R3 ProcObsrves;ProcObsrves;c:\progra~1\escan\ProcObsrves.sys [2010-5-5 17928]
S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\google\update\GoogleUpdate.exe [2010-10-12 135664]
S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usbxp.sys [2010-1-29 24832]
S3 gupdatem;Servizio Google Update (gupdatem);c:\programmi\google\update\GoogleUpdate.exe [2010-10-12 135664]
.
=============== Created Last 30 ================
.
2012-02-08 16:09:54 16432 ----a-w- c:\windows\system32\lsdelete.exe
2012-02-08 10:36:39 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2012-02-08 10:29:42 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2012-02-08 10:29:35 -------- d-----w- c:\programmi\Lavasoft
2012-02-07 12:04:14 -------- d---a-w- c:\windows\rundll16.exe
2012-02-07 12:04:14 -------- d---a-w- c:\windows\logo1_.exe
2012-02-02 11:04:50 388096 ----a-r- c:\documents and settings\alessio\dati applicazioni\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2012-01-31 17:00:24 29184 ----a-w- c:\windows\system32\drivers\usbccid.sys
.
==================== Find3M ====================
.
2012-01-11 08:07:47 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-30 08:49:55 1045000 ----a-w- c:\windows\system32\test2.exe
2011-12-21 12:00:39 54016 ----a-w- c:\windows\system32\drivers\cdsa.sys
2011-12-21 08:06:23 1858056 ----a-w- c:\windows\system32\contfilt.dll
2011-12-21 08:06:17 572928 ----a-w- c:\windows\system32\msvcp90.dll
2011-12-21 08:06:16 655872 ----a-w- c:\windows\system32\msvcr90.dll
2011-12-21 08:04:51 1041928 ----a-w- c:\windows\system32\BACKUP.93751039.test2.exe
2011-12-10 14:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-25 21:57:07 293888 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 14:40:20 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-20 06:12:28 60928 ----a-w- c:\windows\system32\packager.exe
2011-11-16 14:22:12 354816 ----a-w- c:\windows\system32\winhttp.dll
2011-11-16 14:22:11 152064 ----a-w- c:\windows\system32\schannel.dll
.
============= FINISH: 17.51.49.42 ===============
xxx Attach.txt:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 19/10/2007 10.45.26
System Uptime: 08/02/2012 17.37.23 (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P5B
Processor: Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz | Socket 775 | 2329/333mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 298 GiB total, 209.521 GiB free.
D: is CDROM ()
Z: is NetworkDisk (NTFS) - 75 GiB total, 8.033 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: Nokia Windows Portable Device Driver
Device ID: ROOT\WPD\0000
Manufacturer: Nokia
Name: N78
PNP Device ID: ROOT\WPD\0000
Service: WUDFRd
.
==== System Restore Points ===================
.
RP451: 10/11/2011 11.43.50 - Punto di arresto del sistema
RP452: 10/11/2011 17.00.20 - Software Distribution Service 3.0
RP453: 11/11/2011 17.00.19 - Software Distribution Service 3.0
RP454: 14/11/2011 14.46.41 - Punto di arresto del sistema
RP455: 15/11/2011 19.54.44 - Punto di arresto del sistema
RP456: 17/11/2011 16.17.04 - Punto di arresto del sistema
RP457: 18/11/2011 16.57.10 - Punto di arresto del sistema
RP458: 21/11/2011 13.57.46 - Punto di arresto del sistema
RP459: 22/11/2011 17.37.13 - Punto di arresto del sistema
RP460: 24/11/2011 9.38.55 - Punto di arresto del sistema
RP461: 25/11/2011 11.01.03 - Punto di arresto del sistema
RP462: 29/11/2011 10.06.40 - Punto di arresto del sistema
RP463: 30/11/2011 10.45.20 - Punto di arresto del sistema
RP464: 01/12/2011 11.20.49 - Punto di arresto del sistema
RP465: 02/12/2011 11.59.50 - Punto di arresto del sistema
RP466: 05/12/2011 14.36.58 - Punto di arresto del sistema
RP467: 06/12/2011 14.37.21 - Punto di arresto del sistema
RP468: 07/12/2011 15.55.50 - Punto di arresto del sistema
RP469: 09/12/2011 10.14.43 - Punto di arresto del sistema
RP470: 12/12/2011 10.36.57 - Punto di arresto del sistema
RP471: 13/12/2011 11.00.09 - Punto di arresto del sistema
RP472: 14/12/2011 9.42.30 - Software Distribution Service 3.0
RP473: 15/12/2011 10.12.25 - Punto di arresto del sistema
RP474: 16/12/2011 15.10.18 - Punto di arresto del sistema
RP475: 19/12/2011 11.41.02 - Punto di arresto del sistema
RP476: 20/12/2011 14.39.39 - Punto di arresto del sistema
RP477: 21/12/2011 14.51.48 - Punto di arresto del sistema
RP478: 22/12/2011 15.31.46 - Punto di arresto del sistema
RP479: 23/12/2011 17.37.37 - Punto di arresto del sistema
RP480: 27/12/2011 9.34.30 - Punto di arresto del sistema
RP481: 28/12/2011 14.44.45 - Punto di arresto del sistema
RP482: 30/12/2011 10.06.33 - Punto di arresto del sistema
RP483: 09/01/2012 9.55.29 - Punto di arresto del sistema
RP484: 10/01/2012 12.49.49 - Punto di arresto del sistema
RP485: 11/01/2012 13.48.37 - Punto di arresto del sistema
RP486: 11/01/2012 19.02.25 - Software Distribution Service 3.0
RP487: 13/01/2012 10.10.10 - Punto di arresto del sistema
RP488: 14/01/2012 11.31.18 - Punto di arresto del sistema
RP489: 16/01/2012 10.58.02 - Punto di arresto del sistema
RP490: 17/01/2012 12.48.33 - Punto di arresto del sistema
RP491: 18/01/2012 14.45.37 - Punto di arresto del sistema
RP492: 20/01/2012 14.29.14 - Punto di arresto del sistema
RP493: 23/01/2012 12.22.17 - Punto di arresto del sistema
RP494: 24/01/2012 10.50.37 - Removed Skype™ 5.5
RP495: 25/01/2012 11.27.19 - Punto di arresto del sistema
RP497: 27/01/2012 9.17.15 - Software Distribution Service 3.0
RP498: 30/01/2012 12.42.21 - Punto di arresto del sistema
RP499: 01/02/2012 11.13.58 - Punto di arresto del sistema
RP500: 02/02/2012 11.21.45 - Punto di arresto del sistema
RP501: 02/02/2012 12.04.48 - Installed HiJackThis
RP502: 03/02/2012 14.49.30 - Punto di arresto del sistema
RP503: 06/02/2012 11.10.54 - Punto di arresto del sistema
RP504: 07/02/2012 11.31.38 - Punto di arresto del sistema
RP505: 08/02/2012 11.29.03 - Installed Ad-Aware
RP506: 08/02/2012 11.29.33 - Installed Ad-Aware
.
==== Installed Programs ======================
.
2007 Microsoft Office system
Ad-Aware
Adobe Acrobat 7.0 Professional - Español, Italiano, Português
Adobe Acrobat 7.1.0 Professional - Español, Italiano, Português
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Photoshop CS
Adobe Reader 9.4.4 - Italiano
Adobe Shockwave Player 11.6
Adobe SVG Viewer 3.0
Advanced PDF Password Recovery
Aggiornamento critico per Windows Media Player 11 (KB959772)
Aggiornamento della protezione per Windows Internet Explorer 7 (KB938127)
Aggiornamento della protezione per Windows Internet Explorer 7 (KB942615)
Aggiornamento della protezione per Windows Internet Explorer 7 (KB944533)
Aggiornamento della protezione per Windows Internet Explorer 7 (KB950759)
Aggiornamento della protezione per Windows Internet Explorer 7 (KB953838)
Aggiornamento della protezione per Windows Internet Explorer 7 (KB956390)
Aggiornamento della protezione per Windows Internet Explorer 7 (KB958215)
Aggiornamento della protezione per Windows Internet Explorer 7 (KB960714)
Aggiornamento della protezione per Windows Internet Explorer 7 (KB961260)
Aggiornamento della protezione per Windows Internet Explorer 7 (KB963027)
Aggiornamento della protezione per Windows Internet Explorer 7 (KB976325)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2183461)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2360131)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2416400)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2482017)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2497640)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2510531)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2530548)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2544521)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2559049)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2586448)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2618444)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB971961)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB976325)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB978207)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB981332)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB982381)
Aggiornamento della protezione per Windows Media Player (KB2378111)
Aggiornamento della protezione per Windows Media Player (KB911564)
Aggiornamento della protezione per Windows Media Player (KB952069)
Aggiornamento della protezione per Windows Media Player (KB954155)
Aggiornamento della protezione per Windows Media Player (KB968816)
Aggiornamento della protezione per Windows Media Player (KB973540)
Aggiornamento della protezione per Windows Media Player (KB975558)
Aggiornamento della protezione per Windows Media Player (KB978695)
Aggiornamento della protezione per Windows Media Player 11 (KB936782)
Aggiornamento della protezione per Windows Media Player 11 (KB954154)
Aggiornamento della protezione per Windows Media Player 6.4 (KB925398)
Aggiornamento della protezione per Windows Media Player 9 (KB936782)
Aggiornamento della protezione per Windows XP (KB2079403)
Aggiornamento della protezione per Windows XP (KB2115168)
Aggiornamento della protezione per Windows XP (KB2121546)
Aggiornamento della protezione per Windows XP (KB2160329)
Aggiornamento della protezione per Windows XP (KB2229593)
Aggiornamento della protezione per Windows XP (KB2259922)
Aggiornamento della protezione per Windows XP (KB2279986)
Aggiornamento della protezione per Windows XP (KB2286198)
Aggiornamento della protezione per Windows XP (KB2296011)
Aggiornamento della protezione per Windows XP (KB2296199)
Aggiornamento della protezione per Windows XP (KB2347290)
Aggiornamento della protezione per Windows XP (KB2360937)
Aggiornamento della protezione per Windows XP (KB2387149)
Aggiornamento della protezione per Windows XP (KB2393802)
Aggiornamento della protezione per Windows XP (KB2412687)
Aggiornamento della protezione per Windows XP (KB2419632)
Aggiornamento della protezione per Windows XP (KB2423089)
Aggiornamento della protezione per Windows XP (KB2436673)
Aggiornamento della protezione per Windows XP (KB2440591)
Aggiornamento della protezione per Windows XP (KB2443105)
Aggiornamento della protezione per Windows XP (KB2476490)
Aggiornamento della protezione per Windows XP (KB2476687)
Aggiornamento della protezione per Windows XP (KB2478960)
Aggiornamento della protezione per Windows XP (KB2478971)
Aggiornamento della protezione per Windows XP (KB2479628)
Aggiornamento della protezione per Windows XP (KB2479943)
Aggiornamento della protezione per Windows XP (KB2481109)
Aggiornamento della protezione per Windows XP (KB2483185)
Aggiornamento della protezione per Windows XP (KB2485376)
Aggiornamento della protezione per Windows XP (KB2485663)
Aggiornamento della protezione per Windows XP (KB2503658)
Aggiornamento della protezione per Windows XP (KB2503665)
Aggiornamento della protezione per Windows XP (KB2506212)
Aggiornamento della protezione per Windows XP (KB2506223)
Aggiornamento della protezione per Windows XP (KB2507618)
Aggiornamento della protezione per Windows XP (KB2507938)
Aggiornamento della protezione per Windows XP (KB2508272)
Aggiornamento della protezione per Windows XP (KB2508429)
Aggiornamento della protezione per Windows XP (KB2509553)
Aggiornamento della protezione per Windows XP (KB2511455)
Aggiornamento della protezione per Windows XP (KB2524375)
Aggiornamento della protezione per Windows XP (KB2535512)
Aggiornamento della protezione per Windows XP (KB2536276-v2)
Aggiornamento della protezione per Windows XP (KB2536276)
Aggiornamento della protezione per Windows XP (KB2544893-v2)
Aggiornamento della protezione per Windows XP (KB2544893)
Aggiornamento della protezione per Windows XP (KB2555917)
Aggiornamento della protezione per Windows XP (KB2562937)
Aggiornamento della protezione per Windows XP (KB2566454)
Aggiornamento della protezione per Windows XP (KB2567053)
Aggiornamento della protezione per Windows XP (KB2567680)
Aggiornamento della protezione per Windows XP (KB2570222)
Aggiornamento della protezione per Windows XP (KB2570947)
Aggiornamento della protezione per Windows XP (KB2584146)
Aggiornamento della protezione per Windows XP (KB2585542)
Aggiornamento della protezione per Windows XP (KB2592799)
Aggiornamento della protezione per Windows XP (KB2598479)
Aggiornamento della protezione per Windows XP (KB2603381)
Aggiornamento della protezione per Windows XP (KB2618451)
Aggiornamento della protezione per Windows XP (KB2619339)
Aggiornamento della protezione per Windows XP (KB2620712)
Aggiornamento della protezione per Windows XP (KB2624667)
Aggiornamento della protezione per Windows XP (KB2631813)
Aggiornamento della protezione per Windows XP (KB2633171)
Aggiornamento della protezione per Windows XP (KB2639417)
Aggiornamento della protezione per Windows XP (KB2646524)
Aggiornamento della protezione per Windows XP (KB923561)
Aggiornamento della protezione per Windows XP (KB923689)
Aggiornamento della protezione per Windows XP (KB938464-v2)
Aggiornamento della protezione per Windows XP (KB938464)
Aggiornamento della protezione per Windows XP (KB941569)
Aggiornamento della protezione per Windows XP (KB946648)
Aggiornamento della protezione per Windows XP (KB950760)
Aggiornamento della protezione per Windows XP (KB950762)
Aggiornamento della protezione per Windows XP (KB950974)
Aggiornamento della protezione per Windows XP (KB951066)
Aggiornamento della protezione per Windows XP (KB951376-v2)
Aggiornamento della protezione per Windows XP (KB951376)
Aggiornamento della protezione per Windows XP (KB951698)
Aggiornamento della protezione per Windows XP (KB951748)
Aggiornamento della protezione per Windows XP (KB952004)
Aggiornamento della protezione per Windows XP (KB952954)
Aggiornamento della protezione per Windows XP (KB953839)
Aggiornamento della protezione per Windows XP (KB954211)
Aggiornamento della protezione per Windows XP (KB954459)
Aggiornamento della protezione per Windows XP (KB954600)
Aggiornamento della protezione per Windows XP (KB955069)
Aggiornamento della protezione per Windows XP (KB956391)
Aggiornamento della protezione per Windows XP (KB956572)
Aggiornamento della protezione per Windows XP (KB956744)
Aggiornamento della protezione per Windows XP (KB956802)
Aggiornamento della protezione per Windows XP (KB956803)
Aggiornamento della protezione per Windows XP (KB956841)
Aggiornamento della protezione per Windows XP (KB956844)
Aggiornamento della protezione per Windows XP (KB957095)
Aggiornamento della protezione per Windows XP (KB957097)
Aggiornamento della protezione per Windows XP (KB958644)
Aggiornamento della protezione per Windows XP (KB958687)
Aggiornamento della protezione per Windows XP (KB958690)
Aggiornamento della protezione per Windows XP (KB958869)
Aggiornamento della protezione per Windows XP (KB959426)
Aggiornamento della protezione per Windows XP (KB960225)
Aggiornamento della protezione per Windows XP (KB960715)
Aggiornamento della protezione per Windows XP (KB960803)
Aggiornamento della protezione per Windows XP (KB960859)
Aggiornamento della protezione per Windows XP (KB961371)
Aggiornamento della protezione per Windows XP (KB961373)
Aggiornamento della protezione per Windows XP (KB961501)
Aggiornamento della protezione per Windows XP (KB968537)
Aggiornamento della protezione per Windows XP (KB969059)
Aggiornamento della protezione per Windows XP (KB969898)
Aggiornamento della protezione per Windows XP (KB969947)
Aggiornamento della protezione per Windows XP (KB970238)
Aggiornamento della protezione per Windows XP (KB970430)
Aggiornamento della protezione per Windows XP (KB971468)
Aggiornamento della protezione per Windows XP (KB971486)
Aggiornamento della protezione per Windows XP (KB971557)
Aggiornamento della protezione per Windows XP (KB971633)
Aggiornamento della protezione per Windows XP (KB971657)
Aggiornamento della protezione per Windows XP (KB971961)
Aggiornamento della protezione per Windows XP (KB972270)
Aggiornamento della protezione per Windows XP (KB973346)
Aggiornamento della protezione per Windows XP (KB973354)
Aggiornamento della protezione per Windows XP (KB973507)
Aggiornamento della protezione per Windows XP (KB973525)
Aggiornamento della protezione per Windows XP (KB973869)
Aggiornamento della protezione per Windows XP (KB973904)
Aggiornamento della protezione per Windows XP (KB974112)
Aggiornamento della protezione per Windows XP (KB974318)
Aggiornamento della protezione per Windows XP (KB974392)
Aggiornamento della protezione per Windows XP (KB974571)
Aggiornamento della protezione per Windows XP (KB975025)
Aggiornamento della protezione per Windows XP (KB975467)
Aggiornamento della protezione per Windows XP (KB975560)
Aggiornamento della protezione per Windows XP (KB975561)
Aggiornamento della protezione per Windows XP (KB975562)
Aggiornamento della protezione per Windows XP (KB975713)
Aggiornamento della protezione per Windows XP (KB977165)
Aggiornamento della protezione per Windows XP (KB977816)
Aggiornamento della protezione per Windows XP (KB977914)
Aggiornamento della protezione per Windows XP (KB978037)
Aggiornamento della protezione per Windows XP (KB978251)
Aggiornamento della protezione per Windows XP (KB978262)
Aggiornamento della protezione per Windows XP (KB978338)
Aggiornamento della protezione per Windows XP (KB978542)
Aggiornamento della protezione per Windows XP (KB978601)
Aggiornamento della protezione per Windows XP (KB978706)
Aggiornamento della protezione per Windows XP (KB979309)
Aggiornamento della protezione per Windows XP (KB979482)
Aggiornamento della protezione per Windows XP (KB979559)
Aggiornamento della protezione per Windows XP (KB979683)
Aggiornamento della protezione per Windows XP (KB979687)
Aggiornamento della protezione per Windows XP (KB980195)
Aggiornamento della protezione per Windows XP (KB980218)
Aggiornamento della protezione per Windows XP (KB980232)
Aggiornamento della protezione per Windows XP (KB980436)
Aggiornamento della protezione per Windows XP (KB981322)
Aggiornamento della protezione per Windows XP (KB981852)
Aggiornamento della protezione per Windows XP (KB981957)
Aggiornamento della protezione per Windows XP (KB981997)
Aggiornamento della protezione per Windows XP (KB982132)
Aggiornamento della protezione per Windows XP (KB982214)
Aggiornamento della protezione per Windows XP (KB982665)
Aggiornamento della protezione per Windows XP (KB982802)
Aggiornamento della sicurezza per Microsoft Windows (KB2564958)
Aggiornamento per Windows Internet Explorer 8 (KB2598845)
Aggiornamento per Windows Internet Explorer 8 (KB2632503)
Aggiornamento per Windows Internet Explorer 8 (KB975364)
Aggiornamento per Windows Internet Explorer 8 (KB976662)
Aggiornamento per Windows Internet Explorer 8 (KB980182)
Aggiornamento per Windows XP (KB2141007)
Aggiornamento per Windows XP (KB2345886)
Aggiornamento per Windows XP (KB2467659)
Aggiornamento per Windows XP (KB2492386)
Aggiornamento per Windows XP (KB2541763)
Aggiornamento per Windows XP (KB2607712)
Aggiornamento per Windows XP (KB2616676)
Aggiornamento per Windows XP (KB2641690)
Aggiornamento per Windows XP (KB951072-v2)
Aggiornamento per Windows XP (KB951978)
Aggiornamento per Windows XP (KB955759)
Aggiornamento per Windows XP (KB955839)
Aggiornamento per Windows XP (KB967715)
Aggiornamento per Windows XP (KB968389)
Aggiornamento per Windows XP (KB971029)
Aggiornamento per Windows XP (KB971737)
Aggiornamento per Windows XP (KB973687)
Aggiornamento per Windows XP (KB973815)
Aggiornamento rapido per Windows Internet Explorer 7 (KB947864)
Aggiornamento rapido per Windows Media Player 11 (KB939683)
Aggiornamento rapido per Windows XP (KB2158563)
Aggiornamento rapido per Windows XP (KB2443685)
Aggiornamento rapido per Windows XP (KB2570791)
Aggiornamento rapido per Windows XP (KB2633952)
Aggiornamento rapido per Windows XP (KB942288-v3)
Aggiornamento rapido per Windows XP (KB952287)
Aggiornamento rapido per Windows XP (KB961118)
Aggiornamento rapido per Windows XP (KB970653-v3)
Aggiornamento rapido per Windows XP (KB976098-v2)
Aggiornamento rapido per Windows XP (KB979306)
Aggiornamento rapido per Windows XP (KB981793)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcGIS Desktop
ArcGIS License Manager
ATI Catalyst Control Center
ATI Catalyst Install Manager
ATI HYDRAVISION
ATI Parental Control & Encoder
ATI Problem Report Wizard
AutoCAD 2008 - Italiano
AutocompletePro
Autodesk Design Review 2010
Autodesk DWF Viewer
Autodesk DWF Viewer 7
Autodesk Network License Manager
Autodesk Revit Architecture 2010
Autodesk VIZ 2005
AVIVO
Axtro
Axtro (C:\Programmi\Axtro\)
Bing Maps 3D
Bit4Id - PdL Cittadino per la CRS di Regione Lombardia - 1.2.12
Bonjour
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center HydraVision Full
Catalyst Control Center InstallProxy
Catalyst Control Center Localization Chinese Standard
Catalyst Control Center Localization Chinese Traditional
Catalyst Control Center Localization Czech
Catalyst Control Center Localization Danish
Catalyst Control Center Localization Dutch
Catalyst Control Center Localization Finnish
Catalyst Control Center Localization French
Catalyst Control Center Localization German
Catalyst Control Center Localization Greek
Catalyst Control Center Localization Hungarian
Catalyst Control Center Localization Italian
Catalyst Control Center Localization Japanese
Catalyst Control Center Localization Korean
Catalyst Control Center Localization Norwegian
Catalyst Control Center Localization Polish
Catalyst Control Center Localization Portuguese
Catalyst Control Center Localization Russian
Catalyst Control Center Localization Spanish
Catalyst Control Center Localization Swedish
Catalyst Control Center Localization Thai
Catalyst Control Center Localization Turkish
ccc-core-preinstall
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CENED - Regione Lombardia
Cened+
Core Temp version 0.99.8
CRS Kit 1.0
CRS Manager 3.1.2.0
Dropbox
EchoGema4.0
ER Mapper ECW JPEG 2000 Plug-in for Firefox [3.4.0.242]
ERDAS ECW JPEG 2000 Plug-in for Internet Explorer [9.3.2.66]
eScan Anti-Virus (AV) Edition per Windows
Eudora
FlashCAD_Composer
GemaVap4
Google Earth
Google SketchUp 6
Google SketchUp 6 Exporters
Google SketchUp 8
Google SketchUp LayOut 6
Google SketchUp Pro 6
Google Toolbar for Internet Explorer
Google Update Helper
High Definition Audio Driver Package - KB888111
HiJackThis
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB976002-v5)
Hotfix per Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
iTunes
Java Auto Updater
Java DB 10.4.2.1
Java(TM) 6 Update 26
Java(TM) SE Development Kit 6 Update 17
JMB36X Raid Configurer
LightScribe 1.6.45.1
Malwarebytes Anti-Malware versione 1.60.1.1000
Master Converter
MetraLib 4
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Italian Language Pack
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - ITA
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - ITA
Microsoft .NET Framework 3.5 - Language Pack SP1 (italiano)
Microsoft .NET Framework 3.5 Language Pack SP1 - ita
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Italian) 2007
Microsoft Office Excel MUI (Italian) 2007
Microsoft Office Outlook MUI (Italian) 2007
Microsoft Office PowerPoint MUI (Italian) 2007
Microsoft Office Professional Hybrid 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Italian) 2007
Microsoft Office Proofing (Italian) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Italian) 2007
Microsoft Office Shared MUI (Italian) 2007
Microsoft Office Word MUI (Italian) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (Italian) 12
Microsoft User-Mode Driver Framework Feature Pack 1.9
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - ITA
Microsoft Visual Studio Tools for Applications 2.0 Runtime
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - ITA
MSVC80_x86
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB933579)
Nero 7 Essentials
neroxml
Pacchetto driver Windows - Microsoft (USBCCID) SmartCardReader (08/01/2006 5.2.3790.2724)
Pacchetto driver Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Pacchetto provider Microsoft servizio crittografia smart card di base
Paint Shop Pro 7
PAN S
PC Connectivity Solution
PC Wizard 2008.1.84
PltPlotter 1.0
ProntoDLgs311
Python 2.5 numpy-1.0.3
Python 2.5.1
QuickTime
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Revit Architecture 2008
SafeCast Shared Components
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Sentinel Protection Installer 7.2.2
Sentinel System Driver
Skins
Skype Click to Call
SnagIt 8
Software per stampante EPSON
SoundMAX
Spelling Dictionaries Support For Adobe Reader 9
Suite Aster 4.1.10
swMSM
TerMus-G v.14.00a
The Lord of the Rings FREE Trial
THERM5
Tweak UI
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596686) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
VBA (2627.01)
VBA (2627.3)
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Visual Basic for Applications (R) Core
Visual Basic for Applications (R) Core - English
Vita Interactive Engine
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation
Windows XP Service Pack 3
WinRAR gestione archivi
WinZip
XML Paper Specification Shared Components Language Pack 1.0
XML Paper Specification Shared Components Pack 1.0
Xvid 1.2.2 final uninstall
.
==== End Of File ===========================
xxx ComboFix.log
ComboFix 12-02-13.01 - alessio 15/02/2012 9.52.17.5.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.2047.1383 [GMT 1:00]
Eseguito da: c:\documents and settings\alessio\Desktop\ComboFix.exe
AV: eScan Anti-Virus (AV) Edition per Windows *Disabled/Updated* {E25EE26A-7512-411E-BAF6-D9AFA504A475}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
FW: eScan Anti-Virus (AV) Edition per Windows *Disabled* {E25EE26A-7512-411E-BAF6-D9AFA504A475}
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\alessio\Dati applicazioni\EurekaLog
c:\documents and settings\alessio\Dati applicazioni\EurekaLog\EurekaLog.ini
c:\documents and settings\alessio\Impostazioni locali\Dati applicazioni\assembly\tmp
c:\documents and settings\alessio\WINDOWS
c:\documents and settings\All Users\Dati applicazioni\AMMYY
c:\documents and settings\All Users\Dati applicazioni\AMMYY\hr
c:\documents and settings\All Users\Dati applicazioni\AMMYY\settings.bin
c:\programmi\AutocompletePro
c:\programmi\AutocompletePro\64\AutocompletePro64.dll
c:\programmi\AutocompletePro\AutocompletePro.dll
c:\programmi\AutocompletePro\chrome\autocompleteprochrome.crx
c:\programmi\AutocompletePro\FireFoxExtension.exe
c:\programmi\AutocompletePro\InstTracker.exe
c:\programmi\AutocompletePro\support@predictad.com\chrome.manifest
c:\programmi\AutocompletePro\support@predictad.com\chrome\content\browserOverlay.xul
c:\programmi\AutocompletePro\support@predictad.com\chrome\content\options.js
c:\programmi\AutocompletePro\support@predictad.com\chrome\content\options.xul
c:\programmi\AutocompletePro\support@predictad.com\chrome\content\utils.js
c:\programmi\AutocompletePro\support@predictad.com\defaults\preferences\predictad.js
c:\programmi\AutocompletePro\support@predictad.com\install.rdf
c:\programmi\AutocompletePro\unins000.dat
c:\programmi\AutocompletePro\unins000.exe
c:\windows\BACKUP.15999202.killproc.exe
c:\windows\dasetup.log
c:\windows\regedit.com
c:\windows\ST6UNST.000
c:\windows\system32\BACKUP.93751039.test2.exe
c:\windows\system32\regobj.dll
c:\windows\system32\taskmgr.com
.
.
((((((((((((((((((((((((( Files Creati Da 2012-01-15 al 2012-02-15 )))))))))))))))))))))))))))))))))))
.
.
2012-02-14 12:04 . 2012-02-14 12:04 -------- d---a-w- c:\windows\rundll16.exe
2012-02-14 12:04 . 2012-02-14 12:04 -------- d---a-w- c:\windows\logo1_.exe
2012-02-08 16:09 . 2012-02-08 10:36 16432 ----a-w- c:\windows\system32\lsdelete.exe
2012-02-08 10:36 . 2012-02-08 10:36 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2012-02-08 10:29 . 2011-12-23 06:12 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2012-02-08 10:29 . 2012-02-08 10:29 -------- d-----w- c:\programmi\Lavasoft
2012-02-02 11:04 . 2012-02-02 11:04 388096 ----a-r- c:\documents and settings\alessio\Dati applicazioni\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-01-31 17:00 . 2006-06-14 12:53 29184 ----a-w- c:\windows\system32\drivers\usbccid.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-11 08:07 . 2011-08-02 06:56 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-30 08:49 . 2011-03-15 12:18 1045000 ----a-w- c:\windows\system32\test2.exe
2011-12-21 12:00 . 2011-12-21 12:00 54016 ----a-w- c:\windows\system32\drivers\cdsa.sys
2011-12-21 08:06 . 2010-05-05 15:57 1858056 ----a-w- c:\windows\system32\contfilt.dll
2011-12-21 08:06 . 2011-12-21 08:06 572928 ----a-w- c:\windows\system32\msvcp90.dll
2011-12-21 08:06 . 2011-12-21 08:06 655872 ----a-w- c:\windows\system32\msvcr90.dll
2011-12-10 14:24 . 2011-03-21 09:21 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-25 21:57 . 2007-08-02 12:00 293888 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 14:40 . 2007-08-02 12:00 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-20 06:12 . 2007-08-02 12:00 60928 ----a-w- c:\windows\system32\packager.exe
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\alessio\Dati applicazioni\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\alessio\Dati applicazioni\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\alessio\Dati applicazioni\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\alessio\Dati applicazioni\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\programmi\File comuni\LightScribe\LightScribeControlPanel.exe" [2007-05-15 484904]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 153136]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-10-12 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\JM\JMInsIDE.exe" [2006-10-30 36864]
"JMB36X Configure"="c:\windows\system32\JMRaidSetup.exe" [2006-10-30 1953792]
"Acrobat Assistant 7.0"="c:\programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2008-04-23 483328]
"NeroFilterCheck"="c:\programmi\File comuni\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SoundMAXPnP"="c:\programmi\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]
"SSLEmptyCache"="c:\windows\system32\SSLEmptyCache.exe" [2008-10-02 32768]
"eScan Updater"="c:\progra~1\eScan\TRAYICOS.EXE" [2010-05-28 3284488]
"MailScan Dispatcher"="c:\progra~1\eScan\LAUNCH.EXE" [2011-12-21 405512]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" [2010-11-29 421888]
"SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe" [2011-04-08 254696]
"APSDaemon"="c:\programmi\File comuni\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\programmi\iTunes\iTunesHelper.exe" [2011-10-09 421736]
.
c:\documents and settings\alessio\Menu Avvio\Programmi\Esecuzione automatica\
Dropbox.lnk - c:\documents and settings\alessio\Dati applicazioni\Dropbox\bin\Dropbox.exe [2011-9-2 24183152]
.
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Adobe Gamma Loader.lnk - c:\programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe [2008-4-10 113664]
Avvio veloce di Adobe Acrobat.lnk - c:\windows\Installer\{AC76BA86-1034-4700-7760-000000000002}\SC_Acrobat.exe [2007-11-8 25214]
.
[HKEY_LOCAL_MACHINE\software\policies\microsoft\windows\windowsupdate\au]
"NoAutoUpdate"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{EDB0E980-90BD-11D4-8599-0008C7D3B6F8}"= "c:\programmi\Qualcomm\Eudora\EuShlExt.dll" [2006-08-17 86016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\eSLogOn]
2009-11-05 15:55 654856 ----a-w- c:\windows\system32\eslogon.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ lsdelete
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Programmi\\Autodesk Network License Manager\\adskflex.exe"=
"c:\\Programmi\\Autodesk Network License Manager\\lmgrd.exe"=
"c:\\Programmi\\Autodesk VIZ 2005\\3dsviz.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"c:\\PROGRA~1\\eScan\\DOWNLOAD.EXE"=
"c:\\PROGRA~1\\eScan\\TRAYICOS.EXE"=
"c:\\PROGRA~1\\FILECO~1\\MICROW~1\\Agent\\MWAGENT.EXE"=
"c:\\PROGRA~1\\eScan\\LICENSE.EXE"=
"c:\\Programmi\\File comuni\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"c:\\Programmi\\iTunes\\iTunes.exe"=
"c:\\Documents and Settings\\alessio\\Dati applicazioni\\Dropbox\\bin\\Dropbox.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [08/02/2012 11.29.42 64512]
R2 ArcGIS License Manager;ArcGIS License Manager;c:\progra~1\ESRI\License\arcgis9x\lmgrd.exe [10/07/2009 17.32.18 1372160]
R2 EconService;eConServ;c:\progra~1\escan\EconSer.exe [05/05/2010 16.57.46 842760]
R2 eScan-trayicos;eScan Server-Updater;c:\progra~1\eScan\TRAYSSER.EXE [05/05/2010 16.57.20 272904]
R2 eScan Monitor Service;eScan Monitor Service;c:\docume~1\ALLUSE~1\DATIAP~1\MICROW~1\eScanBD\avpmapp.exe [05/05/2010 16.57.50 1336504]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\programmi\Viewpoint\Common\ViewpointService.exe [20/01/2009 10.38.19 24652]
R2 viz 2005;viz 2005;c:\programmi\Autodesk Network License Manager\lmgrd.exe [17/10/2002 8.30.02 607232]
R3 econceal;MicroWorld Technologies Network Service;c:\windows\system32\drivers\econceal.sys [05/05/2010 17.05.07 26632]
R3 ProcObsrves;ProcObsrves;c:\progra~1\eScan\ProcObsrves.sys [05/05/2010 16.57.35 17928]
S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [12/10/2010 14.52.55 135664]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\programmi\Lavasoft\Ad-Aware\AAWService.exe [23/12/2011 7.12.10 2152152]
S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usbxp.sys [29/01/2010 13.08.49 24832]
S3 gupdatem;Servizio Google Update (gupdatem);c:\programmi\Google\Update\GoogleUpdate.exe [12/10/2010 14.52.55 135664]
.
--- Altri Servizi/Drivers In Memoria ---
.
*Deregistered* - Lavasoft Kernexplorer
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-05-15 15:08 452136 ----a-w- c:\programmi\File comuni\LightScribe\LSRunOnce.exe
.
Contenuto della cartella 'Scheduled Tasks'
.
2012-02-15 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\programmi\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-12-23 10:36]
.
2012-02-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2011-06-01 10:34]
.
2012-02-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-10-12 13:52]
.
2012-02-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-10-12 13:52]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
IE: Converti destinazione link in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti destinazione link in PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti in PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti link selezionati in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Converti link selezionati in PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Converti selezione a PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti selezione in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
TCP: Interfaces\{3D377DF3-EE1F-4154-8E0B-868F1450E22F}: NameServer = 212.216.112.112
DPF: {15D151C8-5180-43C1-9360-4D794663BD6E} - hxxp://www.crs.regione.lombardia.it/components/OcsKitCittadino.cab
DPF: {3263F297-5CB9-4D8C-A2DB-CDFB8C69CB6D} - hxxp://www.crs.regione.lombardia.it/components/OcxCertUpdate.cab
DPF: {4384AA75-43AB-4095-84F9-C5B35EC62B5D} - hxxp://www.crs.regione.lombardia.it/components/OcxCrsInfo.cab
DPF: {877E14A6-0ACF-4509-8CF3-E4A0F4ED46F4} - hxxp://supportsiss.lispa.it/components/pdlc.cab
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-AutocompletePro3_is1 - c:\programmi\AutocompletePro\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [url="http://www.gmer.net"]http://www.gmer.net[/url]
Rootkit scan 2012-02-15 10:01
Windows 5.1.2600 Service Pack 3 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|ÿÿÿÿ"•€|þ»Ñw*]
"0140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
"0140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'winlogon.exe'(772)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
c:\windows\system32\eSLogOn.dll
c:\windows\system32\MPRUI.dll
.
Ora fine scansione: 2012-02-15 10:03:24
ComboFix-quarantined-files.txt 2012-02-15 09:03
.
Pre-Run: 224'973'680'640 byte disponibili
Post-Run: 227'744'882'688 byte disponibili
.
- - End Of File - - 922BF64B14E0C1057516A3AB9BD92F590 -
Hi toros,
You are welcome /smile.png' class='bbc_emoticon' alt=':)' />
Upload these files to http://www.virustotal.com/ one by one using the "Choose file" button (select reanalysis if asked) and post back the link to the scan report:
c:\windows\rundll16.exe
c:\windows\logo1_.exe
Please, post new DDS logs, too.0 -
Dear CecilaiB, in the windows folder these files appear as folders and not as file, so it seems not possible to scan them.. 0 -
Sorry, toros, I missed that. Further investigation shows that those folders probably are created by eScan. I hope the folders are empty.
Please, post new DDS logs and tell me how the computer is doing now.0 -
Well, CeciliaB, you are right, both of the folders are empty.
At the moment windows automatically update is still deactivated, and it is not possible to activate it.
Here below the new DDS' logs:
DDS.TXT:
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by alessio at 16:44:18 on 2012-02-15
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.2047.1094 [GMT 1:00]
.
AV: eScan Anti-Virus (AV) Edition per Windows *Disabled/Updated* {E25EE26A-7512-411E-BAF6-D9AFA504A475}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
FW: eScan Anti-Virus (AV) Edition per Windows *Disabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Programmi\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
c:\progra~1\escan\EconSer.exe
C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe
c:\progra~1\escan\eConceal.exe
C:\DOCUME~1\ALLUSE~1\DATIAP~1\MICROW~1\eScanBD\avpmapp.exe
C:\PROGRA~1\eScan\TRAYSSER.EXE
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\PROGRA~1\eScan\consctl.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\FILECO~1\MICROW~1\Agent\MWASER.EXE
C:\PROGRA~1\FILECO~1\MICROW~1\Agent\MWAgent.exe
C:\Programmi\File comuni\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Programmi\Viewpoint\Common\ViewpointService.exe
C:\Programmi\Autodesk Network License Manager\lmgrd.exe
C:\Programmi\Autodesk Network License Manager\adskflex.exe
C:\Programmi\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Programmi\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\SSLEmptyCache.exe
C:\PROGRA~1\eScan\TRAYICOS.EXE
C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\File comuni\LightScribe\LightScribeControlPanel.exe
C:\PROGRA~1\eScan\Vista\eScanMon.exe
C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\Lavasoft\Ad-Aware\AAWTray.exe
C:\Documents and Settings\alessio\Dati applicazioni\Dropbox\bin\Dropbox.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.it/
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
mURLSearchHooks: H - No File
BHO: HelperObject Class: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\programmi\techsmith\snagit 8\SnagItBHO.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\programmi\file comuni\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\programmi\google\google toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\programmi\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\programmi\google\googletoolbarnotifier\5.7.7227.1100\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\programmi\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\programmi\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
TB: SnagIt: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\programmi\techsmith\snagit 8\SnagItIEAddin.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\programmi\google\google toolbar\GoogleToolbar_32.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
uRun: [LightScribe Control Panel] c:\programmi\file comuni\lightscribe\LightScribeControlPanel.exe -hidden
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\programmi\file comuni\ahead\lib\NMBgMonitor.exe"
uRun: [swg] "c:\programmi\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [JMB36X IDE Setup] c:\windows\jm\JMInsIDE.exe
mRun: [JMB36X Configure] c:\windows\system32\JMRaidSetup.exe boot
mRun: [Acrobat Assistant 7.0] "c:\programmi\adobe\acrobat 7.0\distillr\Acrotray.exe"
mRun: [NeroFilterCheck] c:\programmi\file comuni\ahead\lib\NeroCheck.exe
mRun: [SoundMAXPnP] c:\programmi\analog devices\core\smax4pnp.exe
mRun: [SSLEmptyCache] c:\windows\system32\SSLEmptyCache.exe
mRun: [eScan Updater] c:\progra~1\escan\TRAYICOS.EXE /App
mRun: [MailScan Dispatcher] "c:\progra~1\escan\LAUNCH.EXE" /startup
mRun: [Adobe Reader Speed Launcher] "c:\programmi\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\programmi\file comuni\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\programmi\quicktime\qttask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\programmi\file comuni\java\java update\jusched.exe"
mRun: [APSDaemon] "c:\programmi\file comuni\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\programmi\itunes\iTunesHelper.exe"
StartupFolder: c:\docume~1\alessio\menuav~1\progra~1\esecuz~1\dropbox.lnk - c:\documents and settings\alessio\dati applicazioni\dropbox\bin\Dropbox.exe
StartupFolder: c:\docume~1\alluse~1\menuav~1\progra~1\esecuz~1\adobeg~1.lnk - c:\programmi\file comuni\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\menuav~1\progra~1\esecuz~1\avviov~1.lnk - c:\windows\installer\{ac76ba86-1034-4700-7760-000000000002}\SC_Acrobat.exe
IE: Converti destinazione link in Adobe PDF - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti destinazione link in PDF esistente - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti in Adobe PDF - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti in PDF esistente - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti link selezionati in Adobe PDF - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Converti link selezionati in PDF esistente - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Converti selezione a PDF esistente - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti selezione in Adobe PDF - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&sporta in Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\programmi\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\programmi\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {15D151C8-5180-43C1-9360-4D794663BD6E} - hxxp://www.crs.regione.lombardia.it/components/OcsKitCittadino.cab
DPF: {3263F297-5CB9-4D8C-A2DB-CDFB8C69CB6D} - hxxp://www.crs.regione.lombardia.it/components/OcxCertUpdate.cab
DPF: {3BB1D69B-A780-4BE1-876E-F3D488877135} - hxxp://download.microsoft.com/download/B/8/1/B819F609-76B3-42C6-8B66-D85CC971DCF9/VirtualEarth3D.cab
DPF: {4384AA75-43AB-4095-84F9-C5B35EC62B5D} - hxxp://www.crs.regione.lombardia.it/components/OcxCrsInfo.cab
DPF: {877E14A6-0ACF-4509-8CF3-E4A0F4ED46F4} - hxxp://supportsiss.lispa.it/components/pdlc.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: Interfaces\{3D377DF3-EE1F-4154-8E0B-868F1450E22F} : NameServer = 212.216.112.112
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\programmi\skype\toolbars\internet explorer\skypeieplugin.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: eSLogOn - eSLogOn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Eudora's Shell Extension: {edb0e980-90bd-11d4-8599-0008c7d3b6f8} - c:\programmi\qualcomm\eudora\EuShlExt.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\programmi\file comuni\lightscribe\LSRunOnce.exe"
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2012-2-8 64512]
R2 ArcGIS License Manager;ArcGIS License Manager;c:\progra~1\esri\license\arcgis9x\lmgrd.exe [2009-7-10 1372160]
R2 EconService;eConServ;c:\progra~1\escan\EconSer.exe [2010-5-5 842760]
R2 eScan-trayicos;eScan Server-Updater;c:\progra~1\escan\TRAYSSER.EXE [2010-5-5 272904]
R2 eScan Monitor Service;eScan Monitor Service;c:\docume~1\alluse~1\datiap~1\microw~1\escanbd\avpmapp.exe [2010-5-5 1336504]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\programmi\lavasoft\ad-aware\AAWService.exe [2011-12-23 2152152]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\programmi\viewpoint\common\ViewpointService.exe [2009-1-20 24652]
R2 viz 2005;viz 2005;c:\programmi\autodesk network license manager\lmgrd.exe [2002-10-17 607232]
R3 econceal;MicroWorld Technologies Network Service;c:\windows\system32\drivers\econceal.sys [2010-5-5 26632]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\programmi\lavasoft\ad-aware\kernexplorer.sys [2011-12-23 15232]
R3 ProcObsrves;ProcObsrves;c:\progra~1\escan\ProcObsrves.sys [2010-5-5 17928]
S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\google\update\GoogleUpdate.exe [2010-10-12 135664]
S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usbxp.sys [2010-1-29 24832]
S3 gupdatem;Servizio Google Update (gupdatem);c:\programmi\google\update\GoogleUpdate.exe [2010-10-12 135664]
.
=============== Created Last 30 ================
.
2012-02-15 08:50:04 98816 ----a-w- c:\windows\sed.exe
2012-02-15 08:50:04 518144 ----a-w- c:\windows\SWREG.exe
2012-02-15 08:50:04 256000 ----a-w- c:\windows\PEV.exe
2012-02-15 08:50:04 208896 ----a-w- c:\windows\MBR.exe
2012-02-14 12:04:51 -------- d---a-w- c:\windows\rundll16.exe
2012-02-14 12:04:51 -------- d---a-w- c:\windows\logo1_.exe
2012-02-08 16:09:54 16432 ----a-w- c:\windows\system32\lsdelete.exe
2012-02-08 10:36:39 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2012-02-08 10:29:42 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2012-02-08 10:29:35 -------- d-----w- c:\programmi\Lavasoft
2012-02-02 11:04:50 388096 ----a-r- c:\documents and settings\alessio\dati applicazioni\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2012-01-31 17:00:24 29184 ----a-w- c:\windows\system32\drivers\usbccid.sys
.
==================== Find3M ====================
.
2012-01-11 08:07:47 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-30 08:49:55 1045000 ----a-w- c:\windows\system32\test2.exe
2011-12-21 12:00:39 54016 ----a-w- c:\windows\system32\drivers\cdsa.sys
2011-12-21 08:06:23 1858056 ----a-w- c:\windows\system32\contfilt.dll
2011-12-21 08:06:17 572928 ----a-w- c:\windows\system32\msvcp90.dll
2011-12-21 08:06:16 655872 ----a-w- c:\windows\system32\msvcr90.dll
2011-12-10 14:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-25 21:57:07 293888 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 14:40:20 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-20 06:12:28 60928 ----a-w- c:\windows\system32\packager.exe
.
============= FINISH: 16.45.31.42 ===============
Attach.txt:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 19/10/2007 10.45.26
System Uptime: 15/02/2012 16.33.28 (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P5B
Processor: Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz | Socket 775 | 2329/333mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 298 GiB total, 212.097 GiB free.
D: is CDROM ()
Z: is NetworkDisk (NTFS) - 75 GiB total, 7.568 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: Nokia Windows Portable Device Driver
Device ID: ROOT\WPD\0000
Manufacturer: Nokia
Name: N78
PNP Device ID: ROOT\WPD\0000
Service: WUDFRd
.
==== System Restore Points ===================
.
RP456: 17/11/2011 16.17.04 - Punto di arresto del sistema
RP457: 18/11/2011 16.57.10 - Punto di arresto del sistema
RP458: 21/11/2011 13.57.46 - Punto di arresto del sistema
RP459: 22/11/2011 17.37.13 - Punto di arresto del sistema
RP460: 24/11/2011 9.38.55 - Punto di arresto del sistema
RP461: 25/11/2011 11.01.03 - Punto di arresto del sistema
RP462: 29/11/2011 10.06.40 - Punto di arresto del sistema
RP463: 30/11/2011 10.45.20 - Punto di arresto del sistema
RP464: 01/12/2011 11.20.49 - Punto di arresto del sistema
RP465: 02/12/2011 11.59.50 - Punto di arresto del sistema
RP466: 05/12/2011 14.36.58 - Punto di arresto del sistema
RP467: 06/12/2011 14.37.21 - Punto di arresto del sistema
RP468: 07/12/2011 15.55.50 - Punto di arresto del sistema
RP469: 09/12/2011 10.14.43 - Punto di arresto del sistema
RP470: 12/12/2011 10.36.57 - Punto di arresto del sistema
RP471: 13/12/2011 11.00.09 - Punto di arresto del sistema
RP472: 14/12/2011 9.42.30 - Software Distribution Service 3.0
RP473: 15/12/2011 10.12.25 - Punto di arresto del sistema
RP474: 16/12/2011 15.10.18 - Punto di arresto del sistema
RP475: 19/12/2011 11.41.02 - Punto di arresto del sistema
RP476: 20/12/2011 14.39.39 - Punto di arresto del sistema
RP477: 21/12/2011 14.51.48 - Punto di arresto del sistema
RP478: 22/12/2011 15.31.46 - Punto di arresto del sistema
RP479: 23/12/2011 17.37.37 - Punto di arresto del sistema
RP480: 27/12/2011 9.34.30 - Punto di arresto del sistema
RP481: 28/12/2011 14.44.45 - Punto di arresto del sistema
RP482: 30/12/2011 10.06.33 - Punto di arresto del sistema
RP483: 09/01/2012 9.55.29 - Punto di arresto del sistema
RP484: 10/01/2012 12.49.49 - Punto di arresto del sistema
RP485: 11/01/2012 13.48.37 - Punto di arresto del sistema
RP486: 11/01/2012 19.02.25 - Software Distribution Service 3.0
RP487: 13/01/2012 10.10.10 - Punto di arresto del sistema
RP488: 14/01/2012 11.31.18 - Punto di arresto del sistema
RP489: 16/01/2012 10.58.02 - Punto di arresto del sistema
RP490: 17/01/2012 12.48.33 - Punto di arresto del sistema
RP491: 18/01/2012 14.45.37 - Punto di arresto del sistema
RP492: 20/01/2012 14.29.14 - Punto di arresto del sistema
RP493: 23/01/2012 12.22.17 - Punto di arresto del sistema
RP494: 24/01/2012 10.50.37 - Removed Skype™ 5.5
RP495: 25/01/2012 11.27.19 - Punto di arresto del sistema
RP497: 27/01/2012 9.17.15 - Software Distribution Service 3.0
RP498: 30/01/2012 12.42.21 - Punto di arresto del sistema
RP499: 01/02/2012 11.13.58 - Punto di arresto del sistema
RP500: 02/02/2012 11.21.45 - Punto di arresto del sistema
RP501: 02/02/2012 12.04.48 - Installed HiJackThis
RP502: 03/02/2012 14.49.30 - Punto di arresto del sistema
RP503: 06/02/2012 11.10.54 - Punto di arresto del sistema
RP504: 07/02/2012 11.31.38 - Punto di arresto del sistema
RP505: 08/02/2012 11.29.03 - Installed Ad-Aware
RP506: 08/02/2012 11.29.33 - Installed Ad-Aware
RP507: 09/02/2012 12.07.43 - Punto di arresto del sistema
RP508: 14/02/2012 9.41.20 - Punto di arresto del sistema
RP509: 15/02/2012 9.41.02 - pre combofix
.
==== Installed Programs ======================
.
2007 Microsoft Office system
Ad-Aware
Adobe Acrobat 7.0 Professional - Español, Italiano, Português
Adobe Acrobat 7.1.0 Professional - Español, Italiano, Português
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Photoshop CS
Adobe Reader 9.4.4 - Italiano
Adobe Shockwave Player 11.6
Adobe SVG Viewer 3.0
Advanced PDF Password Recovery
Aggiornamento critico per Windows Media Player 11 (KB959772)
Aggiornamento della protezione per Windows Internet Explorer 7 (KB938127)
Aggiornamento della protezione per Windows Internet Explorer 7 (KB942615)
Aggiornamento della protezione per Windows Internet Explorer 7 (KB944533)
Aggiornamento della protezione per Windows Internet Explorer 7 (KB950759)
Aggiornamento della protezione per Windows Internet Explorer 7 (KB953838)
Aggiornamento della protezione per Windows Internet Explorer 7 (KB956390)
Aggiornamento della protezione per Windows Internet Explorer 7 (KB958215)
Aggiornamento della protezione per Windows Internet Explorer 7 (KB960714)
Aggiornamento della protezione per Windows Internet Explorer 7 (KB961260)
Aggiornamento della protezione per Windows Internet Explorer 7 (KB963027)
Aggiornamento della protezione per Windows Internet Explorer 7 (KB976325)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2183461)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2360131)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2416400)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2482017)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2497640)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2510531)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2530548)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2544521)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2559049)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2586448)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2618444)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB971961)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB976325)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB978207)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB981332)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB982381)
Aggiornamento della protezione per Windows Media Player (KB2378111)
Aggiornamento della protezione per Windows Media Player (KB911564)
Aggiornamento della protezione per Windows Media Player (KB952069)
Aggiornamento della protezione per Windows Media Player (KB954155)
Aggiornamento della protezione per Windows Media Player (KB968816)
Aggiornamento della protezione per Windows Media Player (KB973540)
Aggiornamento della protezione per Windows Media Player (KB975558)
Aggiornamento della protezione per Windows Media Player (KB978695)
Aggiornamento della protezione per Windows Media Player 11 (KB936782)
Aggiornamento della protezione per Windows Media Player 11 (KB954154)
Aggiornamento della protezione per Windows Media Player 6.4 (KB925398)
Aggiornamento della protezione per Windows Media Player 9 (KB936782)
Aggiornamento della protezione per Windows XP (KB2079403)
Aggiornamento della protezione per Windows XP (KB2115168)
Aggiornamento della protezione per Windows XP (KB2121546)
Aggiornamento della protezione per Windows XP (KB2160329)
Aggiornamento della protezione per Windows XP (KB2229593)
Aggiornamento della protezione per Windows XP (KB2259922)
Aggiornamento della protezione per Windows XP (KB2279986)
Aggiornamento della protezione per Windows XP (KB2286198)
Aggiornamento della protezione per Windows XP (KB2296011)
Aggiornamento della protezione per Windows XP (KB2296199)
Aggiornamento della protezione per Windows XP (KB2347290)
Aggiornamento della protezione per Windows XP (KB2360937)
Aggiornamento della protezione per Windows XP (KB2387149)
Aggiornamento della protezione per Windows XP (KB2393802)
Aggiornamento della protezione per Windows XP (KB2412687)
Aggiornamento della protezione per Windows XP (KB2419632)
Aggiornamento della protezione per Windows XP (KB2423089)
Aggiornamento della protezione per Windows XP (KB2436673)
Aggiornamento della protezione per Windows XP (KB2440591)
Aggiornamento della protezione per Windows XP (KB2443105)
Aggiornamento della protezione per Windows XP (KB2476490)
Aggiornamento della protezione per Windows XP (KB2476687)
Aggiornamento della protezione per Windows XP (KB2478960)
Aggiornamento della protezione per Windows XP (KB2478971)
Aggiornamento della protezione per Windows XP (KB2479628)
Aggiornamento della protezione per Windows XP (KB2479943)
Aggiornamento della protezione per Windows XP (KB2481109)
Aggiornamento della protezione per Windows XP (KB2483185)
Aggiornamento della protezione per Windows XP (KB2485376)
Aggiornamento della protezione per Windows XP (KB2485663)
Aggiornamento della protezione per Windows XP (KB2503658)
Aggiornamento della protezione per Windows XP (KB2503665)
Aggiornamento della protezione per Windows XP (KB2506212)
Aggiornamento della protezione per Windows XP (KB2506223)
Aggiornamento della protezione per Windows XP (KB2507618)
Aggiornamento della protezione per Windows XP (KB2507938)
Aggiornamento della protezione per Windows XP (KB2508272)
Aggiornamento della protezione per Windows XP (KB2508429)
Aggiornamento della protezione per Windows XP (KB2509553)
Aggiornamento della protezione per Windows XP (KB2511455)
Aggiornamento della protezione per Windows XP (KB2524375)
Aggiornamento della protezione per Windows XP (KB2535512)
Aggiornamento della protezione per Windows XP (KB2536276-v2)
Aggiornamento della protezione per Windows XP (KB2536276)
Aggiornamento della protezione per Windows XP (KB2544893-v2)
Aggiornamento della protezione per Windows XP (KB2544893)
Aggiornamento della protezione per Windows XP (KB2555917)
Aggiornamento della protezione per Windows XP (KB2562937)
Aggiornamento della protezione per Windows XP (KB2566454)
Aggiornamento della protezione per Windows XP (KB2567053)
Aggiornamento della protezione per Windows XP (KB2567680)
Aggiornamento della protezione per Windows XP (KB2570222)
Aggiornamento della protezione per Windows XP (KB2570947)
Aggiornamento della protezione per Windows XP (KB2584146)
Aggiornamento della protezione per Windows XP (KB2585542)
Aggiornamento della protezione per Windows XP (KB2592799)
Aggiornamento della protezione per Windows XP (KB2598479)
Aggiornamento della protezione per Windows XP (KB2603381)
Aggiornamento della protezione per Windows XP (KB2618451)
Aggiornamento della protezione per Windows XP (KB2619339)
Aggiornamento della protezione per Windows XP (KB2620712)
Aggiornamento della protezione per Windows XP (KB2624667)
Aggiornamento della protezione per Windows XP (KB2631813)
Aggiornamento della protezione per Windows XP (KB2633171)
Aggiornamento della protezione per Windows XP (KB2639417)
Aggiornamento della protezione per Windows XP (KB2646524)
Aggiornamento della protezione per Windows XP (KB923561)
Aggiornamento della protezione per Windows XP (KB923689)
Aggiornamento della protezione per Windows XP (KB938464-v2)
Aggiornamento della protezione per Windows XP (KB938464)
Aggiornamento della protezione per Windows XP (KB941569)
Aggiornamento della protezione per Windows XP (KB946648)
Aggiornamento della protezione per Windows XP (KB950760)
Aggiornamento della protezione per Windows XP (KB950762)
Aggiornamento della protezione per Windows XP (KB950974)
Aggiornamento della protezione per Windows XP (KB951066)
Aggiornamento della protezione per Windows XP (KB951376-v2)
Aggiornamento della protezione per Windows XP (KB951376)
Aggiornamento della protezione per Windows XP (KB951698)
Aggiornamento della protezione per Windows XP (KB951748)
Aggiornamento della protezione per Windows XP (KB952004)
Aggiornamento della protezione per Windows XP (KB952954)
Aggiornamento della protezione per Windows XP (KB953839)
Aggiornamento della protezione per Windows XP (KB954211)
Aggiornamento della protezione per Windows XP (KB954459)
Aggiornamento della protezione per Windows XP (KB954600)
Aggiornamento della protezione per Windows XP (KB955069)
Aggiornamento della protezione per Windows XP (KB956391)
Aggiornamento della protezione per Windows XP (KB956572)
Aggiornamento della protezione per Windows XP (KB956744)
Aggiornamento della protezione per Windows XP (KB956802)
Aggiornamento della protezione per Windows XP (KB956803)
Aggiornamento della protezione per Windows XP (KB956841)
Aggiornamento della protezione per Windows XP (KB956844)
Aggiornamento della protezione per Windows XP (KB957095)
Aggiornamento della protezione per Windows XP (KB957097)
Aggiornamento della protezione per Windows XP (KB958644)
Aggiornamento della protezione per Windows XP (KB958687)
Aggiornamento della protezione per Windows XP (KB958690)
Aggiornamento della protezione per Windows XP (KB958869)
Aggiornamento della protezione per Windows XP (KB959426)
Aggiornamento della protezione per Windows XP (KB960225)
Aggiornamento della protezione per Windows XP (KB960715)
Aggiornamento della protezione per Windows XP (KB960803)
Aggiornamento della protezione per Windows XP (KB960859)
Aggiornamento della protezione per Windows XP (KB961371)
Aggiornamento della protezione per Windows XP (KB961373)
Aggiornamento della protezione per Windows XP (KB961501)
Aggiornamento della protezione per Windows XP (KB968537)
Aggiornamento della protezione per Windows XP (KB969059)
Aggiornamento della protezione per Windows XP (KB969898)
Aggiornamento della protezione per Windows XP (KB969947)
Aggiornamento della protezione per Windows XP (KB970238)
Aggiornamento della protezione per Windows XP (KB970430)
Aggiornamento della protezione per Windows XP (KB971468)
Aggiornamento della protezione per Windows XP (KB971486)
Aggiornamento della protezione per Windows XP (KB971557)
Aggiornamento della protezione per Windows XP (KB971633)
Aggiornamento della protezione per Windows XP (KB971657)
Aggiornamento della protezione per Windows XP (KB971961)
Aggiornamento della protezione per Windows XP (KB972270)
Aggiornamento della protezione per Windows XP (KB973346)
Aggiornamento della protezione per Windows XP (KB973354)
Aggiornamento della protezione per Windows XP (KB973507)
Aggiornamento della protezione per Windows XP (KB973525)
Aggiornamento della protezione per Windows XP (KB973869)
Aggiornamento della protezione per Windows XP (KB973904)
Aggiornamento della protezione per Windows XP (KB974112)
Aggiornamento della protezione per Windows XP (KB974318)
Aggiornamento della protezione per Windows XP (KB974392)
Aggiornamento della protezione per Windows XP (KB974571)
Aggiornamento della protezione per Windows XP (KB975025)
Aggiornamento della protezione per Windows XP (KB975467)
Aggiornamento della protezione per Windows XP (KB975560)
Aggiornamento della protezione per Windows XP (KB975561)
Aggiornamento della protezione per Windows XP (KB975562)
Aggiornamento della protezione per Windows XP (KB975713)
Aggiornamento della protezione per Windows XP (KB977165)
Aggiornamento della protezione per Windows XP (KB977816)
Aggiornamento della protezione per Windows XP (KB977914)
Aggiornamento della protezione per Windows XP (KB978037)
Aggiornamento della protezione per Windows XP (KB978251)
Aggiornamento della protezione per Windows XP (KB978262)
Aggiornamento della protezione per Windows XP (KB978338)
Aggiornamento della protezione per Windows XP (KB978542)
Aggiornamento della protezione per Windows XP (KB978601)
Aggiornamento della protezione per Windows XP (KB978706)
Aggiornamento della protezione per Windows XP (KB979309)
Aggiornamento della protezione per Windows XP (KB979482)
Aggiornamento della protezione per Windows XP (KB979559)
Aggiornamento della protezione per Windows XP (KB979683)
Aggiornamento della protezione per Windows XP (KB979687)
Aggiornamento della protezione per Windows XP (KB980195)
Aggiornamento della protezione per Windows XP (KB980218)
Aggiornamento della protezione per Windows XP (KB980232)
Aggiornamento della protezione per Windows XP (KB980436)
Aggiornamento della protezione per Windows XP (KB981322)
Aggiornamento della protezione per Windows XP (KB981852)
Aggiornamento della protezione per Windows XP (KB981957)
Aggiornamento della protezione per Windows XP (KB981997)
Aggiornamento della protezione per Windows XP (KB982132)
Aggiornamento della protezione per Windows XP (KB982214)
Aggiornamento della protezione per Windows XP (KB982665)
Aggiornamento della protezione per Windows XP (KB982802)
Aggiornamento della sicurezza per Microsoft Windows (KB2564958)
Aggiornamento per Windows Internet Explorer 8 (KB2598845)
Aggiornamento per Windows Internet Explorer 8 (KB2632503)
Aggiornamento per Windows Internet Explorer 8 (KB975364)
Aggiornamento per Windows Internet Explorer 8 (KB976662)
Aggiornamento per Windows Internet Explorer 8 (KB980182)
Aggiornamento per Windows XP (KB2141007)
Aggiornamento per Windows XP (KB2345886)
Aggiornamento per Windows XP (KB2467659)
Aggiornamento per Windows XP (KB2492386)
Aggiornamento per Windows XP (KB2541763)
Aggiornamento per Windows XP (KB2607712)
Aggiornamento per Windows XP (KB2616676)
Aggiornamento per Windows XP (KB2641690)
Aggiornamento per Windows XP (KB951072-v2)
Aggiornamento per Windows XP (KB951978)
Aggiornamento per Windows XP (KB955759)
Aggiornamento per Windows XP (KB955839)
Aggiornamento per Windows XP (KB967715)
Aggiornamento per Windows XP (KB968389)
Aggiornamento per Windows XP (KB971029)
Aggiornamento per Windows XP (KB971737)
Aggiornamento per Windows XP (KB973687)
Aggiornamento per Windows XP (KB973815)
Aggiornamento rapido per Windows Internet Explorer 7 (KB947864)
Aggiornamento rapido per Windows Media Player 11 (KB939683)
Aggiornamento rapido per Windows XP (KB2158563)
Aggiornamento rapido per Windows XP (KB2443685)
Aggiornamento rapido per Windows XP (KB2570791)
Aggiornamento rapido per Windows XP (KB2633952)
Aggiornamento rapido per Windows XP (KB942288-v3)
Aggiornamento rapido per Windows XP (KB952287)
Aggiornamento rapido per Windows XP (KB961118)
Aggiornamento rapido per Windows XP (KB970653-v3)
Aggiornamento rapido per Windows XP (KB976098-v2)
Aggiornamento rapido per Windows XP (KB979306)
Aggiornamento rapido per Windows XP (KB981793)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcGIS Desktop
ArcGIS License Manager
ATI Catalyst Control Center
ATI Catalyst Install Manager
ATI HYDRAVISION
ATI Parental Control & Encoder
ATI Problem Report Wizard
AutoCAD 2008 - Italiano
Autodesk Design Review 2010
Autodesk DWF Viewer
Autodesk DWF Viewer 7
Autodesk Network License Manager
Autodesk Revit Architecture 2010
Autodesk VIZ 2005
AVIVO
Axtro
Axtro (C:\Programmi\Axtro\)
Bing Maps 3D
Bit4Id - PdL Cittadino per la CRS di Regione Lombardia - 1.2.12
Bonjour
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center HydraVision Full
Catalyst Control Center InstallProxy
Catalyst Control Center Localization Chinese Standard
Catalyst Control Center Localization Chinese Traditional
Catalyst Control Center Localization Czech
Catalyst Control Center Localization Danish
Catalyst Control Center Localization Dutch
Catalyst Control Center Localization Finnish
Catalyst Control Center Localization French
Catalyst Control Center Localization German
Catalyst Control Center Localization Greek
Catalyst Control Center Localization Hungarian
Catalyst Control Center Localization Italian
Catalyst Control Center Localization Japanese
Catalyst Control Center Localization Korean
Catalyst Control Center Localization Norwegian
Catalyst Control Center Localization Polish
Catalyst Control Center Localization Portuguese
Catalyst Control Center Localization Russian
Catalyst Control Center Localization Spanish
Catalyst Control Center Localization Swedish
Catalyst Control Center Localization Thai
Catalyst Control Center Localization Turkish
ccc-core-preinstall
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CENED - Regione Lombardia
Cened+
Core Temp version 0.99.8
CRS Kit 1.0
CRS Manager 3.1.2.0
Dropbox
EchoGema4.0
ER Mapper ECW JPEG 2000 Plug-in for Firefox [3.4.0.242]
ERDAS ECW JPEG 2000 Plug-in for Internet Explorer [9.3.2.66]
eScan Anti-Virus (AV) Edition per Windows
Eudora
FlashCAD_Composer
GemaVap4
Google Earth
Google SketchUp 6
Google SketchUp 6 Exporters
Google SketchUp 8
Google SketchUp LayOut 6
Google SketchUp Pro 6
Google Toolbar for Internet Explorer
Google Update Helper
High Definition Audio Driver Package - KB888111
HiJackThis
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB976002-v5)
Hotfix per Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
iTunes
Java Auto Updater
Java DB 10.4.2.1
Java(TM) 6 Update 26
Java(TM) SE Development Kit 6 Update 17
JMB36X Raid Configurer
LightScribe 1.6.45.1
Malwarebytes Anti-Malware versione 1.60.1.1000
Master Converter
MetraLib 4
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Italian Language Pack
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - ITA
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - ITA
Microsoft .NET Framework 3.5 - Language Pack SP1 (italiano)
Microsoft .NET Framework 3.5 Language Pack SP1 - ita
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Italian) 2007
Microsoft Office Excel MUI (Italian) 2007
Microsoft Office Outlook MUI (Italian) 2007
Microsoft Office PowerPoint MUI (Italian) 2007
Microsoft Office Professional Hybrid 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Italian) 2007
Microsoft Office Proofing (Italian) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Italian) 2007
Microsoft Office Shared MUI (Italian) 2007
Microsoft Office Word MUI (Italian) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (Italian) 12
Microsoft User-Mode Driver Framework Feature Pack 1.9
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - ITA
Microsoft Visual Studio Tools for Applications 2.0 Runtime
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - ITA
MSVC80_x86
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB933579)
Nero 7 Essentials
neroxml
Pacchetto driver Windows - Microsoft (USBCCID) SmartCardReader (08/01/2006 5.2.3790.2724)
Pacchetto driver Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Pacchetto provider Microsoft servizio crittografia smart card di base
Paint Shop Pro 7
PAN S
PC Connectivity Solution
PC Wizard 2008.1.84
PltPlotter 1.0
ProntoDLgs311
Python 2.5 numpy-1.0.3
Python 2.5.1
QuickTime
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Revit Architecture 2008
SafeCast Shared Components
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Sentinel Protection Installer 7.2.2
Sentinel System Driver
Skins
Skype Click to Call
SnagIt 8
Software per stampante EPSON
SoundMAX
Spelling Dictionaries Support For Adobe Reader 9
Suite Aster 4.1.10
swMSM
TerMus-G v.14.00a
The Lord of the Rings FREE Trial
THERM5
Tweak UI
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596686) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
VBA (2627.01)
VBA (2627.3)
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Visual Basic for Applications (R) Core
Visual Basic for Applications (R) Core - English
Vita Interactive Engine
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation
Windows XP Service Pack 3
WinRAR gestione archivi
WinZip
XML Paper Specification Shared Components Language Pack 1.0
XML Paper Specification Shared Components Pack 1.0
Xvid 1.2.2 final uninstall
.
==== End Of File ===========================0 -
P.s.: when I went to look for c:\windows\rundll16.exe and c:\windows\logo1_.exe, e-scan antivirus blocked c:\windows\NIRCMD.exe and quarantined it because of the worm Tool-NirCmd.TE (ES). 0 -
Toros, is it possible for you to visit Windows Update web page?
Do you get an error message when you try to activate Windows Update?
Nircmd.exe is a part of ComboFix and it is a false positive. If you can inform the eScan company that, it would be nice.
1.
Save TDSSKiller on the Desktop:
[url=http://support.kaspersky.com/downloads/utils/tdsskiller.zip]http://support.kaspersky.com/downloads/utils/tdsskiller.zip[/url]
Right-click and select [b]Extract all[/b]. Remember the location of the extracted file.
Turn off all programs.
Run the program TDSSKiller.exe which is the file you extracted.
Click on [b]Start Scan[/b].
If any threats are found select [b]Cure [/b]and click [b]Continue[/b]. If [b]Cure [/b]isn't available select [b]Skip. [/b]Do NOT select Quarantine or Delete.
The computer might need a restart.
Paste the content of the TDSSKiller log which is located in the folder C:\ with the name TDSSKiller followed by version and time.
2.
Please, let aswMBR scan the computer, see http://public.avast.com/~gmerek/aswMBR.htm
Follow only the first section, 'How to scan' and don't try to fix anything. Post its log.
3.
Scan the computer with eScan and Ad-Aware. If the programs find any malicious files, please post their logs (what they found).0 -
Dear CeciliaB, yes it is possible to visit Windows Update web page. And, no, I didn't get an error message when I Tryed to activate WU. I updated it.
Now I'll do what you asked for.
Wait.0 -
eScan: I did a Memory, registry, service and sistem folders scan:
15 feb 2012 18:07:12 - **********************************************************
15 feb 2012 18:07:12 - Modulo eScan Anti Virus & Spyware.
15 feb 2012 18:07:12 - Copyright © 2003-2006, MicroWorld Technologies Inc.
15 feb 2012 18:07:12 - **********************************************************
15 feb 2012 18:07:12 - Versione 12.0.198
15 feb 2012 18:07:12 - File log: C:\Programmi\eScan\LOG\15020000.LOG
15 feb 2012 18:07:12 - Data e ora ultima scansione: 14.02.2012 13:00:20
15 feb 2012 18:07:12 - MWAV Registered: TRUE
15 feb 2012 18:07:12 - User Account: alessio (Administrator Mode)
15 feb 2012 18:07:12 - OS Type: Windows Workstation
15 feb 2012 18:07:12 - OS: Windows XP [OS Install Date: 19 Oct 2007 09:45:26]
15 feb 2012 18:07:12 - Ver: Service Pack 3 (Build 2600)
15 feb 2012 18:07:12 - System Up Time: 19 Minutes, 54 Seconds
15 feb 2012 18:07:12 - Parent Process Name : C:\Programmi\eScan\escanpro.exe
15 feb 2012 18:07:12 - Windows Root Folder: C:\WINDOWS
15 feb 2012 18:07:12 - Windows Sys32 Folder: C:\WINDOWS\system32
15 feb 2012 18:07:12 - Interface0 NameServer: 212.216.112.112
15 feb 2012 18:07:12 - Local Fixed Drives: c:\
15 feb 2012 18:07:12 - MWAV Mode: Scan and Clean files (for viruses, adware and spyware)
15 feb 2012 18:07:12 - Opzioni riga di comando: /pipe=4716escan /Log=C:\PROGRA~1\eScan\Log\15020000.log /SC /LOGINFECT /MAXFILESIZE=5 /MEM /REG /SER /SYSFOLDER /S
15 feb 2012 18:07:13 - Loading/Creating FileScan Database C:\Documents and Settings\All Users\Dati applicazioni\MicroWorld\MWAV\ESCANDBX.MDB [Log: C:\PROGRA~1\ESCAN\LOG\ESCANDB.LOG]
15 feb 2012 18:07:13 - Loaded/Created FileScan Database...
15 feb 2012 18:07:13 - Loading AV Library [DB]...
15 feb 2012 18:07:16 - AV Library Loaded [IPC].
15 feb 2012 18:07:16 - **********************************************************
15 feb 2012 18:07:16 - Modulo eScan Anti Virus & Spyware.
15 feb 2012 18:07:16 - Copyright © 2003-2006, MicroWorld Technologies Inc.
15 feb 2012 18:07:16 -
15 feb 2012 18:07:16 - Supporto: [email="assistenza@labinfo.it"]assistenza@labinfo.it[/email]
15 feb 2012 18:07:16 - Web: [url="http://www.labinfo.it"]http://www.labinfo.it[/url]
15 feb 2012 18:07:16 - **********************************************************
15 feb 2012 18:07:16 - Versione 12.0.198[IPC]
15 feb 2012 18:07:16 - File log: C:\Programmi\eScan\LOG\15020000.LOG
15 feb 2012 18:07:16 - User Account: alessio (Administrator Mode)
15 feb 2012 18:07:16 - Parent Process Name : C:\Programmi\eScan\escanpro.exe
15 feb 2012 18:07:16 - Windows Root Folder: C:\WINDOWS
15 feb 2012 18:07:16 - Windows Sys32 Folder: C:\WINDOWS\system32
15 feb 2012 18:07:16 - OS: Windows XP [OS Install Date: 19 Oct 2007 09:45:26]
15 feb 2012 18:07:16 - Ver: Service Pack 3 (Build 2600)
15 feb 2012 18:07:16 - Opzioni impostate dall'utente:
15 feb 2012 18:07:16 - Verifica memoria: Abilitata
15 feb 2012 18:07:16 - Verifica registry: Abilitata
15 feb 2012 18:07:16 - Verifica Esecuzione automatica: Disabilitata
15 feb 2012 18:07:16 - Verifica cartelle di sistema: Abilitata
15 feb 2012 18:07:16 - Verifica servizi: Abilitata
15 feb 2012 18:07:16 - Scan Spyware: Disabilitata
15 feb 2012 18:07:16 - Opzione verifica unità disabilitata
15 feb 2012 18:07:16 - Verifica cartella: Disabilitata
15 feb 2012 18:07:16 - SCAN: All_Files
15 feb 2012 18:07:16 - MWAV Mode: Scan and Clean files (for viruses, adware and spyware)
15 feb 2012 18:07:16 - Scansione Master Boot Record (Kernel)...
15 feb 2012 18:07:18 - ***** Scansione memoria *****
15 feb 2012 18:07:36 - ***** Scansione registry *****
15 feb 2012 18:07:43 - ***** Scansione servizi *****
15 feb 2012 18:07:48 - ERROR(2)!!! Invalid Entry \??\C:\DOCUME~1\alessio\IMPOST~1\Temp\aswMBR.sys. Action Taken: Removing HKLM\SYSTEM\CurrentControlSet\Services\aswMBR.
15 feb 2012 18:07:48 - ***** Scansione cartelle di sistema *****
15 feb 2012 18:10:18 - ***** Ricerca virus ITW *****
15 feb 2012 18:10:18 - ***** Scansione completa. *****
15 feb 2012 18:10:18 - Numero totale di file scansionati: 4129
15 feb 2012 18:10:18 - Numero totale di virus trovati: 0
15 feb 2012 18:10:18 - Numero totale di file disinfettati: 0
15 feb 2012 18:10:18 - Numero totale di file rinominati: 0
15 feb 2012 18:10:18 - Numero totale di file eliminati: 0
15 feb 2012 18:10:18 - Numero totale di errori: 1
15 feb 2012 18:10:18 - Tempo trascorso: 00:03:00
15 feb 2012 18:10:18 - Scansione completata.
15 feb 2012 18:10:18 - Uninitializing Scanner (3)...
15 feb 2012 18:10:18 - Freeing Libraries (3)...
15 feb 2012 18:10:18 - AV Library Unloaded (3)...0 -
The first two steps.
I'll run now escan, and ad-aware but it takes long time. Next I'll post logs.
sys
TDSSKiller.2.7.12.0_15.02.2012_17.52.55_log.txt
17:52:55.0718 5360 TDSS rootkit removing tool 2.7.12.0 Feb 11 2012 16:58:52
17:52:55.0968 5360 ============================================================
17:52:55.0968 5360 Current date / time: 2012/02/15 17:52:55.0968
17:52:55.0968 5360 SystemInfo:
17:52:55.0968 5360
17:52:55.0968 5360 OS Version: 5.1.2600 ServicePack: 3.0
17:52:55.0968 5360 Product type: Workstation
17:52:55.0968 5360 ComputerName: ALEX
17:52:55.0968 5360 UserName: alessio
17:52:55.0968 5360 Windows directory: C:\WINDOWS
17:52:55.0968 5360 System windows directory: C:\WINDOWS
17:52:55.0968 5360 Processor architecture: Intel x86
17:52:55.0968 5360 Number of processors: 2
17:52:55.0968 5360 Page size: 0x1000
17:52:55.0968 5360 Boot type: Normal boot
17:52:55.0968 5360 ============================================================
17:52:57.0515 5360 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:52:57.0531 5360 \Device\Harddisk0\DR0:
17:52:57.0531 5360 MBR used
17:52:57.0531 5360 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C1
17:52:57.0625 5360 Initialize success
17:52:57.0625 5360 ============================================================
17:53:02.0406 5464 ============================================================
17:53:02.0406 5464 Scan started
17:53:02.0406 5464 Mode: Manual;
17:53:02.0406 5464 ============================================================
17:53:03.0171 5464 Abiosdsk - ok
17:53:03.0281 5464 abp480n5 - ok
17:53:03.0468 5464 ACPI (d766e636187b8f240bbfbabcd51eb2c6) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:53:03.0468 5464 ACPI - ok
17:53:03.0515 5464 ACPIEC (49ac5cd87fbdda62f3e25190019e7627) C:\WINDOWS\system32\drivers\ACPIEC.sys
17:53:03.0531 5464 ACPIEC - ok
17:53:03.0593 5464 ACSSCR (7099700a3789ad64fbce8ebe956da65d) C:\WINDOWS\system32\DRIVERS\a38usbxp.sys
17:53:03.0593 5464 ACSSCR - ok
17:53:03.0671 5464 ADIHdAudAddService (0158f4027c0808ff65ed3b3d683339c9) C:\WINDOWS\system32\drivers\ADIHdAud.sys
17:53:03.0671 5464 ADIHdAudAddService - ok
17:53:03.0687 5464 adpu160m - ok
17:53:03.0703 5464 AEAudio (358063ab6c1c4173b735525cdfa65f94) C:\WINDOWS\system32\drivers\AEAudio.sys
17:53:03.0703 5464 AEAudio - ok
17:53:03.0718 5464 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
17:53:03.0734 5464 aec - ok
17:53:03.0781 5464 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
17:53:03.0796 5464 AFD - ok
17:53:03.0796 5464 Aha154x - ok
17:53:03.0812 5464 aic78u2 - ok
17:53:03.0828 5464 aic78xx - ok
17:53:03.0828 5464 AliIde - ok
17:53:03.0875 5464 amsint - ok
17:53:03.0890 5464 asc - ok
17:53:03.0921 5464 asc3350p - ok
17:53:03.0921 5464 asc3550 - ok
17:53:03.0984 5464 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:53:03.0984 5464 AsyncMac - ok
17:53:04.0000 5464 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:53:04.0000 5464 atapi - ok
17:53:04.0015 5464 Atdisk - ok
17:53:04.0765 5464 ati2mtag (c026951271d59ff97deb2a6b4895b416) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
17:53:04.0781 5464 ati2mtag - ok
17:53:04.0828 5464 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:53:04.0828 5464 Atmarpc - ok
17:53:04.0875 5464 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:53:04.0875 5464 audstub - ok
17:53:04.0953 5464 bdfsfltr (9b281f5f673cbc5b9ec886d59e0b4f26) C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys
17:53:04.0953 5464 bdfsfltr - ok
17:53:05.0031 5464 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:53:05.0031 5464 Beep - ok
17:53:05.0078 5464 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:53:05.0109 5464 cbidf2k - ok
17:53:05.0140 5464 cd20xrnt - ok
17:53:05.0218 5464 CdaC15BA (f76cb7259aa575cc53f3996bc6b68c18) C:\WINDOWS\system32\drivers\CDAC15BA.SYS
17:53:05.0218 5464 CdaC15BA - ok
17:53:05.0234 5464 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:53:05.0250 5464 Cdaudio - ok
17:53:05.0328 5464 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
17:53:05.0421 5464 Cdfs - ok
17:53:05.0468 5464 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:53:05.0484 5464 Cdrom - ok
17:53:05.0531 5464 Changer - ok
17:53:05.0562 5464 CmdIde - ok
17:53:05.0640 5464 Cpqarray - ok
17:53:05.0656 5464 dac2w2k - ok
17:53:05.0687 5464 dac960nt - ok
17:53:05.0765 5464 DgiVecp (a5034f77b278f07e224fe07cf98a8b76) C:\WINDOWS\system32\Drivers\DgiVecp.sys
17:53:05.0765 5464 DgiVecp - ok
17:53:05.0843 5464 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
17:53:05.0843 5464 Disk - ok
17:53:05.0906 5464 dmboot (82bc125a8ed33f5f0e75f2aac1065323) C:\WINDOWS\system32\drivers\dmboot.sys
17:53:05.0906 5464 dmboot - ok
17:53:05.0953 5464 dmio (e959ddc0ea7ac11ee5e5602e2a364310) C:\WINDOWS\system32\drivers\dmio.sys
17:53:05.0953 5464 dmio - ok
17:53:05.0984 5464 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:53:05.0984 5464 dmload - ok
17:53:06.0015 5464 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
17:53:06.0015 5464 DMusic - ok
17:53:06.0046 5464 dpti2o - ok
17:53:06.0125 5464 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
17:53:06.0125 5464 drmkaud - ok
17:53:06.0234 5464 econceal (92a1a87c748d31ce432018d7f019bd1d) C:\WINDOWS\system32\DRIVERS\econceal.sys
17:53:06.0234 5464 econceal - ok
17:53:06.0359 5464 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
17:53:06.0375 5464 Fastfat - ok
17:53:06.0421 5464 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
17:53:06.0421 5464 Fdc - ok
17:53:06.0468 5464 Fips (2cfea3326981a18c6baf2bd9be76225b) C:\WINDOWS\system32\drivers\Fips.sys
17:53:06.0484 5464 Fips - ok
17:53:06.0625 5464 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
17:53:06.0625 5464 Flpydisk - ok
17:53:06.0734 5464 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
17:53:06.0734 5464 FltMgr - ok
17:53:06.0843 5464 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:53:06.0875 5464 Fs_Rec - ok
17:53:06.0906 5464 Ftdisk (f3269a6ee547ea87b949a1cea4816b38) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:53:06.0906 5464 Ftdisk - ok
17:53:06.0953 5464 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
17:53:06.0953 5464 GEARAspiWDM - ok
17:53:06.0984 5464 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:53:06.0984 5464 Gpc - ok
17:53:07.0031 5464 HdAudAddService (56bf27d7a539f9e6bbc1de201aba0edf) C:\WINDOWS\system32\drivers\AtiHdAud.sys
17:53:07.0031 5464 HdAudAddService - ok
17:53:07.0046 5464 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:53:07.0046 5464 HDAudBus - ok
17:53:07.0062 5464 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:53:07.0062 5464 hidusb - ok
17:53:07.0078 5464 hpn - ok
17:53:07.0140 5464 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
17:53:07.0140 5464 HTTP - ok
17:53:07.0156 5464 i2omgmt - ok
17:53:07.0156 5464 i2omp - ok
17:53:07.0171 5464 i8042prt (610726e28af55b95043c5c35a727e320) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:53:07.0171 5464 i8042prt - ok
17:53:07.0187 5464 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:53:07.0187 5464 Imapi - ok
17:53:07.0218 5464 ini910u - ok
17:53:07.0218 5464 IntelIde - ok
17:53:07.0250 5464 intelppm (ebd830a0970c438047006a49c23e287f) C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:53:07.0250 5464 intelppm - ok
17:53:07.0265 5464 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
17:53:07.0265 5464 Ip6Fw - ok
17:53:07.0312 5464 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:53:07.0312 5464 IpFilterDriver - ok
17:53:07.0328 5464 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:53:07.0328 5464 IpInIp - ok
17:53:07.0343 5464 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:53:07.0359 5464 IpNat - ok
17:53:07.0375 5464 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:53:07.0375 5464 IPSec - ok
17:53:07.0390 5464 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:53:07.0390 5464 IRENUM - ok
17:53:07.0406 5464 isapnp (0953594beb81cc72fcc62d37921b25a6) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:53:07.0406 5464 isapnp - ok
17:53:07.0437 5464 JGOGO (c995c0e8b4503fac38793bb0236ad246) C:\WINDOWS\system32\DRIVERS\JGOGO.sys
17:53:07.0437 5464 JGOGO - ok
17:53:07.0453 5464 JRAID (f4a31e66a61c0783f51157519b03280b) C:\WINDOWS\system32\DRIVERS\jraid.sys
17:53:07.0453 5464 JRAID - ok
17:53:07.0468 5464 Kbdclass (28b6eace513ca7eaba3b809ad4bc274d) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:53:07.0468 5464 Kbdclass - ok
17:53:07.0500 5464 kbdhid (4c61c226bdda2ef1672b2c5f4e56625e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:53:07.0500 5464 kbdhid - ok
17:53:07.0531 5464 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
17:53:07.0531 5464 kmixer - ok
17:53:07.0562 5464 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
17:53:07.0578 5464 KSecDD - ok
17:53:07.0671 5464 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Programmi\Lavasoft\Ad-Aware\KernExplorer.sys
17:53:07.0671 5464 Lavasoft Kernexplorer - ok
17:53:07.0734 5464 Lbd (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys
17:53:07.0750 5464 Lbd - ok
17:53:07.0750 5464 lbrtfdc - ok
17:53:07.0828 5464 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:53:08.0000 5464 mnmdd - ok
17:53:08.0250 5464 Modem (8cb6636806d76b85fafaee94d75f5129) C:\WINDOWS\system32\drivers\Modem.sys
17:53:08.0265 5464 Modem - ok
17:53:08.0531 5464 Mouclass (e904ebed608055a2bfb824c07f59766c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:53:08.0531 5464 Mouclass - ok
17:53:08.0609 5464 mouhid (d7662f0cf5b77bbbe3202716f5bd5318) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:53:08.0609 5464 mouhid - ok
17:53:08.0640 5464 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
17:53:08.0671 5464 MountMgr - ok
17:53:08.0671 5464 mraid35x - ok
17:53:08.0703 5464 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:53:08.0703 5464 MRxDAV - ok
17:53:08.0765 5464 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:53:08.0765 5464 MRxSmb - ok
17:53:08.0781 5464 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
17:53:08.0828 5464 Msfs - ok
17:53:08.0843 5464 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:53:08.0843 5464 MSKSSRV - ok
17:53:08.0859 5464 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:53:08.0859 5464 MSPCLOCK - ok
17:53:08.0875 5464 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
17:53:08.0875 5464 MSPQM - ok
17:53:08.0921 5464 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:53:08.0921 5464 mssmbios - ok
17:53:08.0968 5464 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
17:53:08.0968 5464 MTsensor - ok
17:53:09.0015 5464 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
17:53:09.0031 5464 Mup - ok
17:53:09.0078 5464 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
17:53:09.0093 5464 NDIS - ok
17:53:09.0125 5464 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:53:09.0125 5464 NdisTapi - ok
17:53:09.0156 5464 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:53:09.0156 5464 Ndisuio - ok
17:53:09.0171 5464 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:53:09.0171 5464 NdisWan - ok
17:53:09.0218 5464 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
17:53:09.0234 5464 NDProxy - ok
17:53:09.0234 5464 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:53:09.0234 5464 NetBIOS - ok
17:53:09.0250 5464 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:53:09.0265 5464 NetBT - ok
17:53:09.0281 5464 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
17:53:09.0281 5464 Npfs - ok
17:53:09.0312 5464 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
17:53:09.0312 5464 Ntfs - ok
17:53:09.0328 5464 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:53:09.0343 5464 Null - ok
17:53:09.0390 5464 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:53:09.0390 5464 NwlnkFlt - ok
17:53:09.0406 5464 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:53:09.0421 5464 NwlnkFwd - ok
17:53:09.0437 5464 Parport (4e9408a178b2d955871c2cdd278de3c3) C:\WINDOWS\system32\DRIVERS\parport.sys
17:53:09.0437 5464 Parport - ok
17:53:09.0453 5464 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
17:53:09.0453 5464 PartMgr - ok
17:53:09.0468 5464 ParVdm (0dabef655a444cb1e193626fb1d24b9f) C:\WINDOWS\system32\drivers\ParVdm.sys
17:53:09.0500 5464 ParVdm - ok
17:53:09.0546 5464 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
17:53:09.0546 5464 pccsmcfd - ok
17:53:09.0562 5464 PCI (f40a46892afebb0314536b849d57c11e) C:\WINDOWS\system32\DRIVERS\pci.sys
17:53:09.0562 5464 PCI - ok
17:53:09.0578 5464 PCIDump - ok
17:53:09.0609 5464 PCIIde (b2df00d650fd6c4ee781740ed3c8e67f) C:\WINDOWS\system32\DRIVERS\pciide.sys
17:53:09.0609 5464 PCIIde - ok
17:53:09.0656 5464 Pcmcia (815c50f2b1d1562800bdce8be895000e) C:\WINDOWS\system32\drivers\Pcmcia.sys
17:53:09.0671 5464 Pcmcia - ok
17:53:09.0687 5464 PDCOMP - ok
17:53:09.0703 5464 PDFRAME - ok
17:53:09.0703 5464 PDRELI - ok
17:53:09.0718 5464 PDRFRAME - ok
17:53:09.0718 5464 perc2 - ok
17:53:09.0765 5464 perc2hib - ok
17:53:09.0812 5464 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:53:09.0812 5464 PptpMiniport - ok
17:53:09.0937 5464 ProcObsrv (1a356da1b2ad7a521b529c2706c2deb7) c:\progra~1\escan\ProcObsrv.sys
17:53:09.0937 5464 ProcObsrv - ok
17:53:09.0968 5464 ProcObsrves (38a96eee2d1ffe99d67ce42f471ff82f) C:\PROGRA~1\eScan\ProcObsrves.sys
17:53:09.0984 5464 ProcObsrves - ok
17:53:10.0000 5464 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
17:53:10.0000 5464 PSched - ok
17:53:10.0046 5464 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:53:10.0046 5464 Ptilink - ok
17:53:10.0062 5464 ql1080 - ok
17:53:10.0062 5464 Ql10wnt - ok
17:53:10.0078 5464 ql12160 - ok
17:53:10.0093 5464 ql1240 - ok
17:53:10.0093 5464 ql1280 - ok
17:53:10.0109 5464 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:53:10.0109 5464 RasAcd - ok
17:53:10.0140 5464 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:53:10.0140 5464 Rasl2tp - ok
17:53:10.0140 5464 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:53:10.0156 5464 RasPppoe - ok
17:53:10.0156 5464 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:53:10.0156 5464 Raspti - ok
17:53:10.0218 5464 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:53:10.0218 5464 Rdbss - ok
17:53:10.0234 5464 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:53:10.0234 5464 RDPCDD - ok
17:53:10.0250 5464 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:53:10.0250 5464 rdpdr - ok
17:53:10.0312 5464 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
17:53:10.0328 5464 RDPWD - ok
17:53:10.0359 5464 redbook (393fc252593323b624b230eca6b85e63) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:53:10.0359 5464 redbook - ok
17:53:10.0437 5464 RTLE8023xp (c6d34a1874cd2b212dc3e788091c64b4) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
17:53:10.0437 5464 RTLE8023xp - ok
17:53:10.0484 5464 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:53:10.0484 5464 Secdrv - ok
17:53:10.0546 5464 SenFiltService (b6a6b409fda9d9ebd3aadb838d3d7173) C:\WINDOWS\system32\drivers\Senfilt.sys
17:53:10.0546 5464 SenFiltService - ok
17:53:10.0593 5464 Sentinel (b3c1b187fefc941f63ce0df93d02eb9f) C:\WINDOWS\System32\Drivers\SENTINEL.SYS
17:53:10.0593 5464 Sentinel - ok
17:53:10.0625 5464 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
17:53:10.0625 5464 serenum - ok
17:53:10.0640 5464 Serial (fdbd9d64e2e03270021d424f0dccf79d) C:\WINDOWS\system32\DRIVERS\serial.sys
17:53:10.0640 5464 Serial - ok
17:53:10.0671 5464 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
17:53:10.0687 5464 Sfloppy - ok
17:53:10.0718 5464 Simbad - ok
17:53:10.0734 5464 Sparrow - ok
17:53:10.0765 5464 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
17:53:10.0765 5464 splitter - ok
17:53:10.0781 5464 sr (618718cae288bf7cbd8fcbab2577d932) C:\WINDOWS\system32\DRIVERS\sr.sys
17:53:10.0781 5464 sr - ok
17:53:10.0812 5464 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
17:53:10.0812 5464 Srv - ok
17:53:10.0843 5464 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:53:10.0843 5464 swenum - ok
17:53:10.0859 5464 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
17:53:10.0859 5464 swmidi - ok
17:53:10.0890 5464 symc810 - ok
17:53:10.0906 5464 symc8xx - ok
17:53:10.0906 5464 sym_hi - ok
17:53:10.0921 5464 sym_u3 - ok
17:53:10.0953 5464 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
17:53:10.0953 5464 sysaudio - ok
17:53:11.0000 5464 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:53:11.0000 5464 Tcpip - ok
17:53:11.0046 5464 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:53:11.0062 5464 TDPIPE - ok
17:53:11.0078 5464 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
17:53:11.0093 5464 TDTCP - ok
17:53:11.0125 5464 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:53:11.0125 5464 TermDD - ok
17:53:11.0140 5464 TosIde - ok
17:53:11.0187 5464 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
17:53:11.0203 5464 Udfs - ok
17:53:11.0218 5464 ultra - ok
17:53:11.0250 5464 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
17:53:11.0250 5464 Update - ok
17:53:11.0312 5464 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
17:53:11.0312 5464 USBAAPL - ok
17:53:11.0359 5464 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:53:11.0375 5464 usbccgp - ok
17:53:11.0406 5464 USBCCID (2825e0e294686a26506690059e1f437a) C:\WINDOWS\system32\DRIVERS\usbccid.sys
17:53:11.0406 5464 USBCCID - ok
17:53:11.0437 5464 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:53:11.0437 5464 usbehci - ok
17:53:11.0453 5464 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:53:11.0453 5464 usbhub - ok
17:53:11.0515 5464 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:53:11.0515 5464 usbscan - ok
17:53:11.0562 5464 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
17:53:11.0562 5464 usbser - ok
17:53:11.0578 5464 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:53:11.0578 5464 USBSTOR - ok
17:53:11.0593 5464 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:53:11.0593 5464 usbuhci - ok
17:53:11.0640 5464 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
17:53:11.0640 5464 VgaSave - ok
17:53:11.0656 5464 ViaIde - ok
17:53:11.0703 5464 VolSnap (e46c1b5a56da7da603d09dfcc79ec59e) C:\WINDOWS\system32\drivers\VolSnap.sys
17:53:11.0750 5464 VolSnap - ok
17:53:11.0812 5464 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:53:11.0812 5464 Wanarp - ok
17:53:11.0859 5464 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
17:53:11.0859 5464 Wdf01000 - ok
17:53:11.0875 5464 WDICA - ok
17:53:11.0890 5464 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
17:53:11.0890 5464 wdmaud - ok
17:53:11.0953 5464 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
17:53:11.0953 5464 WpdUsb - ok
17:53:12.0015 5464 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:53:12.0015 5464 WS2IFSL - ok
17:53:12.0062 5464 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:53:12.0078 5464 WudfPf - ok
17:53:12.0093 5464 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:53:12.0109 5464 WudfRd - ok
17:53:12.0140 5464 MBR (0x1B8) (828e02d5c4a4fbe53441ee9dbee51f43) \Device\Harddisk0\DR0
17:53:12.0234 5464 \Device\Harddisk0\DR0 - ok
17:53:12.0234 5464 Boot (0x1200) (a1dcb6fcce69d8d42134ca8b1fa279c7) \Device\Harddisk0\DR0\Partition0
17:53:12.0234 5464 \Device\Harddisk0\DR0\Partition0 - ok
17:53:12.0234 5464 ============================================================
17:53:12.0234 5464 Scan finished
17:53:12.0234 5464 ============================================================
17:53:12.0250 5456 Detected object count: 0
17:53:12.0250 5456 Actual detected object count: 0
17:55:48.0390 5356 Deinitialize success
----------------------------------------------------------------------------------------------------------------------------------------
aswMBR version 0.9.9.1532 Copyright(c) 2011 AVAST Software
Run date: 2012-02-15 18:00:02
-----------------------------
18:00:02.812 OS Version: Windows 5.1.2600 Service Pack 3
18:00:02.812 Number of processors: 2 586 0xF0B
18:00:02.812 ComputerName: ALEX UserName:
18:00:03.859 Initialize success
18:00:15.328 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
18:00:15.328 Disk 0 Vendor: MAXTOR_STM3320620AS 3.AAE Size: 305245MB BusType: 3
18:00:15.328 Disk 0 MBR read successfully
18:00:15.328 Disk 0 MBR scan
18:00:15.328 Disk 0 Windows XP default MBR code
18:00:15.328 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 305234 MB offset 63
18:00:15.328 Disk 0 scanning sectors +625121280
18:00:15.390 Disk 0 scanning C:\WINDOWS\system32\drivers
18:00:23.765 Service scanning
18:00:25.265 Service econceal C:\WINDOWS\system32\DRIVERS\econceal.sys **LOCKED** 32
18:00:25.875 Modules scanning
18:00:30.593 Disk 0 trace - called modules:
18:00:30.593 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys
18:00:30.593 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89b7f9c0]
18:00:30.609 3 CLASSPNP.SYS[f7647fd7] -> nt!IofCallDriver -> \Device\0000006c[0x89b93f18]
18:00:30.609 5 ACPI.sys[f75ae620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x89b82940]
18:00:30.609 Scan finished successfully
18:00:42.421 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\alessio\Desktop\MBR.dat"
18:00:42.468 The log file has been saved successfully to "C:\Documents and Settings\alessio\Desktop\aswMBR.txt"0 -
Thanks for the logs so far, toros. The programs have not found anything bad.
If possible tell eScan to scan the folder C:\Documents and settings, it is rather common that malicious files are placed under that folder.0 -
Just a cookie, and not a malicious file. 0 -
I Thank you, CeciliaB, I'll tell to scan that folder. Then I'll inform you.
Here it is the ad-aware smart scan log.
Logfile created: 15/02/2012 18:26:49
Ad-Aware version: 9.6.0
Extended engine: 3
Extended engine version: 3.1.2770
User performing scan: alessio
*********************** Definitions database information ***********************
Lavasoft definition file: 150.723
Genotype definition file version: 2012/02/13 12:34:34
Extended engine definition file: 11548.0
******************************** Scan results: *********************************
Scan profile name: Smart Scan (ID: smart)
Objects scanned: 73353
Objects detected: 1
Type Detected
==========================
Processes.......: 0
Registry entries: 0
Hostfile entries: 0
Files...........: 0
Folders.........: 0
LSPs............: 0
Cookies.........: 1
Browser hijacks.: 0
MRU objects.....: 0
Removed items:
Description: *excite* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408871 Family ID: 0
Scan and cleaning complete: Finished correctly after 866 seconds
*********************************** Settings ***********************************
Scan profile:
ID: smart, enabled:1, value: Smart Scan
ID: folderstoscan, enabled:1, value:
ID: useantivirus, enabled:1, value: true
ID: sections, enabled:1
ID: scancriticalareas, enabled:1, value: true
ID: scanrunningapps, enabled:1, value: true
ID: scanregistry, enabled:1, value: true
ID: scanlsp, enabled:1, value: true
ID: scanads, enabled:1, value: false
ID: scanhostsfile, enabled:1, value: false
ID: scanmru, enabled:1, value: false
ID: scanbrowserhijacks, enabled:1, value: true
ID: scantrackingcookies, enabled:1, value: true
ID: closebrowsers, enabled:1, value: false
ID: filescanningoptions, enabled:1
ID: archives, enabled:1, value: false
ID: onlyexecutables, enabled:1, value: true
ID: skiplargerthan, enabled:1, value: 20480
ID: scanrootkits, enabled:1, value: true
ID: rootkitlevel, enabled:1, value: mild, domain: medium,mild,strict
ID: usespywareheuristics, enabled:1, value: true
Scan global:
ID: global, enabled:1
ID: addtocontextmenu, enabled:1, value: true
ID: playsoundoninfection, enabled:1, value: false
ID: soundfile, enabled:0, value: N/A
Scheduled scan settings:
<Empty>
Update settings:
ID: updates, enabled:1
ID: launchthreatworksafterscan, enabled:1, value: silently, domain: normal,off,silently
ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: schedules, enabled:1, value: true
ID: updatedaily1, enabled:1, value: Daily 1
ID: time, enabled:1, value: Wed Feb 08 11:29:00 2012
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updatedaily2, enabled:1, value: Daily 2
ID: time, enabled:1, value: Wed Feb 08 17:29:00 2012
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updatedaily3, enabled:1, value: Daily 3
ID: time, enabled:1, value: Wed Feb 08 23:29:00 2012
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updatedaily4, enabled:1, value: Daily 4
ID: time, enabled:1, value: Wed Feb 08 05:29:00 2012
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updateweekly1, enabled:1, value: Weekly
ID: time, enabled:1, value: Wed Feb 08 11:29:00 2012
ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: true
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: true
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
Appearance settings:
ID: appearance, enabled:1
ID: skin, enabled:1, value: default.egl, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource
ID: showtrayicon, enabled:1, value: true
ID: autoentertainmentmode, enabled:1, value: true
ID: guimode, enabled:1, value: mode_advanced, domain: mode_advanced,mode_simple
ID: language, enabled:1, value: en, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language
Realtime protection settings:
ID: realtime, enabled:1
ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,onlyimportant
ID: layers, enabled:1
ID: useantivirus, enabled:1, value: true
ID: usespywareheuristics, enabled:1, value: true
ID: maintainbackup, enabled:1, value: true
ID: modules, enabled:1
ID: processprotection, enabled:1, value: true
ID: onaccessprotection, enabled:1, value: true
ID: registryprotection, enabled:1, value: true
ID: networkprotection, enabled:1, value: true
****************************** System information ******************************
Computer name: ALEX
Processor name: Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz
Processor identifier: x86 Family 6 Model 15 Stepping 11
Processor speed: ~2329MHZ
Raw info: processorarchitecture 0, processortype 586, processorlevel 6, processor revision 3851, number of processors 2, processor features: [MMX,SSE,SSE2]
Physical memory available: 975069184 bytes
Physical memory total: 2146545664 bytes
Virtual memory available: 1858588672 bytes
Virtual memory total: 2147352576 bytes
Memory load: 54%
Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Windows startup mode:
Running processes:
PID: 684 name: \SystemRoot\System32\smss.exe owner: SYSTEM domain: NT AUTHORITY
PID: 740 name: C:\WINDOWS\system32\csrss.exe owner: SYSTEM domain: NT AUTHORITY
PID: 772 name: C:\WINDOWS\system32\winlogon.exe owner: SYSTEM domain: NT AUTHORITY
PID: 816 name: C:\WINDOWS\system32\services.exe owner: SYSTEM domain: NT AUTHORITY
PID: 828 name: C:\WINDOWS\system32\lsass.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1000 name: C:\WINDOWS\system32\Ati2evxx.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1016 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1096 name: C:\WINDOWS\system32\svchost.exe owner: SERVIZIO DI RETE domain: NT AUTHORITY
PID: 1216 name: C:\WINDOWS\System32\svchost.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1256 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1352 name: C:\WINDOWS\system32\svchost.exe owner: SERVIZIO DI RETE domain: NT AUTHORITY
PID: 1452 name: C:\WINDOWS\system32\Ati2evxx.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1512 name: C:\WINDOWS\system32\svchost.exe owner: SERVIZIO LOCALE domain: NT AUTHORITY
PID: 1664 name: C:\WINDOWS\system32\spoolsv.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1712 name: C:\WINDOWS\System32\SCardSvr.exe owner: SERVIZIO LOCALE domain: NT AUTHORITY
PID: 2028 name: C:\WINDOWS\system32\svchost.exe owner: SERVIZIO LOCALE domain: NT AUTHORITY
PID: 164 name: C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe owner: SYSTEM domain: NT AUTHORITY
PID: 180 name: C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe owner: SYSTEM domain: NT AUTHORITY
PID: 244 name: C:\Programmi\Bonjour\mDNSResponder.exe owner: SYSTEM domain: NT AUTHORITY
PID: 264 name: C:\WINDOWS\system32\drivers\CDAC11BA.EXE owner: SYSTEM domain: NT AUTHORITY
PID: 304 name: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe owner: SYSTEM domain: NT AUTHORITY
PID: 600 name: C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe owner: SYSTEM domain: NT AUTHORITY
PID: 628 name: c:\progra~1\escan\EconSer.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1048 name: c:\progra~1\escan\eConceal.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1052 name: C:\DOCUME~1\ALLUSE~1\DATIAP~1\MICROW~1\eScanBD\avpmapp.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1136 name: C:\PROGRA~1\eScan\TRAYSSER.EXE owner: SYSTEM domain: NT AUTHORITY
PID: 1316 name: C:\PROGRA~1\eScan\consctl.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1772 name: C:\Programmi\Java\jre6\bin\jqs.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1872 name: C:\Programmi\File comuni\LightScribe\LSSrvc.exe owner: SYSTEM domain: NT AUTHORITY
PID: 388 name: C:\WINDOWS\Explorer.EXE owner: alessio domain: ALEX
PID: 1264 name: C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE owner: SYSTEM domain: NT AUTHORITY
PID: 1936 name: C:\PROGRA~1\FILECO~1\MICROW~1\Agent\MWASER.EXE owner: SYSTEM domain: NT AUTHORITY
PID: 2188 name: C:\PROGRA~1\FILECO~1\MICROW~1\Agent\MWAgent.exe owner: SYSTEM domain: NT AUTHORITY
PID: 2208 name: C:\Programmi\File comuni\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe owner: SYSTEM domain: NT AUTHORITY
PID: 2292 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT AUTHORITY
PID: 2348 name: C:\Programmi\Viewpoint\Common\ViewpointService.exe owner: SYSTEM domain: NT AUTHORITY
PID: 2428 name: C:\Programmi\Autodesk Network License Manager\lmgrd.exe owner: SYSTEM domain: NT AUTHORITY
PID: 3488 name: C:\Programmi\Autodesk Network License Manager\adskflex.exe owner: SYSTEM domain: NT AUTHORITY
PID: 3964 name: C:\WINDOWS\System32\alg.exe owner: SERVIZIO LOCALE domain: NT AUTHORITY
PID: 4020 name: C:\WINDOWS\system32\wscntfy.exe owner: alessio domain: ALEX
PID: 4076 name: C:\WINDOWS\system32\wbem\wmiprvse.exe owner: SYSTEM domain: NT AUTHORITY
PID: 2120 name: C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe owner: alessio domain: ALEX
PID: 2800 name: C:\Programmi\Analog Devices\Core\smax4pnp.exe owner: alessio domain: ALEX
PID: 2844 name: C:\WINDOWS\system32\SSLEmptyCache.exe owner: alessio domain: ALEX
PID: 2880 name: C:\PROGRA~1\eScan\TRAYICOS.EXE owner: alessio domain: ALEX
PID: 3448 name: C:\PROGRA~1\eScan\MAILDISP.EXE owner: alessio domain: ALEX
PID: 3400 name: C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe owner: alessio domain: ALEX
PID: 3608 name: C:\Programmi\File comuni\Java\Java Update\jusched.exe owner: alessio domain: ALEX
PID: 1756 name: C:\PROGRA~1\eScan\Vista\eScanMon.exe owner: alessio domain: ALEX
PID: 3668 name: C:\PROGRA~1\ESCAN\SPOOLER.EXE owner: alessio domain: ALEX
PID: 3024 name: C:\Programmi\iTunes\iTunesHelper.exe owner: alessio domain: ALEX
PID: 2652 name: C:\Programmi\File comuni\LightScribe\LightScribeControlPanel.exe owner: alessio domain: ALEX
PID: 720 name: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe owner: alessio domain: ALEX
PID: 2752 name: C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe owner: alessio domain: ALEX
PID: 2856 name: C:\WINDOWS\system32\ctfmon.exe owner: alessio domain: ALEX
PID: 2000 name: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1932 name: C:\Programmi\iPod\bin\iPodService.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1012 name: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe owner: alessio domain: ALEX
PID: 1424 name: C:\Programmi\Viewpoint\Viewpoint Manager\ViewMgr.exe owner: SYSTEM domain: NT AUTHORITY
PID: 2832 name: C:\Documents and Settings\alessio\Dati applicazioni\Dropbox\bin\Dropbox.exe owner: alessio domain: ALEX
PID: 3192 name: C:\Programmi\Internet Explorer\iexplore.exe owner: alessio domain: ALEX
PID: 5216 name: C:\Programmi\Internet Explorer\iexplore.exe owner: alessio domain: ALEX
PID: 4744 name: C:\Programmi\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM domain: NT AUTHORITY
PID: 4604 name: C:\WINDOWS\system32\wbem\unsecapp.exe owner: SYSTEM domain: NT AUTHORITY
PID: 6048 name: C:\Programmi\Lavasoft\Ad-Aware\AAWTray.exe owner: alessio domain: ALEX
PID: 5336 name: C:\Programmi\Lavasoft\Ad-Aware\Ad-Aware.exe owner: alessio domain: ALEX
PID: 2432 name: C:\Programmi\Internet Explorer\iexplore.exe owner: alessio domain: ALEX
Startup items:
Name: JMB36X IDE Setup
imagepath: C:\WINDOWS\JM\JMInsIDE.exe
Name: JMB36X Configure
imagepath: C:\WINDOWS\system32\JMRaidSetup.exe boot
Name: Acrobat Assistant 7.0
imagepath: "C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
Name: NeroFilterCheck
imagepath: C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
Name: SoundMAXPnP
imagepath: C:\Programmi\Analog Devices\Core\smax4pnp.exe
Name: SSLEmptyCache
imagepath: C:\WINDOWS\system32\SSLEmptyCache.exe
Name: eScan Updater
imagepath: C:\PROGRA~1\eScan\TRAYICOS.EXE /App
Name: MailScan Dispatcher
imagepath: "C:\PROGRA~1\eScan\LAUNCH.EXE" /startup
Name: Adobe Reader Speed Launcher
imagepath: "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
Name: Adobe ARM
imagepath: "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
Name: QuickTime Task
imagepath: "C:\Programmi\QuickTime\qttask.exe" -atboottime
Name: SunJavaUpdateSched
imagepath: "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
Name: APSDaemon
imagepath: "C:\Programmi\File comuni\Apple\Apple Application Support\APSDaemon.exe"
Name: iTunesHelper
imagepath: "C:\Programmi\iTunes\iTunesHelper.exe"
Name: {438755C2-A8BA-11D1-B96B-00A0C90312E1}
imagepath: Precaricatore Browseui
Name: {8C7461EF-2B13-11d2-BE35-3078302C2030}
imagepath: Daemon di cache delle categorie di componenti
Name: PostBootReminder
imagepath: {7849596a-48ea-486e-8937-a2a3009f31a9}
Name: CDBurn
imagepath: {fbeb8a05-beee-4442-804e-409d6c4515e9}
Name: WebCheck
imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
Name: SysTray
imagepath: {35CEC8A3-2BE6-11D2-8773-92E220524153}
Name: WPDShServiceObj
imagepath: {AAA288BA-9A4C-45B0-95D7-94D524869DB5}
Name:
location: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Adobe Gamma Loader.lnk
imagepath: C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
Name:
location: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Avvio veloce di Adobe Acrobat.lnk
imagepath: C:\WINDOWS\Installer\{AC76BA86-1034-4700-7760-000000000002}\SC_Acrobat.exe
Name:
imagepath: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\desktop.ini
Name:
imagepath: C:\Documents and Settings\Default User\Menu Avvio\Programmi\Esecuzione automatica\desktop.ini
Bootexecute items:
Name:
imagepath: lsdelete
Running services:
Name: ALG
displayname: Servizio Gateway di livello applicazione
Name: Apple Mobile Device
displayname: Apple Mobile Device
Name: ArcGIS License Manager
displayname: ArcGIS License Manager
Name: Ati HotKey Poller
displayname: Ati HotKey Poller
Name: AudioSrv
displayname: Audio Windows
Name: BITS
displayname: Servizio trasferimento intelligente in background
Name: Bonjour Service
displayname: Servizio Bonjour
Name: Browser
displayname: Browser di computer
Name: C-DillaCdaC11BA
displayname: C-DillaCdaC11BA
Name: clr_optimization_v2.0.50727_32
displayname: .NET Runtime Optimization Service v2.0.50727_X86
Name: CryptSvc
displayname: CryptSvc
Name: DcomLaunch
displayname: Utilità di avvio processo server DCOM
Name: Dhcp
displayname: Client DHCP
Name: dmserver
displayname: Gestione dischi logici
Name: Dnscache
displayname: Client DNS
Name: EconService
displayname: eConServ
Name: ERSvc
displayname: Servizio di segnalazione errori
Name: eScan Monitor Service
displayname: eScan Monitor Service
Name: eScan-trayicos
displayname: eScan Server-Updater
Name: Eventlog
displayname: Registro eventi
Name: EventSystem
displayname: Sistema di eventi COM+
Name: FastUserSwitchingCompatibility
displayname: Compatibilità di Cambio rapido utente
Name: helpsvc
displayname: Guida in linea e supporto tecnico
Name: HidServ
displayname: HID Input Service
Name: iPod Service
displayname: Servizio iPod
Name: JavaQuickStarterService
displayname: Java Quick Starter
Name: lanmanserver
displayname: Server
Name: lanmanworkstation
displayname: Workstation
Name: Lavasoft Ad-Aware Service
displayname: Lavasoft Ad-Aware Service
Name: LightScribeService
displayname: LightScribeService Direct Disc Labeling Service
Name: LmHosts
displayname: Helper NetBIOS di TCP/IP
Name: MDM
displayname: Machine Debug Manager
Name: MWAgent
displayname: MWAgent
Name: Netman
displayname: Connessioni di rete
Name: Nla
displayname: NLA (Network Location Awareness)
Name: NMIndexingService
displayname: NMIndexingService
Name: PlugPlay
displayname: Plug and Play
Name: PolicyAgent
displayname: Servizi IPSEC
Name: ProtectedStorage
displayname: Archiviazione protetta
Name: RasMan
displayname: Connection Manager di Accesso remoto
Name: RemoteRegistry
displayname: Registro di sistema remoto
Name: RpcSs
displayname: RPC (Remote Procedure Call)
Name: SamSs
displayname: Gestione account di protezione (SAM)
Name: SCardSvr
displayname: smart card
Name: Schedule
displayname: Utilità di pianificazione
Name: seclogon
displayname: Secondary Logon
Name: SENS
displayname: Notifica eventi di sistema
Name: SentinelProtectionServer
displayname: Sentinel Protection Server
Name: SharedAccess
displayname: Windows Firewall / Condivisione connessione Internet (ICS)
Name: ShellHWDetection
displayname: Rilevamento hardware shell
Name: Spooler
displayname: Spooler di stampa
Name: srservice
displayname: Servizio Ripristino configurazione di sistema
Name: SSDPSRV
displayname: Servizio di rilevamento SSDP
Name: stisvc
displayname: Acquisizione di immagini di Windows (WIA)
Name: TapiSrv
displayname: Telefonia
Name: TermService
displayname: Servizi terminal
Name: Themes
displayname: Temi
Name: TrkWks
displayname: Manutenzione collegamenti distribuiti client
Name: Viewpoint Manager Service
displayname: Viewpoint Manager Service
Name: viz 2005
displayname: viz 2005
Name: W32Time
displayname: Ora di Windows
Name: WebClient
displayname: WebClient
Name: winmgmt
displayname: Strumentazione gestione Windows
Name: wscsvc
displayname: Centro sicurezza PC
Name: wuauserv
displayname: Automatic Updates
Name: WudfSvc
displayname: Windows Driver Foundation - User-mode Driver Framework
Name: WZCSVC
displayname: Zero Configuration reti senza fili0 -
Hi CeciliaB, good morning.
I saw, just a cookie.
I also scanned Documents and settings folder by eScan, and it didn't find anything malicious, as you can see in the log I post.
So I hope everything is ok now. I'll try to reinstall Skype and see if it works right or still spam malicious links to all my contacts.
Do you think I have to try something else before it?
thaks a lot so far.
toros /rolleyes.gif' class='bbc_emoticon' alt=':rolleyes:' />
15 feb 2012 18:49:58 - **********************************************************
15 feb 2012 18:49:58 - Modulo eScan Anti Virus & Spyware.
15 feb 2012 18:49:58 - Copyright © 2003-2006, MicroWorld Technologies Inc.
15 feb 2012 18:49:58 - **********************************************************
15 feb 2012 18:49:58 - Versione 12.0.198
15 feb 2012 18:49:58 - File log: C:\Programmi\eScan\LOG\15020001.LOG
15 feb 2012 18:49:58 - Data e ora ultima scansione: 15.02.2012 18:07:16
15 feb 2012 18:49:58 - MWAV Registered: TRUE
15 feb 2012 18:49:58 - User Account: alessio (Administrator Mode)
15 feb 2012 18:49:58 - OS Type: Windows Workstation
15 feb 2012 18:49:58 - OS: Windows XP [OS Install Date: 19 Oct 2007 09:45:26]
15 feb 2012 18:49:58 - Ver: Service Pack 3 (Build 2600)
15 feb 2012 18:49:58 - System Up Time: 1 Hour, 2 Minutes, 40 Seconds
15 feb 2012 18:49:58 - Parent Process Name : C:\Programmi\eScan\escanpro.exe
15 feb 2012 18:49:58 - Windows Root Folder: C:\WINDOWS
15 feb 2012 18:49:58 - Windows Sys32 Folder: C:\WINDOWS\system32
15 feb 2012 18:49:58 - Interface0 NameServer: 212.216.112.112
15 feb 2012 18:49:58 - Local Fixed Drives: c:\
15 feb 2012 18:49:58 - MWAV Mode: Scan and Clean files (for viruses, adware and spyware)
15 feb 2012 18:49:58 - Opzioni riga di comando: /pipe=5692escan /Log=C:\PROGRA~1\eScan\Log\15020001.log /SC /LOGINFECT /MAXFILESIZE=5 /FILELIST=C:\DOCUME~1\alessio\IMPOST~1\Temp\\eShxScan3757546.txt /S
15 feb 2012 18:49:58 - Loading/Creating FileScan Database C:\Documents and Settings\All Users\Dati applicazioni\MicroWorld\MWAV\ESCANDBX.MDB [Log: C:\PROGRA~1\ESCAN\LOG\ESCANDB.LOG]
15 feb 2012 18:49:58 - Loaded/Created FileScan Database...
15 feb 2012 18:49:58 - Loading AV Library [DB]...
15 feb 2012 18:50:02 - AV Library Loaded [IPC].
15 feb 2012 18:50:02 - **********************************************************
15 feb 2012 18:50:02 - Modulo eScan Anti Virus & Spyware.
15 feb 2012 18:50:02 - Copyright © 2003-2006, MicroWorld Technologies Inc.
15 feb 2012 18:50:02 -
15 feb 2012 18:50:02 - Supporto: [email="assistenza@labinfo.it"]assistenza@labinfo.it[/email]
15 feb 2012 18:50:02 - Web: [url="http://www.labinfo.it"]http://www.labinfo.it[/url]
15 feb 2012 18:50:02 - **********************************************************
15 feb 2012 18:50:02 - Versione 12.0.198[IPC]
15 feb 2012 18:50:02 - File log: C:\Programmi\eScan\LOG\15020001.LOG
15 feb 2012 18:50:02 - User Account: alessio (Administrator Mode)
15 feb 2012 18:50:02 - Parent Process Name : C:\Programmi\eScan\escanpro.exe
15 feb 2012 18:50:02 - Windows Root Folder: C:\WINDOWS
15 feb 2012 18:50:02 - Windows Sys32 Folder: C:\WINDOWS\system32
15 feb 2012 18:50:02 - OS: Windows XP [OS Install Date: 19 Oct 2007 09:45:26]
15 feb 2012 18:50:02 - Ver: Service Pack 3 (Build 2600)
15 feb 2012 18:50:02 - Opzioni impostate dall'utente:
15 feb 2012 18:50:02 - Verifica memoria: Disabilitata
15 feb 2012 18:50:02 - Verifica registry: Disabilitata
15 feb 2012 18:50:02 - Verifica Esecuzione automatica: Disabilitata
15 feb 2012 18:50:02 - Verifica cartelle di sistema: Disabilitata
15 feb 2012 18:50:02 - Verifica servizi: Disabilitata
15 feb 2012 18:50:02 - Scan Spyware: Disabilitata
15 feb 2012 18:50:02 - Opzione verifica unità disabilitata
15 feb 2012 18:50:02 - Verifica cartella: Abilitata
15 feb 2012 18:50:02 - SCAN: All_Files
15 feb 2012 18:50:02 - MWAV Mode: Scan and Clean files (for viruses, adware and spyware)
15 feb 2012 18:56:12 - C:\Documents and Settings\alessio\Dati applicazioni\Qualcomm\Eudora\attach\Catalogo tecnico R Panel.pdf non scansionato. Probabilmente protetto da password...
15 feb 2012 18:57:02 - ScanFile (C:\Documents and Settings\alessio\Dati applicazioni\Qualcomm\Eudora\attach\def.zip) took 6906 ms
15 feb 2012 18:57:17 - ScanFile (C:\Documents and Settings\alessio\Dati applicazioni\Qualcomm\Eudora\attach\denstudenta1.zip) took 6093 ms
15 feb 2012 18:57:43 - ScanFile (C:\Documents and Settings\alessio\Dati applicazioni\Qualcomm\Eudora\attach\Disponibilità 34.xls) took 8719 ms
15 feb 2012 18:58:59 - C:\Documents and Settings\alessio\Dati applicazioni\Qualcomm\Eudora\attach\linea ART PANEL.pdf non scansionato. Probabilmente protetto da password...
15 feb 2012 19:02:52 - ScanFile (C:\Documents and Settings\alessio\Dati applicazioni\Qualcomm\Eudora\attach\S.Fautino 13 - struttura corte museo.zip) took 7922 ms
15 feb 2012 19:03:22 - ScanFile (C:\Documents and Settings\alessio\Dati applicazioni\Qualcomm\Eudora\attach\scansioni.zip) took 10984 ms
15 feb 2012 19:05:44 - ScanFile (C:\Documents and Settings\alessio\Dati applicazioni\Qualcomm\Eudora\In.mbx) took 10156 ms
15 feb 2012 19:05:53 - ScanFile (C:\Documents and Settings\alessio\Dati applicazioni\Qualcomm\Eudora\Out.mbx) took 7266 ms
15 feb 2012 19:06:01 - ScanFile (C:\Documents and Settings\alessio\Dati applicazioni\Qualcomm\Eudora\Out.mbx.001) took 7547 ms
15 feb 2012 19:07:45 - ScanFile (C:\Documents and Settings\alessio\Dati applicazioni\Sun\Java\jdk1.6.0_17\sj160170.cab) took 6828 ms
15 feb 2012 19:07:56 - ScanFile (C:\Documents and Settings\alessio\Dati applicazioni\Sun\Java\jdk1.6.0_17\st160170.cab) took 8047 ms
15 feb 2012 19:08:24 - ScanFile (C:\Documents and Settings\alessio\Desktop\BusinessKeyInfoCertLT.zip) took 7610 ms
15 feb 2012 19:13:24 - ScanFile (C:\Documents and Settings\alessio\Documenti\Musica\iTunes\iTunes Music\Mobile Applications\MyReef Lite 1.3.ipa) took 5547 ms
15 feb 2012 19:13:38 - ScanFile (C:\Documents and Settings\alessio\Documenti\Musica\iTunes\iTunes Music\Mobile Applications\Paper Toss 1.81.ipa) took 11469 ms
15 feb 2012 19:14:03 - ScanFile (C:\Documents and Settings\alessio\Documenti\Musica\iTunes\iTunes Music\Mobile Applications\Princess DU 1.1.ipa) took 24860 ms
15 feb 2012 19:14:03 - Scansione di C:\Documents and Settings\alessio\Documenti\Musica\iTunes\iTunes Music\Mobile Applications\Princess DU 1.1.ipa in time out!!!
15 feb 2012 19:14:17 - ScanFile (C:\Documents and Settings\alessio\Documenti\Musica\iTunes\iTunes Music\Mobile Applications\Songsterr+ 1.3.ipa) took 6891 ms
15 feb 2012 19:14:35 - ScanFile (C:\Documents and Settings\alessio\Documenti\Musica\iTunes\iTunes Music\Mobile Applications\SoundHound 3.6.2.ipa) took 17266 ms
15 feb 2012 19:14:57 - ScanFile (C:\Documents and Settings\alessio\Documenti\Musica\iTunes\iTunes Music\Mobile Applications\stellarium 1.4.ipa) took 21938 ms
15 feb 2012 19:14:57 - Scansione di C:\Documents and Settings\alessio\Documenti\Musica\iTunes\iTunes Music\Mobile Applications\stellarium 1.4.ipa in time out!!!
15 feb 2012 19:15:02 - ScanFile (C:\Documents and Settings\alessio\Documenti\Musica\iTunes\iTunes Music\Mobile Applications\TexasHoldem 1.22.ipa) took 5187 ms
15 feb 2012 19:18:06 - C:\Documents and Settings\alessio\Impostazioni locali\Temp\JET6154.tmp non scansionato. Probabilmente protetto da password...
15 feb 2012 19:19:00 - Scansione file C:\Documents and Settings\alessio\Preferiti\web colori\v Teoria dei colori e combinazioni di colori per grafiche perfette.url
15 feb 2012 19:19:00 - ERROR(3)!!! ScanFile fails for C:\Documents and Settings\alessio\Preferiti\web colori\v Teoria dei colori e combinazioni di colori per grafiche perfette.url
15 feb 2012 19:20:33 - ScanFile (C:\Documents and Settings\All Users\Dati applicazioni\Apple\Installer Cache\AppleApplicationSupport 1.3.0\AppleApplicationSupport.msi) took 5875 ms
15 feb 2012 19:20:56 - ScanFile (C:\Documents and Settings\All Users\Dati applicazioni\Apple\Installer Cache\AppleApplicationSupport 2.1.5\AppleApplicationSupport.msi) took 5829 ms
15 feb 2012 19:21:34 - ScanFile (C:\Documents and Settings\All Users\Dati applicazioni\Apple Computer\Installer Cache\Safari 4.30.17.0\Safari.msi) took 5922 ms
15 feb 2012 19:21:40 - ScanFile (C:\Documents and Settings\All Users\Dati applicazioni\Apple Computer\Installer Cache\Safari 4.30.19.1\Safari.msi) took 5593 ms
15 feb 2012 19:21:56 - ScanFile (C:\Documents and Settings\All Users\Dati applicazioni\Apple Computer\Installer Cache\Safari 5.31.22.7\Safari.msi) took 9828 ms
15 feb 2012 19:23:45 - ScanFile (C:\Documents and Settings\All Users\Dati applicazioni\Installations\{4D568C38-0552-4CDD-A643-01FAFA2957EF}\Packages\PCCS\Setup\PCCS.msi) took 8172 ms
15 feb 2012 19:24:12 - C:\Documents and Settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\MiniMessage\3 non scansionato. Probabilmente protetto da password...
15 feb 2012 19:25:29 - ScanFile (C:\Documents and Settings\All Users\Dati applicazioni\Skype\{5335DADB-34BA-4AE8-A519-648D78498846}\Skype.msi) took 6672 ms
15 feb 2012 19:25:42 - ScanFile (C:\Documents and Settings\All Users\Dati applicazioni\Skype\{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}\Skype.msi) took 11407 ms
15 feb 2012 19:26:05 - ScanFile (C:\Documents and Settings\All Users\Dati applicazioni\Skype\{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}\Skype.msi) took 5906 ms
15 feb 2012 19:26:23 - ***** Scansione completa. *****
15 feb 2012 19:26:23 - Numero totale di file scansionati: 60730
15 feb 2012 19:26:23 - Numero totale di virus trovati: 0
15 feb 2012 19:26:23 - Numero totale di file disinfettati: 0
15 feb 2012 19:26:23 - Numero totale di file rinominati: 0
15 feb 2012 19:26:23 - Numero totale di file eliminati: 0
15 feb 2012 19:26:23 - Numero totale di errori: 0
15 feb 2012 19:26:23 - Tempo trascorso: 00:36:20
15 feb 2012 19:26:23 - Scansione completata.
15 feb 2012 19:26:23 - Uninitializing Scanner (3)...
15 feb 2012 19:26:23 - Freeing Libraries (3)...
15 feb 2012 19:26:23 - AV Library Unloaded (3)...0 -
eScan still block this tool:
16/02/2012 11:48:12"C:\System Volume Information\_restore{44E71B91-1B5E-4BA4-8235-84C259ED1B68}\RP509\A0068411.exe","Infetto da virus: Tool-NirCmd.TE (ES)","File Quarantined"
is it still the false positive from ComboFix? I think so.
a.0 -
Yes, it is the same false positive.
Install Skype and let us see what happens.0 -
ok.
I'll let you know.
Hope the sun shines up there in the north...0 -
Unfortunately not today, instead it was not very cold during the night /wink.png' class='bbc_emoticon' alt=';)' /> But I certainly hope it is a lot warmer than -2 degrees in Italy. 0 -
...not so cold in the night... did you light some fire, eh? /tongue.png' class='bbc_emoticon' alt=':P' />
Well CecilB, I installed Skype and it seems everything work right.
Except one little problem: my PC's became even slow than a turtle while surfing internet, and all time pop up message that I'm visualisating protect internet page, ecc...
May be I have to many security sistems on.
What I have to di with combofix and all the other stuff I installed.
p.s.: in this time here we are 10 degrees below 0, it's not so hot... except in the night of course using an hot eiderdown... /biggrin.png' class='bbc_emoticon' alt=':D' />0 -
-10 degrees, that is colder than here! /ohmy.png' class='bbc_emoticon' alt=':o' />
I guess, you are not in the southern part of Italy then /wink.png' class='bbc_emoticon' alt=';)' />
Then we do some more checks.
Please, install another web browser to check if the problem is browser or computer related. Select if you want to try Opera, Google Chrome or Firefox.
Run an online scan with Eset http://www.eset.com/onlinescan/
To shorten the scanning time disable your antivirus program while scanning.
Un-check "Remove found threats"
Check "Scan Archives"
Click "Advanced Settings"
Check:
Scan for potentially unwanted applications
Scan for potentially unsafe applications
Enable Anti-Stealth Technology
Click Scan
When the scan completes the log file C:\Program\Eset\Eset Online Scanner\log.txt is created. Open it in Notepad and paste its content in your answer.0 -
So dear CeciliaB, I did my homeworks and here the outcome.
Still sick! /huh.png' class='bbc_emoticon' alt=':huh:' />
doctor tell me the truth, shall I see the sun tomorrow?
log you asked for:
[email="ESETSmartInstaller@High"]ESETSmartInstaller@High[/email] as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=a3c968402e4ad340a2ef882338888427
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-02-17 04:28:10
# local_time=2012-02-17 05:28:10 (+0100, ora solare Europa occidentale)
# country="Italy"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 67477455 67477455 0 0
# compatibility_mode=1024 16777215 100 0 72063448 72063448 0 0
# compatibility_mode=8192 67108863 100 0 3839 3839 0 0
# compatibility_mode=8961 16777189 75 59 4991 124836390 0 0
# scanned=199535
# found=4
# cleaned=0
# scan_time=8032
C:\System Volume Information\_restore{44E71B91-1B5E-4BA4-8235-84C259ED1B68}\RP506\A0067957.exe a variant of Win32/HackTool.Patcher.A application (unable to clean) 00000000000000000000000000000000 I
C:\System Volume Information\_restore{44E71B91-1B5E-4BA4-8235-84C259ED1B68}\RP506\A0067959.exe a variant of Win32/HackTool.Patcher.A application (unable to clean) 00000000000000000000000000000000 I
C:\System Volume Information\_restore{44E71B91-1B5E-4BA4-8235-84C259ED1B68}\RP506\A0068096.exe a variant of Win32/HackTool.Patcher.D application (unable to clean) 00000000000000000000000000000000 I
C:\System Volume Information\_restore{44E71B91-1B5E-4BA4-8235-84C259ED1B68}\RP506\A0068114.exe a variant of Win32/HackTool.Patcher.D application (unable to clean) 00000000000000000000000000000000 I0 -
Yes, I tried another browser - Firefox and it's not much better. I have to say that the browsers are not always slow.
Yes I use a router to connect to internet and yes I have several computers, but the others don't seems to have the same problem.
I'll do the work by Combofix, then I'll let you know.
t.0 -
Hi toros /smile.png' class='bbc_emoticon' alt=':)' />
Those files are not active and will not do anything.
Have you tried another browser?
If possible, take a screen shot (PrintScreen) of the pop-up message in the browser, including what web page you are visiting.
Are you using a router to connect to internet?
Do you have several computers? Do they all have the same problem?
Delete the ComboFix you have and download the latest version (same link as before). Run it in the same way and post its log.0 -
How is it going, toros? 0 -
Hi CeciliaB,
here it is the ComboFix log.
Only to let you know Skype seems to work proper, and it doesn't send any unwanted message or link to anyone.
When I use IE in some sites it warn me about I'm in a protect page... the message I sent the printscreen... and it is a little noisy, but I suppose it is due to protection settings.
For the rest here it's raining...
toros.
ComboFix 12-02-19.02 - alessio 20/02/2012 12.44.57.6.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.2047.1113 [GMT 1:00]
Eseguito da: c:\documents and settings\alessio\Desktop\ComboFix.exe
AV: eScan Anti-Virus (AV) Edition per Windows *Disabled/Updated* {E25EE26A-7512-411E-BAF6-D9AFA504A475}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
FW: eScan Anti-Virus (AV) Edition per Windows *Disabled* {E25EE26A-7512-411E-BAF6-D9AFA504A475}
* Creato nuovo punto di ripristino
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\regedit.com
c:\windows\system32\taskmgr.com
.
.
((((((((((((((((((((((((( Files Creati Da 2012-01-20 al 2012-02-20 )))))))))))))))))))))))))))))))))))
.
.
2012-02-17 14:10 . 2012-02-17 14:10 -------- d-----w- c:\programmi\ESET
2012-02-16 11:50 . 2012-02-16 11:50 -------- d-----w- c:\programmi\File comuni\Skype
2012-02-15 16:32 . 2012-01-11 19:06 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-02-15 16:32 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll
2012-02-08 16:09 . 2012-02-08 10:36 16432 ----a-w- c:\windows\system32\lsdelete.exe
2012-02-08 10:36 . 2012-02-08 10:36 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2012-02-08 10:29 . 2011-12-23 06:12 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2012-02-08 10:29 . 2012-02-08 10:29 -------- d-----w- c:\programmi\Lavasoft
2012-02-02 11:04 . 2012-02-02 11:04 388096 ----a-r- c:\documents and settings\alessio\Dati applicazioni\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-01-31 17:00 . 2006-06-14 12:53 29184 ----a-w- c:\windows\system32\drivers\usbccid.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-15 15:40 . 2012-02-15 15:39 17157099 ----a-w- c:\windows\REGBK02.ZIP
2012-01-12 17:20 . 2007-08-02 12:00 1859968 ----a-w- c:\windows\system32\win32k.sys
2012-01-11 08:07 . 2011-08-02 06:56 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-30 08:49 . 2011-03-15 12:18 1045000 ----a-w- c:\windows\system32\test2.exe
2011-12-21 12:00 . 2011-12-21 12:00 54016 ----a-w- c:\windows\system32\drivers\cdsa.sys
2011-12-21 08:06 . 2010-05-05 15:57 1858056 ----a-w- c:\windows\system32\contfilt.dll
2011-12-21 08:06 . 2011-12-21 08:06 572928 ----a-w- c:\windows\system32\msvcp90.dll
2011-12-21 08:06 . 2011-12-21 08:06 655872 ----a-w- c:\windows\system32\msvcr90.dll
2011-12-17 19:43 . 2007-08-02 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2011-12-17 19:43 . 2007-08-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-12-17 19:43 . 2007-08-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-12-16 12:22 . 2007-08-02 12:00 385024 ----a-w- c:\windows\system32\html.iec
2011-12-10 14:24 . 2011-03-21 09:21 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-25 21:57 . 2007-08-02 12:00 293888 ----a-w- c:\windows\system32\winsrv.dll
2012-02-16 15:07 . 2012-02-17 13:41 134104 ----a-w- c:\programmi\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( [email="SnapShot@2012-02-15_09.01.11"]SnapShot@2012-02-15_09.01.11[/email] )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-02-20 07:53 . 2012-02-20 07:53 16384 c:\windows\Temp\Perflib_Perfdata_570.dat
- 2007-08-02 12:00 . 2012-01-11 18:06 85424 c:\windows\system32\perfc010.dat
+ 2007-08-02 12:00 . 2012-02-15 16:37 85424 c:\windows\system32\perfc010.dat
- 2007-08-02 12:00 . 2012-01-11 18:06 72274 c:\windows\system32\perfc009.dat
+ 2007-08-02 12:00 . 2012-02-15 16:37 72274 c:\windows\system32\perfc009.dat
+ 2007-08-02 12:00 . 2011-12-17 19:43 66560 c:\windows\system32\mshtmled.dll
- 2007-08-02 12:00 . 2011-11-04 19:13 66560 c:\windows\system32\mshtmled.dll
- 2006-11-07 19:03 . 2011-11-04 19:13 55296 c:\windows\system32\msfeedsbs.dll
+ 2006-11-07 19:03 . 2011-12-17 19:43 55296 c:\windows\system32\msfeedsbs.dll
- 2007-08-02 12:00 . 2011-11-04 19:13 25600 c:\windows\system32\jsproxy.dll
+ 2007-08-02 12:00 . 2011-12-17 19:43 25600 c:\windows\system32\jsproxy.dll
- 2009-06-12 06:51 . 2011-11-04 19:13 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2009-06-12 06:51 . 2011-12-17 19:43 12800 c:\windows\system32\dllcache\xpshims.dll
- 2007-08-02 12:00 . 2011-11-04 19:13 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2007-08-02 12:00 . 2011-12-17 19:43 66560 c:\windows\system32\dllcache\mshtmled.dll
- 2007-10-10 23:49 . 2011-11-04 19:13 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2007-10-10 23:49 . 2011-12-17 19:43 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2007-08-02 12:00 . 2011-11-04 19:13 43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2007-08-02 12:00 . 2011-12-17 19:43 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2007-08-02 12:00 . 2011-11-04 19:13 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2007-08-02 12:00 . 2011-12-17 19:43 25600 c:\windows\system32\dllcache\jsproxy.dll
- 2010-01-12 12:15 . 2012-02-15 08:16 32768 c:\windows\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-12 12:15 . 2012-02-20 07:55 32768 c:\windows\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat
- 2007-10-19 08:47 . 2012-02-15 08:16 32768 c:\windows\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\index.dat
+ 2007-10-19 08:47 . 2012-02-20 07:55 32768 c:\windows\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\index.dat
- 2010-01-13 17:23 . 2012-02-15 08:16 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2012-02-15 17:19 . 2012-02-20 07:55 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2010-05-11 08:22 . 2012-02-15 16:34 35088 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\oisicon.exe
- 2010-05-11 08:22 . 2012-01-27 08:29 35088 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\oisicon.exe
- 2010-05-11 08:22 . 2012-01-27 08:29 18704 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\mspicons.exe
+ 2010-05-11 08:22 . 2012-02-15 16:34 18704 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\mspicons.exe
- 2010-05-11 08:22 . 2012-01-27 08:29 20240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\cagicon.exe
+ 2010-05-11 08:22 . 2012-02-15 16:34 20240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\cagicon.exe
+ 2010-06-04 15:01 . 2012-02-15 16:45 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
- 2010-06-04 15:01 . 2011-10-13 07:06 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2012-02-15 16:39 . 2011-11-04 19:13 12800 c:\windows\ie8updates\KB2647516-IE8\xpshims.dll
+ 2012-02-15 16:39 . 2011-11-04 19:13 66560 c:\windows\ie8updates\KB2647516-IE8\mshtmled.dll
+ 2012-02-15 16:39 . 2011-11-04 19:13 55296 c:\windows\ie8updates\KB2647516-IE8\msfeedsbs.dll
+ 2012-02-15 16:39 . 2011-11-04 19:13 43520 c:\windows\ie8updates\KB2647516-IE8\licmgr10.dll
+ 2012-02-15 16:39 . 2011-11-04 19:13 25600 c:\windows\ie8updates\KB2647516-IE8\jsproxy.dll
+ 2012-02-15 17:42 . 2012-02-15 17:42 80384 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\36512431748c2695b18a5280fda1a94b\WindowsFormsIntegration.Package.ni.dll
+ 2012-02-15 18:26 . 2012-02-15 18:26 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\dab766b18e6fe0a8f53a93c56be7b40e\System.Windows.Presentation.ni.dll
+ 2012-02-15 18:26 . 2012-02-15 18:26 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\31b65443e56a470d199f293085576e05\System.Web.DynamicData.Design.ni.dll
+ 2012-02-15 18:25 . 2012-02-15 18:25 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\89dfd3999ad1d72c59243d7b4bf40d5a\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-02-15 16:39 . 2012-02-15 16:39 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\3aa4296d4aa01fe0533de2c15f818d5f\PresentationFontCache.ni.exe
+ 2012-02-15 16:38 . 2012-02-15 16:38 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\820acb71782d9cd006800b3ac7e1ca53\PresentationCFFRasterizer.ni.dll
+ 2012-02-15 18:26 . 2012-02-15 18:26 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\d07f0222f62dbed7898a6e2e909d407a\Microsoft.Vsa.ni.dll
+ 2012-02-15 18:25 . 2012-02-15 18:25 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\f8fff7230acf6235bee6c577a7fcbb96\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.ni.dll
+ 2012-02-15 18:25 . 2012-02-15 18:25 53760 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\01cc8d2ed8e363a2e9afd1174088d2b1\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v9.0.ni.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2012-01-11 18:06 . 2012-01-11 18:06 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2007-08-02 12:00 . 2011-12-17 19:43 105984 c:\windows\system32\url.dll
- 2007-08-02 12:00 . 2011-11-04 19:13 105984 c:\windows\system32\url.dll
- 2007-08-02 12:00 . 2012-01-11 18:06 491866 c:\windows\system32\perfh010.dat
+ 2007-08-02 12:00 . 2012-02-15 16:37 491866 c:\windows\system32\perfh010.dat
- 2007-08-02 12:00 . 2012-01-11 18:06 444016 c:\windows\system32\perfh009.dat
+ 2007-08-02 12:00 . 2012-02-15 16:37 444016 c:\windows\system32\perfh009.dat
+ 2007-08-02 12:00 . 2011-12-17 19:43 206848 c:\windows\system32\occache.dll
- 2007-08-02 12:00 . 2011-11-04 19:13 206848 c:\windows\system32\occache.dll
+ 2007-08-02 12:00 . 2011-12-17 19:43 611840 c:\windows\system32\mstime.dll
- 2007-08-02 12:00 . 2011-11-04 19:13 611840 c:\windows\system32\mstime.dll
+ 2006-11-07 19:03 . 2011-12-17 19:43 602112 c:\windows\system32\msfeeds.dll
- 2006-11-07 19:03 . 2011-11-04 19:13 602112 c:\windows\system32\msfeeds.dll
+ 2007-08-02 12:00 . 2011-12-17 19:43 184320 c:\windows\system32\iepeers.dll
- 2007-08-02 12:00 . 2011-11-04 19:13 184320 c:\windows\system32\iepeers.dll
+ 2007-08-02 12:00 . 2011-12-17 19:43 387584 c:\windows\system32\iedkcs32.dll
- 2007-08-02 12:00 . 2011-11-04 19:13 387584 c:\windows\system32\iedkcs32.dll
- 2007-08-02 12:00 . 2011-11-04 11:24 174080 c:\windows\system32\ie4uinit.exe
+ 2007-08-02 12:00 . 2011-12-16 12:23 174080 c:\windows\system32\ie4uinit.exe
- 2007-10-19 10:34 . 2011-12-14 09:13 466800 c:\windows\system32\FNTCACHE.DAT
+ 2007-10-19 10:34 . 2012-02-15 16:48 466800 c:\windows\system32\FNTCACHE.DAT
+ 2007-08-02 12:00 . 2011-12-17 19:43 916992 c:\windows\system32\dllcache\wininet.dll
- 2007-08-02 12:00 . 2011-11-04 19:13 916992 c:\windows\system32\dllcache\wininet.dll
- 2007-08-02 12:00 . 2011-11-04 19:13 105984 c:\windows\system32\dllcache\url.dll
+ 2007-08-02 12:00 . 2011-12-17 19:43 105984 c:\windows\system32\dllcache\url.dll
- 2007-08-02 12:00 . 2011-11-04 19:13 206848 c:\windows\system32\dllcache\occache.dll
+ 2007-08-02 12:00 . 2011-12-17 19:43 206848 c:\windows\system32\dllcache\occache.dll
+ 2007-08-02 12:00 . 2011-12-17 19:43 611840 c:\windows\system32\dllcache\mstime.dll
- 2007-08-02 12:00 . 2011-11-04 19:13 611840 c:\windows\system32\dllcache\mstime.dll
+ 2007-10-10 23:49 . 2011-12-17 19:43 602112 c:\windows\system32\dllcache\msfeeds.dll
- 2007-10-10 23:49 . 2011-11-04 19:13 602112 c:\windows\system32\dllcache\msfeeds.dll
- 2009-06-12 06:51 . 2011-11-04 19:13 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2009-06-12 06:51 . 2011-12-17 19:43 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2007-08-02 12:00 . 2011-12-17 19:43 184320 c:\windows\system32\dllcache\iepeers.dll
- 2007-08-02 12:00 . 2011-11-04 19:13 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2010-06-09 04:13 . 2011-12-17 19:43 743424 c:\windows\system32\dllcache\iedvtool.dll
- 2010-06-09 04:13 . 2011-11-04 19:13 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2007-08-02 12:00 . 2011-12-17 19:43 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2007-08-02 12:00 . 2011-11-04 19:13 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2007-08-02 12:00 . 2011-11-04 11:24 174080 c:\windows\system32\dllcache\ie4uinit.exe
+ 2007-08-02 12:00 . 2011-12-16 12:23 174080 c:\windows\system32\dllcache\ie4uinit.exe
+ 2012-02-16 11:50 . 2012-02-16 11:50 371272 c:\windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe
- 2010-05-11 08:22 . 2012-01-27 08:29 888080 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\wordicon.exe
+ 2010-05-11 08:22 . 2012-02-15 16:34 888080 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\wordicon.exe
+ 2010-05-11 08:22 . 2012-02-15 16:34 272648 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pubs.exe
- 2010-05-11 08:22 . 2012-01-27 08:29 272648 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pubs.exe
- 2010-05-11 08:22 . 2012-01-27 08:29 922384 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pptico.exe
+ 2010-05-11 08:22 . 2012-02-15 16:34 922384 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pptico.exe
+ 2010-05-11 08:22 . 2012-02-15 16:34 845584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\outicon.exe
- 2010-05-11 08:22 . 2012-01-27 08:29 845584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\outicon.exe
+ 2010-05-11 08:22 . 2012-02-15 16:34 217864 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\misc.exe
- 2010-05-11 08:22 . 2012-01-27 08:29 217864 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\misc.exe
+ 2012-02-15 16:39 . 2011-11-04 19:13 916992 c:\windows\ie8updates\KB2647516-IE8\wininet.dll
+ 2012-02-15 16:39 . 2011-11-04 19:13 105984 c:\windows\ie8updates\KB2647516-IE8\url.dll
+ 2012-02-15 16:39 . 2010-07-05 13:20 402296 c:\windows\ie8updates\KB2647516-IE8\spuninst\updspapi.dll
+ 2012-02-15 16:39 . 2010-07-05 13:19 233848 c:\windows\ie8updates\KB2647516-IE8\spuninst\spuninst.exe
+ 2012-02-15 16:39 . 2011-11-04 19:13 206848 c:\windows\ie8updates\KB2647516-IE8\occache.dll
+ 2012-02-15 16:39 . 2011-11-04 19:13 611840 c:\windows\ie8updates\KB2647516-IE8\mstime.dll
+ 2012-02-15 16:39 . 2011-11-04 19:13 602112 c:\windows\ie8updates\KB2647516-IE8\msfeeds.dll
+ 2012-02-15 16:39 . 2011-11-04 19:13 247808 c:\windows\ie8updates\KB2647516-IE8\ieproxy.dll
+ 2012-02-15 16:39 . 2011-11-04 19:13 184320 c:\windows\ie8updates\KB2647516-IE8\iepeers.dll
+ 2012-02-15 16:39 . 2011-11-04 19:13 743424 c:\windows\ie8updates\KB2647516-IE8\iedvtool.dll
+ 2012-02-15 16:39 . 2011-11-04 19:13 387584 c:\windows\ie8updates\KB2647516-IE8\iedkcs32.dll
+ 2012-02-15 16:39 . 2011-11-04 11:24 174080 c:\windows\ie8updates\KB2647516-IE8\ie4uinit.exe
+ 2012-02-15 18:24 . 2012-02-15 18:24 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\edc5691acfb65ac37f49de2ec497083a\WsatConfig.ni.exe
+ 2012-02-15 17:42 . 2012-02-15 17:42 198656 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\646b155ad752b35ae7c96136452a6682\WindowsFormsIntegration.Design.ni.dll
+ 2012-02-15 16:41 . 2012-02-15 16:41 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\4ad8369d6a60765d7e9b43cdf9023f41\WindowsFormsIntegration.ni.dll
+ 2012-02-15 16:41 . 2012-02-15 16:41 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\68f4157e570c77df653057c0583395bd\UIAutomationClient.ni.dll
+ 2012-02-15 18:27 . 2012-02-15 18:27 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\c2a12bd4056b44f8005a7eb3af161e6a\System.Xml.Linq.ni.dll
+ 2012-02-15 18:26 . 2012-02-15 18:26 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\fc63b434b2f253cd27625487f7b02ac0\System.Web.Routing.ni.dll
+ 2012-02-15 16:40 . 2012-02-15 16:40 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\67877f896b2b0e42286e838fe307f3fd\System.Web.RegularExpressions.ni.dll
+ 2012-02-15 18:26 . 2012-02-15 18:26 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\86650d4fb220f94f25bb5da42a03d454\System.Web.Extensions.Design.ni.dll
+ 2012-02-15 18:26 . 2012-02-15 18:26 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\654465871e547e131668874de7c60b8c\System.Web.Entity.ni.dll
+ 2012-02-15 18:26 . 2012-02-15 18:26 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\f0d6895f6e709d425cb5da6053c603d2\System.Web.Entity.Design.ni.dll
+ 2012-02-15 18:26 . 2012-02-15 18:26 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\3f3b7dc7208e302e39a2dfb5b2cb953b\System.Web.DynamicData.ni.dll
+ 2012-02-15 18:26 . 2012-02-15 18:26 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\e9cddd213343f15d611b14620d649bb0\System.Web.Abstractions.ni.dll
+ 2012-02-15 16:40 . 2012-02-15 16:40 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\f25d114cb629d1f512f98883c6535a75\System.Transactions.ni.dll
+ 2012-02-15 16:40 . 2012-02-15 16:40 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\11dcb806c92f55111f5fa9f1a90e3bdd\System.ServiceProcess.ni.dll
+ 2012-02-15 16:38 . 2012-02-15 16:38 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\5fb9981f4147b537b53be9d58bf4e9b4\System.Security.ni.dll
+ 2012-02-15 16:39 . 2012-02-15 16:39 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1335dd98ce5ce22ad1f51cc274ca5a1d\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-02-15 16:40 . 2012-02-15 16:40 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\c14e58265386feb509cc61bb5e8dd296\System.Runtime.Remoting.ni.dll
+ 2012-02-15 18:26 . 2012-02-15 18:26 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\a4b2b1ee81acd843970d9a81b281f1c1\System.Net.ni.dll
+ 2012-02-15 18:27 . 2012-02-15 18:27 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\ab7515dcbeff3f7d9533902e98278283\System.Messaging.ni.dll
+ 2012-02-15 18:26 . 2012-02-15 18:26 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\a2a14380e8c9149d5b212d0100ef588a\System.Management.ni.dll
+ 2012-02-15 18:26 . 2012-02-15 18:26 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\e3436edde657a5111d39d5b2eecf9715\System.Management.Instrumentation.ni.dll
+ 2012-02-15 17:42 . 2012-02-15 17:42 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\974ded7dd3bca225a1b90de778846c78\System.IO.Log.ni.dll
+ 2012-02-15 17:42 . 2012-02-15 17:42 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\01eba24390736a59c39becd825b5756e\System.IdentityModel.Selectors.ni.dll
+ 2012-02-15 16:40 . 2012-02-15 16:40 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\c0d15fb6308587fef8744d568e64bcda\System.EnterpriseServices.Wrapper.dll
+ 2012-02-15 16:40 . 2012-02-15 16:40 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\c0d15fb6308587fef8744d568e64bcda\System.EnterpriseServices.ni.dll
+ 2012-02-15 16:40 . 2012-02-15 16:40 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\e9ae7ae6d1e9edc7aaf819889cd1c692\System.Drawing.Design.ni.dll
+ 2012-02-15 16:40 . 2012-02-15 16:40 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\78a370dc153011708dd9e4cb0e606bfc\System.DirectoryServices.Protocols.ni.dll
+ 2012-02-15 18:26 . 2012-02-15 18:26 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\6e644fc7464d9fe23fc9cd6001296f2f\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-02-15 18:26 . 2012-02-15 18:26 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\bac39be66bb9f987c1948b766833f8e6\System.Data.Services.Client.ni.dll
+ 2012-02-15 18:26 . 2012-02-15 18:26 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\2b5ecd231320e57010043c408783d80b\System.Data.Services.Design.ni.dll
+ 2012-02-15 18:26 . 2012-02-15 18:26 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\4ac9ac2326720485aefd4d79d2024945\System.Data.Entity.Design.ni.dll
+ 2012-02-15 18:25 . 2012-02-15 18:25 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\d504d550fd0a6994fcb1466ea7be92af\System.Data.DataSetExtensions.ni.dll
+ 2012-02-15 16:38 . 2012-02-15 16:38 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\94a40f415bfa947e251888bbe88bb973\System.Configuration.ni.dll
+ 2012-02-15 16:40 . 2012-02-15 16:40 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\28637135c6939e74450bbbf110b12643\System.Configuration.Install.ni.dll
+ 2012-02-15 18:25 . 2012-02-15 18:25 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\958b5c0114d664ab5ba72575c301e2ea\System.AddIn.ni.dll
+ 2012-02-15 18:24 . 2012-02-15 18:24 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\4dcff3b0e79fc27e31549bb2af00efb5\SMSvcHost.ni.exe
+ 2012-02-15 18:24 . 2012-02-15 18:24 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\bd3bfd5b6ef659dac4d6cccb34577d33\SMDiagnostics.ni.dll
+ 2012-02-15 18:23 . 2012-02-15 18:23 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\edec83be646eb52204c991371751a428\ServiceModelReg.ni.exe
+ 2012-02-15 16:41 . 2012-02-15 16:41 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\52015457bc28e7a9a563d9eab8ab0015\PresentationFramework.Royale.ni.dll
+ 2012-02-15 16:40 . 2012-02-15 16:40 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\46a680814559114706a33282e9df4b7a\PresentationFramework.Classic.ni.dll
+ 2012-02-15 16:40 . 2012-02-15 16:40 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2713754549b1114c9152d33efe5f72c7\PresentationFramework.Aero.ni.dll
+ 2012-02-15 16:40 . 2012-02-15 16:40 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1552f18ca434c1dca6d082df476d089a\PresentationFramework.Luna.ni.dll
+ 2012-02-15 18:24 . 2012-02-15 18:24 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\7c51497b188c82e2ccbe6315549ce023\MSBuild.ni.exe
+ 2012-02-15 18:25 . 2012-02-15 18:25 503296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\bf3bd0194b870461a09735c36e6dfffe\Microsoft.Windows.Design.Interaction.ni.dll
+ 2012-02-15 18:25 . 2012-02-15 18:25 353792 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\b5c081a893cde7d1fd7652b190111e68\Microsoft.Windows.Design.ni.dll
+ 2012-02-15 18:25 . 2012-02-15 18:25 438272 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\82c89fd38600d9981fc66fa6f6011ac7\Microsoft.Windows.Design.Extensibility.ni.dll
+ 2012-02-15 18:25 . 2012-02-15 18:25 513024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\d90a7c6fffba0b8415581c895ca1d57b\Microsoft.VisualStudio.Shell.Design.ni.dll
+ 2012-02-15 18:25 . 2012-02-15 18:25 300032 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\c8c0a2110c45e2584491e9de8eea9502\Microsoft.VisualStudio.Tools.Applications.ProgrammingModel.ni.dll
+ 2012-02-15 18:25 . 2012-02-15 18:25 876032 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\bf2b5099314c1cb96f599423ea882d42\Microsoft.VisualStudio.Shell.9.0.ni.dll
+ 2012-02-15 18:25 . 2012-02-15 18:25 802304 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\b2406abddce6c3a1e9bfb275184d1ed6\Microsoft.VisualStudio.Tools.Applications.Project.ni.dll
+ 2012-02-15 18:25 . 2012-02-15 18:25 133120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\ab95dc164e3b4ad1af252223d9aedaac\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.ni.dll
+ 2012-02-15 18:24 . 2012-02-15 18:24 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\9c7cd92d7c472001ece0b69438ce2c29\Microsoft.VisualStudio.Configuration.ni.dll
+ 2012-02-15 18:25 . 2012-02-15 18:25 861696 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\95a03ac5af04596bc771941632d0ad44\Microsoft.VisualStudio.Modeling.Sdk.Shell.ni.dll
+ 2012-02-15 18:25 . 2012-02-15 18:25 173568 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\93136071d93d4edd595fba8af709d911\Microsoft.VisualStudio.TextTemplating.ni.dll
+ 2012-02-15 18:25 . 2012-02-15 18:25 198656 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\7659965597f1ec89f2333da8dd5875a9\Microsoft.VisualStudio.Tools.Applications.DesignTime.v9.0.ni.dll
+ 2012-02-15 18:25 . 2012-02-15 18:25 640512 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\6f92b2f9a9f3193401177ee70fa43ff6\Microsoft.VisualStudio.Xaml.LanguageService.ni.dll
+ 2012-02-15 18:25 . 2012-02-15 18:25 822272 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\52abef2731463bfe944ee2519b1d8ab9\Microsoft.VisualStudio.Shell.ni.dll
+ 2012-02-15 18:25 . 2012-02-15 18:25 159744 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\4d45a51e544fbcacc60e3e28fb90b457\Microsoft.VisualStudio.WizardFramework.ni.dll
+ 2012-02-15 18:25 . 2012-02-15 18:25 284672 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\4525e68f505f36fbbc7e0973ae702447\Microsoft.VisualStudio.Tools.Applications.Hosting.v9.0.ni.dll
+ 2012-02-15 18:25 . 2012-02-15 18:25 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\39f0c512d6b428ec976828633ba10c95\Microsoft.VisualStudio.TextTemplating.VSHost.ni.dll
+ 2012-02-15 18:25 . 2012-02-15 18:25 335872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\1a812c6b43ad9501cfe02da5e1ca3063\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v9.0.ni.dll
+ 2012-02-15 18:23 . 2012-02-15 18:23 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\f0f6dd614d294295c5d8386cc4192034\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-02-15 18:23 . 2012-02-15 18:23 472064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\ca0ea2d64ff5504a6b41942fa808c703\Microsoft.MapPoint.Rendering3D.Utility.ni.dll
+ 2012-02-15 18:23 . 2012-02-15 18:23 766976 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\b7d3dfadc0b912d87106a64a3423f8a7\Microsoft.MapPoint.Data.VirtualEarthTileDataSource.ni.dll
+ 2012-02-15 18:23 . 2012-02-15 18:23 344064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\a1f405ea07f90810c93748e395f4dcb1\Microsoft.MapPoint.Utility.ni.dll
+ 2012-02-15 18:23 . 2012-02-15 18:23 438272 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\83fe5a85df14c225af578b832ab8a440\Microsoft.MapPoint.MapControl3D.ni.dll
+ 2012-02-15 18:23 . 2012-02-15 18:23 411648 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\5c19cddb0d1f2c7b101e6c4715b5fdb9\Microsoft.MapPoint.Network.ni.dll
+ 2012-02-15 18:23 . 2012-02-15 18:23 340992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\440eb008d05eae6b8fe536a39e6bb49e\Microsoft.MapPoint.UtilityPartialTrust.ni.dll
+ 2012-02-15 16:38 . 2012-02-15 16:38 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\fd1338828beec8737fed8f50f4fcc567\Microsoft.Build.Utilities.ni.dll
+ 2012-02-15 18:24 . 2012-02-15 18:24 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\0d5f999c4b7e51151548c37c676c1b8e\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2012-02-15 18:24 . 2012-02-15 18:24 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\792168ce8fe03a3db43e12cf736cf91e\Microsoft.Build.Engine.ni.dll
+ 2012-02-15 18:24 . 2012-02-15 18:24 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\0a5277c34ddc1f55df1defb4231e814f\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2012-02-15 18:23 . 2012-02-15 18:23 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\a8df37aadb089f1f34d3d2f103966fbc\ComSvcConfig.ni.exe
+ 2012-02-15 17:41 . 2012-02-15 17:41 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\25ce400b547f517258c8afb0480390ea\AspNetMMCExt.ni.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2012-02-15 16:37 . 2012-02-15 16:37 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-02-15 16:37 . 2012-02-15 16:37 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2012-02-15 16:37 . 2012-02-15 16:37 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2007-08-02 12:00 . 2011-12-17 19:43 1212416 c:\windows\system32\urlmon.dll
- 2007-08-02 12:00 . 2011-11-04 19:13 1212416 c:\windows\system32\urlmon.dll
+ 2007-08-02 12:00 . 2011-12-17 19:43 5979136 c:\windows\system32\mshtml.dll
- 2006-10-17 09:57 . 2011-11-04 19:13 2000384 c:\windows\system32\iertutil.dll
+ 2006-10-17 09:57 . 2011-12-17 19:43 2000384 c:\windows\system32\iertutil.dll
+ 2008-10-15 06:58 . 2012-01-12 17:20 1859968 c:\windows\system32\dllcache\win32k.sys
- 2007-08-02 12:00 . 2011-11-04 19:13 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2007-08-02 12:00 . 2011-12-17 19:43 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2007-08-02 12:00 . 2011-12-17 19:43 5979136 c:\windows\system32\dllcache\mshtml.dll
+ 2007-10-10 23:49 . 2011-12-17 19:43 2000384 c:\windows\system32\dllcache\iertutil.dll
- 2007-10-10 23:49 . 2011-11-04 19:13 2000384 c:\windows\system32\dllcache\iertutil.dll
+ 2011-10-26 02:39 . 2011-10-26 02:39 3186688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2012-02-16 11:51 . 2012-02-16 11:51 1252864 c:\windows\Installer\a39773.msi
+ 2012-02-16 11:50 . 2012-02-16 11:50 1605120 c:\windows\Installer\a39769.msi
+ 2011-10-30 21:54 . 2011-10-30 21:54 2748416 c:\windows\Installer\375476.msp
+ 2012-02-03 14:13 . 2012-02-03 14:13 4988928 c:\windows\Installer\37546f.msp
+ 2010-05-11 08:22 . 2012-02-15 16:34 1172240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\xlicons.exe
- 2010-05-11 08:22 . 2012-01-27 08:29 1172240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\xlicons.exe
+ 2010-05-11 08:22 . 2012-02-15 16:34 1165584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\accicons.exe
- 2010-05-11 08:22 . 2012-01-27 08:29 1165584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\accicons.exe
+ 2012-02-15 16:39 . 2011-11-04 19:13 1212416 c:\windows\ie8updates\KB2647516-IE8\urlmon.dll
+ 2012-02-15 16:39 . 2011-11-04 19:13 5978112 c:\windows\ie8updates\KB2647516-IE8\mshtml.dll
+ 2012-02-15 16:39 . 2011-11-04 19:13 2000384 c:\windows\ie8updates\KB2647516-IE8\iertutil.dll
+ 2012-02-15 16:38 . 2012-02-15 16:38 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\174c2f776741812aed02c337bbcd1dae\WindowsBase.ni.dll
+ 2012-02-15 16:41 . 2012-02-15 16:41 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\94f5164ff4f664c5e4e7fb4c3af1abad\UIAutomationClientsideProviders.ni.dll
+ 2012-02-15 16:37 . 2012-02-15 16:37 7953408 c:\windows\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll
+ 2012-02-15 16:38 . 2012-02-15 16:38 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\77e1279cbf4eecfb0284b63316fe43fe\System.Xml.ni.dll
+ 2012-02-15 18:27 . 2012-02-15 18:27 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\c4c671c737b553db8e07664816475333\System.WorkflowServices.ni.dll
+ 2012-02-15 18:27 . 2012-02-15 18:27 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\248ea47105ff4af6ee75e6fdd5b450a1\System.Workflow.Runtime.ni.dll
+ 2012-02-15 18:27 . 2012-02-15 18:27 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\80a288b6611668160334668cc2608e4a\System.Workflow.ComponentModel.ni.dll
+ 2012-02-15 18:26 . 2012-02-15 18:26 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\4c27548df5897320840ee0d65db38742\System.Workflow.Activities.ni.dll
+ 2012-02-15 16:40 . 2012-02-15 16:40 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\e9ba004858dcdb5958d86f26f043f85a\System.Web.Services.ni.dll
+ 2012-02-15 18:26 . 2012-02-15 18:26 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\030cde14924eefebc06c240dbfe093a4\System.Web.Mobile.ni.dll
+ 2012-02-15 18:26 . 2012-02-15 18:26 2405888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\6379c8ca8ae11effb415139990923ff1\System.Web.Extensions.ni.dll
+ 2012-02-15 16:41 . 2012-02-15 16:41 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\e456140d5d6c43d7383bd36d3f9e12c6\System.Speech.ni.dll
+ 2012-02-15 18:26 . 2012-02-15 18:26 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\285dfbf2380436e187cb624bd1cd4683\System.ServiceModel.Web.ni.dll
+ 2012-02-15 17:42 . 2012-02-15 17:42 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f2532204217dc10f152afd077b09927c\System.Runtime.Serialization.ni.dll
+ 2012-02-15 16:40 . 2012-02-15 16:40 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\d51e6bb07124a1d780d1e024858e0dc1\System.Printing.ni.dll
+ 2012-02-15 17:42 . 2012-02-15 17:42 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\8ef05061cd205c4f2a8583d97f32a603\System.IdentityModel.ni.dll
+ 2012-02-15 16:39 . 2012-02-15 16:39 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9351cf29bb1ba951e45a9b3b0edab937\System.Drawing.ni.dll
+ 2012-02-15 16:40 . 2012-02-15 16:40 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\77d0e93f024055d04c07cc2700b4c590\System.DirectoryServices.ni.dll
+ 2012-02-15 16:38 . 2012-02-15 16:39 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\707a05a7d5a8d99dd56d1d50311a60d2\System.Deployment.ni.dll
+ 2012-02-15 16:40 . 2012-02-15 16:40 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\ae888f8633fce3ff1de98e32bce0abbf\System.Data.ni.dll
+ 2012-02-15 16:38 . 2012-02-15 16:38 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\857300fa64d09c69125451fd8894f3da\System.Data.SqlXml.ni.dll
+ 2012-02-15 18:26 . 2012-02-15 18:26 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\e9d4a1fb13572c769ddd9b86e55baab4\System.Data.Services.ni.dll
+ 2012-02-15 16:40 . 2012-02-15 16:40 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\3f2e74586111fb32d5edc059f709fa94\System.Data.OracleClient.ni.dll
+ 2012-02-15 16:41 . 2012-02-15 16:41 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c3d9c33f71d15a3e2e240092a244eba3\System.Data.Linq.ni.dll
+ 2012-02-15 18:26 . 2012-02-15 18:26 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\424160369b301ccd1b6fd86265611955\System.Data.Entity.ni.dll
+ 2012-02-15 16:41 . 2012-02-15 16:41 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\0a6d6717e76be12295711ff02c7aa1d4\System.Core.ni.dll
+ 2012-02-15 16:40 . 2012-02-15 16:40 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\33cdfb4c322a528260016ac759230501\ReachFramework.ni.dll
+ 2012-02-15 16:39 . 2012-02-15 16:39 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\a6def83aee1aaf3336675ce58ac09013\PresentationUI.ni.dll
+ 2012-02-15 16:38 . 2012-02-15 16:38 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\59cd6ce5a254006179eee92952cd2272\PresentationBuildTasks.ni.dll
+ 2012-02-15 18:25 . 2012-02-15 18:25 2855424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\f37693d9850da4bc6af64d65daa8804e\Microsoft.Windows.Design.Developer.ni.dll
+ 2012-02-15 18:25 . 2012-02-15 18:25 3152384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\e46fc91a242dd0fedb64a76cab7c3eab\Microsoft.Windows.Design.Markup.ni.dll
+ 2012-02-15 18:25 . 2012-02-15 18:25 1515008 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\b86f3569d31a623991995585ed79fc07\Microsoft.VisualStudio.Modeling.Sdk.ni.dll
+ 2012-02-15 18:25 . 2012-02-15 18:25 2383360 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\a3ff013e036512cc5ad1325f5c939612\Microsoft.VisualStudio.Modeling.Sdk.Diagrams.ni.dll
+ 2012-02-15 18:24 . 2012-02-15 18:24 1873920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\62f4381d606350834a4113a67a4bfdd7\Microsoft.VisualStudio.CommonIDE.ni.dll
+ 2012-02-15 18:25 . 2012-02-15 18:25 1298944 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\2151f451631398234e95d971bc0c9c48\Microsoft.VisualStudio.Tools.Applications.Adapter.v9.0.ni.dll
+ 2012-02-15 18:24 . 2012-02-15 18:24 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\96e485c02ad346a2bd26a635e7fcb023\Microsoft.VisualBasic.ni.dll
+ 2012-02-15 18:23 . 2012-02-15 18:23 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\f7071f9a1c0523540f6aa7f11c302fb6\Microsoft.Transactions.Bridge.ni.dll
+ 2012-02-15 18:23 . 2012-02-15 18:23 1949184 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\e0ef30fd9c6ff8cfca636b5711c87030\Microsoft.MapPoint.Modeling.ni.dll
+ 2012-02-15 18:23 . 2012-02-15 18:23 1217024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\cd5818e15c14ef61dfdedcab359e246b\Microsoft.MapPoint.Data.ni.dll
+ 2012-02-15 18:23 . 2012-02-15 18:23 1524736 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\7817904c055d5b82b81c2e880acd6cec\Microsoft.MapPoint.Rendering3D.WorldMemoryDataSource.ni.dll
+ 2012-02-15 18:23 . 2012-02-15 18:23 1524224 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\71343e8b217dfa270383da6e6c85cee6\Microsoft.MapPoint.GraphicsAPI.ni.dll
+ 2012-02-15 18:23 . 2012-02-15 18:23 4094976 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\209aaeed5c703011a808f1761ccff19f\Microsoft.MapPoint.Rendering3D.ni.dll
+ 2012-02-15 18:23 . 2012-02-15 18:23 2766336 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\1931a09a5b7a6a54e9d9fad583dcbcef\Microsoft.MapPoint.Graphics3D.ni.dll
+ 2012-02-15 18:26 . 2012-02-15 18:26 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\806b1d127ed3e906db972751e87585c4\Microsoft.JScript.ni.dll
+ 2012-02-15 18:24 . 2012-02-15 18:24 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\912789fd859e0887e10a935cade08e72\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-02-15 18:24 . 2012-02-15 18:24 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\6c1d3eec78906cc2a2ecffb013114c50\Microsoft.Build.Tasks.ni.dll
+ 2012-02-15 18:24 . 2012-02-15 18:24 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\d6edd4b4619a9052d3dfe50c3067d5e0\Microsoft.Build.Engine.ni.dll
+ 2012-02-15 17:42 . 2012-02-15 17:42 1140736 c:\windows\assembly\NativeImages_v2.0.50727_32\AcLayer\759cd611e68c6909b5e1791b27aec7f8\AcLayer.ni.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 3186688 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-01-11 18:06 . 2012-01-11 18:06 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-02-15 16:36 . 2012-02-15 16:36 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2008-01-08 15:13 . 2012-02-15 16:40 52550552 c:\windows\system32\MRT.exe
+ 2006-11-07 19:03 . 2011-12-18 13:43 11082240 c:\windows\system32\ieframe.dll
+ 2007-10-10 23:49 . 2011-12-18 13:43 11082240 c:\windows\system32\dllcache\ieframe.dll
+ 2012-02-15 16:44 . 2012-02-15 16:44 20333056 c:\windows\Installer\375481.msp
+ 2012-02-15 16:39 . 2011-11-04 19:13 11081728 c:\windows\ie8updates\KB2647516-IE8\ieframe.dll
+ 2012-02-15 16:39 . 2012-02-15 16:39 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ad99ac6b5666edb8ee742dd64f9578af\System.Windows.Forms.ni.dll
+ 2012-02-15 16:40 . 2012-02-15 16:40 11817472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\29bdc8352d3c26e3c572ea60639dec3b\System.Web.ni.dll
+ 2012-02-15 18:22 . 2012-02-15 18:22 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\1cdcd6d97627d345d5ff446e6ec88b97\System.ServiceModel.ni.dll
+ 2012-02-15 16:40 . 2012-02-15 16:40 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\7c8f8fb506c32500acc1b6190d054f26\System.Design.ni.dll
+ 2012-02-15 16:39 . 2012-02-15 16:39 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5060105fb9e169399fe45600b1e9215e\PresentationFramework.ni.dll
+ 2012-02-15 16:38 . 2012-02-15 16:38 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\0665bba8c9962deadc418881eb3a2a2a\PresentationCore.ni.dll
.
-- Snapshot per reimpostare la data corrente --
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\alessio\Dati applicazioni\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\alessio\Dati applicazioni\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\alessio\Dati applicazioni\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\alessio\Dati applicazioni\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\programmi\File comuni\LightScribe\LightScribeControlPanel.exe" [2007-05-15 484904]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 153136]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-10-12 39408]
"Skype"="c:\programmi\Skype\Phone\Skype.exe" [2012-01-31 17147528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\JM\JMInsIDE.exe" [2006-10-30 36864]
"JMB36X Configure"="c:\windows\system32\JMRaidSetup.exe" [2006-10-30 1953792]
"Acrobat Assistant 7.0"="c:\programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2008-04-23 483328]
"NeroFilterCheck"="c:\programmi\File comuni\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SoundMAXPnP"="c:\programmi\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]
"SSLEmptyCache"="c:\windows\system32\SSLEmptyCache.exe" [2008-10-02 32768]
"eScan Updater"="c:\progra~1\eScan\TRAYICOS.EXE" [2010-05-28 3284488]
"MailScan Dispatcher"="c:\progra~1\eScan\LAUNCH.EXE" [2011-12-21 405512]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" [2010-11-29 421888]
"SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe" [2011-04-08 254696]
"APSDaemon"="c:\programmi\File comuni\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\programmi\iTunes\iTunesHelper.exe" [2011-10-09 421736]
.
c:\documents and settings\alessio\Menu Avvio\Programmi\Esecuzione automatica\
Dropbox.lnk - c:\documents and settings\alessio\Dati applicazioni\Dropbox\bin\Dropbox.exe [2011-9-2 24183152]
.
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Adobe Gamma Loader.lnk - c:\programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe [2008-4-10 113664]
Avvio veloce di Adobe Acrobat.lnk - c:\windows\Installer\{AC76BA86-1034-4700-7760-000000000002}\SC_Acrobat.exe [2007-11-8 25214]
.
[HKEY_LOCAL_MACHINE\software\policies\microsoft\windows\windowsupdate\au]
"NoAutoUpdate"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{EDB0E980-90BD-11D4-8599-0008C7D3B6F8}"= "c:\programmi\Qualcomm\Eudora\EuShlExt.dll" [2006-08-17 86016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\eSLogOn]
2009-11-05 15:55 654856 ----a-w- c:\windows\system32\eslogon.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ lsdelete
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Programmi\\Autodesk Network License Manager\\adskflex.exe"=
"c:\\Programmi\\Autodesk Network License Manager\\lmgrd.exe"=
"c:\\Programmi\\Autodesk VIZ 2005\\3dsviz.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"c:\\PROGRA~1\\eScan\\DOWNLOAD.EXE"=
"c:\\PROGRA~1\\eScan\\TRAYICOS.EXE"=
"c:\\PROGRA~1\\FILECO~1\\MICROW~1\\Agent\\MWAGENT.EXE"=
"c:\\PROGRA~1\\eScan\\LICENSE.EXE"=
"c:\\Programmi\\File comuni\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"c:\\Programmi\\iTunes\\iTunes.exe"=
"c:\\Documents and Settings\\alessio\\Dati applicazioni\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [08/02/2012 11.29.42 64512]
R2 ArcGIS License Manager;ArcGIS License Manager;c:\progra~1\ESRI\License\arcgis9x\lmgrd.exe [10/07/2009 17.32.18 1372160]
R2 EconService;eConServ;c:\progra~1\escan\EconSer.exe [05/05/2010 16.57.46 842760]
R2 eScan-trayicos;eScan Server-Updater;c:\progra~1\eScan\TRAYSSER.EXE [05/05/2010 16.57.20 272904]
R2 eScan Monitor Service;eScan Monitor Service;c:\docume~1\ALLUSE~1\DATIAP~1\MICROW~1\eScanBD\avpmapp.exe [05/05/2010 16.57.50 1336504]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\programmi\Lavasoft\Ad-Aware\AAWService.exe [23/12/2011 7.12.10 2152152]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\programmi\Viewpoint\Common\ViewpointService.exe [20/01/2009 10.38.19 24652]
R2 viz 2005;viz 2005;c:\programmi\Autodesk Network License Manager\lmgrd.exe [17/10/2002 8.30.02 607232]
R3 econceal;MicroWorld Technologies Network Service;c:\windows\system32\drivers\econceal.sys [05/05/2010 17.05.07 26632]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\programmi\Lavasoft\Ad-Aware\kernexplorer.sys [23/12/2011 7.12.10 15232]
R3 ProcObsrves;ProcObsrves;c:\progra~1\eScan\ProcObsrves.sys [05/05/2010 16.57.35 17928]
S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [12/10/2010 14.52.55 135664]
S2 SkypeUpdate;Skype Updater;c:\programmi\Skype\Updater\Updater.exe [31/01/2012 15.09.34 158856]
S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usbxp.sys [29/01/2010 13.08.49 24832]
S3 gupdatem;Servizio Google Update (gupdatem);c:\programmi\Google\Update\GoogleUpdate.exe [12/10/2010 14.52.55 135664]
.
--- Altri Servizi/Drivers In Memoria ---
.
*Deregistered* - eRootDrv
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-05-15 15:08 452136 ----a-w- c:\programmi\File comuni\LightScribe\LSRunOnce.exe
.
Contenuto della cartella 'Scheduled Tasks'
.
2012-02-20 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\programmi\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-12-23 10:36]
.
2012-02-17 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2011-06-01 10:34]
.
2012-02-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-10-12 13:52]
.
2012-02-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-10-12 13:52]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
IE: Converti destinazione link in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti destinazione link in PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti in PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti link selezionati in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Converti link selezionati in PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Converti selezione a PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti selezione in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
TCP: Interfaces\{3D377DF3-EE1F-4154-8E0B-868F1450E22F}: NameServer = 212.216.112.112
DPF: {15D151C8-5180-43C1-9360-4D794663BD6E} - hxxp://www.crs.regione.lombardia.it/components/OcsKitCittadino.cab
DPF: {3263F297-5CB9-4D8C-A2DB-CDFB8C69CB6D} - hxxp://www.crs.regione.lombardia.it/components/OcxCertUpdate.cab
DPF: {4384AA75-43AB-4095-84F9-C5B35EC62B5D} - hxxp://www.crs.regione.lombardia.it/components/OcxCrsInfo.cab
DPF: {877E14A6-0ACF-4509-8CF3-E4A0F4ED46F4} - hxxp://supportsiss.lispa.it/components/pdlc.cab
FF - ProfilePath - c:\documents and settings\alessio\Dati applicazioni\Mozilla\Firefox\Profiles\txkx1lq8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/
FF - prefs.js: network.proxy.type - 0
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [url="http://www.gmer.net"]http://www.gmer.net[/url]
Rootkit scan 2012-02-20 12:54
Windows 5.1.2600 Service Pack 3 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|ÿÿÿÿ"•€|þ»Ñw*]
"0140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
"0140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'winlogon.exe'(772)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
c:\windows\system32\eSLogOn.dll
.
Ora fine scansione: 2012-02-20 12:57:03
ComboFix-quarantined-files.txt 2012-02-20 11:56
ComboFix2.txt 2012-02-15 09:03
.
Pre-Run: 227'181'916'160 byte disponibili
Post-Run: 227'218'759'680 byte disponibili
.
- - End Of File - - BF6AFEFC90D6AFE7F078479EEF9E588F0 -
Hi toros,
I'm glad that Skype behaves well /smile.png' class='bbc_emoticon' alt=':)' />
I cannot see anything malicious in the ComboFix log, but please run DDS again and post DDS.txt.
Did you try to attach the screen shot?
0 -
Ok.
Yes, I attached a screen shot, or actually, I attached it as image. Did you see it?
I'll try again.
[attachment=9253:screenshot.jpg]0 -
The first was the right one, but no answer. I guess it is something about the protection settings. I'll check for them. As soon as it is possible I'll run DDS.
Ciao a presto (bye, see you soon... so you can start leraning Italian a little bit. /cool.png' class='bbc_emoticon' alt='B)' /> )0 -
Now I can see the picture /smile.png' class='bbc_emoticon' alt=':)' />
I don't speak Italian unfortunately, but I tried to google the message and I found http://forum.html.it/forum/showthread.php?threadid=1480883 Does it provide an answer?
ComboFix resets settings in IE since many malicious programs lower the settings and that might be the reason why it suddenly appears.
Or http://www.airdave.it/avviso-di-protezione-internet-explorer-8-eliminare-questa-noia-di-avviso-10952/0
Please sign in to leave a comment.
Comments
47 comments