Skip to main content

PC feels bad. Many infections:Trojan.Win32.Generic.pak!cobra, Trojan.Win32.Generic!BT

Comments

47 comments

  • Support
    [quote]Further in account manager I found an account named "ASP.NET Machine A...". I don't know what is this for.[/quote]That is normal.



    Please, paste logs directly into your answer instead of attaching them.



    Please, follow the instructions on http://www.bleepingcomputer.com/combofix/how-to-use-combofix for installing and running ComboFix.



    Read carefully and note the "Disclaimer of warranty"!



    Paste the content of the log into your answer.
    0
  • Customer
    Hi CeciliaB,

    so late because I was out for some days.

    Here the logs you asked for.

    Thanks so much for helping me.



    toros





    xxx DDS.txt:

    .

    DDS (Ver_2011-08-26.01) - NTFSx86

    Internet Explorer: 8.0.6001.18702

    Run by alessio at 17:51:36 on 2012-02-08

    Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.2047.1185 [GMT 1:00]

    .

    AV: eScan Anti-Virus (AV) Edition per Windows *Disabled/Updated* {E25EE26A-7512-411E-BAF6-D9AFA504A475}

    AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}

    FW: eScan Anti-Virus (AV) Edition per Windows *Disabled*

    .

    ============== Running Processes ===============

    .

    C:\WINDOWS\system32\Ati2evxx.exe

    C:\WINDOWS\system32\svchost -k DcomLaunch

    svchost.exe

    C:\WINDOWS\System32\svchost.exe -k netsvcs

    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

    svchost.exe

    svchost.exe

    C:\Programmi\Lavasoft\Ad-Aware\AAWService.exe

    C:\WINDOWS\system32\Ati2evxx.exe

    C:\WINDOWS\system32\spoolsv.exe

    svchost.exe

    C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe

    C:\Programmi\Bonjour\mDNSResponder.exe

    C:\WINDOWS\system32\drivers\CDAC11BA.EXE

    C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe

    c:\progra~1\escan\EconSer.exe

    C:\DOCUME~1\ALLUSE~1\DATIAP~1\MICROW~1\eScanBD\avpmapp.exe

    c:\progra~1\escan\eConceal.exe

    C:\PROGRA~1\eScan\TRAYSSER.EXE

    C:\Programmi\Java\jre6\bin\jqs.exe

    C:\Programmi\File comuni\LightScribe\LSSrvc.exe

    C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE

    C:\PROGRA~1\eScan\consctl.exe

    C:\PROGRA~1\FILECO~1\MICROW~1\Agent\MWASER.EXE

    C:\PROGRA~1\FILECO~1\MICROW~1\Agent\MWAgent.exe

    C:\Programmi\File comuni\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe

    C:\WINDOWS\system32\svchost.exe -k imgsvc

    C:\Programmi\Viewpoint\Common\ViewpointService.exe

    C:\Programmi\Autodesk Network License Manager\lmgrd.exe

    C:\Programmi\Autodesk Network License Manager\adskflex.exe

    C:\WINDOWS\Explorer.EXE

    C:\WINDOWS\system32\wscntfy.exe

    C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe

    C:\Programmi\Analog Devices\SoundMAX\SMax4.exe

    C:\Programmi\Analog Devices\Core\smax4pnp.exe

    C:\WINDOWS\system32\SSLEmptyCache.exe

    C:\PROGRA~1\eScan\TRAYICOS.EXE

    C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe

    C:\Programmi\File comuni\Java\Java Update\jusched.exe

    C:\Programmi\iTunes\iTunesHelper.exe

    C:\Programmi\File comuni\LightScribe\LightScribeControlPanel.exe

    C:\PROGRA~1\eScan\Vista\eScanMon.exe

    C:\Programmi\Viewpoint\Viewpoint Manager\ViewMgr.exe

    C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe

    C:\WINDOWS\system32\ctfmon.exe

    C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    C:\Programmi\Lavasoft\Ad-Aware\AAWTray.exe

    C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe

    C:\Documents and Settings\alessio\Dati applicazioni\Dropbox\bin\Dropbox.exe

    C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe

    C:\Programmi\iPod\bin\iPodService.exe

    C:\Programmi\File comuni\Java\Java Update\jucheck.exe

    C:\Programmi\Adobe\Reader 9.0\Reader\AcroRd32Info.exe

    .

    ============== Pseudo HJT Report ===============

    .

    uStart Page = hxxp://www.google.it/

    uSearch Page = hxxp://www.google.com

    mDefault_Search_URL = hxxp://www.google.com

    mSearch Page = hxxp://www.google.com

    uInternet Settings,ProxyOverride = *.local

    uSearchAssistant = hxxp://www.google.com/ie

    mSearchAssistant = hxxp://www.google.com/ie

    mURLSearchHooks: H - No File

    BHO: HelperObject Class: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\programmi\techsmith\snagit 8\SnagItBHO.dll

    BHO: AC-Pro: {0fb6a909-6086-458f-bd92-1f8ee10042a0} - c:\programmi\autocompletepro\AutocompletePro.dll

    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\programmi\file comuni\adobe\acrobat\activex\AcroIEHelperShim.dll

    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\programmi\google\google toolbar\GoogleToolbar_32.dll

    BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll

    BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\programmi\skype\toolbars\internet explorer\skypeieplugin.dll

    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\programmi\google\googletoolbarnotifier\5.7.7227.1100\swg.dll

    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\programmi\java\jre6\bin\jp2ssv.dll

    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\programmi\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

    TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll

    TB: SnagIt: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\programmi\techsmith\snagit 8\SnagItIEAddin.dll

    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\programmi\google\google toolbar\GoogleToolbar_32.dll

    TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File

    TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File

    uRun: [LightScribe Control Panel] c:\programmi\file comuni\lightscribe\LightScribeControlPanel.exe -hidden

    uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\programmi\file comuni\ahead\lib\NMBgMonitor.exe"

    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

    uRun: [swg] "c:\programmi\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

    mRun: [JMB36X IDE Setup] c:\windows\jm\JMInsIDE.exe

    mRun: [JMB36X Configure] c:\windows\system32\JMRaidSetup.exe boot

    mRun: [Acrobat Assistant 7.0] "c:\programmi\adobe\acrobat 7.0\distillr\Acrotray.exe"

    mRun: [NeroFilterCheck] c:\programmi\file comuni\ahead\lib\NeroCheck.exe

    mRun: [SoundMax] "c:\programmi\analog devices\soundmax\SMax4.exe" /tray

    mRun: [SoundMAXPnP] c:\programmi\analog devices\core\smax4pnp.exe

    mRun: [SSLEmptyCache] c:\windows\system32\SSLEmptyCache.exe

    mRun: [eScan Updater] c:\progra~1\escan\TRAYICOS.EXE /App

    mRun: [MailScan Dispatcher] "c:\progra~1\escan\LAUNCH.EXE" /startup

    mRun: [Adobe Reader Speed Launcher] "c:\programmi\adobe\reader 9.0\reader\Reader_sl.exe"

    mRun: [Adobe ARM] "c:\programmi\file comuni\adobe\arm\1.0\AdobeARM.exe"

    mRun: [QuickTime Task] "c:\programmi\quicktime\qttask.exe" -atboottime

    mRun: [SunJavaUpdateSched] "c:\programmi\file comuni\java\java update\jusched.exe"

    mRun: [APSDaemon] "c:\programmi\file comuni\apple\apple application support\APSDaemon.exe"

    mRun: [iTunesHelper] "c:\programmi\itunes\iTunesHelper.exe"

    StartupFolder: c:\docume~1\alessio\menuav~1\progra~1\esecuz~1\dropbox.lnk - c:\documents and settings\alessio\dati applicazioni\dropbox\bin\Dropbox.exe

    StartupFolder: c:\docume~1\alluse~1\menuav~1\progra~1\esecuz~1\adobeg~1.lnk - c:\programmi\file comuni\adobe\calibration\Adobe Gamma Loader.exe

    StartupFolder: c:\docume~1\alluse~1\menuav~1\progra~1\esecuz~1\avviov~1.lnk - c:\windows\installer\{ac76ba86-1034-4700-7760-000000000002}\SC_Acrobat.exe

    IE: Converti destinazione link in Adobe PDF - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

    IE: Converti destinazione link in PDF esistente - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

    IE: Converti in Adobe PDF - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

    IE: Converti in PDF esistente - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

    IE: Converti link selezionati in Adobe PDF - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

    IE: Converti link selezionati in PDF esistente - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

    IE: Converti selezione a PDF esistente - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

    IE: Converti selezione in Adobe PDF - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

    IE: E&sporta in Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

    IE: Google Sidewiki... - c:\programmi\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\programmi\skype\toolbars\internet explorer\skypeieplugin.dll

    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

    DPF: {15D151C8-5180-43C1-9360-4D794663BD6E} - hxxp://www.crs.regione.lombardia.it/components/OcsKitCittadino.cab

    DPF: {3263F297-5CB9-4D8C-A2DB-CDFB8C69CB6D} - hxxp://www.crs.regione.lombardia.it/components/OcxCertUpdate.cab

    DPF: {3BB1D69B-A780-4BE1-876E-F3D488877135} - hxxp://download.microsoft.com/download/B/8/1/B819F609-76B3-42C6-8B66-D85CC971DCF9/VirtualEarth3D.cab

    DPF: {4384AA75-43AB-4095-84F9-C5B35EC62B5D} - hxxp://www.crs.regione.lombardia.it/components/OcxCrsInfo.cab

    DPF: {877E14A6-0ACF-4509-8CF3-E4A0F4ED46F4} - hxxp://supportsiss.lispa.it/components/pdlc.cab

    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

    TCP: Interfaces\{3D377DF3-EE1F-4154-8E0B-868F1450E22F} : NameServer = 212.216.112.112

    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\programmi\skype\toolbars\internet explorer\skypeieplugin.dll

    Notify: AtiExtEvent - Ati2evxx.dll

    Notify: eSLogOn - eSLogOn.dll

    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

    SEH: Eudora's Shell Extension: {edb0e980-90bd-11d4-8599-0008c7d3b6f8} - c:\programmi\qualcomm\eudora\EuShlExt.dll

    mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\programmi\file comuni\lightscribe\LSRunOnce.exe"

    .

    ============= SERVICES / DRIVERS ===============

    .

    R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2012-2-8 64512]

    R2 ArcGIS License Manager;ArcGIS License Manager;c:\progra~1\esri\license\arcgis9x\lmgrd.exe [2009-7-10 1372160]

    R2 EconService;eConServ;c:\progra~1\escan\EconSer.exe [2010-5-5 842760]

    R2 eScan-trayicos;eScan Server-Updater;c:\progra~1\escan\TRAYSSER.EXE [2010-5-5 272904]

    R2 eScan Monitor Service;eScan Monitor Service;c:\docume~1\alluse~1\datiap~1\microw~1\escanbd\avpmapp.exe [2010-5-5 1336504]

    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\programmi\lavasoft\ad-aware\AAWService.exe [2011-12-23 2152152]

    R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\programmi\viewpoint\common\ViewpointService.exe [2009-1-20 24652]

    R2 viz 2005;viz 2005;c:\programmi\autodesk network license manager\lmgrd.exe [2002-10-17 607232]

    R3 econceal;MicroWorld Technologies Network Service;c:\windows\system32\drivers\econceal.sys [2010-5-5 26632]

    R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\programmi\lavasoft\ad-aware\kernexplorer.sys [2011-12-23 15232]

    R3 ProcObsrves;ProcObsrves;c:\progra~1\escan\ProcObsrves.sys [2010-5-5 17928]

    S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\google\update\GoogleUpdate.exe [2010-10-12 135664]

    S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usbxp.sys [2010-1-29 24832]

    S3 gupdatem;Servizio Google Update (gupdatem);c:\programmi\google\update\GoogleUpdate.exe [2010-10-12 135664]

    .

    =============== Created Last 30 ================

    .

    2012-02-08 16:09:54 16432 ----a-w- c:\windows\system32\lsdelete.exe

    2012-02-08 10:36:39 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

    2012-02-08 10:29:42 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys

    2012-02-08 10:29:35 -------- d-----w- c:\programmi\Lavasoft

    2012-02-07 12:04:14 -------- d---a-w- c:\windows\rundll16.exe

    2012-02-07 12:04:14 -------- d---a-w- c:\windows\logo1_.exe

    2012-02-02 11:04:50 388096 ----a-r- c:\documents and settings\alessio\dati applicazioni\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

    2012-01-31 17:00:24 29184 ----a-w- c:\windows\system32\drivers\usbccid.sys

    .

    ==================== Find3M ====================

    .

    2012-01-11 08:07:47 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

    2011-12-30 08:49:55 1045000 ----a-w- c:\windows\system32\test2.exe

    2011-12-21 12:00:39 54016 ----a-w- c:\windows\system32\drivers\cdsa.sys

    2011-12-21 08:06:23 1858056 ----a-w- c:\windows\system32\contfilt.dll

    2011-12-21 08:06:17 572928 ----a-w- c:\windows\system32\msvcp90.dll

    2011-12-21 08:06:16 655872 ----a-w- c:\windows\system32\msvcr90.dll

    2011-12-21 08:04:51 1041928 ----a-w- c:\windows\system32\BACKUP.93751039.test2.exe

    2011-12-10 14:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

    2011-11-25 21:57:07 293888 ----a-w- c:\windows\system32\winsrv.dll

    2011-11-23 14:40:20 1859584 ----a-w- c:\windows\system32\win32k.sys

    2011-11-20 06:12:28 60928 ----a-w- c:\windows\system32\packager.exe

    2011-11-16 14:22:12 354816 ----a-w- c:\windows\system32\winhttp.dll

    2011-11-16 14:22:11 152064 ----a-w- c:\windows\system32\schannel.dll

    .

    ============= FINISH: 17.51.49.42 ===============

    xxx Attach.txt:



    .

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

    IF REQUESTED, ZIP IT UP & ATTACH IT

    .

    DDS (Ver_2011-08-26.01)

    .

    Microsoft Windows XP Professional

    Boot Device: \Device\HarddiskVolume1

    Install Date: 19/10/2007 10.45.26

    System Uptime: 08/02/2012 17.37.23 (0 hours ago)

    .

    Motherboard: ASUSTeK Computer INC. | | P5B

    Processor: Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz | Socket 775 | 2329/333mhz

    .

    ==== Disk Partitions =========================

    .

    A: is Removable

    C: is FIXED (NTFS) - 298 GiB total, 209.521 GiB free.

    D: is CDROM ()

    Z: is NetworkDisk (NTFS) - 75 GiB total, 8.033 GiB free.

    .

    ==== Disabled Device Manager Items =============

    .

    Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}

    Description: Nokia Windows Portable Device Driver

    Device ID: ROOT\WPD\0000

    Manufacturer: Nokia

    Name: N78

    PNP Device ID: ROOT\WPD\0000

    Service: WUDFRd

    .

    ==== System Restore Points ===================

    .

    RP451: 10/11/2011 11.43.50 - Punto di arresto del sistema

    RP452: 10/11/2011 17.00.20 - Software Distribution Service 3.0

    RP453: 11/11/2011 17.00.19 - Software Distribution Service 3.0

    RP454: 14/11/2011 14.46.41 - Punto di arresto del sistema

    RP455: 15/11/2011 19.54.44 - Punto di arresto del sistema

    RP456: 17/11/2011 16.17.04 - Punto di arresto del sistema

    RP457: 18/11/2011 16.57.10 - Punto di arresto del sistema

    RP458: 21/11/2011 13.57.46 - Punto di arresto del sistema

    RP459: 22/11/2011 17.37.13 - Punto di arresto del sistema

    RP460: 24/11/2011 9.38.55 - Punto di arresto del sistema

    RP461: 25/11/2011 11.01.03 - Punto di arresto del sistema

    RP462: 29/11/2011 10.06.40 - Punto di arresto del sistema

    RP463: 30/11/2011 10.45.20 - Punto di arresto del sistema

    RP464: 01/12/2011 11.20.49 - Punto di arresto del sistema

    RP465: 02/12/2011 11.59.50 - Punto di arresto del sistema

    RP466: 05/12/2011 14.36.58 - Punto di arresto del sistema

    RP467: 06/12/2011 14.37.21 - Punto di arresto del sistema

    RP468: 07/12/2011 15.55.50 - Punto di arresto del sistema

    RP469: 09/12/2011 10.14.43 - Punto di arresto del sistema

    RP470: 12/12/2011 10.36.57 - Punto di arresto del sistema

    RP471: 13/12/2011 11.00.09 - Punto di arresto del sistema

    RP472: 14/12/2011 9.42.30 - Software Distribution Service 3.0

    RP473: 15/12/2011 10.12.25 - Punto di arresto del sistema

    RP474: 16/12/2011 15.10.18 - Punto di arresto del sistema

    RP475: 19/12/2011 11.41.02 - Punto di arresto del sistema

    RP476: 20/12/2011 14.39.39 - Punto di arresto del sistema

    RP477: 21/12/2011 14.51.48 - Punto di arresto del sistema

    RP478: 22/12/2011 15.31.46 - Punto di arresto del sistema

    RP479: 23/12/2011 17.37.37 - Punto di arresto del sistema

    RP480: 27/12/2011 9.34.30 - Punto di arresto del sistema

    RP481: 28/12/2011 14.44.45 - Punto di arresto del sistema

    RP482: 30/12/2011 10.06.33 - Punto di arresto del sistema

    RP483: 09/01/2012 9.55.29 - Punto di arresto del sistema

    RP484: 10/01/2012 12.49.49 - Punto di arresto del sistema

    RP485: 11/01/2012 13.48.37 - Punto di arresto del sistema

    RP486: 11/01/2012 19.02.25 - Software Distribution Service 3.0

    RP487: 13/01/2012 10.10.10 - Punto di arresto del sistema

    RP488: 14/01/2012 11.31.18 - Punto di arresto del sistema

    RP489: 16/01/2012 10.58.02 - Punto di arresto del sistema

    RP490: 17/01/2012 12.48.33 - Punto di arresto del sistema

    RP491: 18/01/2012 14.45.37 - Punto di arresto del sistema

    RP492: 20/01/2012 14.29.14 - Punto di arresto del sistema

    RP493: 23/01/2012 12.22.17 - Punto di arresto del sistema

    RP494: 24/01/2012 10.50.37 - Removed Skype™ 5.5

    RP495: 25/01/2012 11.27.19 - Punto di arresto del sistema

    RP497: 27/01/2012 9.17.15 - Software Distribution Service 3.0

    RP498: 30/01/2012 12.42.21 - Punto di arresto del sistema

    RP499: 01/02/2012 11.13.58 - Punto di arresto del sistema

    RP500: 02/02/2012 11.21.45 - Punto di arresto del sistema

    RP501: 02/02/2012 12.04.48 - Installed HiJackThis

    RP502: 03/02/2012 14.49.30 - Punto di arresto del sistema

    RP503: 06/02/2012 11.10.54 - Punto di arresto del sistema

    RP504: 07/02/2012 11.31.38 - Punto di arresto del sistema

    RP505: 08/02/2012 11.29.03 - Installed Ad-Aware

    RP506: 08/02/2012 11.29.33 - Installed Ad-Aware

    .

    ==== Installed Programs ======================

    .

    2007 Microsoft Office system

    Ad-Aware

    Adobe Acrobat 7.0 Professional - Español, Italiano, Português

    Adobe Acrobat 7.1.0 Professional - Español, Italiano, Português

    Adobe Flash Player 10 Plugin

    Adobe Flash Player 11 ActiveX

    Adobe Photoshop CS

    Adobe Reader 9.4.4 - Italiano

    Adobe Shockwave Player 11.6

    Adobe SVG Viewer 3.0

    Advanced PDF Password Recovery

    Aggiornamento critico per Windows Media Player 11 (KB959772)

    Aggiornamento della protezione per Windows Internet Explorer 7 (KB938127)

    Aggiornamento della protezione per Windows Internet Explorer 7 (KB942615)

    Aggiornamento della protezione per Windows Internet Explorer 7 (KB944533)

    Aggiornamento della protezione per Windows Internet Explorer 7 (KB950759)

    Aggiornamento della protezione per Windows Internet Explorer 7 (KB953838)

    Aggiornamento della protezione per Windows Internet Explorer 7 (KB956390)

    Aggiornamento della protezione per Windows Internet Explorer 7 (KB958215)

    Aggiornamento della protezione per Windows Internet Explorer 7 (KB960714)

    Aggiornamento della protezione per Windows Internet Explorer 7 (KB961260)

    Aggiornamento della protezione per Windows Internet Explorer 7 (KB963027)

    Aggiornamento della protezione per Windows Internet Explorer 7 (KB976325)

    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2183461)

    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2360131)

    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2416400)

    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2482017)

    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2497640)

    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2510531)

    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2530548)

    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2544521)

    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2559049)

    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2586448)

    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2618444)

    Aggiornamento della protezione per Windows Internet Explorer 8 (KB971961)

    Aggiornamento della protezione per Windows Internet Explorer 8 (KB976325)

    Aggiornamento della protezione per Windows Internet Explorer 8 (KB978207)

    Aggiornamento della protezione per Windows Internet Explorer 8 (KB981332)

    Aggiornamento della protezione per Windows Internet Explorer 8 (KB982381)

    Aggiornamento della protezione per Windows Media Player (KB2378111)

    Aggiornamento della protezione per Windows Media Player (KB911564)

    Aggiornamento della protezione per Windows Media Player (KB952069)

    Aggiornamento della protezione per Windows Media Player (KB954155)

    Aggiornamento della protezione per Windows Media Player (KB968816)

    Aggiornamento della protezione per Windows Media Player (KB973540)

    Aggiornamento della protezione per Windows Media Player (KB975558)

    Aggiornamento della protezione per Windows Media Player (KB978695)

    Aggiornamento della protezione per Windows Media Player 11 (KB936782)

    Aggiornamento della protezione per Windows Media Player 11 (KB954154)

    Aggiornamento della protezione per Windows Media Player 6.4 (KB925398)

    Aggiornamento della protezione per Windows Media Player 9 (KB936782)

    Aggiornamento della protezione per Windows XP (KB2079403)

    Aggiornamento della protezione per Windows XP (KB2115168)

    Aggiornamento della protezione per Windows XP (KB2121546)

    Aggiornamento della protezione per Windows XP (KB2160329)

    Aggiornamento della protezione per Windows XP (KB2229593)

    Aggiornamento della protezione per Windows XP (KB2259922)

    Aggiornamento della protezione per Windows XP (KB2279986)

    Aggiornamento della protezione per Windows XP (KB2286198)

    Aggiornamento della protezione per Windows XP (KB2296011)

    Aggiornamento della protezione per Windows XP (KB2296199)

    Aggiornamento della protezione per Windows XP (KB2347290)

    Aggiornamento della protezione per Windows XP (KB2360937)

    Aggiornamento della protezione per Windows XP (KB2387149)

    Aggiornamento della protezione per Windows XP (KB2393802)

    Aggiornamento della protezione per Windows XP (KB2412687)

    Aggiornamento della protezione per Windows XP (KB2419632)

    Aggiornamento della protezione per Windows XP (KB2423089)

    Aggiornamento della protezione per Windows XP (KB2436673)

    Aggiornamento della protezione per Windows XP (KB2440591)

    Aggiornamento della protezione per Windows XP (KB2443105)

    Aggiornamento della protezione per Windows XP (KB2476490)

    Aggiornamento della protezione per Windows XP (KB2476687)

    Aggiornamento della protezione per Windows XP (KB2478960)

    Aggiornamento della protezione per Windows XP (KB2478971)

    Aggiornamento della protezione per Windows XP (KB2479628)

    Aggiornamento della protezione per Windows XP (KB2479943)

    Aggiornamento della protezione per Windows XP (KB2481109)

    Aggiornamento della protezione per Windows XP (KB2483185)

    Aggiornamento della protezione per Windows XP (KB2485376)

    Aggiornamento della protezione per Windows XP (KB2485663)

    Aggiornamento della protezione per Windows XP (KB2503658)

    Aggiornamento della protezione per Windows XP (KB2503665)

    Aggiornamento della protezione per Windows XP (KB2506212)

    Aggiornamento della protezione per Windows XP (KB2506223)

    Aggiornamento della protezione per Windows XP (KB2507618)

    Aggiornamento della protezione per Windows XP (KB2507938)

    Aggiornamento della protezione per Windows XP (KB2508272)

    Aggiornamento della protezione per Windows XP (KB2508429)

    Aggiornamento della protezione per Windows XP (KB2509553)

    Aggiornamento della protezione per Windows XP (KB2511455)

    Aggiornamento della protezione per Windows XP (KB2524375)

    Aggiornamento della protezione per Windows XP (KB2535512)

    Aggiornamento della protezione per Windows XP (KB2536276-v2)

    Aggiornamento della protezione per Windows XP (KB2536276)

    Aggiornamento della protezione per Windows XP (KB2544893-v2)

    Aggiornamento della protezione per Windows XP (KB2544893)

    Aggiornamento della protezione per Windows XP (KB2555917)

    Aggiornamento della protezione per Windows XP (KB2562937)

    Aggiornamento della protezione per Windows XP (KB2566454)

    Aggiornamento della protezione per Windows XP (KB2567053)

    Aggiornamento della protezione per Windows XP (KB2567680)

    Aggiornamento della protezione per Windows XP (KB2570222)

    Aggiornamento della protezione per Windows XP (KB2570947)

    Aggiornamento della protezione per Windows XP (KB2584146)

    Aggiornamento della protezione per Windows XP (KB2585542)

    Aggiornamento della protezione per Windows XP (KB2592799)

    Aggiornamento della protezione per Windows XP (KB2598479)

    Aggiornamento della protezione per Windows XP (KB2603381)

    Aggiornamento della protezione per Windows XP (KB2618451)

    Aggiornamento della protezione per Windows XP (KB2619339)

    Aggiornamento della protezione per Windows XP (KB2620712)

    Aggiornamento della protezione per Windows XP (KB2624667)

    Aggiornamento della protezione per Windows XP (KB2631813)

    Aggiornamento della protezione per Windows XP (KB2633171)

    Aggiornamento della protezione per Windows XP (KB2639417)

    Aggiornamento della protezione per Windows XP (KB2646524)

    Aggiornamento della protezione per Windows XP (KB923561)

    Aggiornamento della protezione per Windows XP (KB923689)

    Aggiornamento della protezione per Windows XP (KB938464-v2)

    Aggiornamento della protezione per Windows XP (KB938464)

    Aggiornamento della protezione per Windows XP (KB941569)

    Aggiornamento della protezione per Windows XP (KB946648)

    Aggiornamento della protezione per Windows XP (KB950760)

    Aggiornamento della protezione per Windows XP (KB950762)

    Aggiornamento della protezione per Windows XP (KB950974)

    Aggiornamento della protezione per Windows XP (KB951066)

    Aggiornamento della protezione per Windows XP (KB951376-v2)

    Aggiornamento della protezione per Windows XP (KB951376)

    Aggiornamento della protezione per Windows XP (KB951698)

    Aggiornamento della protezione per Windows XP (KB951748)

    Aggiornamento della protezione per Windows XP (KB952004)

    Aggiornamento della protezione per Windows XP (KB952954)

    Aggiornamento della protezione per Windows XP (KB953839)

    Aggiornamento della protezione per Windows XP (KB954211)

    Aggiornamento della protezione per Windows XP (KB954459)

    Aggiornamento della protezione per Windows XP (KB954600)

    Aggiornamento della protezione per Windows XP (KB955069)

    Aggiornamento della protezione per Windows XP (KB956391)

    Aggiornamento della protezione per Windows XP (KB956572)

    Aggiornamento della protezione per Windows XP (KB956744)

    Aggiornamento della protezione per Windows XP (KB956802)

    Aggiornamento della protezione per Windows XP (KB956803)

    Aggiornamento della protezione per Windows XP (KB956841)

    Aggiornamento della protezione per Windows XP (KB956844)

    Aggiornamento della protezione per Windows XP (KB957095)

    Aggiornamento della protezione per Windows XP (KB957097)

    Aggiornamento della protezione per Windows XP (KB958644)

    Aggiornamento della protezione per Windows XP (KB958687)

    Aggiornamento della protezione per Windows XP (KB958690)

    Aggiornamento della protezione per Windows XP (KB958869)

    Aggiornamento della protezione per Windows XP (KB959426)

    Aggiornamento della protezione per Windows XP (KB960225)

    Aggiornamento della protezione per Windows XP (KB960715)

    Aggiornamento della protezione per Windows XP (KB960803)

    Aggiornamento della protezione per Windows XP (KB960859)

    Aggiornamento della protezione per Windows XP (KB961371)

    Aggiornamento della protezione per Windows XP (KB961373)

    Aggiornamento della protezione per Windows XP (KB961501)

    Aggiornamento della protezione per Windows XP (KB968537)

    Aggiornamento della protezione per Windows XP (KB969059)

    Aggiornamento della protezione per Windows XP (KB969898)

    Aggiornamento della protezione per Windows XP (KB969947)

    Aggiornamento della protezione per Windows XP (KB970238)

    Aggiornamento della protezione per Windows XP (KB970430)

    Aggiornamento della protezione per Windows XP (KB971468)

    Aggiornamento della protezione per Windows XP (KB971486)

    Aggiornamento della protezione per Windows XP (KB971557)

    Aggiornamento della protezione per Windows XP (KB971633)

    Aggiornamento della protezione per Windows XP (KB971657)

    Aggiornamento della protezione per Windows XP (KB971961)

    Aggiornamento della protezione per Windows XP (KB972270)

    Aggiornamento della protezione per Windows XP (KB973346)

    Aggiornamento della protezione per Windows XP (KB973354)

    Aggiornamento della protezione per Windows XP (KB973507)

    Aggiornamento della protezione per Windows XP (KB973525)

    Aggiornamento della protezione per Windows XP (KB973869)

    Aggiornamento della protezione per Windows XP (KB973904)

    Aggiornamento della protezione per Windows XP (KB974112)

    Aggiornamento della protezione per Windows XP (KB974318)

    Aggiornamento della protezione per Windows XP (KB974392)

    Aggiornamento della protezione per Windows XP (KB974571)

    Aggiornamento della protezione per Windows XP (KB975025)

    Aggiornamento della protezione per Windows XP (KB975467)

    Aggiornamento della protezione per Windows XP (KB975560)

    Aggiornamento della protezione per Windows XP (KB975561)

    Aggiornamento della protezione per Windows XP (KB975562)

    Aggiornamento della protezione per Windows XP (KB975713)

    Aggiornamento della protezione per Windows XP (KB977165)

    Aggiornamento della protezione per Windows XP (KB977816)

    Aggiornamento della protezione per Windows XP (KB977914)

    Aggiornamento della protezione per Windows XP (KB978037)

    Aggiornamento della protezione per Windows XP (KB978251)

    Aggiornamento della protezione per Windows XP (KB978262)

    Aggiornamento della protezione per Windows XP (KB978338)

    Aggiornamento della protezione per Windows XP (KB978542)

    Aggiornamento della protezione per Windows XP (KB978601)

    Aggiornamento della protezione per Windows XP (KB978706)

    Aggiornamento della protezione per Windows XP (KB979309)

    Aggiornamento della protezione per Windows XP (KB979482)

    Aggiornamento della protezione per Windows XP (KB979559)

    Aggiornamento della protezione per Windows XP (KB979683)

    Aggiornamento della protezione per Windows XP (KB979687)

    Aggiornamento della protezione per Windows XP (KB980195)

    Aggiornamento della protezione per Windows XP (KB980218)

    Aggiornamento della protezione per Windows XP (KB980232)

    Aggiornamento della protezione per Windows XP (KB980436)

    Aggiornamento della protezione per Windows XP (KB981322)

    Aggiornamento della protezione per Windows XP (KB981852)

    Aggiornamento della protezione per Windows XP (KB981957)

    Aggiornamento della protezione per Windows XP (KB981997)

    Aggiornamento della protezione per Windows XP (KB982132)

    Aggiornamento della protezione per Windows XP (KB982214)

    Aggiornamento della protezione per Windows XP (KB982665)

    Aggiornamento della protezione per Windows XP (KB982802)

    Aggiornamento della sicurezza per Microsoft Windows (KB2564958)

    Aggiornamento per Windows Internet Explorer 8 (KB2598845)

    Aggiornamento per Windows Internet Explorer 8 (KB2632503)

    Aggiornamento per Windows Internet Explorer 8 (KB975364)

    Aggiornamento per Windows Internet Explorer 8 (KB976662)

    Aggiornamento per Windows Internet Explorer 8 (KB980182)

    Aggiornamento per Windows XP (KB2141007)

    Aggiornamento per Windows XP (KB2345886)

    Aggiornamento per Windows XP (KB2467659)

    Aggiornamento per Windows XP (KB2492386)

    Aggiornamento per Windows XP (KB2541763)

    Aggiornamento per Windows XP (KB2607712)

    Aggiornamento per Windows XP (KB2616676)

    Aggiornamento per Windows XP (KB2641690)

    Aggiornamento per Windows XP (KB951072-v2)

    Aggiornamento per Windows XP (KB951978)

    Aggiornamento per Windows XP (KB955759)

    Aggiornamento per Windows XP (KB955839)

    Aggiornamento per Windows XP (KB967715)

    Aggiornamento per Windows XP (KB968389)

    Aggiornamento per Windows XP (KB971029)

    Aggiornamento per Windows XP (KB971737)

    Aggiornamento per Windows XP (KB973687)

    Aggiornamento per Windows XP (KB973815)

    Aggiornamento rapido per Windows Internet Explorer 7 (KB947864)

    Aggiornamento rapido per Windows Media Player 11 (KB939683)

    Aggiornamento rapido per Windows XP (KB2158563)

    Aggiornamento rapido per Windows XP (KB2443685)

    Aggiornamento rapido per Windows XP (KB2570791)

    Aggiornamento rapido per Windows XP (KB2633952)

    Aggiornamento rapido per Windows XP (KB942288-v3)

    Aggiornamento rapido per Windows XP (KB952287)

    Aggiornamento rapido per Windows XP (KB961118)

    Aggiornamento rapido per Windows XP (KB970653-v3)

    Aggiornamento rapido per Windows XP (KB976098-v2)

    Aggiornamento rapido per Windows XP (KB979306)

    Aggiornamento rapido per Windows XP (KB981793)

    Apple Application Support

    Apple Mobile Device Support

    Apple Software Update

    ArcGIS Desktop

    ArcGIS License Manager

    ATI Catalyst Control Center

    ATI Catalyst Install Manager

    ATI HYDRAVISION

    ATI Parental Control & Encoder

    ATI Problem Report Wizard

    AutoCAD 2008 - Italiano

    AutocompletePro

    Autodesk Design Review 2010

    Autodesk DWF Viewer

    Autodesk DWF Viewer 7

    Autodesk Network License Manager

    Autodesk Revit Architecture 2010

    Autodesk VIZ 2005

    AVIVO

    Axtro

    Axtro (C:\Programmi\Axtro\)

    Bing Maps 3D

    Bit4Id - PdL Cittadino per la CRS di Regione Lombardia - 1.2.12

    Bonjour

    Catalyst Control Center - Branding

    Catalyst Control Center Core Implementation

    Catalyst Control Center Graphics Full Existing

    Catalyst Control Center Graphics Full New

    Catalyst Control Center Graphics Light

    Catalyst Control Center Graphics Previews Common

    Catalyst Control Center HydraVision Full

    Catalyst Control Center InstallProxy

    Catalyst Control Center Localization Chinese Standard

    Catalyst Control Center Localization Chinese Traditional

    Catalyst Control Center Localization Czech

    Catalyst Control Center Localization Danish

    Catalyst Control Center Localization Dutch

    Catalyst Control Center Localization Finnish

    Catalyst Control Center Localization French

    Catalyst Control Center Localization German

    Catalyst Control Center Localization Greek

    Catalyst Control Center Localization Hungarian

    Catalyst Control Center Localization Italian

    Catalyst Control Center Localization Japanese

    Catalyst Control Center Localization Korean

    Catalyst Control Center Localization Norwegian

    Catalyst Control Center Localization Polish

    Catalyst Control Center Localization Portuguese

    Catalyst Control Center Localization Russian

    Catalyst Control Center Localization Spanish

    Catalyst Control Center Localization Swedish

    Catalyst Control Center Localization Thai

    Catalyst Control Center Localization Turkish

    ccc-core-preinstall

    ccc-core-static

    ccc-utility

    CCC Help Chinese Standard

    CCC Help Chinese Traditional

    CCC Help Czech

    CCC Help Danish

    CCC Help Dutch

    CCC Help English

    CCC Help Finnish

    CCC Help French

    CCC Help German

    CCC Help Greek

    CCC Help Hungarian

    CCC Help Italian

    CCC Help Japanese

    CCC Help Korean

    CCC Help Norwegian

    CCC Help Polish

    CCC Help Portuguese

    CCC Help Russian

    CCC Help Spanish

    CCC Help Swedish

    CCC Help Thai

    CCC Help Turkish

    CENED - Regione Lombardia

    Cened+

    Core Temp version 0.99.8

    CRS Kit 1.0

    CRS Manager 3.1.2.0

    Dropbox

    EchoGema4.0

    ER Mapper ECW JPEG 2000 Plug-in for Firefox [3.4.0.242]

    ERDAS ECW JPEG 2000 Plug-in for Internet Explorer [9.3.2.66]

    eScan Anti-Virus (AV) Edition per Windows

    Eudora

    FlashCAD_Composer

    GemaVap4

    Google Earth

    Google SketchUp 6

    Google SketchUp 6 Exporters

    Google SketchUp 8

    Google SketchUp LayOut 6

    Google SketchUp Pro 6

    Google Toolbar for Internet Explorer

    Google Update Helper

    High Definition Audio Driver Package - KB888111

    HiJackThis

    HijackThis 2.0.2

    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)

    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)

    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)

    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)

    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)

    Hotfix for Windows Media Format 11 SDK (KB929399)

    Hotfix for Windows XP (KB954550-v5)

    Hotfix for Windows XP (KB976002-v5)

    Hotfix per Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)

    iTunes

    Java Auto Updater

    Java DB 10.4.2.1

    Java(TM) 6 Update 26

    Java(TM) SE Development Kit 6 Update 17

    JMB36X Raid Configurer

    LightScribe 1.6.45.1

    Malwarebytes Anti-Malware versione 1.60.1.1000

    Master Converter

    MetraLib 4

    Microsoft .NET Framework 1.1

    Microsoft .NET Framework 1.1 Italian Language Pack

    Microsoft .NET Framework 1.1 Security Update (KB2656353)

    Microsoft .NET Framework 1.1 Security Update (KB979906)

    Microsoft .NET Framework 2.0 Service Pack 2

    Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - ITA

    Microsoft .NET Framework 3.0 Service Pack 2

    Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - ITA

    Microsoft .NET Framework 3.5 - Language Pack SP1 (italiano)

    Microsoft .NET Framework 3.5 Language Pack SP1 - ita

    Microsoft .NET Framework 3.5 SP1

    Microsoft Compression Client Pack 1.0 for Windows XP

    Microsoft Internationalized Domain Names Mitigation APIs

    Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

    Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

    Microsoft National Language Support Downlevel APIs

    Microsoft Office 2007 Service Pack 3 (SP3)

    Microsoft Office Access MUI (Italian) 2007

    Microsoft Office Excel MUI (Italian) 2007

    Microsoft Office Outlook MUI (Italian) 2007

    Microsoft Office PowerPoint MUI (Italian) 2007

    Microsoft Office Professional Hybrid 2007

    Microsoft Office Proof (English) 2007

    Microsoft Office Proof (French) 2007

    Microsoft Office Proof (German) 2007

    Microsoft Office Proof (Italian) 2007

    Microsoft Office Proofing (Italian) 2007

    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

    Microsoft Office Publisher MUI (Italian) 2007

    Microsoft Office Shared MUI (Italian) 2007

    Microsoft Office Word MUI (Italian) 2007

    Microsoft Silverlight

    Microsoft Software Update for Web Folders (Italian) 12

    Microsoft User-Mode Driver Framework Feature Pack 1.9

    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

    Microsoft Visual C++ 2005 Redistributable

    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

    Microsoft Visual Studio Tools for Applications 2.0 - ENU

    Microsoft Visual Studio Tools for Applications 2.0 Language Pack - ITA

    Microsoft Visual Studio Tools for Applications 2.0 Runtime

    Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - ITA

    MSVC80_x86

    MSXML 4.0 SP2 (KB936181)

    MSXML 4.0 SP2 (KB954430)

    MSXML 4.0 SP2 (KB973688)

    MSXML 6.0 Parser (KB933579)

    Nero 7 Essentials

    neroxml

    Pacchetto driver Windows - Microsoft (USBCCID) SmartCardReader (08/01/2006 5.2.3790.2724)

    Pacchetto driver Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)

    Pacchetto provider Microsoft servizio crittografia smart card di base

    Paint Shop Pro 7

    PAN S

    PC Connectivity Solution

    PC Wizard 2008.1.84

    PltPlotter 1.0

    ProntoDLgs311

    Python 2.5 numpy-1.0.3

    Python 2.5.1

    QuickTime

    REALTEK GbE & FE Ethernet PCI-E NIC Driver

    Revit Architecture 2008

    SafeCast Shared Components

    Security Update for CAPICOM (KB931906)

    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

    Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

    Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

    Sentinel Protection Installer 7.2.2

    Sentinel System Driver

    Skins

    Skype Click to Call

    SnagIt 8

    Software per stampante EPSON

    SoundMAX

    Spelling Dictionaries Support For Adobe Reader 9

    Suite Aster 4.1.10

    swMSM

    TerMus-G v.14.00a

    The Lord of the Rings FREE Trial

    THERM5

    Tweak UI

    Update for 2007 Microsoft Office System (KB967642)

    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

    Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition

    Update for Microsoft Office 2007 suites (KB2596686) 32-Bit Edition

    Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition

    Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition

    VBA (2627.01)

    VBA (2627.3)

    Viewpoint Manager (Remove Only)

    Viewpoint Media Player

    Visual Basic for Applications (R) Core

    Visual Basic for Applications (R) Core - English

    Vita Interactive Engine

    WebFldrs XP

    Windows Genuine Advantage Notifications (KB905474)

    Windows Genuine Advantage Validation Tool (KB892130)

    Windows Imaging Component

    Windows Internet Explorer 7

    Windows Internet Explorer 8

    Windows Media Format 11 runtime

    Windows Media Player 11

    Windows Presentation Foundation

    Windows XP Service Pack 3

    WinRAR gestione archivi

    WinZip

    XML Paper Specification Shared Components Language Pack 1.0

    XML Paper Specification Shared Components Pack 1.0

    Xvid 1.2.2 final uninstall

    .

    ==== End Of File ===========================

    xxx ComboFix.log



    ComboFix 12-02-13.01 - alessio 15/02/2012 9.52.17.5.2 - x86

    Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.2047.1383 [GMT 1:00]

    Eseguito da: c:\documents and settings\alessio\Desktop\ComboFix.exe

    AV: eScan Anti-Virus (AV) Edition per Windows *Disabled/Updated* {E25EE26A-7512-411E-BAF6-D9AFA504A475}

    AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}

    FW: eScan Anti-Virus (AV) Edition per Windows *Disabled* {E25EE26A-7512-411E-BAF6-D9AFA504A475}

    .

    .

    ((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    c:\documents and settings\alessio\Dati applicazioni\EurekaLog

    c:\documents and settings\alessio\Dati applicazioni\EurekaLog\EurekaLog.ini

    c:\documents and settings\alessio\Impostazioni locali\Dati applicazioni\assembly\tmp

    c:\documents and settings\alessio\WINDOWS

    c:\documents and settings\All Users\Dati applicazioni\AMMYY

    c:\documents and settings\All Users\Dati applicazioni\AMMYY\hr

    c:\documents and settings\All Users\Dati applicazioni\AMMYY\settings.bin

    c:\programmi\AutocompletePro

    c:\programmi\AutocompletePro\64\AutocompletePro64.dll

    c:\programmi\AutocompletePro\AutocompletePro.dll

    c:\programmi\AutocompletePro\chrome\autocompleteprochrome.crx

    c:\programmi\AutocompletePro\FireFoxExtension.exe

    c:\programmi\AutocompletePro\InstTracker.exe

    c:\programmi\AutocompletePro\support@predictad.com\chrome.manifest

    c:\programmi\AutocompletePro\support@predictad.com\chrome\content\browserOverlay.xul

    c:\programmi\AutocompletePro\support@predictad.com\chrome\content\options.js

    c:\programmi\AutocompletePro\support@predictad.com\chrome\content\options.xul

    c:\programmi\AutocompletePro\support@predictad.com\chrome\content\utils.js

    c:\programmi\AutocompletePro\support@predictad.com\defaults\preferences\predictad.js

    c:\programmi\AutocompletePro\support@predictad.com\install.rdf

    c:\programmi\AutocompletePro\unins000.dat

    c:\programmi\AutocompletePro\unins000.exe

    c:\windows\BACKUP.15999202.killproc.exe

    c:\windows\dasetup.log

    c:\windows\regedit.com

    c:\windows\ST6UNST.000

    c:\windows\system32\BACKUP.93751039.test2.exe

    c:\windows\system32\regobj.dll

    c:\windows\system32\taskmgr.com

    .

    .

    ((((((((((((((((((((((((( Files Creati Da 2012-01-15 al 2012-02-15 )))))))))))))))))))))))))))))))))))

    .

    .

    2012-02-14 12:04 . 2012-02-14 12:04 -------- d---a-w- c:\windows\rundll16.exe

    2012-02-14 12:04 . 2012-02-14 12:04 -------- d---a-w- c:\windows\logo1_.exe

    2012-02-08 16:09 . 2012-02-08 10:36 16432 ----a-w- c:\windows\system32\lsdelete.exe

    2012-02-08 10:36 . 2012-02-08 10:36 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

    2012-02-08 10:29 . 2011-12-23 06:12 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys

    2012-02-08 10:29 . 2012-02-08 10:29 -------- d-----w- c:\programmi\Lavasoft

    2012-02-02 11:04 . 2012-02-02 11:04 388096 ----a-r- c:\documents and settings\alessio\Dati applicazioni\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

    2012-01-31 17:00 . 2006-06-14 12:53 29184 ----a-w- c:\windows\system32\drivers\usbccid.sys

    .

    .

    .

    (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2012-01-11 08:07 . 2011-08-02 06:56 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

    2011-12-30 08:49 . 2011-03-15 12:18 1045000 ----a-w- c:\windows\system32\test2.exe

    2011-12-21 12:00 . 2011-12-21 12:00 54016 ----a-w- c:\windows\system32\drivers\cdsa.sys

    2011-12-21 08:06 . 2010-05-05 15:57 1858056 ----a-w- c:\windows\system32\contfilt.dll

    2011-12-21 08:06 . 2011-12-21 08:06 572928 ----a-w- c:\windows\system32\msvcp90.dll

    2011-12-21 08:06 . 2011-12-21 08:06 655872 ----a-w- c:\windows\system32\msvcr90.dll

    2011-12-10 14:24 . 2011-03-21 09:21 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

    2011-11-25 21:57 . 2007-08-02 12:00 293888 ----a-w- c:\windows\system32\winsrv.dll

    2011-11-23 14:40 . 2007-08-02 12:00 1859584 ----a-w- c:\windows\system32\win32k.sys

    2011-11-20 06:12 . 2007-08-02 12:00 60928 ----a-w- c:\windows\system32\packager.exe

    .

    .

    ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    *Nota* i valori vuoti & legittimi/default non sono visualizzati.

    REGEDIT4

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

    2011-02-18 05:12 94208 ----a-w- c:\documents and settings\alessio\Dati applicazioni\Dropbox\bin\DropboxExt.14.dll

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

    2011-02-18 05:12 94208 ----a-w- c:\documents and settings\alessio\Dati applicazioni\Dropbox\bin\DropboxExt.14.dll

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

    2011-02-18 05:12 94208 ----a-w- c:\documents and settings\alessio\Dati applicazioni\Dropbox\bin\DropboxExt.14.dll

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

    2011-02-18 05:12 94208 ----a-w- c:\documents and settings\alessio\Dati applicazioni\Dropbox\bin\DropboxExt.14.dll

    .

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "LightScribe Control Panel"="c:\programmi\File comuni\LightScribe\LightScribeControlPanel.exe" [2007-05-15 484904]

    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 153136]

    "swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-10-12 39408]

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "JMB36X IDE Setup"="c:\windows\JM\JMInsIDE.exe" [2006-10-30 36864]

    "JMB36X Configure"="c:\windows\system32\JMRaidSetup.exe" [2006-10-30 1953792]

    "Acrobat Assistant 7.0"="c:\programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2008-04-23 483328]

    "NeroFilterCheck"="c:\programmi\File comuni\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]

    "SoundMAXPnP"="c:\programmi\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]

    "SSLEmptyCache"="c:\windows\system32\SSLEmptyCache.exe" [2008-10-02 32768]

    "eScan Updater"="c:\progra~1\eScan\TRAYICOS.EXE" [2010-05-28 3284488]

    "MailScan Dispatcher"="c:\progra~1\eScan\LAUNCH.EXE" [2011-12-21 405512]

    "Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]

    "Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

    "QuickTime Task"="c:\programmi\QuickTime\qttask.exe" [2010-11-29 421888]

    "SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe" [2011-04-08 254696]

    "APSDaemon"="c:\programmi\File comuni\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]

    "iTunesHelper"="c:\programmi\iTunes\iTunesHelper.exe" [2011-10-09 421736]

    .

    c:\documents and settings\alessio\Menu Avvio\Programmi\Esecuzione automatica\

    Dropbox.lnk - c:\documents and settings\alessio\Dati applicazioni\Dropbox\bin\Dropbox.exe [2011-9-2 24183152]

    .

    c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\

    Adobe Gamma Loader.lnk - c:\programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe [2008-4-10 113664]

    Avvio veloce di Adobe Acrobat.lnk - c:\windows\Installer\{AC76BA86-1034-4700-7760-000000000002}\SC_Acrobat.exe [2007-11-8 25214]

    .

    [HKEY_LOCAL_MACHINE\software\policies\microsoft\windows\windowsupdate\au]

    "NoAutoUpdate"= 1 (0x1)

    .

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

    "{EDB0E980-90BD-11D4-8599-0008C7D3B6F8}"= "c:\programmi\Qualcomm\Eudora\EuShlExt.dll" [2006-08-17 86016]

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\eSLogOn]

    2009-11-05 15:55 654856 ----a-w- c:\windows\system32\eslogon.dll

    .

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

    BootExecute REG_MULTI_SZ lsdelete

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

    @="Service"

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

    @="Service"

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    @="Driver"

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

    @="Service"

    .

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

    "EnableFirewall"= 0 (0x0)

    .

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

    "%windir%\\system32\\sessmgr.exe"=

    "c:\\WINDOWS\\system32\\dpvsetup.exe"=

    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=

    "c:\\WINDOWS\\system32\\mmc.exe"=

    "c:\\Programmi\\Autodesk Network License Manager\\adskflex.exe"=

    "c:\\Programmi\\Autodesk Network License Manager\\lmgrd.exe"=

    "c:\\Programmi\\Autodesk VIZ 2005\\3dsviz.exe"=

    "c:\\Programmi\\Messenger\\msmsgs.exe"=

    "c:\\PROGRA~1\\eScan\\DOWNLOAD.EXE"=

    "c:\\PROGRA~1\\eScan\\TRAYICOS.EXE"=

    "c:\\PROGRA~1\\FILECO~1\\MICROW~1\\Agent\\MWAGENT.EXE"=

    "c:\\PROGRA~1\\eScan\\LICENSE.EXE"=

    "c:\\Programmi\\File comuni\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=

    "c:\\Programmi\\Bonjour\\mDNSResponder.exe"=

    "c:\\Programmi\\iTunes\\iTunes.exe"=

    "c:\\Documents and Settings\\alessio\\Dati applicazioni\\Dropbox\\bin\\Dropbox.exe"=

    .

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

    "3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

    .

    R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [08/02/2012 11.29.42 64512]

    R2 ArcGIS License Manager;ArcGIS License Manager;c:\progra~1\ESRI\License\arcgis9x\lmgrd.exe [10/07/2009 17.32.18 1372160]

    R2 EconService;eConServ;c:\progra~1\escan\EconSer.exe [05/05/2010 16.57.46 842760]

    R2 eScan-trayicos;eScan Server-Updater;c:\progra~1\eScan\TRAYSSER.EXE [05/05/2010 16.57.20 272904]

    R2 eScan Monitor Service;eScan Monitor Service;c:\docume~1\ALLUSE~1\DATIAP~1\MICROW~1\eScanBD\avpmapp.exe [05/05/2010 16.57.50 1336504]

    R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\programmi\Viewpoint\Common\ViewpointService.exe [20/01/2009 10.38.19 24652]

    R2 viz 2005;viz 2005;c:\programmi\Autodesk Network License Manager\lmgrd.exe [17/10/2002 8.30.02 607232]

    R3 econceal;MicroWorld Technologies Network Service;c:\windows\system32\drivers\econceal.sys [05/05/2010 17.05.07 26632]

    R3 ProcObsrves;ProcObsrves;c:\progra~1\eScan\ProcObsrves.sys [05/05/2010 16.57.35 17928]

    S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [12/10/2010 14.52.55 135664]

    S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\programmi\Lavasoft\Ad-Aware\AAWService.exe [23/12/2011 7.12.10 2152152]

    S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usbxp.sys [29/01/2010 13.08.49 24832]

    S3 gupdatem;Servizio Google Update (gupdatem);c:\programmi\Google\Update\GoogleUpdate.exe [12/10/2010 14.52.55 135664]

    .

    --- Altri Servizi/Drivers In Memoria ---

    .

    *Deregistered* - Lavasoft Kernexplorer

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

    2007-05-15 15:08 452136 ----a-w- c:\programmi\File comuni\LightScribe\LSRunOnce.exe

    .

    Contenuto della cartella 'Scheduled Tasks'

    .

    2012-02-15 c:\windows\Tasks\Ad-Aware Update (Weekly).job

    - c:\programmi\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-12-23 10:36]

    .

    2012-02-03 c:\windows\Tasks\AppleSoftwareUpdate.job

    - c:\programmi\Apple Software Update\SoftwareUpdate.exe [2011-06-01 10:34]

    .

    2012-02-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

    - c:\programmi\Google\Update\GoogleUpdate.exe [2010-10-12 13:52]

    .

    2012-02-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

    - c:\programmi\Google\Update\GoogleUpdate.exe [2010-10-12 13:52]

    .

    .

    ------- Scansione supplementare -------

    .

    uStart Page = hxxp://www.google.it/

    uInternet Settings,ProxyOverride = *.local

    uSearchAssistant = hxxp://www.google.com/ie

    IE: Converti destinazione link in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

    IE: Converti destinazione link in PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

    IE: Converti in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

    IE: Converti in PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

    IE: Converti link selezionati in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

    IE: Converti link selezionati in PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

    IE: Converti selezione a PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

    IE: Converti selezione in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

    IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

    IE: Google Sidewiki... - c:\programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

    TCP: Interfaces\{3D377DF3-EE1F-4154-8E0B-868F1450E22F}: NameServer = 212.216.112.112

    DPF: {15D151C8-5180-43C1-9360-4D794663BD6E} - hxxp://www.crs.regione.lombardia.it/components/OcsKitCittadino.cab

    DPF: {3263F297-5CB9-4D8C-A2DB-CDFB8C69CB6D} - hxxp://www.crs.regione.lombardia.it/components/OcxCertUpdate.cab

    DPF: {4384AA75-43AB-4095-84F9-C5B35EC62B5D} - hxxp://www.crs.regione.lombardia.it/components/OcxCrsInfo.cab

    DPF: {877E14A6-0ACF-4509-8CF3-E4A0F4ED46F4} - hxxp://supportsiss.lispa.it/components/pdlc.cab

    .

    - - - - CHIAVI ORFANE RIMOSSE - - - -

    .

    WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)

    SafeBoot-WudfPf

    SafeBoot-WudfRd

    AddRemove-AutocompletePro3_is1 - c:\programmi\AutocompletePro\unins000.exe

    .

    .

    .

    **************************************************************************

    .

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [url="http://www.gmer.net"]http://www.gmer.net[/url]

    Rootkit scan 2012-02-15 10:01

    Windows 5.1.2600 Service Pack 3 NTFS

    .

    scansione processi nascosti ...

    .

    scansione entrate autostart nascoste ...

    .

    Scansione files nascosti ...

    .

    Scansione completata con successo

    Files nascosti: 0

    .

    **************************************************************************

    .

    --------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

    .

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|ÿÿÿÿ"•€|þ»Ñw*]

    "0140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

    .

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]

    "0140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

    .

    --------------------- Dlls caricate dai processi in esecuzione ---------------------

    .

    - - - - - - - > 'winlogon.exe'(772)

    c:\windows\system32\Ati2evxx.dll

    c:\windows\system32\atiadlxx.dll

    c:\windows\system32\eSLogOn.dll

    c:\windows\system32\MPRUI.dll

    .

    Ora fine scansione: 2012-02-15 10:03:24

    ComboFix-quarantined-files.txt 2012-02-15 09:03

    .

    Pre-Run: 224'973'680'640 byte disponibili

    Post-Run: 227'744'882'688 byte disponibili

    .

    - - End Of File - - 922BF64B14E0C1057516A3AB9BD92F59
    0
  • Support
    Hi toros,



    You are welcome /smile.png' class='bbc_emoticon' alt=':)' />



    Upload these files to http://www.virustotal.com/ one by one using the "Choose file" button (select reanalysis if asked) and post back the link to the scan report:

    c:\windows\rundll16.exe

    c:\windows\logo1_.exe



    Please, post new DDS logs, too.
    0
  • Customer
    Dear CecilaiB, in the windows folder these files appear as folders and not as file, so it seems not possible to scan them..
    0
  • Support
    Sorry, toros, I missed that. Further investigation shows that those folders probably are created by eScan. I hope the folders are empty.



    Please, post new DDS logs and tell me how the computer is doing now.
    0
  • Customer
    Well, CeciliaB, you are right, both of the folders are empty.

    At the moment windows automatically update is still deactivated, and it is not possible to activate it.



    Here below the new DDS' logs:



    DDS.TXT:

    .

    DDS (Ver_2011-08-26.01) - NTFSx86

    Internet Explorer: 8.0.6001.18702

    Run by alessio at 16:44:18 on 2012-02-15

    Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.2047.1094 [GMT 1:00]

    .

    AV: eScan Anti-Virus (AV) Edition per Windows *Disabled/Updated* {E25EE26A-7512-411E-BAF6-D9AFA504A475}

    AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}

    FW: eScan Anti-Virus (AV) Edition per Windows *Disabled*

    .

    ============== Running Processes ===============

    .

    C:\WINDOWS\system32\Ati2evxx.exe

    C:\WINDOWS\system32\svchost.exe -k DcomLaunch

    svchost.exe

    C:\WINDOWS\System32\svchost.exe -k netsvcs

    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

    svchost.exe

    svchost.exe

    C:\Programmi\Lavasoft\Ad-Aware\AAWService.exe

    C:\WINDOWS\system32\Ati2evxx.exe

    C:\WINDOWS\system32\spoolsv.exe

    svchost.exe

    C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe

    C:\Programmi\Bonjour\mDNSResponder.exe

    C:\WINDOWS\system32\drivers\CDAC11BA.EXE

    c:\progra~1\escan\EconSer.exe

    C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe

    c:\progra~1\escan\eConceal.exe

    C:\DOCUME~1\ALLUSE~1\DATIAP~1\MICROW~1\eScanBD\avpmapp.exe

    C:\PROGRA~1\eScan\TRAYSSER.EXE

    C:\Programmi\Java\jre6\bin\jqs.exe

    C:\Programmi\File comuni\LightScribe\LSSrvc.exe

    C:\PROGRA~1\eScan\consctl.exe

    C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE

    C:\PROGRA~1\FILECO~1\MICROW~1\Agent\MWASER.EXE

    C:\PROGRA~1\FILECO~1\MICROW~1\Agent\MWAgent.exe

    C:\Programmi\File comuni\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe

    C:\WINDOWS\system32\svchost.exe -k imgsvc

    C:\Programmi\Viewpoint\Common\ViewpointService.exe

    C:\Programmi\Autodesk Network License Manager\lmgrd.exe

    C:\Programmi\Autodesk Network License Manager\adskflex.exe

    C:\Programmi\Viewpoint\Viewpoint Manager\ViewMgr.exe

    C:\WINDOWS\system32\wscntfy.exe

    C:\WINDOWS\Explorer.EXE

    C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe

    C:\Programmi\Analog Devices\Core\smax4pnp.exe

    C:\WINDOWS\system32\SSLEmptyCache.exe

    C:\PROGRA~1\eScan\TRAYICOS.EXE

    C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe

    C:\Programmi\File comuni\Java\Java Update\jusched.exe

    C:\Programmi\iTunes\iTunesHelper.exe

    C:\Programmi\File comuni\LightScribe\LightScribeControlPanel.exe

    C:\PROGRA~1\eScan\Vista\eScanMon.exe

    C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe

    C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    C:\Programmi\Lavasoft\Ad-Aware\AAWTray.exe

    C:\Documents and Settings\alessio\Dati applicazioni\Dropbox\bin\Dropbox.exe

    C:\Programmi\iPod\bin\iPodService.exe

    C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe

    C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe

    C:\Programmi\Internet Explorer\iexplore.exe

    C:\Programmi\Internet Explorer\iexplore.exe

    C:\WINDOWS\system32\ctfmon.exe

    .

    ============== Pseudo HJT Report ===============

    .

    uStart Page = hxxp://www.google.it/

    uInternet Settings,ProxyOverride = *.local

    uSearchAssistant = hxxp://www.google.com/ie

    mURLSearchHooks: H - No File

    BHO: HelperObject Class: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\programmi\techsmith\snagit 8\SnagItBHO.dll

    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\programmi\file comuni\adobe\acrobat\activex\AcroIEHelperShim.dll

    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\programmi\google\google toolbar\GoogleToolbar_32.dll

    BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll

    BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\programmi\skype\toolbars\internet explorer\skypeieplugin.dll

    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\programmi\google\googletoolbarnotifier\5.7.7227.1100\swg.dll

    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\programmi\java\jre6\bin\jp2ssv.dll

    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\programmi\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

    TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll

    TB: SnagIt: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\programmi\techsmith\snagit 8\SnagItIEAddin.dll

    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\programmi\google\google toolbar\GoogleToolbar_32.dll

    TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File

    TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File

    uRun: [LightScribe Control Panel] c:\programmi\file comuni\lightscribe\LightScribeControlPanel.exe -hidden

    uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\programmi\file comuni\ahead\lib\NMBgMonitor.exe"

    uRun: [swg] "c:\programmi\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

    mRun: [JMB36X IDE Setup] c:\windows\jm\JMInsIDE.exe

    mRun: [JMB36X Configure] c:\windows\system32\JMRaidSetup.exe boot

    mRun: [Acrobat Assistant 7.0] "c:\programmi\adobe\acrobat 7.0\distillr\Acrotray.exe"

    mRun: [NeroFilterCheck] c:\programmi\file comuni\ahead\lib\NeroCheck.exe

    mRun: [SoundMAXPnP] c:\programmi\analog devices\core\smax4pnp.exe

    mRun: [SSLEmptyCache] c:\windows\system32\SSLEmptyCache.exe

    mRun: [eScan Updater] c:\progra~1\escan\TRAYICOS.EXE /App

    mRun: [MailScan Dispatcher] "c:\progra~1\escan\LAUNCH.EXE" /startup

    mRun: [Adobe Reader Speed Launcher] "c:\programmi\adobe\reader 9.0\reader\Reader_sl.exe"

    mRun: [Adobe ARM] "c:\programmi\file comuni\adobe\arm\1.0\AdobeARM.exe"

    mRun: [QuickTime Task] "c:\programmi\quicktime\qttask.exe" -atboottime

    mRun: [SunJavaUpdateSched] "c:\programmi\file comuni\java\java update\jusched.exe"

    mRun: [APSDaemon] "c:\programmi\file comuni\apple\apple application support\APSDaemon.exe"

    mRun: [iTunesHelper] "c:\programmi\itunes\iTunesHelper.exe"

    StartupFolder: c:\docume~1\alessio\menuav~1\progra~1\esecuz~1\dropbox.lnk - c:\documents and settings\alessio\dati applicazioni\dropbox\bin\Dropbox.exe

    StartupFolder: c:\docume~1\alluse~1\menuav~1\progra~1\esecuz~1\adobeg~1.lnk - c:\programmi\file comuni\adobe\calibration\Adobe Gamma Loader.exe

    StartupFolder: c:\docume~1\alluse~1\menuav~1\progra~1\esecuz~1\avviov~1.lnk - c:\windows\installer\{ac76ba86-1034-4700-7760-000000000002}\SC_Acrobat.exe

    IE: Converti destinazione link in Adobe PDF - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

    IE: Converti destinazione link in PDF esistente - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

    IE: Converti in Adobe PDF - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

    IE: Converti in PDF esistente - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

    IE: Converti link selezionati in Adobe PDF - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

    IE: Converti link selezionati in PDF esistente - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

    IE: Converti selezione a PDF esistente - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

    IE: Converti selezione in Adobe PDF - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

    IE: E&sporta in Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

    IE: Google Sidewiki... - c:\programmi\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\programmi\skype\toolbars\internet explorer\skypeieplugin.dll

    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

    DPF: {15D151C8-5180-43C1-9360-4D794663BD6E} - hxxp://www.crs.regione.lombardia.it/components/OcsKitCittadino.cab

    DPF: {3263F297-5CB9-4D8C-A2DB-CDFB8C69CB6D} - hxxp://www.crs.regione.lombardia.it/components/OcxCertUpdate.cab

    DPF: {3BB1D69B-A780-4BE1-876E-F3D488877135} - hxxp://download.microsoft.com/download/B/8/1/B819F609-76B3-42C6-8B66-D85CC971DCF9/VirtualEarth3D.cab

    DPF: {4384AA75-43AB-4095-84F9-C5B35EC62B5D} - hxxp://www.crs.regione.lombardia.it/components/OcxCrsInfo.cab

    DPF: {877E14A6-0ACF-4509-8CF3-E4A0F4ED46F4} - hxxp://supportsiss.lispa.it/components/pdlc.cab

    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

    TCP: Interfaces\{3D377DF3-EE1F-4154-8E0B-868F1450E22F} : NameServer = 212.216.112.112

    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\programmi\skype\toolbars\internet explorer\skypeieplugin.dll

    Notify: AtiExtEvent - Ati2evxx.dll

    Notify: eSLogOn - eSLogOn.dll

    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

    SEH: Eudora's Shell Extension: {edb0e980-90bd-11d4-8599-0008c7d3b6f8} - c:\programmi\qualcomm\eudora\EuShlExt.dll

    mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\programmi\file comuni\lightscribe\LSRunOnce.exe"

    .

    ============= SERVICES / DRIVERS ===============

    .

    R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2012-2-8 64512]

    R2 ArcGIS License Manager;ArcGIS License Manager;c:\progra~1\esri\license\arcgis9x\lmgrd.exe [2009-7-10 1372160]

    R2 EconService;eConServ;c:\progra~1\escan\EconSer.exe [2010-5-5 842760]

    R2 eScan-trayicos;eScan Server-Updater;c:\progra~1\escan\TRAYSSER.EXE [2010-5-5 272904]

    R2 eScan Monitor Service;eScan Monitor Service;c:\docume~1\alluse~1\datiap~1\microw~1\escanbd\avpmapp.exe [2010-5-5 1336504]

    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\programmi\lavasoft\ad-aware\AAWService.exe [2011-12-23 2152152]

    R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\programmi\viewpoint\common\ViewpointService.exe [2009-1-20 24652]

    R2 viz 2005;viz 2005;c:\programmi\autodesk network license manager\lmgrd.exe [2002-10-17 607232]

    R3 econceal;MicroWorld Technologies Network Service;c:\windows\system32\drivers\econceal.sys [2010-5-5 26632]

    R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\programmi\lavasoft\ad-aware\kernexplorer.sys [2011-12-23 15232]

    R3 ProcObsrves;ProcObsrves;c:\progra~1\escan\ProcObsrves.sys [2010-5-5 17928]

    S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\google\update\GoogleUpdate.exe [2010-10-12 135664]

    S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usbxp.sys [2010-1-29 24832]

    S3 gupdatem;Servizio Google Update (gupdatem);c:\programmi\google\update\GoogleUpdate.exe [2010-10-12 135664]

    .

    =============== Created Last 30 ================

    .

    2012-02-15 08:50:04 98816 ----a-w- c:\windows\sed.exe

    2012-02-15 08:50:04 518144 ----a-w- c:\windows\SWREG.exe

    2012-02-15 08:50:04 256000 ----a-w- c:\windows\PEV.exe

    2012-02-15 08:50:04 208896 ----a-w- c:\windows\MBR.exe

    2012-02-14 12:04:51 -------- d---a-w- c:\windows\rundll16.exe

    2012-02-14 12:04:51 -------- d---a-w- c:\windows\logo1_.exe

    2012-02-08 16:09:54 16432 ----a-w- c:\windows\system32\lsdelete.exe

    2012-02-08 10:36:39 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

    2012-02-08 10:29:42 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys

    2012-02-08 10:29:35 -------- d-----w- c:\programmi\Lavasoft

    2012-02-02 11:04:50 388096 ----a-r- c:\documents and settings\alessio\dati applicazioni\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

    2012-01-31 17:00:24 29184 ----a-w- c:\windows\system32\drivers\usbccid.sys

    .

    ==================== Find3M ====================

    .

    2012-01-11 08:07:47 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

    2011-12-30 08:49:55 1045000 ----a-w- c:\windows\system32\test2.exe

    2011-12-21 12:00:39 54016 ----a-w- c:\windows\system32\drivers\cdsa.sys

    2011-12-21 08:06:23 1858056 ----a-w- c:\windows\system32\contfilt.dll

    2011-12-21 08:06:17 572928 ----a-w- c:\windows\system32\msvcp90.dll

    2011-12-21 08:06:16 655872 ----a-w- c:\windows\system32\msvcr90.dll

    2011-12-10 14:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

    2011-11-25 21:57:07 293888 ----a-w- c:\windows\system32\winsrv.dll

    2011-11-23 14:40:20 1859584 ----a-w- c:\windows\system32\win32k.sys

    2011-11-20 06:12:28 60928 ----a-w- c:\windows\system32\packager.exe

    .

    ============= FINISH: 16.45.31.42 ===============

    Attach.txt:



    .

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

    IF REQUESTED, ZIP IT UP & ATTACH IT

    .

    DDS (Ver_2011-08-26.01)

    .

    Microsoft Windows XP Professional

    Boot Device: \Device\HarddiskVolume1

    Install Date: 19/10/2007 10.45.26

    System Uptime: 15/02/2012 16.33.28 (0 hours ago)

    .

    Motherboard: ASUSTeK Computer INC. | | P5B

    Processor: Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz | Socket 775 | 2329/333mhz

    .

    ==== Disk Partitions =========================

    .

    A: is Removable

    C: is FIXED (NTFS) - 298 GiB total, 212.097 GiB free.

    D: is CDROM ()

    Z: is NetworkDisk (NTFS) - 75 GiB total, 7.568 GiB free.

    .

    ==== Disabled Device Manager Items =============

    .

    Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}

    Description: Nokia Windows Portable Device Driver

    Device ID: ROOT\WPD\0000

    Manufacturer: Nokia

    Name: N78

    PNP Device ID: ROOT\WPD\0000

    Service: WUDFRd

    .

    ==== System Restore Points ===================

    .

    RP456: 17/11/2011 16.17.04 - Punto di arresto del sistema

    RP457: 18/11/2011 16.57.10 - Punto di arresto del sistema

    RP458: 21/11/2011 13.57.46 - Punto di arresto del sistema

    RP459: 22/11/2011 17.37.13 - Punto di arresto del sistema

    RP460: 24/11/2011 9.38.55 - Punto di arresto del sistema

    RP461: 25/11/2011 11.01.03 - Punto di arresto del sistema

    RP462: 29/11/2011 10.06.40 - Punto di arresto del sistema

    RP463: 30/11/2011 10.45.20 - Punto di arresto del sistema

    RP464: 01/12/2011 11.20.49 - Punto di arresto del sistema

    RP465: 02/12/2011 11.59.50 - Punto di arresto del sistema

    RP466: 05/12/2011 14.36.58 - Punto di arresto del sistema

    RP467: 06/12/2011 14.37.21 - Punto di arresto del sistema

    RP468: 07/12/2011 15.55.50 - Punto di arresto del sistema

    RP469: 09/12/2011 10.14.43 - Punto di arresto del sistema

    RP470: 12/12/2011 10.36.57 - Punto di arresto del sistema

    RP471: 13/12/2011 11.00.09 - Punto di arresto del sistema

    RP472: 14/12/2011 9.42.30 - Software Distribution Service 3.0

    RP473: 15/12/2011 10.12.25 - Punto di arresto del sistema

    RP474: 16/12/2011 15.10.18 - Punto di arresto del sistema

    RP475: 19/12/2011 11.41.02 - Punto di arresto del sistema

    RP476: 20/12/2011 14.39.39 - Punto di arresto del sistema

    RP477: 21/12/2011 14.51.48 - Punto di arresto del sistema

    RP478: 22/12/2011 15.31.46 - Punto di arresto del sistema

    RP479: 23/12/2011 17.37.37 - Punto di arresto del sistema

    RP480: 27/12/2011 9.34.30 - Punto di arresto del sistema

    RP481: 28/12/2011 14.44.45 - Punto di arresto del sistema

    RP482: 30/12/2011 10.06.33 - Punto di arresto del sistema

    RP483: 09/01/2012 9.55.29 - Punto di arresto del sistema

    RP484: 10/01/2012 12.49.49 - Punto di arresto del sistema

    RP485: 11/01/2012 13.48.37 - Punto di arresto del sistema

    RP486: 11/01/2012 19.02.25 - Software Distribution Service 3.0

    RP487: 13/01/2012 10.10.10 - Punto di arresto del sistema

    RP488: 14/01/2012 11.31.18 - Punto di arresto del sistema

    RP489: 16/01/2012 10.58.02 - Punto di arresto del sistema

    RP490: 17/01/2012 12.48.33 - Punto di arresto del sistema

    RP491: 18/01/2012 14.45.37 - Punto di arresto del sistema

    RP492: 20/01/2012 14.29.14 - Punto di arresto del sistema

    RP493: 23/01/2012 12.22.17 - Punto di arresto del sistema

    RP494: 24/01/2012 10.50.37 - Removed Skype™ 5.5

    RP495: 25/01/2012 11.27.19 - Punto di arresto del sistema

    RP497: 27/01/2012 9.17.15 - Software Distribution Service 3.0

    RP498: 30/01/2012 12.42.21 - Punto di arresto del sistema

    RP499: 01/02/2012 11.13.58 - Punto di arresto del sistema

    RP500: 02/02/2012 11.21.45 - Punto di arresto del sistema

    RP501: 02/02/2012 12.04.48 - Installed HiJackThis

    RP502: 03/02/2012 14.49.30 - Punto di arresto del sistema

    RP503: 06/02/2012 11.10.54 - Punto di arresto del sistema

    RP504: 07/02/2012 11.31.38 - Punto di arresto del sistema

    RP505: 08/02/2012 11.29.03 - Installed Ad-Aware

    RP506: 08/02/2012 11.29.33 - Installed Ad-Aware

    RP507: 09/02/2012 12.07.43 - Punto di arresto del sistema

    RP508: 14/02/2012 9.41.20 - Punto di arresto del sistema

    RP509: 15/02/2012 9.41.02 - pre combofix

    .

    ==== Installed Programs ======================

    .

    2007 Microsoft Office system

    Ad-Aware

    Adobe Acrobat 7.0 Professional - Español, Italiano, Português

    Adobe Acrobat 7.1.0 Professional - Español, Italiano, Português

    Adobe Flash Player 10 Plugin

    Adobe Flash Player 11 ActiveX

    Adobe Photoshop CS

    Adobe Reader 9.4.4 - Italiano

    Adobe Shockwave Player 11.6

    Adobe SVG Viewer 3.0

    Advanced PDF Password Recovery

    Aggiornamento critico per Windows Media Player 11 (KB959772)

    Aggiornamento della protezione per Windows Internet Explorer 7 (KB938127)

    Aggiornamento della protezione per Windows Internet Explorer 7 (KB942615)

    Aggiornamento della protezione per Windows Internet Explorer 7 (KB944533)

    Aggiornamento della protezione per Windows Internet Explorer 7 (KB950759)

    Aggiornamento della protezione per Windows Internet Explorer 7 (KB953838)

    Aggiornamento della protezione per Windows Internet Explorer 7 (KB956390)

    Aggiornamento della protezione per Windows Internet Explorer 7 (KB958215)

    Aggiornamento della protezione per Windows Internet Explorer 7 (KB960714)

    Aggiornamento della protezione per Windows Internet Explorer 7 (KB961260)

    Aggiornamento della protezione per Windows Internet Explorer 7 (KB963027)

    Aggiornamento della protezione per Windows Internet Explorer 7 (KB976325)

    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2183461)

    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2360131)

    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2416400)

    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2482017)

    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2497640)

    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2510531)

    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2530548)

    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2544521)

    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2559049)

    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2586448)

    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2618444)

    Aggiornamento della protezione per Windows Internet Explorer 8 (KB971961)

    Aggiornamento della protezione per Windows Internet Explorer 8 (KB976325)

    Aggiornamento della protezione per Windows Internet Explorer 8 (KB978207)

    Aggiornamento della protezione per Windows Internet Explorer 8 (KB981332)

    Aggiornamento della protezione per Windows Internet Explorer 8 (KB982381)

    Aggiornamento della protezione per Windows Media Player (KB2378111)

    Aggiornamento della protezione per Windows Media Player (KB911564)

    Aggiornamento della protezione per Windows Media Player (KB952069)

    Aggiornamento della protezione per Windows Media Player (KB954155)

    Aggiornamento della protezione per Windows Media Player (KB968816)

    Aggiornamento della protezione per Windows Media Player (KB973540)

    Aggiornamento della protezione per Windows Media Player (KB975558)

    Aggiornamento della protezione per Windows Media Player (KB978695)

    Aggiornamento della protezione per Windows Media Player 11 (KB936782)

    Aggiornamento della protezione per Windows Media Player 11 (KB954154)

    Aggiornamento della protezione per Windows Media Player 6.4 (KB925398)

    Aggiornamento della protezione per Windows Media Player 9 (KB936782)

    Aggiornamento della protezione per Windows XP (KB2079403)

    Aggiornamento della protezione per Windows XP (KB2115168)

    Aggiornamento della protezione per Windows XP (KB2121546)

    Aggiornamento della protezione per Windows XP (KB2160329)

    Aggiornamento della protezione per Windows XP (KB2229593)

    Aggiornamento della protezione per Windows XP (KB2259922)

    Aggiornamento della protezione per Windows XP (KB2279986)

    Aggiornamento della protezione per Windows XP (KB2286198)

    Aggiornamento della protezione per Windows XP (KB2296011)

    Aggiornamento della protezione per Windows XP (KB2296199)

    Aggiornamento della protezione per Windows XP (KB2347290)

    Aggiornamento della protezione per Windows XP (KB2360937)

    Aggiornamento della protezione per Windows XP (KB2387149)

    Aggiornamento della protezione per Windows XP (KB2393802)

    Aggiornamento della protezione per Windows XP (KB2412687)

    Aggiornamento della protezione per Windows XP (KB2419632)

    Aggiornamento della protezione per Windows XP (KB2423089)

    Aggiornamento della protezione per Windows XP (KB2436673)

    Aggiornamento della protezione per Windows XP (KB2440591)

    Aggiornamento della protezione per Windows XP (KB2443105)

    Aggiornamento della protezione per Windows XP (KB2476490)

    Aggiornamento della protezione per Windows XP (KB2476687)

    Aggiornamento della protezione per Windows XP (KB2478960)

    Aggiornamento della protezione per Windows XP (KB2478971)

    Aggiornamento della protezione per Windows XP (KB2479628)

    Aggiornamento della protezione per Windows XP (KB2479943)

    Aggiornamento della protezione per Windows XP (KB2481109)

    Aggiornamento della protezione per Windows XP (KB2483185)

    Aggiornamento della protezione per Windows XP (KB2485376)

    Aggiornamento della protezione per Windows XP (KB2485663)

    Aggiornamento della protezione per Windows XP (KB2503658)

    Aggiornamento della protezione per Windows XP (KB2503665)

    Aggiornamento della protezione per Windows XP (KB2506212)

    Aggiornamento della protezione per Windows XP (KB2506223)

    Aggiornamento della protezione per Windows XP (KB2507618)

    Aggiornamento della protezione per Windows XP (KB2507938)

    Aggiornamento della protezione per Windows XP (KB2508272)

    Aggiornamento della protezione per Windows XP (KB2508429)

    Aggiornamento della protezione per Windows XP (KB2509553)

    Aggiornamento della protezione per Windows XP (KB2511455)

    Aggiornamento della protezione per Windows XP (KB2524375)

    Aggiornamento della protezione per Windows XP (KB2535512)

    Aggiornamento della protezione per Windows XP (KB2536276-v2)

    Aggiornamento della protezione per Windows XP (KB2536276)

    Aggiornamento della protezione per Windows XP (KB2544893-v2)

    Aggiornamento della protezione per Windows XP (KB2544893)

    Aggiornamento della protezione per Windows XP (KB2555917)

    Aggiornamento della protezione per Windows XP (KB2562937)

    Aggiornamento della protezione per Windows XP (KB2566454)

    Aggiornamento della protezione per Windows XP (KB2567053)

    Aggiornamento della protezione per Windows XP (KB2567680)

    Aggiornamento della protezione per Windows XP (KB2570222)

    Aggiornamento della protezione per Windows XP (KB2570947)

    Aggiornamento della protezione per Windows XP (KB2584146)

    Aggiornamento della protezione per Windows XP (KB2585542)

    Aggiornamento della protezione per Windows XP (KB2592799)

    Aggiornamento della protezione per Windows XP (KB2598479)

    Aggiornamento della protezione per Windows XP (KB2603381)

    Aggiornamento della protezione per Windows XP (KB2618451)

    Aggiornamento della protezione per Windows XP (KB2619339)

    Aggiornamento della protezione per Windows XP (KB2620712)

    Aggiornamento della protezione per Windows XP (KB2624667)

    Aggiornamento della protezione per Windows XP (KB2631813)

    Aggiornamento della protezione per Windows XP (KB2633171)

    Aggiornamento della protezione per Windows XP (KB2639417)

    Aggiornamento della protezione per Windows XP (KB2646524)

    Aggiornamento della protezione per Windows XP (KB923561)

    Aggiornamento della protezione per Windows XP (KB923689)

    Aggiornamento della protezione per Windows XP (KB938464-v2)

    Aggiornamento della protezione per Windows XP (KB938464)

    Aggiornamento della protezione per Windows XP (KB941569)

    Aggiornamento della protezione per Windows XP (KB946648)

    Aggiornamento della protezione per Windows XP (KB950760)

    Aggiornamento della protezione per Windows XP (KB950762)

    Aggiornamento della protezione per Windows XP (KB950974)

    Aggiornamento della protezione per Windows XP (KB951066)

    Aggiornamento della protezione per Windows XP (KB951376-v2)

    Aggiornamento della protezione per Windows XP (KB951376)

    Aggiornamento della protezione per Windows XP (KB951698)

    Aggiornamento della protezione per Windows XP (KB951748)

    Aggiornamento della protezione per Windows XP (KB952004)

    Aggiornamento della protezione per Windows XP (KB952954)

    Aggiornamento della protezione per Windows XP (KB953839)

    Aggiornamento della protezione per Windows XP (KB954211)

    Aggiornamento della protezione per Windows XP (KB954459)

    Aggiornamento della protezione per Windows XP (KB954600)

    Aggiornamento della protezione per Windows XP (KB955069)

    Aggiornamento della protezione per Windows XP (KB956391)

    Aggiornamento della protezione per Windows XP (KB956572)

    Aggiornamento della protezione per Windows XP (KB956744)

    Aggiornamento della protezione per Windows XP (KB956802)

    Aggiornamento della protezione per Windows XP (KB956803)

    Aggiornamento della protezione per Windows XP (KB956841)

    Aggiornamento della protezione per Windows XP (KB956844)

    Aggiornamento della protezione per Windows XP (KB957095)

    Aggiornamento della protezione per Windows XP (KB957097)

    Aggiornamento della protezione per Windows XP (KB958644)

    Aggiornamento della protezione per Windows XP (KB958687)

    Aggiornamento della protezione per Windows XP (KB958690)

    Aggiornamento della protezione per Windows XP (KB958869)

    Aggiornamento della protezione per Windows XP (KB959426)

    Aggiornamento della protezione per Windows XP (KB960225)

    Aggiornamento della protezione per Windows XP (KB960715)

    Aggiornamento della protezione per Windows XP (KB960803)

    Aggiornamento della protezione per Windows XP (KB960859)

    Aggiornamento della protezione per Windows XP (KB961371)

    Aggiornamento della protezione per Windows XP (KB961373)

    Aggiornamento della protezione per Windows XP (KB961501)

    Aggiornamento della protezione per Windows XP (KB968537)

    Aggiornamento della protezione per Windows XP (KB969059)

    Aggiornamento della protezione per Windows XP (KB969898)

    Aggiornamento della protezione per Windows XP (KB969947)

    Aggiornamento della protezione per Windows XP (KB970238)

    Aggiornamento della protezione per Windows XP (KB970430)

    Aggiornamento della protezione per Windows XP (KB971468)

    Aggiornamento della protezione per Windows XP (KB971486)

    Aggiornamento della protezione per Windows XP (KB971557)

    Aggiornamento della protezione per Windows XP (KB971633)

    Aggiornamento della protezione per Windows XP (KB971657)

    Aggiornamento della protezione per Windows XP (KB971961)

    Aggiornamento della protezione per Windows XP (KB972270)

    Aggiornamento della protezione per Windows XP (KB973346)

    Aggiornamento della protezione per Windows XP (KB973354)

    Aggiornamento della protezione per Windows XP (KB973507)

    Aggiornamento della protezione per Windows XP (KB973525)

    Aggiornamento della protezione per Windows XP (KB973869)

    Aggiornamento della protezione per Windows XP (KB973904)

    Aggiornamento della protezione per Windows XP (KB974112)

    Aggiornamento della protezione per Windows XP (KB974318)

    Aggiornamento della protezione per Windows XP (KB974392)

    Aggiornamento della protezione per Windows XP (KB974571)

    Aggiornamento della protezione per Windows XP (KB975025)

    Aggiornamento della protezione per Windows XP (KB975467)

    Aggiornamento della protezione per Windows XP (KB975560)

    Aggiornamento della protezione per Windows XP (KB975561)

    Aggiornamento della protezione per Windows XP (KB975562)

    Aggiornamento della protezione per Windows XP (KB975713)

    Aggiornamento della protezione per Windows XP (KB977165)

    Aggiornamento della protezione per Windows XP (KB977816)

    Aggiornamento della protezione per Windows XP (KB977914)

    Aggiornamento della protezione per Windows XP (KB978037)

    Aggiornamento della protezione per Windows XP (KB978251)

    Aggiornamento della protezione per Windows XP (KB978262)

    Aggiornamento della protezione per Windows XP (KB978338)

    Aggiornamento della protezione per Windows XP (KB978542)

    Aggiornamento della protezione per Windows XP (KB978601)

    Aggiornamento della protezione per Windows XP (KB978706)

    Aggiornamento della protezione per Windows XP (KB979309)

    Aggiornamento della protezione per Windows XP (KB979482)

    Aggiornamento della protezione per Windows XP (KB979559)

    Aggiornamento della protezione per Windows XP (KB979683)

    Aggiornamento della protezione per Windows XP (KB979687)

    Aggiornamento della protezione per Windows XP (KB980195)

    Aggiornamento della protezione per Windows XP (KB980218)

    Aggiornamento della protezione per Windows XP (KB980232)

    Aggiornamento della protezione per Windows XP (KB980436)

    Aggiornamento della protezione per Windows XP (KB981322)

    Aggiornamento della protezione per Windows XP (KB981852)

    Aggiornamento della protezione per Windows XP (KB981957)

    Aggiornamento della protezione per Windows XP (KB981997)

    Aggiornamento della protezione per Windows XP (KB982132)

    Aggiornamento della protezione per Windows XP (KB982214)

    Aggiornamento della protezione per Windows XP (KB982665)

    Aggiornamento della protezione per Windows XP (KB982802)

    Aggiornamento della sicurezza per Microsoft Windows (KB2564958)

    Aggiornamento per Windows Internet Explorer 8 (KB2598845)

    Aggiornamento per Windows Internet Explorer 8 (KB2632503)

    Aggiornamento per Windows Internet Explorer 8 (KB975364)

    Aggiornamento per Windows Internet Explorer 8 (KB976662)

    Aggiornamento per Windows Internet Explorer 8 (KB980182)

    Aggiornamento per Windows XP (KB2141007)

    Aggiornamento per Windows XP (KB2345886)

    Aggiornamento per Windows XP (KB2467659)

    Aggiornamento per Windows XP (KB2492386)

    Aggiornamento per Windows XP (KB2541763)

    Aggiornamento per Windows XP (KB2607712)

    Aggiornamento per Windows XP (KB2616676)

    Aggiornamento per Windows XP (KB2641690)

    Aggiornamento per Windows XP (KB951072-v2)

    Aggiornamento per Windows XP (KB951978)

    Aggiornamento per Windows XP (KB955759)

    Aggiornamento per Windows XP (KB955839)

    Aggiornamento per Windows XP (KB967715)

    Aggiornamento per Windows XP (KB968389)

    Aggiornamento per Windows XP (KB971029)

    Aggiornamento per Windows XP (KB971737)

    Aggiornamento per Windows XP (KB973687)

    Aggiornamento per Windows XP (KB973815)

    Aggiornamento rapido per Windows Internet Explorer 7 (KB947864)

    Aggiornamento rapido per Windows Media Player 11 (KB939683)

    Aggiornamento rapido per Windows XP (KB2158563)

    Aggiornamento rapido per Windows XP (KB2443685)

    Aggiornamento rapido per Windows XP (KB2570791)

    Aggiornamento rapido per Windows XP (KB2633952)

    Aggiornamento rapido per Windows XP (KB942288-v3)

    Aggiornamento rapido per Windows XP (KB952287)

    Aggiornamento rapido per Windows XP (KB961118)

    Aggiornamento rapido per Windows XP (KB970653-v3)

    Aggiornamento rapido per Windows XP (KB976098-v2)

    Aggiornamento rapido per Windows XP (KB979306)

    Aggiornamento rapido per Windows XP (KB981793)

    Apple Application Support

    Apple Mobile Device Support

    Apple Software Update

    ArcGIS Desktop

    ArcGIS License Manager

    ATI Catalyst Control Center

    ATI Catalyst Install Manager

    ATI HYDRAVISION

    ATI Parental Control & Encoder

    ATI Problem Report Wizard

    AutoCAD 2008 - Italiano

    Autodesk Design Review 2010

    Autodesk DWF Viewer

    Autodesk DWF Viewer 7

    Autodesk Network License Manager

    Autodesk Revit Architecture 2010

    Autodesk VIZ 2005

    AVIVO

    Axtro

    Axtro (C:\Programmi\Axtro\)

    Bing Maps 3D

    Bit4Id - PdL Cittadino per la CRS di Regione Lombardia - 1.2.12

    Bonjour

    Catalyst Control Center - Branding

    Catalyst Control Center Core Implementation

    Catalyst Control Center Graphics Full Existing

    Catalyst Control Center Graphics Full New

    Catalyst Control Center Graphics Light

    Catalyst Control Center Graphics Previews Common

    Catalyst Control Center HydraVision Full

    Catalyst Control Center InstallProxy

    Catalyst Control Center Localization Chinese Standard

    Catalyst Control Center Localization Chinese Traditional

    Catalyst Control Center Localization Czech

    Catalyst Control Center Localization Danish

    Catalyst Control Center Localization Dutch

    Catalyst Control Center Localization Finnish

    Catalyst Control Center Localization French

    Catalyst Control Center Localization German

    Catalyst Control Center Localization Greek

    Catalyst Control Center Localization Hungarian

    Catalyst Control Center Localization Italian

    Catalyst Control Center Localization Japanese

    Catalyst Control Center Localization Korean

    Catalyst Control Center Localization Norwegian

    Catalyst Control Center Localization Polish

    Catalyst Control Center Localization Portuguese

    Catalyst Control Center Localization Russian

    Catalyst Control Center Localization Spanish

    Catalyst Control Center Localization Swedish

    Catalyst Control Center Localization Thai

    Catalyst Control Center Localization Turkish

    ccc-core-preinstall

    ccc-core-static

    ccc-utility

    CCC Help Chinese Standard

    CCC Help Chinese Traditional

    CCC Help Czech

    CCC Help Danish

    CCC Help Dutch

    CCC Help English

    CCC Help Finnish

    CCC Help French

    CCC Help German

    CCC Help Greek

    CCC Help Hungarian

    CCC Help Italian

    CCC Help Japanese

    CCC Help Korean

    CCC Help Norwegian

    CCC Help Polish

    CCC Help Portuguese

    CCC Help Russian

    CCC Help Spanish

    CCC Help Swedish

    CCC Help Thai

    CCC Help Turkish

    CENED - Regione Lombardia

    Cened+

    Core Temp version 0.99.8

    CRS Kit 1.0

    CRS Manager 3.1.2.0

    Dropbox

    EchoGema4.0

    ER Mapper ECW JPEG 2000 Plug-in for Firefox [3.4.0.242]

    ERDAS ECW JPEG 2000 Plug-in for Internet Explorer [9.3.2.66]

    eScan Anti-Virus (AV) Edition per Windows

    Eudora

    FlashCAD_Composer

    GemaVap4

    Google Earth

    Google SketchUp 6

    Google SketchUp 6 Exporters

    Google SketchUp 8

    Google SketchUp LayOut 6

    Google SketchUp Pro 6

    Google Toolbar for Internet Explorer

    Google Update Helper

    High Definition Audio Driver Package - KB888111

    HiJackThis

    HijackThis 2.0.2

    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)

    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)

    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)

    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)

    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)

    Hotfix for Windows Media Format 11 SDK (KB929399)

    Hotfix for Windows XP (KB954550-v5)

    Hotfix for Windows XP (KB976002-v5)

    Hotfix per Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)

    iTunes

    Java Auto Updater

    Java DB 10.4.2.1

    Java(TM) 6 Update 26

    Java(TM) SE Development Kit 6 Update 17

    JMB36X Raid Configurer

    LightScribe 1.6.45.1

    Malwarebytes Anti-Malware versione 1.60.1.1000

    Master Converter

    MetraLib 4

    Microsoft .NET Framework 1.1

    Microsoft .NET Framework 1.1 Italian Language Pack

    Microsoft .NET Framework 1.1 Security Update (KB2656353)

    Microsoft .NET Framework 1.1 Security Update (KB979906)

    Microsoft .NET Framework 2.0 Service Pack 2

    Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - ITA

    Microsoft .NET Framework 3.0 Service Pack 2

    Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - ITA

    Microsoft .NET Framework 3.5 - Language Pack SP1 (italiano)

    Microsoft .NET Framework 3.5 Language Pack SP1 - ita

    Microsoft .NET Framework 3.5 SP1

    Microsoft Compression Client Pack 1.0 for Windows XP

    Microsoft Internationalized Domain Names Mitigation APIs

    Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

    Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

    Microsoft National Language Support Downlevel APIs

    Microsoft Office 2007 Service Pack 3 (SP3)

    Microsoft Office Access MUI (Italian) 2007

    Microsoft Office Excel MUI (Italian) 2007

    Microsoft Office Outlook MUI (Italian) 2007

    Microsoft Office PowerPoint MUI (Italian) 2007

    Microsoft Office Professional Hybrid 2007

    Microsoft Office Proof (English) 2007

    Microsoft Office Proof (French) 2007

    Microsoft Office Proof (German) 2007

    Microsoft Office Proof (Italian) 2007

    Microsoft Office Proofing (Italian) 2007

    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

    Microsoft Office Publisher MUI (Italian) 2007

    Microsoft Office Shared MUI (Italian) 2007

    Microsoft Office Word MUI (Italian) 2007

    Microsoft Silverlight

    Microsoft Software Update for Web Folders (Italian) 12

    Microsoft User-Mode Driver Framework Feature Pack 1.9

    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

    Microsoft Visual C++ 2005 Redistributable

    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

    Microsoft Visual Studio Tools for Applications 2.0 - ENU

    Microsoft Visual Studio Tools for Applications 2.0 Language Pack - ITA

    Microsoft Visual Studio Tools for Applications 2.0 Runtime

    Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - ITA

    MSVC80_x86

    MSXML 4.0 SP2 (KB936181)

    MSXML 4.0 SP2 (KB954430)

    MSXML 4.0 SP2 (KB973688)

    MSXML 6.0 Parser (KB933579)

    Nero 7 Essentials

    neroxml

    Pacchetto driver Windows - Microsoft (USBCCID) SmartCardReader (08/01/2006 5.2.3790.2724)

    Pacchetto driver Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)

    Pacchetto provider Microsoft servizio crittografia smart card di base

    Paint Shop Pro 7

    PAN S

    PC Connectivity Solution

    PC Wizard 2008.1.84

    PltPlotter 1.0

    ProntoDLgs311

    Python 2.5 numpy-1.0.3

    Python 2.5.1

    QuickTime

    REALTEK GbE & FE Ethernet PCI-E NIC Driver

    Revit Architecture 2008

    SafeCast Shared Components

    Security Update for CAPICOM (KB931906)

    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

    Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

    Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

    Sentinel Protection Installer 7.2.2

    Sentinel System Driver

    Skins

    Skype Click to Call

    SnagIt 8

    Software per stampante EPSON

    SoundMAX

    Spelling Dictionaries Support For Adobe Reader 9

    Suite Aster 4.1.10

    swMSM

    TerMus-G v.14.00a

    The Lord of the Rings FREE Trial

    THERM5

    Tweak UI

    Update for 2007 Microsoft Office System (KB967642)

    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

    Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition

    Update for Microsoft Office 2007 suites (KB2596686) 32-Bit Edition

    Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition

    Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition

    VBA (2627.01)

    VBA (2627.3)

    Viewpoint Manager (Remove Only)

    Viewpoint Media Player

    Visual Basic for Applications (R) Core

    Visual Basic for Applications (R) Core - English

    Vita Interactive Engine

    WebFldrs XP

    Windows Genuine Advantage Notifications (KB905474)

    Windows Genuine Advantage Validation Tool (KB892130)

    Windows Imaging Component

    Windows Internet Explorer 7

    Windows Internet Explorer 8

    Windows Media Format 11 runtime

    Windows Media Player 11

    Windows Presentation Foundation

    Windows XP Service Pack 3

    WinRAR gestione archivi

    WinZip

    XML Paper Specification Shared Components Language Pack 1.0

    XML Paper Specification Shared Components Pack 1.0

    Xvid 1.2.2 final uninstall

    .

    ==== End Of File ===========================
    0
  • Customer
    P.s.: when I went to look for c:\windows\rundll16.exe and c:\windows\logo1_.exe, e-scan antivirus blocked c:\windows\NIRCMD.exe and quarantined it because of the worm Tool-NirCmd.TE (ES).
    0
  • Support
    Toros, is it possible for you to visit Windows Update web page?

    Do you get an error message when you try to activate Windows Update?



    Nircmd.exe is a part of ComboFix and it is a false positive. If you can inform the eScan company that, it would be nice.



    1.

    Save TDSSKiller on the Desktop:

    [url=http://support.kaspersky.com/downloads/utils/tdsskiller.zip]http://support.kaspersky.com/downloads/utils/tdsskiller.zip[/url]



    Right-click and select [b]Extract all[/b]. Remember the location of the extracted file.

    Turn off all programs.

    Run the program TDSSKiller.exe which is the file you extracted.



    Click on [b]Start Scan[/b].



    If any threats are found select [b]Cure [/b]and click [b]Continue[/b]. If [b]Cure [/b]isn't available select [b]Skip. [/b]Do NOT select Quarantine or Delete.

    The computer might need a restart.



    Paste the content of the TDSSKiller log which is located in the folder C:\ with the name TDSSKiller followed by version and time.



    2.

    Please, let aswMBR scan the computer, see http://public.avast.com/~gmerek/aswMBR.htm



    Follow only the first section, 'How to scan' and don't try to fix anything. Post its log.



    3.

    Scan the computer with eScan and Ad-Aware. If the programs find any malicious files, please post their logs (what they found).
    0
  • Customer
    Dear CeciliaB, yes it is possible to visit Windows Update web page. And, no, I didn't get an error message when I Tryed to activate WU. I updated it.

    Now I'll do what you asked for.

    Wait.
    0
  • Customer
    eScan: I did a Memory, registry, service and sistem folders scan:



    15 feb 2012 18:07:12 - **********************************************************

    15 feb 2012 18:07:12 - Modulo eScan Anti Virus & Spyware.

    15 feb 2012 18:07:12 - Copyright © 2003-2006, MicroWorld Technologies Inc.

    15 feb 2012 18:07:12 - **********************************************************

    15 feb 2012 18:07:12 - Versione 12.0.198

    15 feb 2012 18:07:12 - File log: C:\Programmi\eScan\LOG\15020000.LOG

    15 feb 2012 18:07:12 - Data e ora ultima scansione: 14.02.2012 13:00:20

    15 feb 2012 18:07:12 - MWAV Registered: TRUE

    15 feb 2012 18:07:12 - User Account: alessio (Administrator Mode)

    15 feb 2012 18:07:12 - OS Type: Windows Workstation

    15 feb 2012 18:07:12 - OS: Windows XP [OS Install Date: 19 Oct 2007 09:45:26]

    15 feb 2012 18:07:12 - Ver: Service Pack 3 (Build 2600)

    15 feb 2012 18:07:12 - System Up Time: 19 Minutes, 54 Seconds



    15 feb 2012 18:07:12 - Parent Process Name : C:\Programmi\eScan\escanpro.exe

    15 feb 2012 18:07:12 - Windows Root Folder: C:\WINDOWS

    15 feb 2012 18:07:12 - Windows Sys32 Folder: C:\WINDOWS\system32

    15 feb 2012 18:07:12 - Interface0 NameServer: 212.216.112.112

    15 feb 2012 18:07:12 - Local Fixed Drives: c:\

    15 feb 2012 18:07:12 - MWAV Mode: Scan and Clean files (for viruses, adware and spyware)

    15 feb 2012 18:07:12 - Opzioni riga di comando: /pipe=4716escan /Log=C:\PROGRA~1\eScan\Log\15020000.log /SC /LOGINFECT /MAXFILESIZE=5 /MEM /REG /SER /SYSFOLDER /S

    15 feb 2012 18:07:13 - Loading/Creating FileScan Database C:\Documents and Settings\All Users\Dati applicazioni\MicroWorld\MWAV\ESCANDBX.MDB [Log: C:\PROGRA~1\ESCAN\LOG\ESCANDB.LOG]

    15 feb 2012 18:07:13 - Loaded/Created FileScan Database...

    15 feb 2012 18:07:13 - Loading AV Library [DB]...

    15 feb 2012 18:07:16 - AV Library Loaded [IPC].



    15 feb 2012 18:07:16 - **********************************************************

    15 feb 2012 18:07:16 - Modulo eScan Anti Virus & Spyware.

    15 feb 2012 18:07:16 - Copyright © 2003-2006, MicroWorld Technologies Inc.

    15 feb 2012 18:07:16 -

    15 feb 2012 18:07:16 - Supporto: [email="assistenza@labinfo.it"]assistenza@labinfo.it[/email]

    15 feb 2012 18:07:16 - Web: [url="http://www.labinfo.it"]http://www.labinfo.it[/url]

    15 feb 2012 18:07:16 - **********************************************************

    15 feb 2012 18:07:16 - Versione 12.0.198[IPC]

    15 feb 2012 18:07:16 - File log: C:\Programmi\eScan\LOG\15020000.LOG

    15 feb 2012 18:07:16 - User Account: alessio (Administrator Mode)

    15 feb 2012 18:07:16 - Parent Process Name : C:\Programmi\eScan\escanpro.exe

    15 feb 2012 18:07:16 - Windows Root Folder: C:\WINDOWS

    15 feb 2012 18:07:16 - Windows Sys32 Folder: C:\WINDOWS\system32

    15 feb 2012 18:07:16 - OS: Windows XP [OS Install Date: 19 Oct 2007 09:45:26]

    15 feb 2012 18:07:16 - Ver: Service Pack 3 (Build 2600)



    15 feb 2012 18:07:16 - Opzioni impostate dall'utente:

    15 feb 2012 18:07:16 - Verifica memoria: Abilitata

    15 feb 2012 18:07:16 - Verifica registry: Abilitata

    15 feb 2012 18:07:16 - Verifica Esecuzione automatica: Disabilitata

    15 feb 2012 18:07:16 - Verifica cartelle di sistema: Abilitata

    15 feb 2012 18:07:16 - Verifica servizi: Abilitata

    15 feb 2012 18:07:16 - Scan Spyware: Disabilitata

    15 feb 2012 18:07:16 - Opzione verifica unità disabilitata

    15 feb 2012 18:07:16 - Verifica cartella: Disabilitata

    15 feb 2012 18:07:16 - SCAN: All_Files

    15 feb 2012 18:07:16 - MWAV Mode: Scan and Clean files (for viruses, adware and spyware)



    15 feb 2012 18:07:16 - Scansione Master Boot Record (Kernel)...



    15 feb 2012 18:07:18 - ***** Scansione memoria *****



    15 feb 2012 18:07:36 - ***** Scansione registry *****



    15 feb 2012 18:07:43 - ***** Scansione servizi *****

    15 feb 2012 18:07:48 - ERROR(2)!!! Invalid Entry \??\C:\DOCUME~1\alessio\IMPOST~1\Temp\aswMBR.sys. Action Taken: Removing HKLM\SYSTEM\CurrentControlSet\Services\aswMBR.



    15 feb 2012 18:07:48 - ***** Scansione cartelle di sistema *****





    15 feb 2012 18:10:18 - ***** Ricerca virus ITW *****



    15 feb 2012 18:10:18 - ***** Scansione completa. *****



    15 feb 2012 18:10:18 - Numero totale di file scansionati: 4129

    15 feb 2012 18:10:18 - Numero totale di virus trovati: 0

    15 feb 2012 18:10:18 - Numero totale di file disinfettati: 0

    15 feb 2012 18:10:18 - Numero totale di file rinominati: 0

    15 feb 2012 18:10:18 - Numero totale di file eliminati: 0

    15 feb 2012 18:10:18 - Numero totale di errori: 1

    15 feb 2012 18:10:18 - Tempo trascorso: 00:03:00



    15 feb 2012 18:10:18 - Scansione completata.



    15 feb 2012 18:10:18 - Uninitializing Scanner (3)...

    15 feb 2012 18:10:18 - Freeing Libraries (3)...

    15 feb 2012 18:10:18 - AV Library Unloaded (3)...
    0
  • Customer
    The first two steps.

    I'll run now escan, and ad-aware but it takes long time. Next I'll post logs.

    sys



    TDSSKiller.2.7.12.0_15.02.2012_17.52.55_log.txt



    17:52:55.0718 5360 TDSS rootkit removing tool 2.7.12.0 Feb 11 2012 16:58:52

    17:52:55.0968 5360 ============================================================

    17:52:55.0968 5360 Current date / time: 2012/02/15 17:52:55.0968

    17:52:55.0968 5360 SystemInfo:

    17:52:55.0968 5360

    17:52:55.0968 5360 OS Version: 5.1.2600 ServicePack: 3.0

    17:52:55.0968 5360 Product type: Workstation

    17:52:55.0968 5360 ComputerName: ALEX

    17:52:55.0968 5360 UserName: alessio

    17:52:55.0968 5360 Windows directory: C:\WINDOWS

    17:52:55.0968 5360 System windows directory: C:\WINDOWS

    17:52:55.0968 5360 Processor architecture: Intel x86

    17:52:55.0968 5360 Number of processors: 2

    17:52:55.0968 5360 Page size: 0x1000

    17:52:55.0968 5360 Boot type: Normal boot

    17:52:55.0968 5360 ============================================================

    17:52:57.0515 5360 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

    17:52:57.0531 5360 \Device\Harddisk0\DR0:

    17:52:57.0531 5360 MBR used

    17:52:57.0531 5360 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C1

    17:52:57.0625 5360 Initialize success

    17:52:57.0625 5360 ============================================================

    17:53:02.0406 5464 ============================================================

    17:53:02.0406 5464 Scan started

    17:53:02.0406 5464 Mode: Manual;

    17:53:02.0406 5464 ============================================================

    17:53:03.0171 5464 Abiosdsk - ok

    17:53:03.0281 5464 abp480n5 - ok

    17:53:03.0468 5464 ACPI (d766e636187b8f240bbfbabcd51eb2c6) C:\WINDOWS\system32\DRIVERS\ACPI.sys

    17:53:03.0468 5464 ACPI - ok

    17:53:03.0515 5464 ACPIEC (49ac5cd87fbdda62f3e25190019e7627) C:\WINDOWS\system32\drivers\ACPIEC.sys

    17:53:03.0531 5464 ACPIEC - ok

    17:53:03.0593 5464 ACSSCR (7099700a3789ad64fbce8ebe956da65d) C:\WINDOWS\system32\DRIVERS\a38usbxp.sys

    17:53:03.0593 5464 ACSSCR - ok

    17:53:03.0671 5464 ADIHdAudAddService (0158f4027c0808ff65ed3b3d683339c9) C:\WINDOWS\system32\drivers\ADIHdAud.sys

    17:53:03.0671 5464 ADIHdAudAddService - ok

    17:53:03.0687 5464 adpu160m - ok

    17:53:03.0703 5464 AEAudio (358063ab6c1c4173b735525cdfa65f94) C:\WINDOWS\system32\drivers\AEAudio.sys

    17:53:03.0703 5464 AEAudio - ok

    17:53:03.0718 5464 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

    17:53:03.0734 5464 aec - ok

    17:53:03.0781 5464 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

    17:53:03.0796 5464 AFD - ok

    17:53:03.0796 5464 Aha154x - ok

    17:53:03.0812 5464 aic78u2 - ok

    17:53:03.0828 5464 aic78xx - ok

    17:53:03.0828 5464 AliIde - ok

    17:53:03.0875 5464 amsint - ok

    17:53:03.0890 5464 asc - ok

    17:53:03.0921 5464 asc3350p - ok

    17:53:03.0921 5464 asc3550 - ok

    17:53:03.0984 5464 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

    17:53:03.0984 5464 AsyncMac - ok

    17:53:04.0000 5464 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

    17:53:04.0000 5464 atapi - ok

    17:53:04.0015 5464 Atdisk - ok

    17:53:04.0765 5464 ati2mtag (c026951271d59ff97deb2a6b4895b416) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

    17:53:04.0781 5464 ati2mtag - ok

    17:53:04.0828 5464 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

    17:53:04.0828 5464 Atmarpc - ok

    17:53:04.0875 5464 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

    17:53:04.0875 5464 audstub - ok

    17:53:04.0953 5464 bdfsfltr (9b281f5f673cbc5b9ec886d59e0b4f26) C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys

    17:53:04.0953 5464 bdfsfltr - ok

    17:53:05.0031 5464 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

    17:53:05.0031 5464 Beep - ok

    17:53:05.0078 5464 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

    17:53:05.0109 5464 cbidf2k - ok

    17:53:05.0140 5464 cd20xrnt - ok

    17:53:05.0218 5464 CdaC15BA (f76cb7259aa575cc53f3996bc6b68c18) C:\WINDOWS\system32\drivers\CDAC15BA.SYS

    17:53:05.0218 5464 CdaC15BA - ok

    17:53:05.0234 5464 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

    17:53:05.0250 5464 Cdaudio - ok

    17:53:05.0328 5464 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

    17:53:05.0421 5464 Cdfs - ok

    17:53:05.0468 5464 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

    17:53:05.0484 5464 Cdrom - ok

    17:53:05.0531 5464 Changer - ok

    17:53:05.0562 5464 CmdIde - ok

    17:53:05.0640 5464 Cpqarray - ok

    17:53:05.0656 5464 dac2w2k - ok

    17:53:05.0687 5464 dac960nt - ok

    17:53:05.0765 5464 DgiVecp (a5034f77b278f07e224fe07cf98a8b76) C:\WINDOWS\system32\Drivers\DgiVecp.sys

    17:53:05.0765 5464 DgiVecp - ok

    17:53:05.0843 5464 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

    17:53:05.0843 5464 Disk - ok

    17:53:05.0906 5464 dmboot (82bc125a8ed33f5f0e75f2aac1065323) C:\WINDOWS\system32\drivers\dmboot.sys

    17:53:05.0906 5464 dmboot - ok

    17:53:05.0953 5464 dmio (e959ddc0ea7ac11ee5e5602e2a364310) C:\WINDOWS\system32\drivers\dmio.sys

    17:53:05.0953 5464 dmio - ok

    17:53:05.0984 5464 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

    17:53:05.0984 5464 dmload - ok

    17:53:06.0015 5464 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

    17:53:06.0015 5464 DMusic - ok

    17:53:06.0046 5464 dpti2o - ok

    17:53:06.0125 5464 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

    17:53:06.0125 5464 drmkaud - ok

    17:53:06.0234 5464 econceal (92a1a87c748d31ce432018d7f019bd1d) C:\WINDOWS\system32\DRIVERS\econceal.sys

    17:53:06.0234 5464 econceal - ok

    17:53:06.0359 5464 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

    17:53:06.0375 5464 Fastfat - ok

    17:53:06.0421 5464 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

    17:53:06.0421 5464 Fdc - ok

    17:53:06.0468 5464 Fips (2cfea3326981a18c6baf2bd9be76225b) C:\WINDOWS\system32\drivers\Fips.sys

    17:53:06.0484 5464 Fips - ok

    17:53:06.0625 5464 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

    17:53:06.0625 5464 Flpydisk - ok

    17:53:06.0734 5464 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

    17:53:06.0734 5464 FltMgr - ok

    17:53:06.0843 5464 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

    17:53:06.0875 5464 Fs_Rec - ok

    17:53:06.0906 5464 Ftdisk (f3269a6ee547ea87b949a1cea4816b38) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

    17:53:06.0906 5464 Ftdisk - ok

    17:53:06.0953 5464 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys

    17:53:06.0953 5464 GEARAspiWDM - ok

    17:53:06.0984 5464 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

    17:53:06.0984 5464 Gpc - ok

    17:53:07.0031 5464 HdAudAddService (56bf27d7a539f9e6bbc1de201aba0edf) C:\WINDOWS\system32\drivers\AtiHdAud.sys

    17:53:07.0031 5464 HdAudAddService - ok

    17:53:07.0046 5464 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

    17:53:07.0046 5464 HDAudBus - ok

    17:53:07.0062 5464 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

    17:53:07.0062 5464 hidusb - ok

    17:53:07.0078 5464 hpn - ok

    17:53:07.0140 5464 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

    17:53:07.0140 5464 HTTP - ok

    17:53:07.0156 5464 i2omgmt - ok

    17:53:07.0156 5464 i2omp - ok

    17:53:07.0171 5464 i8042prt (610726e28af55b95043c5c35a727e320) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

    17:53:07.0171 5464 i8042prt - ok

    17:53:07.0187 5464 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

    17:53:07.0187 5464 Imapi - ok

    17:53:07.0218 5464 ini910u - ok

    17:53:07.0218 5464 IntelIde - ok

    17:53:07.0250 5464 intelppm (ebd830a0970c438047006a49c23e287f) C:\WINDOWS\system32\DRIVERS\intelppm.sys

    17:53:07.0250 5464 intelppm - ok

    17:53:07.0265 5464 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

    17:53:07.0265 5464 Ip6Fw - ok

    17:53:07.0312 5464 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

    17:53:07.0312 5464 IpFilterDriver - ok

    17:53:07.0328 5464 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

    17:53:07.0328 5464 IpInIp - ok

    17:53:07.0343 5464 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

    17:53:07.0359 5464 IpNat - ok

    17:53:07.0375 5464 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

    17:53:07.0375 5464 IPSec - ok

    17:53:07.0390 5464 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

    17:53:07.0390 5464 IRENUM - ok

    17:53:07.0406 5464 isapnp (0953594beb81cc72fcc62d37921b25a6) C:\WINDOWS\system32\DRIVERS\isapnp.sys

    17:53:07.0406 5464 isapnp - ok

    17:53:07.0437 5464 JGOGO (c995c0e8b4503fac38793bb0236ad246) C:\WINDOWS\system32\DRIVERS\JGOGO.sys

    17:53:07.0437 5464 JGOGO - ok

    17:53:07.0453 5464 JRAID (f4a31e66a61c0783f51157519b03280b) C:\WINDOWS\system32\DRIVERS\jraid.sys

    17:53:07.0453 5464 JRAID - ok

    17:53:07.0468 5464 Kbdclass (28b6eace513ca7eaba3b809ad4bc274d) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

    17:53:07.0468 5464 Kbdclass - ok

    17:53:07.0500 5464 kbdhid (4c61c226bdda2ef1672b2c5f4e56625e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

    17:53:07.0500 5464 kbdhid - ok

    17:53:07.0531 5464 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

    17:53:07.0531 5464 kmixer - ok

    17:53:07.0562 5464 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

    17:53:07.0578 5464 KSecDD - ok

    17:53:07.0671 5464 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Programmi\Lavasoft\Ad-Aware\KernExplorer.sys

    17:53:07.0671 5464 Lavasoft Kernexplorer - ok

    17:53:07.0734 5464 Lbd (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys

    17:53:07.0750 5464 Lbd - ok

    17:53:07.0750 5464 lbrtfdc - ok

    17:53:07.0828 5464 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

    17:53:08.0000 5464 mnmdd - ok

    17:53:08.0250 5464 Modem (8cb6636806d76b85fafaee94d75f5129) C:\WINDOWS\system32\drivers\Modem.sys

    17:53:08.0265 5464 Modem - ok

    17:53:08.0531 5464 Mouclass (e904ebed608055a2bfb824c07f59766c) C:\WINDOWS\system32\DRIVERS\mouclass.sys

    17:53:08.0531 5464 Mouclass - ok

    17:53:08.0609 5464 mouhid (d7662f0cf5b77bbbe3202716f5bd5318) C:\WINDOWS\system32\DRIVERS\mouhid.sys

    17:53:08.0609 5464 mouhid - ok

    17:53:08.0640 5464 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

    17:53:08.0671 5464 MountMgr - ok

    17:53:08.0671 5464 mraid35x - ok

    17:53:08.0703 5464 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

    17:53:08.0703 5464 MRxDAV - ok

    17:53:08.0765 5464 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

    17:53:08.0765 5464 MRxSmb - ok

    17:53:08.0781 5464 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

    17:53:08.0828 5464 Msfs - ok

    17:53:08.0843 5464 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

    17:53:08.0843 5464 MSKSSRV - ok

    17:53:08.0859 5464 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

    17:53:08.0859 5464 MSPCLOCK - ok

    17:53:08.0875 5464 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

    17:53:08.0875 5464 MSPQM - ok

    17:53:08.0921 5464 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

    17:53:08.0921 5464 mssmbios - ok

    17:53:08.0968 5464 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys

    17:53:08.0968 5464 MTsensor - ok

    17:53:09.0015 5464 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

    17:53:09.0031 5464 Mup - ok

    17:53:09.0078 5464 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

    17:53:09.0093 5464 NDIS - ok

    17:53:09.0125 5464 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

    17:53:09.0125 5464 NdisTapi - ok

    17:53:09.0156 5464 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

    17:53:09.0156 5464 Ndisuio - ok

    17:53:09.0171 5464 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

    17:53:09.0171 5464 NdisWan - ok

    17:53:09.0218 5464 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

    17:53:09.0234 5464 NDProxy - ok

    17:53:09.0234 5464 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

    17:53:09.0234 5464 NetBIOS - ok

    17:53:09.0250 5464 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

    17:53:09.0265 5464 NetBT - ok

    17:53:09.0281 5464 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

    17:53:09.0281 5464 Npfs - ok

    17:53:09.0312 5464 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

    17:53:09.0312 5464 Ntfs - ok

    17:53:09.0328 5464 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

    17:53:09.0343 5464 Null - ok

    17:53:09.0390 5464 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

    17:53:09.0390 5464 NwlnkFlt - ok

    17:53:09.0406 5464 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

    17:53:09.0421 5464 NwlnkFwd - ok

    17:53:09.0437 5464 Parport (4e9408a178b2d955871c2cdd278de3c3) C:\WINDOWS\system32\DRIVERS\parport.sys

    17:53:09.0437 5464 Parport - ok

    17:53:09.0453 5464 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

    17:53:09.0453 5464 PartMgr - ok

    17:53:09.0468 5464 ParVdm (0dabef655a444cb1e193626fb1d24b9f) C:\WINDOWS\system32\drivers\ParVdm.sys

    17:53:09.0500 5464 ParVdm - ok

    17:53:09.0546 5464 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys

    17:53:09.0546 5464 pccsmcfd - ok

    17:53:09.0562 5464 PCI (f40a46892afebb0314536b849d57c11e) C:\WINDOWS\system32\DRIVERS\pci.sys

    17:53:09.0562 5464 PCI - ok

    17:53:09.0578 5464 PCIDump - ok

    17:53:09.0609 5464 PCIIde (b2df00d650fd6c4ee781740ed3c8e67f) C:\WINDOWS\system32\DRIVERS\pciide.sys

    17:53:09.0609 5464 PCIIde - ok

    17:53:09.0656 5464 Pcmcia (815c50f2b1d1562800bdce8be895000e) C:\WINDOWS\system32\drivers\Pcmcia.sys

    17:53:09.0671 5464 Pcmcia - ok

    17:53:09.0687 5464 PDCOMP - ok

    17:53:09.0703 5464 PDFRAME - ok

    17:53:09.0703 5464 PDRELI - ok

    17:53:09.0718 5464 PDRFRAME - ok

    17:53:09.0718 5464 perc2 - ok

    17:53:09.0765 5464 perc2hib - ok

    17:53:09.0812 5464 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

    17:53:09.0812 5464 PptpMiniport - ok

    17:53:09.0937 5464 ProcObsrv (1a356da1b2ad7a521b529c2706c2deb7) c:\progra~1\escan\ProcObsrv.sys

    17:53:09.0937 5464 ProcObsrv - ok

    17:53:09.0968 5464 ProcObsrves (38a96eee2d1ffe99d67ce42f471ff82f) C:\PROGRA~1\eScan\ProcObsrves.sys

    17:53:09.0984 5464 ProcObsrves - ok

    17:53:10.0000 5464 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

    17:53:10.0000 5464 PSched - ok

    17:53:10.0046 5464 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

    17:53:10.0046 5464 Ptilink - ok

    17:53:10.0062 5464 ql1080 - ok

    17:53:10.0062 5464 Ql10wnt - ok

    17:53:10.0078 5464 ql12160 - ok

    17:53:10.0093 5464 ql1240 - ok

    17:53:10.0093 5464 ql1280 - ok

    17:53:10.0109 5464 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

    17:53:10.0109 5464 RasAcd - ok

    17:53:10.0140 5464 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

    17:53:10.0140 5464 Rasl2tp - ok

    17:53:10.0140 5464 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

    17:53:10.0156 5464 RasPppoe - ok

    17:53:10.0156 5464 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

    17:53:10.0156 5464 Raspti - ok

    17:53:10.0218 5464 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

    17:53:10.0218 5464 Rdbss - ok

    17:53:10.0234 5464 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

    17:53:10.0234 5464 RDPCDD - ok

    17:53:10.0250 5464 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

    17:53:10.0250 5464 rdpdr - ok

    17:53:10.0312 5464 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys

    17:53:10.0328 5464 RDPWD - ok

    17:53:10.0359 5464 redbook (393fc252593323b624b230eca6b85e63) C:\WINDOWS\system32\DRIVERS\redbook.sys

    17:53:10.0359 5464 redbook - ok

    17:53:10.0437 5464 RTLE8023xp (c6d34a1874cd2b212dc3e788091c64b4) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys

    17:53:10.0437 5464 RTLE8023xp - ok

    17:53:10.0484 5464 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

    17:53:10.0484 5464 Secdrv - ok

    17:53:10.0546 5464 SenFiltService (b6a6b409fda9d9ebd3aadb838d3d7173) C:\WINDOWS\system32\drivers\Senfilt.sys

    17:53:10.0546 5464 SenFiltService - ok

    17:53:10.0593 5464 Sentinel (b3c1b187fefc941f63ce0df93d02eb9f) C:\WINDOWS\System32\Drivers\SENTINEL.SYS

    17:53:10.0593 5464 Sentinel - ok

    17:53:10.0625 5464 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

    17:53:10.0625 5464 serenum - ok

    17:53:10.0640 5464 Serial (fdbd9d64e2e03270021d424f0dccf79d) C:\WINDOWS\system32\DRIVERS\serial.sys

    17:53:10.0640 5464 Serial - ok

    17:53:10.0671 5464 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

    17:53:10.0687 5464 Sfloppy - ok

    17:53:10.0718 5464 Simbad - ok

    17:53:10.0734 5464 Sparrow - ok

    17:53:10.0765 5464 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

    17:53:10.0765 5464 splitter - ok

    17:53:10.0781 5464 sr (618718cae288bf7cbd8fcbab2577d932) C:\WINDOWS\system32\DRIVERS\sr.sys

    17:53:10.0781 5464 sr - ok

    17:53:10.0812 5464 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

    17:53:10.0812 5464 Srv - ok

    17:53:10.0843 5464 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

    17:53:10.0843 5464 swenum - ok

    17:53:10.0859 5464 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

    17:53:10.0859 5464 swmidi - ok

    17:53:10.0890 5464 symc810 - ok

    17:53:10.0906 5464 symc8xx - ok

    17:53:10.0906 5464 sym_hi - ok

    17:53:10.0921 5464 sym_u3 - ok

    17:53:10.0953 5464 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

    17:53:10.0953 5464 sysaudio - ok

    17:53:11.0000 5464 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

    17:53:11.0000 5464 Tcpip - ok

    17:53:11.0046 5464 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

    17:53:11.0062 5464 TDPIPE - ok

    17:53:11.0078 5464 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

    17:53:11.0093 5464 TDTCP - ok

    17:53:11.0125 5464 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

    17:53:11.0125 5464 TermDD - ok

    17:53:11.0140 5464 TosIde - ok

    17:53:11.0187 5464 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

    17:53:11.0203 5464 Udfs - ok

    17:53:11.0218 5464 ultra - ok

    17:53:11.0250 5464 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

    17:53:11.0250 5464 Update - ok

    17:53:11.0312 5464 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys

    17:53:11.0312 5464 USBAAPL - ok

    17:53:11.0359 5464 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

    17:53:11.0375 5464 usbccgp - ok

    17:53:11.0406 5464 USBCCID (2825e0e294686a26506690059e1f437a) C:\WINDOWS\system32\DRIVERS\usbccid.sys

    17:53:11.0406 5464 USBCCID - ok

    17:53:11.0437 5464 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

    17:53:11.0437 5464 usbehci - ok

    17:53:11.0453 5464 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

    17:53:11.0453 5464 usbhub - ok

    17:53:11.0515 5464 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

    17:53:11.0515 5464 usbscan - ok

    17:53:11.0562 5464 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys

    17:53:11.0562 5464 usbser - ok

    17:53:11.0578 5464 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

    17:53:11.0578 5464 USBSTOR - ok

    17:53:11.0593 5464 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

    17:53:11.0593 5464 usbuhci - ok

    17:53:11.0640 5464 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

    17:53:11.0640 5464 VgaSave - ok

    17:53:11.0656 5464 ViaIde - ok

    17:53:11.0703 5464 VolSnap (e46c1b5a56da7da603d09dfcc79ec59e) C:\WINDOWS\system32\drivers\VolSnap.sys

    17:53:11.0750 5464 VolSnap - ok

    17:53:11.0812 5464 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

    17:53:11.0812 5464 Wanarp - ok

    17:53:11.0859 5464 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys

    17:53:11.0859 5464 Wdf01000 - ok

    17:53:11.0875 5464 WDICA - ok

    17:53:11.0890 5464 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

    17:53:11.0890 5464 wdmaud - ok

    17:53:11.0953 5464 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys

    17:53:11.0953 5464 WpdUsb - ok

    17:53:12.0015 5464 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys

    17:53:12.0015 5464 WS2IFSL - ok

    17:53:12.0062 5464 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

    17:53:12.0078 5464 WudfPf - ok

    17:53:12.0093 5464 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

    17:53:12.0109 5464 WudfRd - ok

    17:53:12.0140 5464 MBR (0x1B8) (828e02d5c4a4fbe53441ee9dbee51f43) \Device\Harddisk0\DR0

    17:53:12.0234 5464 \Device\Harddisk0\DR0 - ok

    17:53:12.0234 5464 Boot (0x1200) (a1dcb6fcce69d8d42134ca8b1fa279c7) \Device\Harddisk0\DR0\Partition0

    17:53:12.0234 5464 \Device\Harddisk0\DR0\Partition0 - ok

    17:53:12.0234 5464 ============================================================

    17:53:12.0234 5464 Scan finished

    17:53:12.0234 5464 ============================================================

    17:53:12.0250 5456 Detected object count: 0

    17:53:12.0250 5456 Actual detected object count: 0

    17:55:48.0390 5356 Deinitialize success

    ----------------------------------------------------------------------------------------------------------------------------------------



    aswMBR version 0.9.9.1532 Copyright(c) 2011 AVAST Software

    Run date: 2012-02-15 18:00:02

    -----------------------------

    18:00:02.812 OS Version: Windows 5.1.2600 Service Pack 3

    18:00:02.812 Number of processors: 2 586 0xF0B

    18:00:02.812 ComputerName: ALEX UserName:

    18:00:03.859 Initialize success

    18:00:15.328 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3

    18:00:15.328 Disk 0 Vendor: MAXTOR_STM3320620AS 3.AAE Size: 305245MB BusType: 3

    18:00:15.328 Disk 0 MBR read successfully

    18:00:15.328 Disk 0 MBR scan

    18:00:15.328 Disk 0 Windows XP default MBR code

    18:00:15.328 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 305234 MB offset 63

    18:00:15.328 Disk 0 scanning sectors +625121280

    18:00:15.390 Disk 0 scanning C:\WINDOWS\system32\drivers

    18:00:23.765 Service scanning

    18:00:25.265 Service econceal C:\WINDOWS\system32\DRIVERS\econceal.sys **LOCKED** 32

    18:00:25.875 Modules scanning

    18:00:30.593 Disk 0 trace - called modules:

    18:00:30.593 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys

    18:00:30.593 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89b7f9c0]

    18:00:30.609 3 CLASSPNP.SYS[f7647fd7] -> nt!IofCallDriver -> \Device\0000006c[0x89b93f18]

    18:00:30.609 5 ACPI.sys[f75ae620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x89b82940]

    18:00:30.609 Scan finished successfully

    18:00:42.421 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\alessio\Desktop\MBR.dat"

    18:00:42.468 The log file has been saved successfully to "C:\Documents and Settings\alessio\Desktop\aswMBR.txt"
    0
  • Support
    Thanks for the logs so far, toros. The programs have not found anything bad.



    If possible tell eScan to scan the folder C:\Documents and settings, it is rather common that malicious files are placed under that folder.
    0
  • Support
    Just a cookie, and not a malicious file.
    0
  • Customer
    I Thank you, CeciliaB, I'll tell to scan that folder. Then I'll inform you.

    Here it is the ad-aware smart scan log.



    Logfile created: 15/02/2012 18:26:49

    Ad-Aware version: 9.6.0

    Extended engine: 3

    Extended engine version: 3.1.2770

    User performing scan: alessio

    *********************** Definitions database information ***********************

    Lavasoft definition file: 150.723

    Genotype definition file version: 2012/02/13 12:34:34

    Extended engine definition file: 11548.0

    ******************************** Scan results: *********************************

    Scan profile name: Smart Scan (ID: smart)

    Objects scanned: 73353

    Objects detected: 1



    Type Detected

    ==========================

    Processes.......: 0

    Registry entries: 0

    Hostfile entries: 0

    Files...........: 0

    Folders.........: 0

    LSPs............: 0

    Cookies.........: 1

    Browser hijacks.: 0

    MRU objects.....: 0



    Removed items:

    Description: *excite* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408871 Family ID: 0

    Scan and cleaning complete: Finished correctly after 866 seconds

    *********************************** Settings ***********************************

    Scan profile:

    ID: smart, enabled:1, value: Smart Scan

    ID: folderstoscan, enabled:1, value:

    ID: useantivirus, enabled:1, value: true

    ID: sections, enabled:1

    ID: scancriticalareas, enabled:1, value: true

    ID: scanrunningapps, enabled:1, value: true

    ID: scanregistry, enabled:1, value: true

    ID: scanlsp, enabled:1, value: true

    ID: scanads, enabled:1, value: false

    ID: scanhostsfile, enabled:1, value: false

    ID: scanmru, enabled:1, value: false

    ID: scanbrowserhijacks, enabled:1, value: true

    ID: scantrackingcookies, enabled:1, value: true

    ID: closebrowsers, enabled:1, value: false

    ID: filescanningoptions, enabled:1

    ID: archives, enabled:1, value: false

    ID: onlyexecutables, enabled:1, value: true

    ID: skiplargerthan, enabled:1, value: 20480

    ID: scanrootkits, enabled:1, value: true

    ID: rootkitlevel, enabled:1, value: mild, domain: medium,mild,strict

    ID: usespywareheuristics, enabled:1, value: true

    Scan global:

    ID: global, enabled:1

    ID: addtocontextmenu, enabled:1, value: true

    ID: playsoundoninfection, enabled:1, value: false

    ID: soundfile, enabled:0, value: N/A

    Scheduled scan settings:

    <Empty>

    Update settings:

    ID: updates, enabled:1

    ID: launchthreatworksafterscan, enabled:1, value: silently, domain: normal,off,silently

    ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall

    ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall

    ID: schedules, enabled:1, value: true

    ID: updatedaily1, enabled:1, value: Daily 1

    ID: time, enabled:1, value: Wed Feb 08 11:29:00 2012

    ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly

    ID: weekdays, enabled:1

    ID: monday, enabled:1, value: false

    ID: tuesday, enabled:1, value: false

    ID: wednesday, enabled:1, value: false

    ID: thursday, enabled:1, value: false

    ID: friday, enabled:1, value: false

    ID: saturday, enabled:1, value: false

    ID: sunday, enabled:1, value: false

    ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31

    ID: scanprofile, enabled:1, value:

    ID: auto_deal_with_infections, enabled:1, value: false

    ID: updatedaily2, enabled:1, value: Daily 2

    ID: time, enabled:1, value: Wed Feb 08 17:29:00 2012

    ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly

    ID: weekdays, enabled:1

    ID: monday, enabled:1, value: false

    ID: tuesday, enabled:1, value: false

    ID: wednesday, enabled:1, value: false

    ID: thursday, enabled:1, value: false

    ID: friday, enabled:1, value: false

    ID: saturday, enabled:1, value: false

    ID: sunday, enabled:1, value: false

    ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31

    ID: scanprofile, enabled:1, value:

    ID: auto_deal_with_infections, enabled:1, value: false

    ID: updatedaily3, enabled:1, value: Daily 3

    ID: time, enabled:1, value: Wed Feb 08 23:29:00 2012

    ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly

    ID: weekdays, enabled:1

    ID: monday, enabled:1, value: false

    ID: tuesday, enabled:1, value: false

    ID: wednesday, enabled:1, value: false

    ID: thursday, enabled:1, value: false

    ID: friday, enabled:1, value: false

    ID: saturday, enabled:1, value: false

    ID: sunday, enabled:1, value: false

    ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31

    ID: scanprofile, enabled:1, value:

    ID: auto_deal_with_infections, enabled:1, value: false

    ID: updatedaily4, enabled:1, value: Daily 4

    ID: time, enabled:1, value: Wed Feb 08 05:29:00 2012

    ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly

    ID: weekdays, enabled:1

    ID: monday, enabled:1, value: false

    ID: tuesday, enabled:1, value: false

    ID: wednesday, enabled:1, value: false

    ID: thursday, enabled:1, value: false

    ID: friday, enabled:1, value: false

    ID: saturday, enabled:1, value: false

    ID: sunday, enabled:1, value: false

    ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31

    ID: scanprofile, enabled:1, value:

    ID: auto_deal_with_infections, enabled:1, value: false

    ID: updateweekly1, enabled:1, value: Weekly

    ID: time, enabled:1, value: Wed Feb 08 11:29:00 2012

    ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly

    ID: weekdays, enabled:1

    ID: monday, enabled:1, value: false

    ID: tuesday, enabled:1, value: false

    ID: wednesday, enabled:1, value: true

    ID: thursday, enabled:1, value: false

    ID: friday, enabled:1, value: false

    ID: saturday, enabled:1, value: true

    ID: sunday, enabled:1, value: false

    ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31

    ID: scanprofile, enabled:1, value:

    ID: auto_deal_with_infections, enabled:1, value: false

    Appearance settings:

    ID: appearance, enabled:1

    ID: skin, enabled:1, value: default.egl, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource

    ID: showtrayicon, enabled:1, value: true

    ID: autoentertainmentmode, enabled:1, value: true

    ID: guimode, enabled:1, value: mode_advanced, domain: mode_advanced,mode_simple

    ID: language, enabled:1, value: en, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language

    Realtime protection settings:

    ID: realtime, enabled:1

    ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,onlyimportant

    ID: layers, enabled:1

    ID: useantivirus, enabled:1, value: true

    ID: usespywareheuristics, enabled:1, value: true

    ID: maintainbackup, enabled:1, value: true

    ID: modules, enabled:1

    ID: processprotection, enabled:1, value: true

    ID: onaccessprotection, enabled:1, value: true

    ID: registryprotection, enabled:1, value: true

    ID: networkprotection, enabled:1, value: true



    ****************************** System information ******************************

    Computer name: ALEX

    Processor name: Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz

    Processor identifier: x86 Family 6 Model 15 Stepping 11

    Processor speed: ~2329MHZ

    Raw info: processorarchitecture 0, processortype 586, processorlevel 6, processor revision 3851, number of processors 2, processor features: [MMX,SSE,SSE2]

    Physical memory available: 975069184 bytes

    Physical memory total: 2146545664 bytes

    Virtual memory available: 1858588672 bytes

    Virtual memory total: 2147352576 bytes

    Memory load: 54%

    Microsoft Windows XP Home Edition Service Pack 3 (build 2600)

    Windows startup mode:

    Running processes:

    PID: 684 name: \SystemRoot\System32\smss.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 740 name: C:\WINDOWS\system32\csrss.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 772 name: C:\WINDOWS\system32\winlogon.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 816 name: C:\WINDOWS\system32\services.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 828 name: C:\WINDOWS\system32\lsass.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 1000 name: C:\WINDOWS\system32\Ati2evxx.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 1016 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 1096 name: C:\WINDOWS\system32\svchost.exe owner: SERVIZIO DI RETE domain: NT AUTHORITY

    PID: 1216 name: C:\WINDOWS\System32\svchost.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 1256 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 1352 name: C:\WINDOWS\system32\svchost.exe owner: SERVIZIO DI RETE domain: NT AUTHORITY

    PID: 1452 name: C:\WINDOWS\system32\Ati2evxx.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 1512 name: C:\WINDOWS\system32\svchost.exe owner: SERVIZIO LOCALE domain: NT AUTHORITY

    PID: 1664 name: C:\WINDOWS\system32\spoolsv.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 1712 name: C:\WINDOWS\System32\SCardSvr.exe owner: SERVIZIO LOCALE domain: NT AUTHORITY

    PID: 2028 name: C:\WINDOWS\system32\svchost.exe owner: SERVIZIO LOCALE domain: NT AUTHORITY

    PID: 164 name: C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 180 name: C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 244 name: C:\Programmi\Bonjour\mDNSResponder.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 264 name: C:\WINDOWS\system32\drivers\CDAC11BA.EXE owner: SYSTEM domain: NT AUTHORITY

    PID: 304 name: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 600 name: C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 628 name: c:\progra~1\escan\EconSer.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 1048 name: c:\progra~1\escan\eConceal.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 1052 name: C:\DOCUME~1\ALLUSE~1\DATIAP~1\MICROW~1\eScanBD\avpmapp.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 1136 name: C:\PROGRA~1\eScan\TRAYSSER.EXE owner: SYSTEM domain: NT AUTHORITY

    PID: 1316 name: C:\PROGRA~1\eScan\consctl.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 1772 name: C:\Programmi\Java\jre6\bin\jqs.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 1872 name: C:\Programmi\File comuni\LightScribe\LSSrvc.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 388 name: C:\WINDOWS\Explorer.EXE owner: alessio domain: ALEX

    PID: 1264 name: C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE owner: SYSTEM domain: NT AUTHORITY

    PID: 1936 name: C:\PROGRA~1\FILECO~1\MICROW~1\Agent\MWASER.EXE owner: SYSTEM domain: NT AUTHORITY

    PID: 2188 name: C:\PROGRA~1\FILECO~1\MICROW~1\Agent\MWAgent.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 2208 name: C:\Programmi\File comuni\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 2292 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 2348 name: C:\Programmi\Viewpoint\Common\ViewpointService.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 2428 name: C:\Programmi\Autodesk Network License Manager\lmgrd.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 3488 name: C:\Programmi\Autodesk Network License Manager\adskflex.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 3964 name: C:\WINDOWS\System32\alg.exe owner: SERVIZIO LOCALE domain: NT AUTHORITY

    PID: 4020 name: C:\WINDOWS\system32\wscntfy.exe owner: alessio domain: ALEX

    PID: 4076 name: C:\WINDOWS\system32\wbem\wmiprvse.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 2120 name: C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe owner: alessio domain: ALEX

    PID: 2800 name: C:\Programmi\Analog Devices\Core\smax4pnp.exe owner: alessio domain: ALEX

    PID: 2844 name: C:\WINDOWS\system32\SSLEmptyCache.exe owner: alessio domain: ALEX

    PID: 2880 name: C:\PROGRA~1\eScan\TRAYICOS.EXE owner: alessio domain: ALEX

    PID: 3448 name: C:\PROGRA~1\eScan\MAILDISP.EXE owner: alessio domain: ALEX

    PID: 3400 name: C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe owner: alessio domain: ALEX

    PID: 3608 name: C:\Programmi\File comuni\Java\Java Update\jusched.exe owner: alessio domain: ALEX

    PID: 1756 name: C:\PROGRA~1\eScan\Vista\eScanMon.exe owner: alessio domain: ALEX

    PID: 3668 name: C:\PROGRA~1\ESCAN\SPOOLER.EXE owner: alessio domain: ALEX

    PID: 3024 name: C:\Programmi\iTunes\iTunesHelper.exe owner: alessio domain: ALEX

    PID: 2652 name: C:\Programmi\File comuni\LightScribe\LightScribeControlPanel.exe owner: alessio domain: ALEX

    PID: 720 name: C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe owner: alessio domain: ALEX

    PID: 2752 name: C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe owner: alessio domain: ALEX

    PID: 2856 name: C:\WINDOWS\system32\ctfmon.exe owner: alessio domain: ALEX

    PID: 2000 name: C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 1932 name: C:\Programmi\iPod\bin\iPodService.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 1012 name: C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe owner: alessio domain: ALEX

    PID: 1424 name: C:\Programmi\Viewpoint\Viewpoint Manager\ViewMgr.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 2832 name: C:\Documents and Settings\alessio\Dati applicazioni\Dropbox\bin\Dropbox.exe owner: alessio domain: ALEX

    PID: 3192 name: C:\Programmi\Internet Explorer\iexplore.exe owner: alessio domain: ALEX

    PID: 5216 name: C:\Programmi\Internet Explorer\iexplore.exe owner: alessio domain: ALEX

    PID: 4744 name: C:\Programmi\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 4604 name: C:\WINDOWS\system32\wbem\unsecapp.exe owner: SYSTEM domain: NT AUTHORITY

    PID: 6048 name: C:\Programmi\Lavasoft\Ad-Aware\AAWTray.exe owner: alessio domain: ALEX

    PID: 5336 name: C:\Programmi\Lavasoft\Ad-Aware\Ad-Aware.exe owner: alessio domain: ALEX

    PID: 2432 name: C:\Programmi\Internet Explorer\iexplore.exe owner: alessio domain: ALEX

    Startup items:

    Name: JMB36X IDE Setup

    imagepath: C:\WINDOWS\JM\JMInsIDE.exe

    Name: JMB36X Configure

    imagepath: C:\WINDOWS\system32\JMRaidSetup.exe boot

    Name: Acrobat Assistant 7.0

    imagepath: "C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"

    Name: NeroFilterCheck

    imagepath: C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe

    Name: SoundMAXPnP

    imagepath: C:\Programmi\Analog Devices\Core\smax4pnp.exe

    Name: SSLEmptyCache

    imagepath: C:\WINDOWS\system32\SSLEmptyCache.exe

    Name: eScan Updater

    imagepath: C:\PROGRA~1\eScan\TRAYICOS.EXE /App

    Name: MailScan Dispatcher

    imagepath: "C:\PROGRA~1\eScan\LAUNCH.EXE" /startup

    Name: Adobe Reader Speed Launcher

    imagepath: "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"

    Name: Adobe ARM

    imagepath: "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"

    Name: QuickTime Task

    imagepath: "C:\Programmi\QuickTime\qttask.exe" -atboottime

    Name: SunJavaUpdateSched

    imagepath: "C:\Programmi\File comuni\Java\Java Update\jusched.exe"

    Name: APSDaemon

    imagepath: "C:\Programmi\File comuni\Apple\Apple Application Support\APSDaemon.exe"

    Name: iTunesHelper

    imagepath: "C:\Programmi\iTunes\iTunesHelper.exe"

    Name: {438755C2-A8BA-11D1-B96B-00A0C90312E1}

    imagepath: Precaricatore Browseui

    Name: {8C7461EF-2B13-11d2-BE35-3078302C2030}

    imagepath: Daemon di cache delle categorie di componenti

    Name: PostBootReminder

    imagepath: {7849596a-48ea-486e-8937-a2a3009f31a9}

    Name: CDBurn

    imagepath: {fbeb8a05-beee-4442-804e-409d6c4515e9}

    Name: WebCheck

    imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

    Name: SysTray

    imagepath: {35CEC8A3-2BE6-11D2-8773-92E220524153}

    Name: WPDShServiceObj

    imagepath: {AAA288BA-9A4C-45B0-95D7-94D524869DB5}

    Name:

    location: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Adobe Gamma Loader.lnk

    imagepath: C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe

    Name:

    location: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Avvio veloce di Adobe Acrobat.lnk

    imagepath: C:\WINDOWS\Installer\{AC76BA86-1034-4700-7760-000000000002}\SC_Acrobat.exe

    Name:

    imagepath: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\desktop.ini

    Name:

    imagepath: C:\Documents and Settings\Default User\Menu Avvio\Programmi\Esecuzione automatica\desktop.ini

    Bootexecute items:

    Name:

    imagepath: lsdelete

    Running services:

    Name: ALG

    displayname: Servizio Gateway di livello applicazione

    Name: Apple Mobile Device

    displayname: Apple Mobile Device

    Name: ArcGIS License Manager

    displayname: ArcGIS License Manager

    Name: Ati HotKey Poller

    displayname: Ati HotKey Poller

    Name: AudioSrv

    displayname: Audio Windows

    Name: BITS

    displayname: Servizio trasferimento intelligente in background

    Name: Bonjour Service

    displayname: Servizio Bonjour

    Name: Browser

    displayname: Browser di computer

    Name: C-DillaCdaC11BA

    displayname: C-DillaCdaC11BA

    Name: clr_optimization_v2.0.50727_32

    displayname: .NET Runtime Optimization Service v2.0.50727_X86

    Name: CryptSvc

    displayname: CryptSvc

    Name: DcomLaunch

    displayname: Utilità di avvio processo server DCOM

    Name: Dhcp

    displayname: Client DHCP

    Name: dmserver

    displayname: Gestione dischi logici

    Name: Dnscache

    displayname: Client DNS

    Name: EconService

    displayname: eConServ

    Name: ERSvc

    displayname: Servizio di segnalazione errori

    Name: eScan Monitor Service

    displayname: eScan Monitor Service

    Name: eScan-trayicos

    displayname: eScan Server-Updater

    Name: Eventlog

    displayname: Registro eventi

    Name: EventSystem

    displayname: Sistema di eventi COM+

    Name: FastUserSwitchingCompatibility

    displayname: Compatibilità di Cambio rapido utente

    Name: helpsvc

    displayname: Guida in linea e supporto tecnico

    Name: HidServ

    displayname: HID Input Service

    Name: iPod Service

    displayname: Servizio iPod

    Name: JavaQuickStarterService

    displayname: Java Quick Starter

    Name: lanmanserver

    displayname: Server

    Name: lanmanworkstation

    displayname: Workstation

    Name: Lavasoft Ad-Aware Service

    displayname: Lavasoft Ad-Aware Service

    Name: LightScribeService

    displayname: LightScribeService Direct Disc Labeling Service

    Name: LmHosts

    displayname: Helper NetBIOS di TCP/IP

    Name: MDM

    displayname: Machine Debug Manager

    Name: MWAgent

    displayname: MWAgent

    Name: Netman

    displayname: Connessioni di rete

    Name: Nla

    displayname: NLA (Network Location Awareness)

    Name: NMIndexingService

    displayname: NMIndexingService

    Name: PlugPlay

    displayname: Plug and Play

    Name: PolicyAgent

    displayname: Servizi IPSEC

    Name: ProtectedStorage

    displayname: Archiviazione protetta

    Name: RasMan

    displayname: Connection Manager di Accesso remoto

    Name: RemoteRegistry

    displayname: Registro di sistema remoto

    Name: RpcSs

    displayname: RPC (Remote Procedure Call)

    Name: SamSs

    displayname: Gestione account di protezione (SAM)

    Name: SCardSvr

    displayname: smart card

    Name: Schedule

    displayname: Utilità di pianificazione

    Name: seclogon

    displayname: Secondary Logon

    Name: SENS

    displayname: Notifica eventi di sistema

    Name: SentinelProtectionServer

    displayname: Sentinel Protection Server

    Name: SharedAccess

    displayname: Windows Firewall / Condivisione connessione Internet (ICS)

    Name: ShellHWDetection

    displayname: Rilevamento hardware shell

    Name: Spooler

    displayname: Spooler di stampa

    Name: srservice

    displayname: Servizio Ripristino configurazione di sistema

    Name: SSDPSRV

    displayname: Servizio di rilevamento SSDP

    Name: stisvc

    displayname: Acquisizione di immagini di Windows (WIA)

    Name: TapiSrv

    displayname: Telefonia

    Name: TermService

    displayname: Servizi terminal

    Name: Themes

    displayname: Temi

    Name: TrkWks

    displayname: Manutenzione collegamenti distribuiti client

    Name: Viewpoint Manager Service

    displayname: Viewpoint Manager Service

    Name: viz 2005

    displayname: viz 2005

    Name: W32Time

    displayname: Ora di Windows

    Name: WebClient

    displayname: WebClient

    Name: winmgmt

    displayname: Strumentazione gestione Windows

    Name: wscsvc

    displayname: Centro sicurezza PC

    Name: wuauserv

    displayname: Automatic Updates

    Name: WudfSvc

    displayname: Windows Driver Foundation - User-mode Driver Framework

    Name: WZCSVC

    displayname: Zero Configuration reti senza fili
    0
  • Customer
    Hi CeciliaB, good morning.

    I saw, just a cookie.

    I also scanned Documents and settings folder by eScan, and it didn't find anything malicious, as you can see in the log I post.

    So I hope everything is ok now. I'll try to reinstall Skype and see if it works right or still spam malicious links to all my contacts.



    Do you think I have to try something else before it?



    thaks a lot so far.

    toros /rolleyes.gif' class='bbc_emoticon' alt=':rolleyes:' />



    15 feb 2012 18:49:58 - **********************************************************

    15 feb 2012 18:49:58 - Modulo eScan Anti Virus & Spyware.

    15 feb 2012 18:49:58 - Copyright © 2003-2006, MicroWorld Technologies Inc.

    15 feb 2012 18:49:58 - **********************************************************

    15 feb 2012 18:49:58 - Versione 12.0.198

    15 feb 2012 18:49:58 - File log: C:\Programmi\eScan\LOG\15020001.LOG

    15 feb 2012 18:49:58 - Data e ora ultima scansione: 15.02.2012 18:07:16

    15 feb 2012 18:49:58 - MWAV Registered: TRUE

    15 feb 2012 18:49:58 - User Account: alessio (Administrator Mode)

    15 feb 2012 18:49:58 - OS Type: Windows Workstation

    15 feb 2012 18:49:58 - OS: Windows XP [OS Install Date: 19 Oct 2007 09:45:26]

    15 feb 2012 18:49:58 - Ver: Service Pack 3 (Build 2600)

    15 feb 2012 18:49:58 - System Up Time: 1 Hour, 2 Minutes, 40 Seconds



    15 feb 2012 18:49:58 - Parent Process Name : C:\Programmi\eScan\escanpro.exe

    15 feb 2012 18:49:58 - Windows Root Folder: C:\WINDOWS

    15 feb 2012 18:49:58 - Windows Sys32 Folder: C:\WINDOWS\system32

    15 feb 2012 18:49:58 - Interface0 NameServer: 212.216.112.112

    15 feb 2012 18:49:58 - Local Fixed Drives: c:\

    15 feb 2012 18:49:58 - MWAV Mode: Scan and Clean files (for viruses, adware and spyware)

    15 feb 2012 18:49:58 - Opzioni riga di comando: /pipe=5692escan /Log=C:\PROGRA~1\eScan\Log\15020001.log /SC /LOGINFECT /MAXFILESIZE=5 /FILELIST=C:\DOCUME~1\alessio\IMPOST~1\Temp\\eShxScan3757546.txt /S

    15 feb 2012 18:49:58 - Loading/Creating FileScan Database C:\Documents and Settings\All Users\Dati applicazioni\MicroWorld\MWAV\ESCANDBX.MDB [Log: C:\PROGRA~1\ESCAN\LOG\ESCANDB.LOG]

    15 feb 2012 18:49:58 - Loaded/Created FileScan Database...

    15 feb 2012 18:49:58 - Loading AV Library [DB]...

    15 feb 2012 18:50:02 - AV Library Loaded [IPC].



    15 feb 2012 18:50:02 - **********************************************************

    15 feb 2012 18:50:02 - Modulo eScan Anti Virus & Spyware.

    15 feb 2012 18:50:02 - Copyright © 2003-2006, MicroWorld Technologies Inc.

    15 feb 2012 18:50:02 -

    15 feb 2012 18:50:02 - Supporto: [email="assistenza@labinfo.it"]assistenza@labinfo.it[/email]

    15 feb 2012 18:50:02 - Web: [url="http://www.labinfo.it"]http://www.labinfo.it[/url]

    15 feb 2012 18:50:02 - **********************************************************

    15 feb 2012 18:50:02 - Versione 12.0.198[IPC]

    15 feb 2012 18:50:02 - File log: C:\Programmi\eScan\LOG\15020001.LOG

    15 feb 2012 18:50:02 - User Account: alessio (Administrator Mode)

    15 feb 2012 18:50:02 - Parent Process Name : C:\Programmi\eScan\escanpro.exe

    15 feb 2012 18:50:02 - Windows Root Folder: C:\WINDOWS

    15 feb 2012 18:50:02 - Windows Sys32 Folder: C:\WINDOWS\system32

    15 feb 2012 18:50:02 - OS: Windows XP [OS Install Date: 19 Oct 2007 09:45:26]

    15 feb 2012 18:50:02 - Ver: Service Pack 3 (Build 2600)



    15 feb 2012 18:50:02 - Opzioni impostate dall'utente:

    15 feb 2012 18:50:02 - Verifica memoria: Disabilitata

    15 feb 2012 18:50:02 - Verifica registry: Disabilitata

    15 feb 2012 18:50:02 - Verifica Esecuzione automatica: Disabilitata

    15 feb 2012 18:50:02 - Verifica cartelle di sistema: Disabilitata

    15 feb 2012 18:50:02 - Verifica servizi: Disabilitata

    15 feb 2012 18:50:02 - Scan Spyware: Disabilitata

    15 feb 2012 18:50:02 - Opzione verifica unità disabilitata

    15 feb 2012 18:50:02 - Verifica cartella: Abilitata

    15 feb 2012 18:50:02 - SCAN: All_Files

    15 feb 2012 18:50:02 - MWAV Mode: Scan and Clean files (for viruses, adware and spyware)



    15 feb 2012 18:56:12 - C:\Documents and Settings\alessio\Dati applicazioni\Qualcomm\Eudora\attach\Catalogo tecnico R Panel.pdf non scansionato. Probabilmente protetto da password...

    15 feb 2012 18:57:02 - ScanFile (C:\Documents and Settings\alessio\Dati applicazioni\Qualcomm\Eudora\attach\def.zip) took 6906 ms

    15 feb 2012 18:57:17 - ScanFile (C:\Documents and Settings\alessio\Dati applicazioni\Qualcomm\Eudora\attach\denstudenta1.zip) took 6093 ms

    15 feb 2012 18:57:43 - ScanFile (C:\Documents and Settings\alessio\Dati applicazioni\Qualcomm\Eudora\attach\Disponibilità 34.xls) took 8719 ms

    15 feb 2012 18:58:59 - C:\Documents and Settings\alessio\Dati applicazioni\Qualcomm\Eudora\attach\linea ART PANEL.pdf non scansionato. Probabilmente protetto da password...

    15 feb 2012 19:02:52 - ScanFile (C:\Documents and Settings\alessio\Dati applicazioni\Qualcomm\Eudora\attach\S.Fautino 13 - struttura corte museo.zip) took 7922 ms

    15 feb 2012 19:03:22 - ScanFile (C:\Documents and Settings\alessio\Dati applicazioni\Qualcomm\Eudora\attach\scansioni.zip) took 10984 ms

    15 feb 2012 19:05:44 - ScanFile (C:\Documents and Settings\alessio\Dati applicazioni\Qualcomm\Eudora\In.mbx) took 10156 ms

    15 feb 2012 19:05:53 - ScanFile (C:\Documents and Settings\alessio\Dati applicazioni\Qualcomm\Eudora\Out.mbx) took 7266 ms

    15 feb 2012 19:06:01 - ScanFile (C:\Documents and Settings\alessio\Dati applicazioni\Qualcomm\Eudora\Out.mbx.001) took 7547 ms

    15 feb 2012 19:07:45 - ScanFile (C:\Documents and Settings\alessio\Dati applicazioni\Sun\Java\jdk1.6.0_17\sj160170.cab) took 6828 ms

    15 feb 2012 19:07:56 - ScanFile (C:\Documents and Settings\alessio\Dati applicazioni\Sun\Java\jdk1.6.0_17\st160170.cab) took 8047 ms

    15 feb 2012 19:08:24 - ScanFile (C:\Documents and Settings\alessio\Desktop\BusinessKeyInfoCertLT.zip) took 7610 ms

    15 feb 2012 19:13:24 - ScanFile (C:\Documents and Settings\alessio\Documenti\Musica\iTunes\iTunes Music\Mobile Applications\MyReef Lite 1.3.ipa) took 5547 ms

    15 feb 2012 19:13:38 - ScanFile (C:\Documents and Settings\alessio\Documenti\Musica\iTunes\iTunes Music\Mobile Applications\Paper Toss 1.81.ipa) took 11469 ms

    15 feb 2012 19:14:03 - ScanFile (C:\Documents and Settings\alessio\Documenti\Musica\iTunes\iTunes Music\Mobile Applications\Princess DU 1.1.ipa) took 24860 ms

    15 feb 2012 19:14:03 - Scansione di C:\Documents and Settings\alessio\Documenti\Musica\iTunes\iTunes Music\Mobile Applications\Princess DU 1.1.ipa in time out!!!

    15 feb 2012 19:14:17 - ScanFile (C:\Documents and Settings\alessio\Documenti\Musica\iTunes\iTunes Music\Mobile Applications\Songsterr+ 1.3.ipa) took 6891 ms

    15 feb 2012 19:14:35 - ScanFile (C:\Documents and Settings\alessio\Documenti\Musica\iTunes\iTunes Music\Mobile Applications\SoundHound 3.6.2.ipa) took 17266 ms

    15 feb 2012 19:14:57 - ScanFile (C:\Documents and Settings\alessio\Documenti\Musica\iTunes\iTunes Music\Mobile Applications\stellarium 1.4.ipa) took 21938 ms

    15 feb 2012 19:14:57 - Scansione di C:\Documents and Settings\alessio\Documenti\Musica\iTunes\iTunes Music\Mobile Applications\stellarium 1.4.ipa in time out!!!

    15 feb 2012 19:15:02 - ScanFile (C:\Documents and Settings\alessio\Documenti\Musica\iTunes\iTunes Music\Mobile Applications\TexasHoldem 1.22.ipa) took 5187 ms

    15 feb 2012 19:18:06 - C:\Documents and Settings\alessio\Impostazioni locali\Temp\JET6154.tmp non scansionato. Probabilmente protetto da password...

    15 feb 2012 19:19:00 - Scansione file C:\Documents and Settings\alessio\Preferiti\web colori\v Teoria dei colori e combinazioni di colori per grafiche perfette.url

    15 feb 2012 19:19:00 - ERROR(3)!!! ScanFile fails for C:\Documents and Settings\alessio\Preferiti\web colori\v Teoria dei colori e combinazioni di colori per grafiche perfette.url

    15 feb 2012 19:20:33 - ScanFile (C:\Documents and Settings\All Users\Dati applicazioni\Apple\Installer Cache\AppleApplicationSupport 1.3.0\AppleApplicationSupport.msi) took 5875 ms

    15 feb 2012 19:20:56 - ScanFile (C:\Documents and Settings\All Users\Dati applicazioni\Apple\Installer Cache\AppleApplicationSupport 2.1.5\AppleApplicationSupport.msi) took 5829 ms

    15 feb 2012 19:21:34 - ScanFile (C:\Documents and Settings\All Users\Dati applicazioni\Apple Computer\Installer Cache\Safari 4.30.17.0\Safari.msi) took 5922 ms

    15 feb 2012 19:21:40 - ScanFile (C:\Documents and Settings\All Users\Dati applicazioni\Apple Computer\Installer Cache\Safari 4.30.19.1\Safari.msi) took 5593 ms

    15 feb 2012 19:21:56 - ScanFile (C:\Documents and Settings\All Users\Dati applicazioni\Apple Computer\Installer Cache\Safari 5.31.22.7\Safari.msi) took 9828 ms

    15 feb 2012 19:23:45 - ScanFile (C:\Documents and Settings\All Users\Dati applicazioni\Installations\{4D568C38-0552-4CDD-A643-01FAFA2957EF}\Packages\PCCS\Setup\PCCS.msi) took 8172 ms

    15 feb 2012 19:24:12 - C:\Documents and Settings\All Users\Dati applicazioni\Lavasoft\Ad-Aware\MiniMessage\3 non scansionato. Probabilmente protetto da password...

    15 feb 2012 19:25:29 - ScanFile (C:\Documents and Settings\All Users\Dati applicazioni\Skype\{5335DADB-34BA-4AE8-A519-648D78498846}\Skype.msi) took 6672 ms

    15 feb 2012 19:25:42 - ScanFile (C:\Documents and Settings\All Users\Dati applicazioni\Skype\{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}\Skype.msi) took 11407 ms

    15 feb 2012 19:26:05 - ScanFile (C:\Documents and Settings\All Users\Dati applicazioni\Skype\{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}\Skype.msi) took 5906 ms



    15 feb 2012 19:26:23 - ***** Scansione completa. *****



    15 feb 2012 19:26:23 - Numero totale di file scansionati: 60730

    15 feb 2012 19:26:23 - Numero totale di virus trovati: 0

    15 feb 2012 19:26:23 - Numero totale di file disinfettati: 0

    15 feb 2012 19:26:23 - Numero totale di file rinominati: 0

    15 feb 2012 19:26:23 - Numero totale di file eliminati: 0

    15 feb 2012 19:26:23 - Numero totale di errori: 0

    15 feb 2012 19:26:23 - Tempo trascorso: 00:36:20



    15 feb 2012 19:26:23 - Scansione completata.



    15 feb 2012 19:26:23 - Uninitializing Scanner (3)...

    15 feb 2012 19:26:23 - Freeing Libraries (3)...

    15 feb 2012 19:26:23 - AV Library Unloaded (3)...
    0
  • Customer
    eScan still block this tool:



    16/02/2012 11:48:12"C:\System Volume Information\_restore{44E71B91-1B5E-4BA4-8235-84C259ED1B68}\RP509\A0068411.exe","Infetto da virus: Tool-NirCmd.TE (ES)","File Quarantined"



    is it still the false positive from ComboFix? I think so.

    a.
    0
  • Support
    Yes, it is the same false positive.



    Install Skype and let us see what happens.
    0
  • Customer
    ok.

    I'll let you know.

    Hope the sun shines up there in the north...
    0
  • Support
    Unfortunately not today, instead it was not very cold during the night /wink.png' class='bbc_emoticon' alt=';)' /> But I certainly hope it is a lot warmer than -2 degrees in Italy.
    0
  • Customer
    ...not so cold in the night... did you light some fire, eh? /tongue.png' class='bbc_emoticon' alt=':P' />

    Well CecilB, I installed Skype and it seems everything work right.

    Except one little problem: my PC's became even slow than a turtle while surfing internet, and all time pop up message that I'm visualisating protect internet page, ecc...

    May be I have to many security sistems on.

    What I have to di with combofix and all the other stuff I installed.



    p.s.: in this time here we are 10 degrees below 0, it's not so hot... except in the night of course using an hot eiderdown... /biggrin.png' class='bbc_emoticon' alt=':D' />
    0
  • Support
    -10 degrees, that is colder than here! /ohmy.png' class='bbc_emoticon' alt=':o' />

    I guess, you are not in the southern part of Italy then /wink.png' class='bbc_emoticon' alt=';)' />



    Then we do some more checks.

    Please, install another web browser to check if the problem is browser or computer related. Select if you want to try Opera, Google Chrome or Firefox.



    Run an online scan with Eset http://www.eset.com/onlinescan/

    To shorten the scanning time disable your antivirus program while scanning.



    Un-check "Remove found threats"

    Check "Scan Archives"



    Click "Advanced Settings"

    Check:

    Scan for potentially unwanted applications

    Scan for potentially unsafe applications

    Enable Anti-Stealth Technology



    Click Scan



    When the scan completes the log file C:\Program\Eset\Eset Online Scanner\log.txt is created. Open it in Notepad and paste its content in your answer.
    0
  • Customer
    So dear CeciliaB, I did my homeworks and here the outcome.

    Still sick! /huh.png' class='bbc_emoticon' alt=':huh:' />



    doctor tell me the truth, shall I see the sun tomorrow?



    log you asked for:



    [email="ESETSmartInstaller@High"]ESETSmartInstaller@High[/email] as CAB hook log:

    OnlineScanner.ocx - registred OK

    # version=7

    # iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

    # OnlineScanner.ocx=1.0.0.6583

    # api_version=3.0.2

    # EOSSerial=a3c968402e4ad340a2ef882338888427

    # end=finished

    # remove_checked=false

    # archives_checked=true

    # unwanted_checked=true

    # unsafe_checked=true

    # antistealth_checked=true

    # utc_time=2012-02-17 04:28:10

    # local_time=2012-02-17 05:28:10 (+0100, ora solare Europa occidentale)

    # country="Italy"

    # lang=1033

    # osver=5.1.2600 NT Service Pack 3

    # compatibility_mode=512 16777215 100 0 67477455 67477455 0 0

    # compatibility_mode=1024 16777215 100 0 72063448 72063448 0 0

    # compatibility_mode=8192 67108863 100 0 3839 3839 0 0

    # compatibility_mode=8961 16777189 75 59 4991 124836390 0 0

    # scanned=199535

    # found=4

    # cleaned=0

    # scan_time=8032

    C:\System Volume Information\_restore{44E71B91-1B5E-4BA4-8235-84C259ED1B68}\RP506\A0067957.exe a variant of Win32/HackTool.Patcher.A application (unable to clean) 00000000000000000000000000000000 I

    C:\System Volume Information\_restore{44E71B91-1B5E-4BA4-8235-84C259ED1B68}\RP506\A0067959.exe a variant of Win32/HackTool.Patcher.A application (unable to clean) 00000000000000000000000000000000 I

    C:\System Volume Information\_restore{44E71B91-1B5E-4BA4-8235-84C259ED1B68}\RP506\A0068096.exe a variant of Win32/HackTool.Patcher.D application (unable to clean) 00000000000000000000000000000000 I

    C:\System Volume Information\_restore{44E71B91-1B5E-4BA4-8235-84C259ED1B68}\RP506\A0068114.exe a variant of Win32/HackTool.Patcher.D application (unable to clean) 00000000000000000000000000000000 I
    0
  • Customer
    Yes, I tried another browser - Firefox and it's not much better. I have to say that the browsers are not always slow.

    Yes I use a router to connect to internet and yes I have several computers, but the others don't seems to have the same problem.



    I'll do the work by Combofix, then I'll let you know.



    t.
    0
  • Support
    Hi toros /smile.png' class='bbc_emoticon' alt=':)' />



    Those files are not active and will not do anything.



    Have you tried another browser?



    If possible, take a screen shot (PrintScreen) of the pop-up message in the browser, including what web page you are visiting.



    Are you using a router to connect to internet?

    Do you have several computers? Do they all have the same problem?



    Delete the ComboFix you have and download the latest version (same link as before). Run it in the same way and post its log.
    0
  • Support
    How is it going, toros?
    0
  • Customer
    Hi CeciliaB,

    here it is the ComboFix log.



    Only to let you know Skype seems to work proper, and it doesn't send any unwanted message or link to anyone.

    When I use IE in some sites it warn me about I'm in a protect page... the message I sent the printscreen... and it is a little noisy, but I suppose it is due to protection settings.



    For the rest here it's raining...



    toros.









    ComboFix 12-02-19.02 - alessio 20/02/2012 12.44.57.6.2 - x86

    Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.2047.1113 [GMT 1:00]

    Eseguito da: c:\documents and settings\alessio\Desktop\ComboFix.exe

    AV: eScan Anti-Virus (AV) Edition per Windows *Disabled/Updated* {E25EE26A-7512-411E-BAF6-D9AFA504A475}

    AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}

    FW: eScan Anti-Virus (AV) Edition per Windows *Disabled* {E25EE26A-7512-411E-BAF6-D9AFA504A475}

    * Creato nuovo punto di ripristino

    .

    .

    ((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    c:\windows\regedit.com

    c:\windows\system32\taskmgr.com

    .

    .

    ((((((((((((((((((((((((( Files Creati Da 2012-01-20 al 2012-02-20 )))))))))))))))))))))))))))))))))))

    .

    .

    2012-02-17 14:10 . 2012-02-17 14:10 -------- d-----w- c:\programmi\ESET

    2012-02-16 11:50 . 2012-02-16 11:50 -------- d-----w- c:\programmi\File comuni\Skype

    2012-02-15 16:32 . 2012-01-11 19:06 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll

    2012-02-15 16:32 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll

    2012-02-08 16:09 . 2012-02-08 10:36 16432 ----a-w- c:\windows\system32\lsdelete.exe

    2012-02-08 10:36 . 2012-02-08 10:36 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

    2012-02-08 10:29 . 2011-12-23 06:12 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys

    2012-02-08 10:29 . 2012-02-08 10:29 -------- d-----w- c:\programmi\Lavasoft

    2012-02-02 11:04 . 2012-02-02 11:04 388096 ----a-r- c:\documents and settings\alessio\Dati applicazioni\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

    2012-01-31 17:00 . 2006-06-14 12:53 29184 ----a-w- c:\windows\system32\drivers\usbccid.sys

    .

    .

    .

    (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2012-02-15 15:40 . 2012-02-15 15:39 17157099 ----a-w- c:\windows\REGBK02.ZIP

    2012-01-12 17:20 . 2007-08-02 12:00 1859968 ----a-w- c:\windows\system32\win32k.sys

    2012-01-11 08:07 . 2011-08-02 06:56 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

    2011-12-30 08:49 . 2011-03-15 12:18 1045000 ----a-w- c:\windows\system32\test2.exe

    2011-12-21 12:00 . 2011-12-21 12:00 54016 ----a-w- c:\windows\system32\drivers\cdsa.sys

    2011-12-21 08:06 . 2010-05-05 15:57 1858056 ----a-w- c:\windows\system32\contfilt.dll

    2011-12-21 08:06 . 2011-12-21 08:06 572928 ----a-w- c:\windows\system32\msvcp90.dll

    2011-12-21 08:06 . 2011-12-21 08:06 655872 ----a-w- c:\windows\system32\msvcr90.dll

    2011-12-17 19:43 . 2007-08-02 12:00 916992 ----a-w- c:\windows\system32\wininet.dll

    2011-12-17 19:43 . 2007-08-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll

    2011-12-17 19:43 . 2007-08-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl

    2011-12-16 12:22 . 2007-08-02 12:00 385024 ----a-w- c:\windows\system32\html.iec

    2011-12-10 14:24 . 2011-03-21 09:21 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

    2011-11-25 21:57 . 2007-08-02 12:00 293888 ----a-w- c:\windows\system32\winsrv.dll

    2012-02-16 15:07 . 2012-02-17 13:41 134104 ----a-w- c:\programmi\mozilla firefox\components\browsercomps.dll

    .

    .

    ((((((((((((((((((((((((((((( [email="SnapShot@2012-02-15_09.01.11"]SnapShot@2012-02-15_09.01.11[/email] )))))))))))))))))))))))))))))))))))))))))

    .

    + 2012-02-20 07:53 . 2012-02-20 07:53 16384 c:\windows\Temp\Perflib_Perfdata_570.dat

    - 2007-08-02 12:00 . 2012-01-11 18:06 85424 c:\windows\system32\perfc010.dat

    + 2007-08-02 12:00 . 2012-02-15 16:37 85424 c:\windows\system32\perfc010.dat

    - 2007-08-02 12:00 . 2012-01-11 18:06 72274 c:\windows\system32\perfc009.dat

    + 2007-08-02 12:00 . 2012-02-15 16:37 72274 c:\windows\system32\perfc009.dat

    + 2007-08-02 12:00 . 2011-12-17 19:43 66560 c:\windows\system32\mshtmled.dll

    - 2007-08-02 12:00 . 2011-11-04 19:13 66560 c:\windows\system32\mshtmled.dll

    - 2006-11-07 19:03 . 2011-11-04 19:13 55296 c:\windows\system32\msfeedsbs.dll

    + 2006-11-07 19:03 . 2011-12-17 19:43 55296 c:\windows\system32\msfeedsbs.dll

    - 2007-08-02 12:00 . 2011-11-04 19:13 25600 c:\windows\system32\jsproxy.dll

    + 2007-08-02 12:00 . 2011-12-17 19:43 25600 c:\windows\system32\jsproxy.dll

    - 2009-06-12 06:51 . 2011-11-04 19:13 12800 c:\windows\system32\dllcache\xpshims.dll

    + 2009-06-12 06:51 . 2011-12-17 19:43 12800 c:\windows\system32\dllcache\xpshims.dll

    - 2007-08-02 12:00 . 2011-11-04 19:13 66560 c:\windows\system32\dllcache\mshtmled.dll

    + 2007-08-02 12:00 . 2011-12-17 19:43 66560 c:\windows\system32\dllcache\mshtmled.dll

    - 2007-10-10 23:49 . 2011-11-04 19:13 55296 c:\windows\system32\dllcache\msfeedsbs.dll

    + 2007-10-10 23:49 . 2011-12-17 19:43 55296 c:\windows\system32\dllcache\msfeedsbs.dll

    - 2007-08-02 12:00 . 2011-11-04 19:13 43520 c:\windows\system32\dllcache\licmgr10.dll

    + 2007-08-02 12:00 . 2011-12-17 19:43 43520 c:\windows\system32\dllcache\licmgr10.dll

    - 2007-08-02 12:00 . 2011-11-04 19:13 25600 c:\windows\system32\dllcache\jsproxy.dll

    + 2007-08-02 12:00 . 2011-12-17 19:43 25600 c:\windows\system32\dllcache\jsproxy.dll

    - 2010-01-12 12:15 . 2012-02-15 08:16 32768 c:\windows\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat

    + 2010-01-12 12:15 . 2012-02-20 07:55 32768 c:\windows\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat

    - 2007-10-19 08:47 . 2012-02-15 08:16 32768 c:\windows\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\index.dat

    + 2007-10-19 08:47 . 2012-02-20 07:55 32768 c:\windows\system32\config\systemprofile\Impostazioni locali\Cronologia\History.IE5\index.dat

    - 2010-01-13 17:23 . 2012-02-15 08:16 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat

    + 2012-02-15 17:19 . 2012-02-20 07:55 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat

    + 2010-05-11 08:22 . 2012-02-15 16:34 35088 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\oisicon.exe

    - 2010-05-11 08:22 . 2012-01-27 08:29 35088 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\oisicon.exe

    - 2010-05-11 08:22 . 2012-01-27 08:29 18704 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\mspicons.exe

    + 2010-05-11 08:22 . 2012-02-15 16:34 18704 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\mspicons.exe

    - 2010-05-11 08:22 . 2012-01-27 08:29 20240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\cagicon.exe

    + 2010-05-11 08:22 . 2012-02-15 16:34 20240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\cagicon.exe

    + 2010-06-04 15:01 . 2012-02-15 16:45 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll

    - 2010-06-04 15:01 . 2011-10-13 07:06 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll

    + 2012-02-15 16:39 . 2011-11-04 19:13 12800 c:\windows\ie8updates\KB2647516-IE8\xpshims.dll

    + 2012-02-15 16:39 . 2011-11-04 19:13 66560 c:\windows\ie8updates\KB2647516-IE8\mshtmled.dll

    + 2012-02-15 16:39 . 2011-11-04 19:13 55296 c:\windows\ie8updates\KB2647516-IE8\msfeedsbs.dll

    + 2012-02-15 16:39 . 2011-11-04 19:13 43520 c:\windows\ie8updates\KB2647516-IE8\licmgr10.dll

    + 2012-02-15 16:39 . 2011-11-04 19:13 25600 c:\windows\ie8updates\KB2647516-IE8\jsproxy.dll

    + 2012-02-15 17:42 . 2012-02-15 17:42 80384 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\36512431748c2695b18a5280fda1a94b\WindowsFormsIntegration.Package.ni.dll

    + 2012-02-15 18:26 . 2012-02-15 18:26 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\dab766b18e6fe0a8f53a93c56be7b40e\System.Windows.Presentation.ni.dll

    + 2012-02-15 18:26 . 2012-02-15 18:26 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\31b65443e56a470d199f293085576e05\System.Web.DynamicData.Design.ni.dll

    + 2012-02-15 18:25 . 2012-02-15 18:25 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\89dfd3999ad1d72c59243d7b4bf40d5a\System.ComponentModel.DataAnnotations.ni.dll

    + 2012-02-15 16:39 . 2012-02-15 16:39 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\3aa4296d4aa01fe0533de2c15f818d5f\PresentationFontCache.ni.exe

    + 2012-02-15 16:38 . 2012-02-15 16:38 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\820acb71782d9cd006800b3ac7e1ca53\PresentationCFFRasterizer.ni.dll

    + 2012-02-15 18:26 . 2012-02-15 18:26 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\d07f0222f62dbed7898a6e2e909d407a\Microsoft.Vsa.ni.dll

    + 2012-02-15 18:25 . 2012-02-15 18:25 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\f8fff7230acf6235bee6c577a7fcbb96\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.ni.dll

    + 2012-02-15 18:25 . 2012-02-15 18:25 53760 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\01cc8d2ed8e363a2e9afd1174088d2b1\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v9.0.ni.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll

    + 2007-08-02 12:00 . 2011-12-17 19:43 105984 c:\windows\system32\url.dll

    - 2007-08-02 12:00 . 2011-11-04 19:13 105984 c:\windows\system32\url.dll

    - 2007-08-02 12:00 . 2012-01-11 18:06 491866 c:\windows\system32\perfh010.dat

    + 2007-08-02 12:00 . 2012-02-15 16:37 491866 c:\windows\system32\perfh010.dat

    - 2007-08-02 12:00 . 2012-01-11 18:06 444016 c:\windows\system32\perfh009.dat

    + 2007-08-02 12:00 . 2012-02-15 16:37 444016 c:\windows\system32\perfh009.dat

    + 2007-08-02 12:00 . 2011-12-17 19:43 206848 c:\windows\system32\occache.dll

    - 2007-08-02 12:00 . 2011-11-04 19:13 206848 c:\windows\system32\occache.dll

    + 2007-08-02 12:00 . 2011-12-17 19:43 611840 c:\windows\system32\mstime.dll

    - 2007-08-02 12:00 . 2011-11-04 19:13 611840 c:\windows\system32\mstime.dll

    + 2006-11-07 19:03 . 2011-12-17 19:43 602112 c:\windows\system32\msfeeds.dll

    - 2006-11-07 19:03 . 2011-11-04 19:13 602112 c:\windows\system32\msfeeds.dll

    + 2007-08-02 12:00 . 2011-12-17 19:43 184320 c:\windows\system32\iepeers.dll

    - 2007-08-02 12:00 . 2011-11-04 19:13 184320 c:\windows\system32\iepeers.dll

    + 2007-08-02 12:00 . 2011-12-17 19:43 387584 c:\windows\system32\iedkcs32.dll

    - 2007-08-02 12:00 . 2011-11-04 19:13 387584 c:\windows\system32\iedkcs32.dll

    - 2007-08-02 12:00 . 2011-11-04 11:24 174080 c:\windows\system32\ie4uinit.exe

    + 2007-08-02 12:00 . 2011-12-16 12:23 174080 c:\windows\system32\ie4uinit.exe

    - 2007-10-19 10:34 . 2011-12-14 09:13 466800 c:\windows\system32\FNTCACHE.DAT

    + 2007-10-19 10:34 . 2012-02-15 16:48 466800 c:\windows\system32\FNTCACHE.DAT

    + 2007-08-02 12:00 . 2011-12-17 19:43 916992 c:\windows\system32\dllcache\wininet.dll

    - 2007-08-02 12:00 . 2011-11-04 19:13 916992 c:\windows\system32\dllcache\wininet.dll

    - 2007-08-02 12:00 . 2011-11-04 19:13 105984 c:\windows\system32\dllcache\url.dll

    + 2007-08-02 12:00 . 2011-12-17 19:43 105984 c:\windows\system32\dllcache\url.dll

    - 2007-08-02 12:00 . 2011-11-04 19:13 206848 c:\windows\system32\dllcache\occache.dll

    + 2007-08-02 12:00 . 2011-12-17 19:43 206848 c:\windows\system32\dllcache\occache.dll

    + 2007-08-02 12:00 . 2011-12-17 19:43 611840 c:\windows\system32\dllcache\mstime.dll

    - 2007-08-02 12:00 . 2011-11-04 19:13 611840 c:\windows\system32\dllcache\mstime.dll

    + 2007-10-10 23:49 . 2011-12-17 19:43 602112 c:\windows\system32\dllcache\msfeeds.dll

    - 2007-10-10 23:49 . 2011-11-04 19:13 602112 c:\windows\system32\dllcache\msfeeds.dll

    - 2009-06-12 06:51 . 2011-11-04 19:13 247808 c:\windows\system32\dllcache\ieproxy.dll

    + 2009-06-12 06:51 . 2011-12-17 19:43 247808 c:\windows\system32\dllcache\ieproxy.dll

    + 2007-08-02 12:00 . 2011-12-17 19:43 184320 c:\windows\system32\dllcache\iepeers.dll

    - 2007-08-02 12:00 . 2011-11-04 19:13 184320 c:\windows\system32\dllcache\iepeers.dll

    + 2010-06-09 04:13 . 2011-12-17 19:43 743424 c:\windows\system32\dllcache\iedvtool.dll

    - 2010-06-09 04:13 . 2011-11-04 19:13 743424 c:\windows\system32\dllcache\iedvtool.dll

    + 2007-08-02 12:00 . 2011-12-17 19:43 387584 c:\windows\system32\dllcache\iedkcs32.dll

    - 2007-08-02 12:00 . 2011-11-04 19:13 387584 c:\windows\system32\dllcache\iedkcs32.dll

    - 2007-08-02 12:00 . 2011-11-04 11:24 174080 c:\windows\system32\dllcache\ie4uinit.exe

    + 2007-08-02 12:00 . 2011-12-16 12:23 174080 c:\windows\system32\dllcache\ie4uinit.exe

    + 2012-02-16 11:50 . 2012-02-16 11:50 371272 c:\windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe

    - 2010-05-11 08:22 . 2012-01-27 08:29 888080 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\wordicon.exe

    + 2010-05-11 08:22 . 2012-02-15 16:34 888080 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\wordicon.exe

    + 2010-05-11 08:22 . 2012-02-15 16:34 272648 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pubs.exe

    - 2010-05-11 08:22 . 2012-01-27 08:29 272648 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pubs.exe

    - 2010-05-11 08:22 . 2012-01-27 08:29 922384 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pptico.exe

    + 2010-05-11 08:22 . 2012-02-15 16:34 922384 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pptico.exe

    + 2010-05-11 08:22 . 2012-02-15 16:34 845584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\outicon.exe

    - 2010-05-11 08:22 . 2012-01-27 08:29 845584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\outicon.exe

    + 2010-05-11 08:22 . 2012-02-15 16:34 217864 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\misc.exe

    - 2010-05-11 08:22 . 2012-01-27 08:29 217864 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\misc.exe

    + 2012-02-15 16:39 . 2011-11-04 19:13 916992 c:\windows\ie8updates\KB2647516-IE8\wininet.dll

    + 2012-02-15 16:39 . 2011-11-04 19:13 105984 c:\windows\ie8updates\KB2647516-IE8\url.dll

    + 2012-02-15 16:39 . 2010-07-05 13:20 402296 c:\windows\ie8updates\KB2647516-IE8\spuninst\updspapi.dll

    + 2012-02-15 16:39 . 2010-07-05 13:19 233848 c:\windows\ie8updates\KB2647516-IE8\spuninst\spuninst.exe

    + 2012-02-15 16:39 . 2011-11-04 19:13 206848 c:\windows\ie8updates\KB2647516-IE8\occache.dll

    + 2012-02-15 16:39 . 2011-11-04 19:13 611840 c:\windows\ie8updates\KB2647516-IE8\mstime.dll

    + 2012-02-15 16:39 . 2011-11-04 19:13 602112 c:\windows\ie8updates\KB2647516-IE8\msfeeds.dll

    + 2012-02-15 16:39 . 2011-11-04 19:13 247808 c:\windows\ie8updates\KB2647516-IE8\ieproxy.dll

    + 2012-02-15 16:39 . 2011-11-04 19:13 184320 c:\windows\ie8updates\KB2647516-IE8\iepeers.dll

    + 2012-02-15 16:39 . 2011-11-04 19:13 743424 c:\windows\ie8updates\KB2647516-IE8\iedvtool.dll

    + 2012-02-15 16:39 . 2011-11-04 19:13 387584 c:\windows\ie8updates\KB2647516-IE8\iedkcs32.dll

    + 2012-02-15 16:39 . 2011-11-04 11:24 174080 c:\windows\ie8updates\KB2647516-IE8\ie4uinit.exe

    + 2012-02-15 18:24 . 2012-02-15 18:24 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\edc5691acfb65ac37f49de2ec497083a\WsatConfig.ni.exe

    + 2012-02-15 17:42 . 2012-02-15 17:42 198656 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\646b155ad752b35ae7c96136452a6682\WindowsFormsIntegration.Design.ni.dll

    + 2012-02-15 16:41 . 2012-02-15 16:41 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\4ad8369d6a60765d7e9b43cdf9023f41\WindowsFormsIntegration.ni.dll

    + 2012-02-15 16:41 . 2012-02-15 16:41 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\68f4157e570c77df653057c0583395bd\UIAutomationClient.ni.dll

    + 2012-02-15 18:27 . 2012-02-15 18:27 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\c2a12bd4056b44f8005a7eb3af161e6a\System.Xml.Linq.ni.dll

    + 2012-02-15 18:26 . 2012-02-15 18:26 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\fc63b434b2f253cd27625487f7b02ac0\System.Web.Routing.ni.dll

    + 2012-02-15 16:40 . 2012-02-15 16:40 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\67877f896b2b0e42286e838fe307f3fd\System.Web.RegularExpressions.ni.dll

    + 2012-02-15 18:26 . 2012-02-15 18:26 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\86650d4fb220f94f25bb5da42a03d454\System.Web.Extensions.Design.ni.dll

    + 2012-02-15 18:26 . 2012-02-15 18:26 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\654465871e547e131668874de7c60b8c\System.Web.Entity.ni.dll

    + 2012-02-15 18:26 . 2012-02-15 18:26 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\f0d6895f6e709d425cb5da6053c603d2\System.Web.Entity.Design.ni.dll

    + 2012-02-15 18:26 . 2012-02-15 18:26 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\3f3b7dc7208e302e39a2dfb5b2cb953b\System.Web.DynamicData.ni.dll

    + 2012-02-15 18:26 . 2012-02-15 18:26 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\e9cddd213343f15d611b14620d649bb0\System.Web.Abstractions.ni.dll

    + 2012-02-15 16:40 . 2012-02-15 16:40 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\f25d114cb629d1f512f98883c6535a75\System.Transactions.ni.dll

    + 2012-02-15 16:40 . 2012-02-15 16:40 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\11dcb806c92f55111f5fa9f1a90e3bdd\System.ServiceProcess.ni.dll

    + 2012-02-15 16:38 . 2012-02-15 16:38 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\5fb9981f4147b537b53be9d58bf4e9b4\System.Security.ni.dll

    + 2012-02-15 16:39 . 2012-02-15 16:39 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1335dd98ce5ce22ad1f51cc274ca5a1d\System.Runtime.Serialization.Formatters.Soap.ni.dll

    + 2012-02-15 16:40 . 2012-02-15 16:40 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\c14e58265386feb509cc61bb5e8dd296\System.Runtime.Remoting.ni.dll

    + 2012-02-15 18:26 . 2012-02-15 18:26 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\a4b2b1ee81acd843970d9a81b281f1c1\System.Net.ni.dll

    + 2012-02-15 18:27 . 2012-02-15 18:27 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\ab7515dcbeff3f7d9533902e98278283\System.Messaging.ni.dll

    + 2012-02-15 18:26 . 2012-02-15 18:26 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\a2a14380e8c9149d5b212d0100ef588a\System.Management.ni.dll

    + 2012-02-15 18:26 . 2012-02-15 18:26 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\e3436edde657a5111d39d5b2eecf9715\System.Management.Instrumentation.ni.dll

    + 2012-02-15 17:42 . 2012-02-15 17:42 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\974ded7dd3bca225a1b90de778846c78\System.IO.Log.ni.dll

    + 2012-02-15 17:42 . 2012-02-15 17:42 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\01eba24390736a59c39becd825b5756e\System.IdentityModel.Selectors.ni.dll

    + 2012-02-15 16:40 . 2012-02-15 16:40 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\c0d15fb6308587fef8744d568e64bcda\System.EnterpriseServices.Wrapper.dll

    + 2012-02-15 16:40 . 2012-02-15 16:40 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\c0d15fb6308587fef8744d568e64bcda\System.EnterpriseServices.ni.dll

    + 2012-02-15 16:40 . 2012-02-15 16:40 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\e9ae7ae6d1e9edc7aaf819889cd1c692\System.Drawing.Design.ni.dll

    + 2012-02-15 16:40 . 2012-02-15 16:40 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\78a370dc153011708dd9e4cb0e606bfc\System.DirectoryServices.Protocols.ni.dll

    + 2012-02-15 18:26 . 2012-02-15 18:26 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\6e644fc7464d9fe23fc9cd6001296f2f\System.DirectoryServices.AccountManagement.ni.dll

    + 2012-02-15 18:26 . 2012-02-15 18:26 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\bac39be66bb9f987c1948b766833f8e6\System.Data.Services.Client.ni.dll

    + 2012-02-15 18:26 . 2012-02-15 18:26 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\2b5ecd231320e57010043c408783d80b\System.Data.Services.Design.ni.dll

    + 2012-02-15 18:26 . 2012-02-15 18:26 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\4ac9ac2326720485aefd4d79d2024945\System.Data.Entity.Design.ni.dll

    + 2012-02-15 18:25 . 2012-02-15 18:25 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\d504d550fd0a6994fcb1466ea7be92af\System.Data.DataSetExtensions.ni.dll

    + 2012-02-15 16:38 . 2012-02-15 16:38 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\94a40f415bfa947e251888bbe88bb973\System.Configuration.ni.dll

    + 2012-02-15 16:40 . 2012-02-15 16:40 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\28637135c6939e74450bbbf110b12643\System.Configuration.Install.ni.dll

    + 2012-02-15 18:25 . 2012-02-15 18:25 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\958b5c0114d664ab5ba72575c301e2ea\System.AddIn.ni.dll

    + 2012-02-15 18:24 . 2012-02-15 18:24 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\4dcff3b0e79fc27e31549bb2af00efb5\SMSvcHost.ni.exe

    + 2012-02-15 18:24 . 2012-02-15 18:24 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\bd3bfd5b6ef659dac4d6cccb34577d33\SMDiagnostics.ni.dll

    + 2012-02-15 18:23 . 2012-02-15 18:23 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\edec83be646eb52204c991371751a428\ServiceModelReg.ni.exe

    + 2012-02-15 16:41 . 2012-02-15 16:41 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\52015457bc28e7a9a563d9eab8ab0015\PresentationFramework.Royale.ni.dll

    + 2012-02-15 16:40 . 2012-02-15 16:40 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\46a680814559114706a33282e9df4b7a\PresentationFramework.Classic.ni.dll

    + 2012-02-15 16:40 . 2012-02-15 16:40 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2713754549b1114c9152d33efe5f72c7\PresentationFramework.Aero.ni.dll

    + 2012-02-15 16:40 . 2012-02-15 16:40 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1552f18ca434c1dca6d082df476d089a\PresentationFramework.Luna.ni.dll

    + 2012-02-15 18:24 . 2012-02-15 18:24 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\7c51497b188c82e2ccbe6315549ce023\MSBuild.ni.exe

    + 2012-02-15 18:25 . 2012-02-15 18:25 503296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\bf3bd0194b870461a09735c36e6dfffe\Microsoft.Windows.Design.Interaction.ni.dll

    + 2012-02-15 18:25 . 2012-02-15 18:25 353792 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\b5c081a893cde7d1fd7652b190111e68\Microsoft.Windows.Design.ni.dll

    + 2012-02-15 18:25 . 2012-02-15 18:25 438272 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\82c89fd38600d9981fc66fa6f6011ac7\Microsoft.Windows.Design.Extensibility.ni.dll

    + 2012-02-15 18:25 . 2012-02-15 18:25 513024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\d90a7c6fffba0b8415581c895ca1d57b\Microsoft.VisualStudio.Shell.Design.ni.dll

    + 2012-02-15 18:25 . 2012-02-15 18:25 300032 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\c8c0a2110c45e2584491e9de8eea9502\Microsoft.VisualStudio.Tools.Applications.ProgrammingModel.ni.dll

    + 2012-02-15 18:25 . 2012-02-15 18:25 876032 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\bf2b5099314c1cb96f599423ea882d42\Microsoft.VisualStudio.Shell.9.0.ni.dll

    + 2012-02-15 18:25 . 2012-02-15 18:25 802304 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\b2406abddce6c3a1e9bfb275184d1ed6\Microsoft.VisualStudio.Tools.Applications.Project.ni.dll

    + 2012-02-15 18:25 . 2012-02-15 18:25 133120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\ab95dc164e3b4ad1af252223d9aedaac\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.ni.dll

    + 2012-02-15 18:24 . 2012-02-15 18:24 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\9c7cd92d7c472001ece0b69438ce2c29\Microsoft.VisualStudio.Configuration.ni.dll

    + 2012-02-15 18:25 . 2012-02-15 18:25 861696 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\95a03ac5af04596bc771941632d0ad44\Microsoft.VisualStudio.Modeling.Sdk.Shell.ni.dll

    + 2012-02-15 18:25 . 2012-02-15 18:25 173568 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\93136071d93d4edd595fba8af709d911\Microsoft.VisualStudio.TextTemplating.ni.dll

    + 2012-02-15 18:25 . 2012-02-15 18:25 198656 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\7659965597f1ec89f2333da8dd5875a9\Microsoft.VisualStudio.Tools.Applications.DesignTime.v9.0.ni.dll

    + 2012-02-15 18:25 . 2012-02-15 18:25 640512 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\6f92b2f9a9f3193401177ee70fa43ff6\Microsoft.VisualStudio.Xaml.LanguageService.ni.dll

    + 2012-02-15 18:25 . 2012-02-15 18:25 822272 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\52abef2731463bfe944ee2519b1d8ab9\Microsoft.VisualStudio.Shell.ni.dll

    + 2012-02-15 18:25 . 2012-02-15 18:25 159744 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\4d45a51e544fbcacc60e3e28fb90b457\Microsoft.VisualStudio.WizardFramework.ni.dll

    + 2012-02-15 18:25 . 2012-02-15 18:25 284672 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\4525e68f505f36fbbc7e0973ae702447\Microsoft.VisualStudio.Tools.Applications.Hosting.v9.0.ni.dll

    + 2012-02-15 18:25 . 2012-02-15 18:25 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\39f0c512d6b428ec976828633ba10c95\Microsoft.VisualStudio.TextTemplating.VSHost.ni.dll

    + 2012-02-15 18:25 . 2012-02-15 18:25 335872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\1a812c6b43ad9501cfe02da5e1ca3063\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v9.0.ni.dll

    + 2012-02-15 18:23 . 2012-02-15 18:23 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\f0f6dd614d294295c5d8386cc4192034\Microsoft.Transactions.Bridge.Dtc.ni.dll

    + 2012-02-15 18:23 . 2012-02-15 18:23 472064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\ca0ea2d64ff5504a6b41942fa808c703\Microsoft.MapPoint.Rendering3D.Utility.ni.dll

    + 2012-02-15 18:23 . 2012-02-15 18:23 766976 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\b7d3dfadc0b912d87106a64a3423f8a7\Microsoft.MapPoint.Data.VirtualEarthTileDataSource.ni.dll

    + 2012-02-15 18:23 . 2012-02-15 18:23 344064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\a1f405ea07f90810c93748e395f4dcb1\Microsoft.MapPoint.Utility.ni.dll

    + 2012-02-15 18:23 . 2012-02-15 18:23 438272 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\83fe5a85df14c225af578b832ab8a440\Microsoft.MapPoint.MapControl3D.ni.dll

    + 2012-02-15 18:23 . 2012-02-15 18:23 411648 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\5c19cddb0d1f2c7b101e6c4715b5fdb9\Microsoft.MapPoint.Network.ni.dll

    + 2012-02-15 18:23 . 2012-02-15 18:23 340992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\440eb008d05eae6b8fe536a39e6bb49e\Microsoft.MapPoint.UtilityPartialTrust.ni.dll

    + 2012-02-15 16:38 . 2012-02-15 16:38 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\fd1338828beec8737fed8f50f4fcc567\Microsoft.Build.Utilities.ni.dll

    + 2012-02-15 18:24 . 2012-02-15 18:24 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\0d5f999c4b7e51151548c37c676c1b8e\Microsoft.Build.Utilities.v3.5.ni.dll

    + 2012-02-15 18:24 . 2012-02-15 18:24 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\792168ce8fe03a3db43e12cf736cf91e\Microsoft.Build.Engine.ni.dll

    + 2012-02-15 18:24 . 2012-02-15 18:24 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\0a5277c34ddc1f55df1defb4231e814f\Microsoft.Build.Conversion.v3.5.ni.dll

    + 2012-02-15 18:23 . 2012-02-15 18:23 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\a8df37aadb089f1f34d3d2f103966fbc\ComSvcConfig.ni.exe

    + 2012-02-15 17:41 . 2012-02-15 17:41 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\25ce400b547f517258c8afb0480390ea\AspNetMMCExt.ni.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll

    + 2012-02-15 16:37 . 2012-02-15 16:37 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll

    + 2012-02-15 16:37 . 2012-02-15 16:37 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll

    + 2012-02-15 16:37 . 2012-02-15 16:37 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll

    + 2007-08-02 12:00 . 2011-12-17 19:43 1212416 c:\windows\system32\urlmon.dll

    - 2007-08-02 12:00 . 2011-11-04 19:13 1212416 c:\windows\system32\urlmon.dll

    + 2007-08-02 12:00 . 2011-12-17 19:43 5979136 c:\windows\system32\mshtml.dll

    - 2006-10-17 09:57 . 2011-11-04 19:13 2000384 c:\windows\system32\iertutil.dll

    + 2006-10-17 09:57 . 2011-12-17 19:43 2000384 c:\windows\system32\iertutil.dll

    + 2008-10-15 06:58 . 2012-01-12 17:20 1859968 c:\windows\system32\dllcache\win32k.sys

    - 2007-08-02 12:00 . 2011-11-04 19:13 1212416 c:\windows\system32\dllcache\urlmon.dll

    + 2007-08-02 12:00 . 2011-12-17 19:43 1212416 c:\windows\system32\dllcache\urlmon.dll

    + 2007-08-02 12:00 . 2011-12-17 19:43 5979136 c:\windows\system32\dllcache\mshtml.dll

    + 2007-10-10 23:49 . 2011-12-17 19:43 2000384 c:\windows\system32\dllcache\iertutil.dll

    - 2007-10-10 23:49 . 2011-11-04 19:13 2000384 c:\windows\system32\dllcache\iertutil.dll

    + 2011-10-26 02:39 . 2011-10-26 02:39 3186688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll

    + 2012-02-16 11:51 . 2012-02-16 11:51 1252864 c:\windows\Installer\a39773.msi

    + 2012-02-16 11:50 . 2012-02-16 11:50 1605120 c:\windows\Installer\a39769.msi

    + 2011-10-30 21:54 . 2011-10-30 21:54 2748416 c:\windows\Installer\375476.msp

    + 2012-02-03 14:13 . 2012-02-03 14:13 4988928 c:\windows\Installer\37546f.msp

    + 2010-05-11 08:22 . 2012-02-15 16:34 1172240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\xlicons.exe

    - 2010-05-11 08:22 . 2012-01-27 08:29 1172240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\xlicons.exe

    + 2010-05-11 08:22 . 2012-02-15 16:34 1165584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\accicons.exe

    - 2010-05-11 08:22 . 2012-01-27 08:29 1165584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\accicons.exe

    + 2012-02-15 16:39 . 2011-11-04 19:13 1212416 c:\windows\ie8updates\KB2647516-IE8\urlmon.dll

    + 2012-02-15 16:39 . 2011-11-04 19:13 5978112 c:\windows\ie8updates\KB2647516-IE8\mshtml.dll

    + 2012-02-15 16:39 . 2011-11-04 19:13 2000384 c:\windows\ie8updates\KB2647516-IE8\iertutil.dll

    + 2012-02-15 16:38 . 2012-02-15 16:38 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\174c2f776741812aed02c337bbcd1dae\WindowsBase.ni.dll

    + 2012-02-15 16:41 . 2012-02-15 16:41 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\94f5164ff4f664c5e4e7fb4c3af1abad\UIAutomationClientsideProviders.ni.dll

    + 2012-02-15 16:37 . 2012-02-15 16:37 7953408 c:\windows\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll

    + 2012-02-15 16:38 . 2012-02-15 16:38 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\77e1279cbf4eecfb0284b63316fe43fe\System.Xml.ni.dll

    + 2012-02-15 18:27 . 2012-02-15 18:27 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\c4c671c737b553db8e07664816475333\System.WorkflowServices.ni.dll

    + 2012-02-15 18:27 . 2012-02-15 18:27 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\248ea47105ff4af6ee75e6fdd5b450a1\System.Workflow.Runtime.ni.dll

    + 2012-02-15 18:27 . 2012-02-15 18:27 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\80a288b6611668160334668cc2608e4a\System.Workflow.ComponentModel.ni.dll

    + 2012-02-15 18:26 . 2012-02-15 18:26 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\4c27548df5897320840ee0d65db38742\System.Workflow.Activities.ni.dll

    + 2012-02-15 16:40 . 2012-02-15 16:40 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\e9ba004858dcdb5958d86f26f043f85a\System.Web.Services.ni.dll

    + 2012-02-15 18:26 . 2012-02-15 18:26 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\030cde14924eefebc06c240dbfe093a4\System.Web.Mobile.ni.dll

    + 2012-02-15 18:26 . 2012-02-15 18:26 2405888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\6379c8ca8ae11effb415139990923ff1\System.Web.Extensions.ni.dll

    + 2012-02-15 16:41 . 2012-02-15 16:41 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\e456140d5d6c43d7383bd36d3f9e12c6\System.Speech.ni.dll

    + 2012-02-15 18:26 . 2012-02-15 18:26 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\285dfbf2380436e187cb624bd1cd4683\System.ServiceModel.Web.ni.dll

    + 2012-02-15 17:42 . 2012-02-15 17:42 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f2532204217dc10f152afd077b09927c\System.Runtime.Serialization.ni.dll

    + 2012-02-15 16:40 . 2012-02-15 16:40 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\d51e6bb07124a1d780d1e024858e0dc1\System.Printing.ni.dll

    + 2012-02-15 17:42 . 2012-02-15 17:42 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\8ef05061cd205c4f2a8583d97f32a603\System.IdentityModel.ni.dll

    + 2012-02-15 16:39 . 2012-02-15 16:39 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9351cf29bb1ba951e45a9b3b0edab937\System.Drawing.ni.dll

    + 2012-02-15 16:40 . 2012-02-15 16:40 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\77d0e93f024055d04c07cc2700b4c590\System.DirectoryServices.ni.dll

    + 2012-02-15 16:38 . 2012-02-15 16:39 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\707a05a7d5a8d99dd56d1d50311a60d2\System.Deployment.ni.dll

    + 2012-02-15 16:40 . 2012-02-15 16:40 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\ae888f8633fce3ff1de98e32bce0abbf\System.Data.ni.dll

    + 2012-02-15 16:38 . 2012-02-15 16:38 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\857300fa64d09c69125451fd8894f3da\System.Data.SqlXml.ni.dll

    + 2012-02-15 18:26 . 2012-02-15 18:26 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\e9d4a1fb13572c769ddd9b86e55baab4\System.Data.Services.ni.dll

    + 2012-02-15 16:40 . 2012-02-15 16:40 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\3f2e74586111fb32d5edc059f709fa94\System.Data.OracleClient.ni.dll

    + 2012-02-15 16:41 . 2012-02-15 16:41 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c3d9c33f71d15a3e2e240092a244eba3\System.Data.Linq.ni.dll

    + 2012-02-15 18:26 . 2012-02-15 18:26 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\424160369b301ccd1b6fd86265611955\System.Data.Entity.ni.dll

    + 2012-02-15 16:41 . 2012-02-15 16:41 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\0a6d6717e76be12295711ff02c7aa1d4\System.Core.ni.dll

    + 2012-02-15 16:40 . 2012-02-15 16:40 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\33cdfb4c322a528260016ac759230501\ReachFramework.ni.dll

    + 2012-02-15 16:39 . 2012-02-15 16:39 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\a6def83aee1aaf3336675ce58ac09013\PresentationUI.ni.dll

    + 2012-02-15 16:38 . 2012-02-15 16:38 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\59cd6ce5a254006179eee92952cd2272\PresentationBuildTasks.ni.dll

    + 2012-02-15 18:25 . 2012-02-15 18:25 2855424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\f37693d9850da4bc6af64d65daa8804e\Microsoft.Windows.Design.Developer.ni.dll

    + 2012-02-15 18:25 . 2012-02-15 18:25 3152384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\e46fc91a242dd0fedb64a76cab7c3eab\Microsoft.Windows.Design.Markup.ni.dll

    + 2012-02-15 18:25 . 2012-02-15 18:25 1515008 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\b86f3569d31a623991995585ed79fc07\Microsoft.VisualStudio.Modeling.Sdk.ni.dll

    + 2012-02-15 18:25 . 2012-02-15 18:25 2383360 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\a3ff013e036512cc5ad1325f5c939612\Microsoft.VisualStudio.Modeling.Sdk.Diagrams.ni.dll

    + 2012-02-15 18:24 . 2012-02-15 18:24 1873920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\62f4381d606350834a4113a67a4bfdd7\Microsoft.VisualStudio.CommonIDE.ni.dll

    + 2012-02-15 18:25 . 2012-02-15 18:25 1298944 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\2151f451631398234e95d971bc0c9c48\Microsoft.VisualStudio.Tools.Applications.Adapter.v9.0.ni.dll

    + 2012-02-15 18:24 . 2012-02-15 18:24 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\96e485c02ad346a2bd26a635e7fcb023\Microsoft.VisualBasic.ni.dll

    + 2012-02-15 18:23 . 2012-02-15 18:23 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\f7071f9a1c0523540f6aa7f11c302fb6\Microsoft.Transactions.Bridge.ni.dll

    + 2012-02-15 18:23 . 2012-02-15 18:23 1949184 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\e0ef30fd9c6ff8cfca636b5711c87030\Microsoft.MapPoint.Modeling.ni.dll

    + 2012-02-15 18:23 . 2012-02-15 18:23 1217024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\cd5818e15c14ef61dfdedcab359e246b\Microsoft.MapPoint.Data.ni.dll

    + 2012-02-15 18:23 . 2012-02-15 18:23 1524736 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\7817904c055d5b82b81c2e880acd6cec\Microsoft.MapPoint.Rendering3D.WorldMemoryDataSource.ni.dll

    + 2012-02-15 18:23 . 2012-02-15 18:23 1524224 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\71343e8b217dfa270383da6e6c85cee6\Microsoft.MapPoint.GraphicsAPI.ni.dll

    + 2012-02-15 18:23 . 2012-02-15 18:23 4094976 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\209aaeed5c703011a808f1761ccff19f\Microsoft.MapPoint.Rendering3D.ni.dll

    + 2012-02-15 18:23 . 2012-02-15 18:23 2766336 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\1931a09a5b7a6a54e9d9fad583dcbcef\Microsoft.MapPoint.Graphics3D.ni.dll

    + 2012-02-15 18:26 . 2012-02-15 18:26 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\806b1d127ed3e906db972751e87585c4\Microsoft.JScript.ni.dll

    + 2012-02-15 18:24 . 2012-02-15 18:24 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\912789fd859e0887e10a935cade08e72\Microsoft.Build.Tasks.v3.5.ni.dll

    + 2012-02-15 18:24 . 2012-02-15 18:24 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\6c1d3eec78906cc2a2ecffb013114c50\Microsoft.Build.Tasks.ni.dll

    + 2012-02-15 18:24 . 2012-02-15 18:24 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\d6edd4b4619a9052d3dfe50c3067d5e0\Microsoft.Build.Engine.ni.dll

    + 2012-02-15 17:42 . 2012-02-15 17:42 1140736 c:\windows\assembly\NativeImages_v2.0.50727_32\AcLayer\759cd611e68c6909b5e1791b27aec7f8\AcLayer.ni.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 3186688 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

    - 2012-01-11 18:06 . 2012-01-11 18:06 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll

    + 2012-02-15 16:36 . 2012-02-15 16:36 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll

    + 2008-01-08 15:13 . 2012-02-15 16:40 52550552 c:\windows\system32\MRT.exe

    + 2006-11-07 19:03 . 2011-12-18 13:43 11082240 c:\windows\system32\ieframe.dll

    + 2007-10-10 23:49 . 2011-12-18 13:43 11082240 c:\windows\system32\dllcache\ieframe.dll

    + 2012-02-15 16:44 . 2012-02-15 16:44 20333056 c:\windows\Installer\375481.msp

    + 2012-02-15 16:39 . 2011-11-04 19:13 11081728 c:\windows\ie8updates\KB2647516-IE8\ieframe.dll

    + 2012-02-15 16:39 . 2012-02-15 16:39 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ad99ac6b5666edb8ee742dd64f9578af\System.Windows.Forms.ni.dll

    + 2012-02-15 16:40 . 2012-02-15 16:40 11817472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\29bdc8352d3c26e3c572ea60639dec3b\System.Web.ni.dll

    + 2012-02-15 18:22 . 2012-02-15 18:22 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\1cdcd6d97627d345d5ff446e6ec88b97\System.ServiceModel.ni.dll

    + 2012-02-15 16:40 . 2012-02-15 16:40 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\7c8f8fb506c32500acc1b6190d054f26\System.Design.ni.dll

    + 2012-02-15 16:39 . 2012-02-15 16:39 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5060105fb9e169399fe45600b1e9215e\PresentationFramework.ni.dll

    + 2012-02-15 16:38 . 2012-02-15 16:38 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\0665bba8c9962deadc418881eb3a2a2a\PresentationCore.ni.dll

    .

    -- Snapshot per reimpostare la data corrente --

    .

    ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    *Nota* i valori vuoti & legittimi/default non sono visualizzati.

    REGEDIT4

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

    2011-02-18 05:12 94208 ----a-w- c:\documents and settings\alessio\Dati applicazioni\Dropbox\bin\DropboxExt.14.dll

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

    2011-02-18 05:12 94208 ----a-w- c:\documents and settings\alessio\Dati applicazioni\Dropbox\bin\DropboxExt.14.dll

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

    2011-02-18 05:12 94208 ----a-w- c:\documents and settings\alessio\Dati applicazioni\Dropbox\bin\DropboxExt.14.dll

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

    2011-02-18 05:12 94208 ----a-w- c:\documents and settings\alessio\Dati applicazioni\Dropbox\bin\DropboxExt.14.dll

    .

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "LightScribe Control Panel"="c:\programmi\File comuni\LightScribe\LightScribeControlPanel.exe" [2007-05-15 484904]

    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 153136]

    "swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-10-12 39408]

    "Skype"="c:\programmi\Skype\Phone\Skype.exe" [2012-01-31 17147528]

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "JMB36X IDE Setup"="c:\windows\JM\JMInsIDE.exe" [2006-10-30 36864]

    "JMB36X Configure"="c:\windows\system32\JMRaidSetup.exe" [2006-10-30 1953792]

    "Acrobat Assistant 7.0"="c:\programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2008-04-23 483328]

    "NeroFilterCheck"="c:\programmi\File comuni\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]

    "SoundMAXPnP"="c:\programmi\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]

    "SSLEmptyCache"="c:\windows\system32\SSLEmptyCache.exe" [2008-10-02 32768]

    "eScan Updater"="c:\progra~1\eScan\TRAYICOS.EXE" [2010-05-28 3284488]

    "MailScan Dispatcher"="c:\progra~1\eScan\LAUNCH.EXE" [2011-12-21 405512]

    "Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]

    "Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

    "QuickTime Task"="c:\programmi\QuickTime\qttask.exe" [2010-11-29 421888]

    "SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe" [2011-04-08 254696]

    "APSDaemon"="c:\programmi\File comuni\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]

    "iTunesHelper"="c:\programmi\iTunes\iTunesHelper.exe" [2011-10-09 421736]

    .

    c:\documents and settings\alessio\Menu Avvio\Programmi\Esecuzione automatica\

    Dropbox.lnk - c:\documents and settings\alessio\Dati applicazioni\Dropbox\bin\Dropbox.exe [2011-9-2 24183152]

    .

    c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\

    Adobe Gamma Loader.lnk - c:\programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe [2008-4-10 113664]

    Avvio veloce di Adobe Acrobat.lnk - c:\windows\Installer\{AC76BA86-1034-4700-7760-000000000002}\SC_Acrobat.exe [2007-11-8 25214]

    .

    [HKEY_LOCAL_MACHINE\software\policies\microsoft\windows\windowsupdate\au]

    "NoAutoUpdate"= 1 (0x1)

    .

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

    "{EDB0E980-90BD-11D4-8599-0008C7D3B6F8}"= "c:\programmi\Qualcomm\Eudora\EuShlExt.dll" [2006-08-17 86016]

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\eSLogOn]

    2009-11-05 15:55 654856 ----a-w- c:\windows\system32\eslogon.dll

    .

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

    BootExecute REG_MULTI_SZ lsdelete

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

    @="Service"

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

    @="Service"

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    @="Driver"

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

    @="Service"

    .

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

    "EnableFirewall"= 0 (0x0)

    .

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

    "%windir%\\system32\\sessmgr.exe"=

    "c:\\WINDOWS\\system32\\dpvsetup.exe"=

    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=

    "c:\\WINDOWS\\system32\\mmc.exe"=

    "c:\\Programmi\\Autodesk Network License Manager\\adskflex.exe"=

    "c:\\Programmi\\Autodesk Network License Manager\\lmgrd.exe"=

    "c:\\Programmi\\Autodesk VIZ 2005\\3dsviz.exe"=

    "c:\\Programmi\\Messenger\\msmsgs.exe"=

    "c:\\PROGRA~1\\eScan\\DOWNLOAD.EXE"=

    "c:\\PROGRA~1\\eScan\\TRAYICOS.EXE"=

    "c:\\PROGRA~1\\FILECO~1\\MICROW~1\\Agent\\MWAGENT.EXE"=

    "c:\\PROGRA~1\\eScan\\LICENSE.EXE"=

    "c:\\Programmi\\File comuni\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=

    "c:\\Programmi\\Bonjour\\mDNSResponder.exe"=

    "c:\\Programmi\\iTunes\\iTunes.exe"=

    "c:\\Documents and Settings\\alessio\\Dati applicazioni\\Dropbox\\bin\\Dropbox.exe"=

    "c:\\Programmi\\Skype\\Phone\\Skype.exe"=

    .

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

    "3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

    .

    R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [08/02/2012 11.29.42 64512]

    R2 ArcGIS License Manager;ArcGIS License Manager;c:\progra~1\ESRI\License\arcgis9x\lmgrd.exe [10/07/2009 17.32.18 1372160]

    R2 EconService;eConServ;c:\progra~1\escan\EconSer.exe [05/05/2010 16.57.46 842760]

    R2 eScan-trayicos;eScan Server-Updater;c:\progra~1\eScan\TRAYSSER.EXE [05/05/2010 16.57.20 272904]

    R2 eScan Monitor Service;eScan Monitor Service;c:\docume~1\ALLUSE~1\DATIAP~1\MICROW~1\eScanBD\avpmapp.exe [05/05/2010 16.57.50 1336504]

    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\programmi\Lavasoft\Ad-Aware\AAWService.exe [23/12/2011 7.12.10 2152152]

    R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\programmi\Viewpoint\Common\ViewpointService.exe [20/01/2009 10.38.19 24652]

    R2 viz 2005;viz 2005;c:\programmi\Autodesk Network License Manager\lmgrd.exe [17/10/2002 8.30.02 607232]

    R3 econceal;MicroWorld Technologies Network Service;c:\windows\system32\drivers\econceal.sys [05/05/2010 17.05.07 26632]

    R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\programmi\Lavasoft\Ad-Aware\kernexplorer.sys [23/12/2011 7.12.10 15232]

    R3 ProcObsrves;ProcObsrves;c:\progra~1\eScan\ProcObsrves.sys [05/05/2010 16.57.35 17928]

    S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [12/10/2010 14.52.55 135664]

    S2 SkypeUpdate;Skype Updater;c:\programmi\Skype\Updater\Updater.exe [31/01/2012 15.09.34 158856]

    S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usbxp.sys [29/01/2010 13.08.49 24832]

    S3 gupdatem;Servizio Google Update (gupdatem);c:\programmi\Google\Update\GoogleUpdate.exe [12/10/2010 14.52.55 135664]

    .

    --- Altri Servizi/Drivers In Memoria ---

    .

    *Deregistered* - eRootDrv

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

    2007-05-15 15:08 452136 ----a-w- c:\programmi\File comuni\LightScribe\LSRunOnce.exe

    .

    Contenuto della cartella 'Scheduled Tasks'

    .

    2012-02-20 c:\windows\Tasks\Ad-Aware Update (Weekly).job

    - c:\programmi\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-12-23 10:36]

    .

    2012-02-17 c:\windows\Tasks\AppleSoftwareUpdate.job

    - c:\programmi\Apple Software Update\SoftwareUpdate.exe [2011-06-01 10:34]

    .

    2012-02-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

    - c:\programmi\Google\Update\GoogleUpdate.exe [2010-10-12 13:52]

    .

    2012-02-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

    - c:\programmi\Google\Update\GoogleUpdate.exe [2010-10-12 13:52]

    .

    .

    ------- Scansione supplementare -------

    .

    uStart Page = hxxp://www.google.it/

    uInternet Settings,ProxyOverride = *.local

    uSearchAssistant = hxxp://www.google.com/ie

    IE: Converti destinazione link in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

    IE: Converti destinazione link in PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

    IE: Converti in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

    IE: Converti in PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

    IE: Converti link selezionati in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

    IE: Converti link selezionati in PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

    IE: Converti selezione a PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

    IE: Converti selezione in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

    IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

    IE: Google Sidewiki... - c:\programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

    TCP: Interfaces\{3D377DF3-EE1F-4154-8E0B-868F1450E22F}: NameServer = 212.216.112.112

    DPF: {15D151C8-5180-43C1-9360-4D794663BD6E} - hxxp://www.crs.regione.lombardia.it/components/OcsKitCittadino.cab

    DPF: {3263F297-5CB9-4D8C-A2DB-CDFB8C69CB6D} - hxxp://www.crs.regione.lombardia.it/components/OcxCertUpdate.cab

    DPF: {4384AA75-43AB-4095-84F9-C5B35EC62B5D} - hxxp://www.crs.regione.lombardia.it/components/OcxCrsInfo.cab

    DPF: {877E14A6-0ACF-4509-8CF3-E4A0F4ED46F4} - hxxp://supportsiss.lispa.it/components/pdlc.cab

    FF - ProfilePath - c:\documents and settings\alessio\Dati applicazioni\Mozilla\Firefox\Profiles\txkx1lq8.default\

    FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/

    FF - prefs.js: network.proxy.type - 0

    .

    - - - - CHIAVI ORFANE RIMOSSE - - - -

    .

    WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)

    .

    .

    .

    **************************************************************************

    .

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [url="http://www.gmer.net"]http://www.gmer.net[/url]

    Rootkit scan 2012-02-20 12:54

    Windows 5.1.2600 Service Pack 3 NTFS

    .

    scansione processi nascosti ...

    .

    scansione entrate autostart nascoste ...

    .

    Scansione files nascosti ...

    .

    Scansione completata con successo

    Files nascosti: 0

    .

    **************************************************************************

    .

    --------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

    .

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|ÿÿÿÿ"•€|þ»Ñw*]

    "0140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

    .

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]

    "0140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

    .

    --------------------- Dlls caricate dai processi in esecuzione ---------------------

    .

    - - - - - - - > 'winlogon.exe'(772)

    c:\windows\system32\Ati2evxx.dll

    c:\windows\system32\atiadlxx.dll

    c:\windows\system32\eSLogOn.dll

    .

    Ora fine scansione: 2012-02-20 12:57:03

    ComboFix-quarantined-files.txt 2012-02-20 11:56

    ComboFix2.txt 2012-02-15 09:03

    .

    Pre-Run: 227'181'916'160 byte disponibili

    Post-Run: 227'218'759'680 byte disponibili

    .

    - - End Of File - - BF6AFEFC90D6AFE7F078479EEF9E588F
    0
  • Support
    Hi toros,



    I'm glad that Skype behaves well /smile.png' class='bbc_emoticon' alt=':)' />

    I cannot see anything malicious in the ComboFix log, but please run DDS again and post DDS.txt.



    Did you try to attach the screen shot?

    0
  • Customer
    Ok.

    Yes, I attached a screen shot, or actually, I attached it as image. Did you see it?

    I'll try again.

    [attachment=9253:screenshot.jpg]
    0
  • Customer
    The first was the right one, but no answer. I guess it is something about the protection settings. I'll check for them. As soon as it is possible I'll run DDS.



    Ciao a presto (bye, see you soon... so you can start leraning Italian a little bit. /cool.png' class='bbc_emoticon' alt='B)' /> )
    0
  • Support
    Now I can see the picture /smile.png' class='bbc_emoticon' alt=':)' />



    I don't speak Italian unfortunately, but I tried to google the message and I found http://forum.html.it/forum/showthread.php?threadid=1480883 Does it provide an answer?

    ComboFix resets settings in IE since many malicious programs lower the settings and that might be the reason why it suddenly appears.

    Or http://www.airdave.it/avviso-di-protezione-internet-explorer-8-eliminare-questa-noia-di-avviso-10952/
    0

Please sign in to leave a comment.