Sospetti Virus!! [Archivio] - Hardware Upgrade Forum

Workman86

30-11-2008, 00:23

Ragazzi nn saprei se sono infetto o no...potete controllare un attimo!!!

Avira AntiVir Personal
Report file date: domenica 30 novembre 2008 00:18

Scanning for 1058638 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: ALFIERI-546F074

Version information:
BUILD.DAT : 8.2.0.337 16934 Bytes 18/11/2008 13:05:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 25/11/2008 17:06:57
AVSCAN.DLL : 8.1.4.0 40705 Bytes 17/07/2008 19:38:04
LUKE.DLL : 8.1.4.5 164097 Bytes 17/07/2008 19:38:04
LUKERES.DLL : 8.1.4.0 12033 Bytes 17/07/2008 19:38:04
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 16:35:06
ANTIVIR1.VDF : 7.1.0.56 411136 Bytes 09/11/2008 17:20:22
ANTIVIR2.VDF : 7.1.0.124 376832 Bytes 23/11/2008 14:00:47
ANTIVIR3.VDF : 7.1.0.157 195072 Bytes 28/11/2008 16:37:07
Engineversion : 8.2.0.36
AEVDF.DLL : 8.1.0.6 102772 Bytes 15/10/2008 15:26:47
AESCRIPT.DLL : 8.1.1.15 332156 Bytes 11/11/2008 17:20:47
AESCN.DLL : 8.1.1.5 123251 Bytes 09/11/2008 10:35:18
AERDL.DLL : 8.1.1.3 438645 Bytes 05/11/2008 21:25:17
AEPACK.DLL : 8.1.3.4 393591 Bytes 11/11/2008 17:20:46
AEOFFICE.DLL : 8.1.0.30 196986 Bytes 09/11/2008 10:35:18
AEHEUR.DLL : 8.1.0.71 1487222 Bytes 09/11/2008 10:35:17
AEHELP.DLL : 8.1.2.0 119159 Bytes 18/11/2008 19:58:31
AEGEN.DLL : 8.1.1.6 323955 Bytes 28/11/2008 16:38:09
AEEMU.DLL : 8.1.0.9 393588 Bytes 15/10/2008 15:26:40
AECORE.DLL : 8.1.5.2 172405 Bytes 28/11/2008 16:38:08
AEBB.DLL : 8.1.0.3 53618 Bytes 15/10/2008 15:26:38
AVWINLL.DLL : 1.0.0.12 15105 Bytes 17/07/2008 19:38:04
AVPREF.DLL : 8.0.2.0 38657 Bytes 17/07/2008 19:38:04
AVREP.DLL : 8.0.0.2 98344 Bytes 31/07/2008 15:15:39
AVREG.DLL : 8.0.0.1 33537 Bytes 17/07/2008 19:38:04
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 17/07/2008 19:38:04
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 17/07/2008 19:38:04
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 17/07/2008 19:38:01
RCTEXT.DLL : 8.0.52.0 86273 Bytes 17/07/2008 19:38:01

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\programmi\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: repair
Secondary action.................: quarantine
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, W:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: high
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: domenica 30 novembre 2008 00:18

Starting search for hidden objects.
'73307' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'emule.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'SAgent4.exe' - '1' Module(s) have been scanned
Scan process 'sp_rsser.exe' - '1' Module(s) have been scanned
Scan process 'PsiService_2.exe' - '1' Module(s) have been scanned
Scan process 'PSIService.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'NBService.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'GoogleUpdaterService.exe' - '1' Module(s) have been scanned
Scan process 'E_S00RP2.EXE' - '1' Module(s) have been scanned
Scan process 'Crypserv.exe' - '1' Module(s) have been scanned
Scan process 'CTSVCCDA.EXE' - '1' Module(s) have been scanned
Scan process 'DevSvc.exe' - '1' Module(s) have been scanned
Scan process 'ATKKBService.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'CTSched.exe' - '1' Module(s) have been scanned
Scan process 'SmartDoctor.exe' - '1' Module(s) have been scanned
Scan process 'reader_sl.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'SpywareTerminatorShield.Exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'CTSysVol.exe' - '1' Module(s) have been scanned
Scan process 'ipoint.exe' - '1' Module(s) have been scanned
Scan process 'itype.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
43 processes with 43 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Periferica non pronta.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Periferica non pronta.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Periferica non pronta.
Master boot sector HD5
[INFO] No virus was found!
[WARNING] System error [21]: Periferica non pronta.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
[WARNING] System error [3]: Impossibile trovare il percorso specificato.
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'W:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '55' files ).

Starting the file scan:

Begin scan in 'C:\' <Disco Locale>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Programmi\Electronic Arts\Crytek\Crysis WARHEAD\Bin32\PAUL.DLL
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE] The detection was classified as suspicious.
[NOTE] The file was moved to '4986d207.qua'!
C:\System Volume Information\_restore{AA155B4C-26CE-46AD-8DE1-1E3C000FCBE6}\RP366\A0101338.sys
[DETECTION] Is the TR/Rootkit.Gen Trojan
[NOTE] The file was moved to '4962d5c6.qua'!
C:\System Volume Information\_restore{AA155B4C-26CE-46AD-8DE1-1E3C000FCBE6}\RP366\A0102150.DLL
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE] The detection was classified as suspicious.
[NOTE] The file was moved to '4962d5c8.qua'!
C:\WINDOWS\system32\drivers\atapi.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\Changer.sys
[DETECTION] Is the TR/Rootkit.Gen Trojan
[NOTE] The file was moved to '4992d79c.qua'!
Begin scan in 'D:\' <Dati>
Begin scan in 'W:\' <Western Digital>
W:\CSRSS.exe
[DETECTION] Is the TR/Autorun.UG Trojan
[NOTE] The file was moved to '4983d8a9.qua'!
W:\SERVICES.exe
[DETECTION] Is the TR/Autorun.UG Trojan
[NOTE] The file was moved to '4983d89b.qua'!
W:\System Volume Information\_restore{AA155B4C-26CE-46AD-8DE1-1E3C000FCBE6}\RP366\A0102154.exe
[DETECTION] Is the TR/Autorun.UG Trojan
[NOTE] The file was moved to '4962dd17.qua'!
W:\System Volume Information\_restore{AA155B4C-26CE-46AD-8DE1-1E3C000FCBE6}\RP366\A0102155.exe
[DETECTION] Is the TR/Autorun.UG Trojan
[NOTE] The file was moved to '48e30f58.qua'!

End of the scan: domenica 30 novembre 2008 01:23
Used time: 1:04:40 Hour(s)

The scan has been done completely.

9119 Scanning directories
488797 Files were scanned
6 viruses and/or unwanted programs were found
2 Files were classified as suspicious:
0 files were deleted
0 files were repaired
8 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
488787 Files not concerned
4554 Archives were scanned
7 Warnings
8 Notes
73307 Objects were scanned with rootkit scan
0 Hidden objects were found

Chill-Out

30-11-2008, 14:08

Ciao disabilita il ripristino configurazione sistema e ripeti scansione completa con Avira ed allega il log.

Workman86

30-11-2008, 17:23

Ho fatto cm hai detto tu...

Avira AntiVir Personal
Report file date: domenica 30 novembre 2008 17:19

Scanning for 1058638 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: ALFIERI-546F074

Version information:
BUILD.DAT : 8.2.0.337 16934 Bytes 18/11/2008 13:05:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 25/11/2008 17:06:57
AVSCAN.DLL : 8.1.4.0 40705 Bytes 17/07/2008 19:38:04
LUKE.DLL : 8.1.4.5 164097 Bytes 17/07/2008 19:38:04
LUKERES.DLL : 8.1.4.0 12033 Bytes 17/07/2008 19:38:04
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 16:35:06
ANTIVIR1.VDF : 7.1.0.56 411136 Bytes 09/11/2008 17:20:22
ANTIVIR2.VDF : 7.1.0.124 376832 Bytes 23/11/2008 14:00:47
ANTIVIR3.VDF : 7.1.0.157 195072 Bytes 28/11/2008 16:37:07
Engineversion : 8.2.0.36
AEVDF.DLL : 8.1.0.6 102772 Bytes 15/10/2008 15:26:47
AESCRIPT.DLL : 8.1.1.15 332156 Bytes 11/11/2008 17:20:47
AESCN.DLL : 8.1.1.5 123251 Bytes 09/11/2008 10:35:18
AERDL.DLL : 8.1.1.3 438645 Bytes 05/11/2008 21:25:17
AEPACK.DLL : 8.1.3.4 393591 Bytes 11/11/2008 17:20:46
AEOFFICE.DLL : 8.1.0.30 196986 Bytes 09/11/2008 10:35:18
AEHEUR.DLL : 8.1.0.71 1487222 Bytes 09/11/2008 10:35:17
AEHELP.DLL : 8.1.2.0 119159 Bytes 18/11/2008 19:58:31
AEGEN.DLL : 8.1.1.6 323955 Bytes 28/11/2008 16:38:09
AEEMU.DLL : 8.1.0.9 393588 Bytes 15/10/2008 15:26:40
AECORE.DLL : 8.1.5.2 172405 Bytes 28/11/2008 16:38:08
AEBB.DLL : 8.1.0.3 53618 Bytes 15/10/2008 15:26:38
AVWINLL.DLL : 1.0.0.12 15105 Bytes 17/07/2008 19:38:04
AVPREF.DLL : 8.0.2.0 38657 Bytes 17/07/2008 19:38:04
AVREP.DLL : 8.0.0.2 98344 Bytes 31/07/2008 15:15:39
AVREG.DLL : 8.0.0.1 33537 Bytes 17/07/2008 19:38:04
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 17/07/2008 19:38:04
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 17/07/2008 19:38:04
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 17/07/2008 19:38:01
RCTEXT.DLL : 8.0.52.0 86273 Bytes 17/07/2008 19:38:01

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\programmi\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: repair
Secondary action.................: quarantine
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, W:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: high
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: domenica 30 novembre 2008 17:19

Starting search for hidden objects.
'61754' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'ACDSeeQV.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'SAgent4.exe' - '1' Module(s) have been scanned
Scan process 'sp_rsser.exe' - '1' Module(s) have been scanned
Scan process 'PsiService_2.exe' - '1' Module(s) have been scanned
Scan process 'PSIService.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'NBService.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'GoogleUpdaterService.exe' - '1' Module(s) have been scanned
Scan process 'E_S00RP2.EXE' - '1' Module(s) have been scanned
Scan process 'Crypserv.exe' - '1' Module(s) have been scanned
Scan process 'CTSVCCDA.EXE' - '1' Module(s) have been scanned
Scan process 'DevSvc.exe' - '1' Module(s) have been scanned
Scan process 'ATKKBService.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'CTSched.exe' - '1' Module(s) have been scanned
Scan process 'SmartDoctor.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'SpywareTerminatorShield.Exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'CTSysVol.exe' - '1' Module(s) have been scanned
Scan process 'ipoint.exe' - '1' Module(s) have been scanned
Scan process 'itype.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
42 processes with 42 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Periferica non pronta.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Periferica non pronta.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Periferica non pronta.
Master boot sector HD5
[INFO] No virus was found!
[WARNING] System error [21]: Periferica non pronta.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
[WARNING] System error [3]: Impossibile trovare il percorso specificato.
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'W:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '55' files ).

Starting the file scan:

Begin scan in 'C:\' <Disco Locale>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\atapi.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <Dati>
Begin scan in 'W:\' <Western Digital>

End of the scan: domenica 30 novembre 2008 18:23
Used time: 1:03:26 Hour(s)

The scan has been done completely.

8826 Scanning directories
455568 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
455566 Files not concerned
4121 Archives were scanned
7 Warnings
0 Notes
61754 Objects were scanned with rootkit scan
0 Hidden objects were found

Chill-Out

30-11-2008, 21:04

Dal log di Avira sei ok

Workman86

30-11-2008, 22:09

xkè nella prima ci sono tt quei problemi??

Workman86

30-11-2008, 22:48

QUESTO ME LO HA RIVELATO ORA SPYWARE TERMINATOR
Trojan.KillAV.lz
Description: Trojan
Risk Level: Critical
Date of First Occurence: Thursday, April 17, 2008
Software Developer: (unknown)
Brief Info: Trojan is a seemingly legitimate computer program that has been intentionally designed to disrupt and damage computer activity. Trojans are sometimes used in conjunction with viruses.
Removal: This threat can be removed using "Spyware Terminator"

Chill-Out

30-11-2008, 22:51

xkè nella prima ci sono tt quei problemi??

avevi virus nel system volume information

QUESTO ME LO HA RIVELATO ORA SPYWARE TERMINATOR

cosa e dove?

ma perchè tutte queste scansioni, il problema di fondo qual'è?

Workman86

30-11-2008, 23:02

questo file..

asc3550p me lo rileva ma nn me lo cancella

Detected Item: HKLM\SYSTEM\CurrentControlSet\Services\asc3550p

il problema di fondo è ke xsbaglio ho lanciato un setup ke nn dovevo!!

Workman86

30-11-2008, 23:03

Questo è l info ke mi da

Detected Items

1. Detected Files: %SYSDIR%\drivers\asc3550u.sys MD5: 2E51FCA0A666B07B96CE264D1FC7504A Size:59104 MD5: 3971A1DD1C2B8DD222412C42748BA0BB Size:27360 MD5: 758DEFD696EB6F3CC5EAFCB7AE8F4ACB Size:67936 MD5: 6AC22501944105E5C6373ED9C65B783F Size:67872 MD5: 93B1A86E98D186E890B6A850CD638F7E Size:67936 MD5: 0C6FCF48607F16EB35E7F55FFD2AF528 Size:32864 MD5: 295B1972961EAF28E45038E6622E7F13 Size:32704 MD5: 8496C0F5D68E69EDF70F9DFDF7EB209A Size:67968 %SYSDIR%\drivers\asc3550v.sys MD5: 63AD64373B89C1D36F10B3EB25A1AF40 Size:64096 %SYSDIR%\drivers\asc3550p.sys MD5: EF581EC6F5C92B42BB2E5D9ABD48356D Size:42688 MD5: 642A5C79962AAC586F6EAEFBD1833C7E Size:42688 MD5: 583C8E8DD8FD50DE8AA1BA67DF48E8DE Size:42496 MD5: EF2FA5C501D0861528290640BAB1FB46 Size:42688 MD5: 40C1B3D3C574629D5A1200B12358EBDC Size:42688 MD5: C01C996BA021C3F79395EA13FEFB3AD4 Size:42688 MD5: BDDB0CADA728E271472071A7D3164F5B Size:42688 MD5: 0B98421AA81DF881D000CFC552D10342 Size:42368 MD5: 12BC854BCB1C6A21A1A54673FE461C39 Size:42688 MD5: 0DE25B79F732FE0C05122EAE0EFC0507 Size:42688 MD5: CA1A5342EA446187D5C331A502151584 Size:42688 MD5: 0A43002F24CE4A4044D65B55156B9334 Size:42688 and more.... %SYSDIR%\drivers\asc3550p.sys MD5: ABED53F9F12982158A7B398AE553D7AA Size:42688 MD5: 7C039514007CE6C9EFCFE0F382F3FF8F Size:42336 MD5: 7DF01A215B2EBB9BB8E54F0651A20BD8 Size:42688 MD5: C4D2D117803C4F2A631087EB2ADE30A6 Size:42240 MD5: A83B31C55CE27A5B804633801E8FAD28 Size:42688 MD5: 428F83F6ABFB80B6801BBE355FC7BE3B Size:39808 MD5: FE45293BA2BA5DD1D2492C9CF83F955B Size:39808 MD5: 834FE4F385CA5B16ECF582674425EE39 Size:39680 %SYSDIR%\drivers\asc3550o.sys MD5: 494E7BEBA7AA278A967E01308A559A8E Size:73536 MD5: 1F124A87EC6A9181E9C521F6FE5EB75F Size:73664
2. Detected Files with variable Filenames:

Detecting items list:

1. Files by Name %SYSDIR%\drivers\asc3550a.sys %SYSDIR%\drivers\asc3550o.sys %SYSDIR%\drivers\asc3550u.sys %SYSDIR%\drivers\asc3550v.sys %SYSDIR%\drivers\asc3550p.sys
2. Files by MD5 MD5: ADB68B31CD9E2DF72C93EFF2B5D9592E Size: 40768 MD5: EDFA85E8849FA413C5BF179083B8190F Size: 40768
3. Registry Keys HKLM\SYSTEM\CurrentControlSet\Services\asc3550p

Chill-Out

30-11-2008, 23:10

Passalo pure in quarantena, poi se desideri fare un controlla approfondito segui la Guida alla disinfezione (http://www.hwupgrade.it/forum/showthread.php?t=1599737) allegando tutti i log prodotti in un'unico post secondo le sottoindicate modalità, grazie per la collaborazione

MODALITA' DI PUBBLICAZIONE DEI LOG RICHIESTI:

Ogni singolo log, esclusivamente in formato txt a parte SynInspector e nell'ordine indicato in Guida, deve essere hostato su Fileqube, clicca qui per raggiungere Fileqube (http://fileqube.com/), pubblicando, nella discussione, singolarmente, per ogni log, il link che verrà rilasciato per il download

Workman86

30-11-2008, 23:40

Guardate anke questo

SDFix: Version 1.240
Run by Carmine on 01/12/2008 at 00.27

Microsoft Windows XP [Versione 5.1.2600]
Running From: C:\SDFix

Checking Services :

Restoring Default Security Values
Restoring Default Hosts File

Rebooting

Checking Files :

No Trojan Files Found

Removing Temp Files

ADS Check :

Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-01 00:32:42
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\a347scsi\Config\jdgg40]

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}]
"DisplayName"="Alcohol 120%"

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

Remaining Services :

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Programmi\\uTorrent\\uTorrent.exe"="C:\\Programmi\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\\Programmi\\Mozilla Firefox\\firefox.exe"="C:\\Programmi\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"W:\\Emule ScarAngel 2.5\\emule.exe"="W:\\Emule ScarAngel 2.5\\emule.exe:*:Enabled:eMule"
"C:\\WINDOWS\\system32\\ftp.exe"="C:\\WINDOWS\\system32\\ftp.exe:*:Enabled:Programma di trasferimento file (FTP)"
"C:\\Programmi\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"="C:\\Programmi\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008"
"W:\\Emule ScarAngel 3.0\\emule.exe"="W:\\Emule ScarAngel 3.0\\emule.exe:*:Enabled:eMule"
"C:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Programmi\\Windows Live\\Messenger\\livecall.exe"="C:\\Programmi\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Programmi\\EA Sports\\FIFA 09\\FIFA09.exe"="C:\\Programmi\\EA Sports\\FIFA 09\\FIFA09.exe:*:Enabled:FIFA09"
"C:\\Programmi\\KONAMI\\Pro Evolution Soccer 2009\\pes2009.exe"="C:\\Programmi\\KONAMI\\Pro Evolution Soccer 2009\\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009"
"C:\\Documents and Settings\\Carmine\\Desktop\\PES 2009.exe"="C:\\Documents and Settings\\Carmine\\Desktop\\PES 2009.exe:*:Enabled:Pro Evolution Soccer 2009"
"C:\\Programmi\\Bonjour\\mDNSResponder.exe"="C:\\Programmi\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Programmi\\Windows Live\\Messenger\\livecall.exe"="C:\\Programmi\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

Remaining Files :

Files with Hidden Attributes :

Thu 24 May 2001 162,304 A..H. --- "C:\UNWISE.EXE"
Mon 13 Aug 2007 71,680 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\admparse.dll"
Mon 13 Aug 2007 123,904 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\advpack.dll"
Sat 23 Sep 2006 1,022,976 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\browseui.dll"
Mon 13 Aug 2007 17,408 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\corpol.dll"
Mon 13 Aug 2007 33,792 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\custsat.dll"
Mon 13 Aug 2007 346,624 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\dxtmsft.dll"
Mon 13 Aug 2007 214,528 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\dxtrans.dll"
Mon 13 Aug 2007 131,584 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\extmgr.dll"
Mon 13 Aug 2007 60,416 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\hmmapi.dll"
Mon 13 Aug 2007 61,952 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\icardie.dll"
Mon 13 Aug 2007 54,784 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\ie4uinit.exe"
Mon 13 Aug 2007 152,064 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\ieakeng.dll"
Mon 13 Aug 2007 229,376 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\ieaksie.dll"
Mon 13 Aug 2007 161,792 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\ieakui.dll"
Wed 11 Jul 2007 383,488 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\ieapfltr.dll"
Mon 13 Aug 2007 382,976 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\iedkcs32.dll"
Mon 13 Aug 2007 69,120 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\iedw.exe"
Mon 13 Aug 2007 78,336 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\ieencode.dll"
Mon 13 Aug 2007 6,049,280 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\ieframe.dll"
Mon 13 Aug 2007 191,488 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\iepeers.dll"
Mon 13 Aug 2007 287,744 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\ieproxy.dll"
Mon 13 Aug 2007 43,008 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\iernonce.dll"
Mon 13 Aug 2007 266,752 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\iertutil.dll"
Mon 13 Aug 2007 55,296 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\iesetup.dll"
Mon 13 Aug 2007 13,312 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\ieudinit.exe"
Mon 13 Aug 2007 180,736 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\ieui.dll"
Mon 13 Aug 2007 622,080 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\iexplore.exe"
Mon 13 Aug 2007 36,352 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\imgutil.dll"
Mon 13 Aug 2007 92,672 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\inseng.dll"
Mon 13 Aug 2007 491,520 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\jscript.dll"
Mon 13 Aug 2007 27,136 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\jsproxy.dll"
Mon 13 Aug 2007 40,960 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\licmgr10.dll"
Mon 13 Aug 2007 458,752 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\msfeeds.dll"
Mon 13 Aug 2007 50,688 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\msfeedsbs.dll"
Mon 13 Aug 2007 12,288 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\msfeedssync.exe"
Mon 13 Aug 2007 45,568 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\mshta.exe"
Mon 13 Aug 2007 3,578,368 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\mshtml.dll"
Mon 13 Aug 2007 475,648 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\mshtmled.dll"
Mon 13 Aug 2007 48,128 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\mshtmler.dll"
Mon 13 Aug 2007 156,160 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\msls31.dll"
Mon 13 Aug 2007 192,000 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\msrating.dll"
Mon 13 Aug 2007 670,720 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\mstime.dll"
Mon 13 Aug 2007 101,376 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\occache.dll"
Mon 13 Aug 2007 44,544 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\pngfilt.dll"
Sat 23 Sep 2006 1,497,088 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\shdocvw.dll"
Sat 23 Sep 2006 474,112 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\shlwapi.dll"
Wed 6 Sep 2006 15,584 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\spmsg.dll"
Wed 6 Sep 2006 215,776 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\spuninst.exe"
Wed 6 Sep 2006 22,752 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\spupdsvc.exe"
Mon 13 Aug 2007 105,984 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\url.dll"
Mon 13 Aug 2007 1,162,240 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\urlmon.dll"
Mon 13 Aug 2007 413,696 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\vbscript.dll"
Mon 13 Aug 2007 765,952 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\vgx.dll"
Mon 13 Aug 2007 231,424 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\webcheck.dll"
Mon 13 Aug 2007 206,336 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\winfxdocobj.exe"
Mon 13 Aug 2007 818,688 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\wininet.dll"
Mon 13 Aug 2007 71,680 A..H. --- "C:\9b751e1b441c4ba50fca9383\admparse.dll"
Mon 13 Aug 2007 123,904 A..H. --- "C:\9b751e1b441c4ba50fca9383\advpack.dll"
Sat 23 Sep 2006 1,022,976 A..H. --- "C:\9b751e1b441c4ba50fca9383\browseui.dll"
Mon 13 Aug 2007 17,408 A..H. --- "C:\9b751e1b441c4ba50fca9383\corpol.dll"
Mon 13 Aug 2007 33,792 A..H. --- "C:\9b751e1b441c4ba50fca9383\custsat.dll"
Mon 13 Aug 2007 346,624 A..H. --- "C:\9b751e1b441c4ba50fca9383\dxtmsft.dll"
Mon 13 Aug 2007 214,528 A..H. --- "C:\9b751e1b441c4ba50fca9383\dxtrans.dll"
Mon 13 Aug 2007 131,584 A..H. --- "C:\9b751e1b441c4ba50fca9383\extmgr.dll"
Mon 13 Aug 2007 60,416 A..H. --- "C:\9b751e1b441c4ba50fca9383\hmmapi.dll"
Mon 13 Aug 2007 61,952 A..H. --- "C:\9b751e1b441c4ba50fca9383\icardie.dll"
Mon 13 Aug 2007 54,784 A..H. --- "C:\9b751e1b441c4ba50fca9383\ie4uinit.exe"
Mon 13 Aug 2007 152,064 A..H. --- "C:\9b751e1b441c4ba50fca9383\ieakeng.dll"
Mon 13 Aug 2007 229,376 A..H. --- "C:\9b751e1b441c4ba50fca9383\ieaksie.dll"
Mon 13 Aug 2007 161,792 A..H. --- "C:\9b751e1b441c4ba50fca9383\ieakui.dll"
Wed 11 Jul 2007 383,488 A..H. --- "C:\9b751e1b441c4ba50fca9383\ieapfltr.dll"
Mon 13 Aug 2007 382,976 A..H. --- "C:\9b751e1b441c4ba50fca9383\iedkcs32.dll"
Mon 13 Aug 2007 69,120 A..H. --- "C:\9b751e1b441c4ba50fca9383\iedw.exe"
Mon 13 Aug 2007 78,336 A..H. --- "C:\9b751e1b441c4ba50fca9383\ieencode.dll"
Mon 13 Aug 2007 6,049,280 A..H. --- "C:\9b751e1b441c4ba50fca9383\ieframe.dll"
Mon 13 Aug 2007 191,488 A..H. --- "C:\9b751e1b441c4ba50fca9383\iepeers.dll"
Mon 13 Aug 2007 287,744 A..H. --- "C:\9b751e1b441c4ba50fca9383\ieproxy.dll"
Mon 13 Aug 2007 43,008 A..H. --- "C:\9b751e1b441c4ba50fca9383\iernonce.dll"
Mon 13 Aug 2007 266,752 A..H. --- "C:\9b751e1b441c4ba50fca9383\iertutil.dll"
Mon 13 Aug 2007 55,296 A..H. --- "C:\9b751e1b441c4ba50fca9383\iesetup.dll"
Mon 13 Aug 2007 13,312 A..H. --- "C:\9b751e1b441c4ba50fca9383\ieudinit.exe"
Mon 13 Aug 2007 180,736 A..H. --- "C:\9b751e1b441c4ba50fca9383\ieui.dll"
Mon 13 Aug 2007 622,080 A..H. --- "C:\9b751e1b441c4ba50fca9383\iexplore.exe"
Mon 13 Aug 2007 36,352 A..H. --- "C:\9b751e1b441c4ba50fca9383\imgutil.dll"
Mon 13 Aug 2007 92,672 A..H. --- "C:\9b751e1b441c4ba50fca9383\inseng.dll"
Mon 13 Aug 2007 491,520 A..H. --- "C:\9b751e1b441c4ba50fca9383\jscript.dll"
Mon 13 Aug 2007 27,136 A..H. --- "C:\9b751e1b441c4ba50fca9383\jsproxy.dll"
Mon 13 Aug 2007 40,960 A..H. --- "C:\9b751e1b441c4ba50fca9383\licmgr10.dll"
Mon 13 Aug 2007 458,752 A..H. --- "C:\9b751e1b441c4ba50fca9383\msfeeds.dll"
Mon 13 Aug 2007 50,688 A..H. --- "C:\9b751e1b441c4ba50fca9383\msfeedsbs.dll"
Mon 13 Aug 2007 12,288 A..H. --- "C:\9b751e1b441c4ba50fca9383\msfeedssync.exe"
Mon 13 Aug 2007 45,568 A..H. --- "C:\9b751e1b441c4ba50fca9383\mshta.exe"
Mon 13 Aug 2007 3,578,368 A..H. --- "C:\9b751e1b441c4ba50fca9383\mshtml.dll"
Mon 13 Aug 2007 475,648 A..H. --- "C:\9b751e1b441c4ba50fca9383\mshtmled.dll"
Mon 13 Aug 2007 48,128 A..H. --- "C:\9b751e1b441c4ba50fca9383\mshtmler.dll"
Mon 13 Aug 2007 156,160 A..H. --- "C:\9b751e1b441c4ba50fca9383\msls31.dll"
Mon 13 Aug 2007 192,000 A..H. --- "C:\9b751e1b441c4ba50fca9383\msrating.dll"
Mon 13 Aug 2007 670,720 A..H. --- "C:\9b751e1b441c4ba50fca9383\mstime.dll"
Mon 13 Aug 2007 101,376 A..H. --- "C:\9b751e1b441c4ba50fca9383\occache.dll"
Mon 13 Aug 2007 44,544 A..H. --- "C:\9b751e1b441c4ba50fca9383\pngfilt.dll"
Sat 23 Sep 2006 1,497,088 A..H. --- "C:\9b751e1b441c4ba50fca9383\shdocvw.dll"
Sat 23 Sep 2006 474,112 A..H. --- "C:\9b751e1b441c4ba50fca9383\shlwapi.dll"
Wed 6 Sep 2006 15,584 A..H. --- "C:\9b751e1b441c4ba50fca9383\spmsg.dll"
Wed 6 Sep 2006 215,776 A..H. --- "C:\9b751e1b441c4ba50fca9383\spuninst.exe"
Wed 6 Sep 2006 22,752 A..H. --- "C:\9b751e1b441c4ba50fca9383\spupdsvc.exe"
Mon 13 Aug 2007 105,984 A..H. --- "C:\9b751e1b441c4ba50fca9383\url.dll"
Mon 13 Aug 2007 1,162,240 A..H. --- "C:\9b751e1b441c4ba50fca9383\urlmon.dll"
Mon 13 Aug 2007 413,696 A..H. --- "C:\9b751e1b441c4ba50fca9383\vbscript.dll"
Mon 13 Aug 2007 765,952 A..H. --- "C:\9b751e1b441c4ba50fca9383\vgx.dll"
Mon 13 Aug 2007 231,424 A..H. --- "C:\9b751e1b441c4ba50fca9383\webcheck.dll"
Mon 13 Aug 2007 206,336 A..H. --- "C:\9b751e1b441c4ba50fca9383\winfxdocobj.exe"
Mon 13 Aug 2007 818,688 A..H. --- "C:\9b751e1b441c4ba50fca9383\wininet.dll"
Wed 6 Sep 2006 589,672 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\update\idndl.exe"
Thu 4 Oct 2007 33,472 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\update\iecustom.dll"
Thu 4 Oct 2007 66,048 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\update\iereseticons.exe"
Thu 4 Oct 2007 1,088,192 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\update\iesetup.exe"
Mon 12 Feb 2007 635,696 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\update\legitlibm.dll"
Wed 6 Sep 2006 498,016 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\update\nlsdl.exe"
Wed 6 Sep 2006 724,192 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\update\update.exe"
Wed 6 Sep 2006 390,880 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\update\updspapi.dll"
Wed 6 Sep 2006 536,888 A..H. --- "C:\2c5198581cf5dd573e1a7ed62c\update\xmllitesetup.exe"
Wed 6 Sep 2006 589,672 A..H. --- "C:\9b751e1b441c4ba50fca9383\update\idndl.exe"
Thu 4 Oct 2007 33,472 A..H. --- "C:\9b751e1b441c4ba50fca9383\update\iecustom.dll"
Thu 4 Oct 2007 66,048 A..H. --- "C:\9b751e1b441c4ba50fca9383\update\iereseticons.exe"
Thu 4 Oct 2007 1,088,192 A..H. --- "C:\9b751e1b441c4ba50fca9383\update\iesetup.exe"
Mon 12 Feb 2007 635,696 A..H. --- "C:\9b751e1b441c4ba50fca9383\update\legitlibm.dll"
Wed 6 Sep 2006 498,016 A..H. --- "C:\9b751e1b441c4ba50fca9383\update\nlsdl.exe"
Wed 6 Sep 2006 724,192 A..H. --- "C:\9b751e1b441c4ba50fca9383\update\update.exe"
Wed 6 Sep 2006 390,880 A..H. --- "C:\9b751e1b441c4ba50fca9383\update\updspapi.dll"
Wed 6 Sep 2006 536,888 A..H. --- "C:\9b751e1b441c4ba50fca9383\update\xmllitesetup.exe"
Thu 15 May 2008 88 ..SHR --- "C:\WINDOWS\system32\105CC996E0.sys"
Sun 30 Nov 2008 2,568 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"
Fri 2 May 2008 88 ..SHR --- "C:\Documents and Settings\All Users\Dati applicazioni\105CC996E0.sys"
Sun 30 Nov 2008 2,568 A.SH. --- "C:\Documents and Settings\All Users\Dati applicazioni\KGyGaAvL.sys"
Sat 9 Aug 2008 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Thu 1 May 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Fri 25 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\83bd538cd3d9f07c65b9c9fc3e4b0606\BIT1.tmp"
Mon 24 Nov 2008 2,602 ...HR --- "C:\Documents and Settings\Carmine\Dati applicazioni\SecuROM\UserData\securom_v7_01.bak"
Mon 25 Feb 2008 3,489,792 A..H. --- "C:\Documents and Settings\Carmine\Dati applicazioni\U3\temp\Launchpad Removal.exe"

Finished!

Chill-Out

30-11-2008, 23:49

http://www.hwupgrade.it/forum/showpost.php?p=25240081&postcount=10 :read: ;)