ComboFix 10-03-20.06 - nico 21/03/2010 19.54.18.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.1015.637 [GMT 1:00]
Eseguito da: c:\documents and settings\nico\Desktop\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Thumbs.db
c:\windows\system32\sysogg.dll
c:\windows\system32\Thumbs.db
.
((((((((((((((((((((((((( Files Creati Da 2010-02-21 al 2010-03-21 )))))))))))))))))))))))))))))))))))
.
2010-03-20 19:20 . 2010-03-09 11:08 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-03-20 19:20 . 2010-03-09 11:12 162640 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-03-20 19:20 . 2010-03-09 11:09 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-03-20 19:20 . 2010-03-09 11:12 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-03-20 19:20 . 2010-03-09 11:08 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-03-20 19:20 . 2010-03-09 11:08 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-03-20 19:20 . 2010-03-09 11:08 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-03-20 19:20 . 2010-03-09 11:24 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-03-20 19:20 . 2010-03-09 11:24 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-03-20 19:20 . 2010-03-20 19:20 -------- d-----w- c:\programmi\Alwil Software
2010-03-20 19:20 . 2010-03-20 19:20 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Alwil Software
2010-03-20 18:08 . 2010-03-20 18:08 -------- d-----w- c:\documents and settings\nico\Dati applicazioni\Malwarebytes
2010-03-20 18:08 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-20 18:08 . 2010-03-20 18:08 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2010-03-20 18:08 . 2010-03-20 18:08 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2010-03-20 18:08 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-20 17:48 . 2010-03-20 17:49 -------- d-----w- c:\programmi\CCleaner
2010-03-19 21:01 . 2001-08-31 12:00 1677824 -c--a-w- c:\windows\system32\dllcache\chsbrkr.dll
2010-03-19 21:01 . 2001-08-31 12:00 1677824 ----a-w- c:\windows\system32\chsbrkr.dll
2010-03-19 21:01 . 2001-08-31 12:00 838144 -c--a-w- c:\windows\system32\dllcache\chtbrkr.dll
2010-03-19 21:01 . 2001-08-31 12:00 838144 ----a-w- c:\windows\system32\chtbrkr.dll
2010-03-19 21:01 . 2001-08-31 12:00 70656 -c--a-w- c:\windows\system32\dllcache\korwbrkr.dll
2010-03-19 21:01 . 2001-08-31 12:00 70656 ----a-w- c:\windows\system32\korwbrkr.dll
2010-03-19 21:01 . 2001-08-31 12:00 98304 -c--a-w- c:\windows\system32\dllcache\msir3jp.dll
2010-03-19 21:01 . 2001-08-31 12:00 98304 ----a-w- c:\windows\system32\msir3jp.dll
2010-03-19 21:01 . 2001-08-31 12:00 10096640 -c--a-w- c:\windows\system32\dllcache\hwxcht.dll
2010-03-19 21:01 . 2001-08-31 12:00 6144 -c--a-w- c:\windows\system32\dllcache\kbd101a.dll
2010-03-19 21:01 . 2001-08-31 12:00 6144 ----a-w- c:\windows\system32\kbd101a.dll
2010-03-19 21:01 . 2001-08-31 12:00 14336 -c--a-w- c:\windows\system32\dllcache\padrs412.dll
2010-03-19 20:59 . 2008-04-13 17:12 274489 -c--a-w- c:\windows\system32\dllcache\imjputyc.dll
2010-03-19 15:41 . 2010-03-19 15:41 -------- d-----w- c:\documents and settings\nico\Dati applicazioni\ƒ„ƒuƒTƒ
2010-03-17 20:13 . 2010-03-17 20:13 -------- d-----w- c:\programmi\ZyDAS Technology Corporation
2010-03-16 14:23 . 2010-03-10 18:17 311296 ----a-w- c:\windows\system32\TubeFinder.exe
2010-03-16 14:23 . 2009-06-19 18:51 9728 ----a-w- c:\windows\system32\PCCLPFR.DLL
2010-03-16 14:23 . 2009-06-19 18:51 119568 ----a-w- c:\windows\system32\VB6FR.DLL
2010-03-16 14:23 . 2009-06-19 18:51 101888 ----a-w- c:\windows\system32\VB6STKIT.DLL
2010-03-16 14:23 . 2010-03-16 14:26 -------- d-----w- c:\programmi\Free FLV Converter
2010-03-16 14:23 . 2010-03-16 14:24 -------- d-----w- c:\documents and settings\nico\Dati applicazioni\FreeFLVConverter
2010-03-16 14:23 . 2009-06-19 18:51 32768 ----a-w- c:\windows\system32\CMDLGFR.DLL
2010-03-16 14:23 . 2009-06-19 18:51 141312 ----a-w- c:\windows\system32\MSCMCFR.DLL
2010-03-14 15:46 . 2010-03-14 15:46 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\XoftSpySE
2010-03-14 15:21 . 2010-03-14 15:29 -------- d---a-w- c:\documents and settings\All Users\Dati applicazioni\TEMP
2010-03-13 14:59 . 2010-03-14 14:56 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2010-03-09 15:19 . 2010-03-09 15:19 -------- d-----w- c:\documents and settings\nico\Dati applicazioni\Live-Prod
2010-02-28 21:22 . 2010-02-28 21:22 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-02-28 20:46 . 2010-02-28 20:46 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-02-28 20:39 . 2010-02-28 20:46 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Lavasoft
2010-02-28 20:26 . 2010-02-28 20:26 -------- d-----w- c:\programmi\Microsoft SQL Server
2010-02-26 21:45 . 2010-02-26 21:45 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-02-26 13:54 . 2010-03-19 14:11 -------- d-----w- c:\programmi\Free Download Manager
2010-02-26 13:49 . 2009-06-04 12:17 8676883 ----a-w- c:\windows\system32\NCMedia2.dll
2010-02-26 12:05 . 2010-02-26 12:05 -------- d-----w- c:\documents and settings\nico\Impostazioni locali\Dati applicazioni\CyberLink
2010-02-23 16:33 . 2010-02-23 17:41 -------- d-----w- c:\programmi\CyberLink
2010-02-21 15:03 . 2009-06-19 02:20 67208 ----a-w- c:\windows\UnDeploy.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-21 17:28 . 2010-01-27 14:51 -------- d-----w- c:\programmi\Free Video Converter
2010-03-21 14:12 . 2009-06-30 14:48 -------- d-----w- c:\documents and settings\nico\Dati applicazioni\uTorrent
2010-03-21 14:06 . 2009-06-29 18:10 848560089 ----a-w- C:\programmi.zip
2010-03-21 13:17 . 2009-06-29 19:03 -------- d-----w- c:\documents and settings\nico\Dati applicazioni\Skype
2010-03-21 13:12 . 2009-06-29 19:05 -------- d-----w- c:\documents and settings\nico\Dati applicazioni\skypePM
2010-03-21 12:51 . 2009-12-10 12:09 -------- d-----w- c:\programmi\JDownloader
2010-03-19 21:30 . 2009-06-29 18:08 30880 ----a-w- c:\documents and settings\nico\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-03-19 14:33 . 2009-11-04 19:25 10477938 ----a-w- C:\video converter.zip
2010-03-19 14:20 . 2010-01-14 14:11 -------- d-----w- c:\programmi\File comuni\ACD Systems
2010-03-17 21:18 . 2009-06-30 20:53 36928 ----a-w- c:\windows\system32\drivers\pssdk41.sys
2010-02-24 12:48 . 2009-08-28 11:31 -------- d-----w- c:\programmi\uTorrent
2010-02-23 16:35 . 2009-06-29 16:42 -------- d--h--w- c:\programmi\InstallShield Installation Information
2010-02-14 19:36 . 2009-09-29 19:27 -------- d-----w- c:\documents and settings\nico\Dati applicazioni\FileZilla
2010-02-10 12:15 . 2009-06-29 15:28 -------- d-----w- c:\programmi\Flash Movie Player
2010-02-05 11:21 . 2009-10-20 10:57 -------- d-----w- c:\documents and settings\nico\Dati applicazioni\KoshyJohn.com
2010-02-05 11:20 . 2010-02-05 11:21 903987 ----a-w- c:\documents and settings\nico\Dati applicazioni\KoshyJohn.com\DiskMax\DiskMax.exe
2010-01-28 21:57 . 2010-01-28 21:57 50354 ----a-w- c:\documents and settings\nico\Dati applicazioni\Facebook\uninstall.exe
2010-01-28 21:57 . 2010-01-28 21:57 -------- d-----w- c:\documents and settings\nico\Dati applicazioni\Facebook
2010-01-27 03:21 . 2010-01-27 03:21 847040 ----a-w- c:\documents and settings\nico\Dati applicazioni\Facebook\axfbootloader.dll
2010-01-27 03:20 . 2010-01-27 03:20 5578752 ----a-w- c:\documents and settings\nico\Dati applicazioni\Facebook\npfbplugin_1_0_1.dll
2010-01-26 21:49 . 2010-01-26 21:49 -------- d-----w- c:\windows\system32\config\systemprofile\Dati applicazioni\Application Updater
2010-01-14 14:11 . 2010-01-14 14:11 10368 ----a-w- c:\windows\system32\drivers\pfc.sys
2010-01-02 14:58 . 2001-08-31 12:00 69790 ----a-w- c:\windows\system32\perfc010.dat
2010-01-02 14:58 . 2001-08-31 12:00 437644 ----a-w- c:\windows\system32\perfh010.dat
2009-12-31 16:29 . 2009-12-31 16:29 51918 ----a-r- c:\documents and settings\nico\Dati applicazioni\Microsoft\Installer\{17963631-FF36-482C-9E8D-2E24F339C4C1}\_26e91eb.exe
2009-12-31 16:29 . 2009-12-31 16:29 1078 ----a-r- c:\documents and settings\nico\Dati applicazioni\Microsoft\Installer\{17963631-FF36-482C-9E8D-2E24F339C4C1}\_bb32ea6.exe
2009-12-31 14:11 . 2009-12-31 14:11 69632 ----a-w- c:\programmi\SnapaShot(1).exe
2009-12-25 17:51 . 2009-12-25 16:51 27497420 ----a-w- C:\5.00m33.zip
2009-12-22 17:07 . 2009-12-22 17:07 29696 ----a-w- c:\windows\mickey32.dll
2009-12-22 17:07 . 2009-12-22 17:07 2285222 ----a-w- c:\windows\Matrix Code.exe
2009-12-10 12:08 . 2009-12-10 12:03 28253422 ----a-w- c:\programmi\JDownloaderSetup0.9.579.exe
2009-12-03 21:49 . 2009-12-03 21:49 404992 ----a-w- c:\programmi\FFSJ.exe
2009-10-27 20:03 . 2009-11-05 11:25 366080 ----a-w- c:\programmi\speedyfox.exe
.
------- Sigcheck -------
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\SoftwareDistribution\Download\2f751deff4c9646c9a2883fbe2a60450\sp3qfe\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\SoftwareDistribution\Download\2f751deff4c9646c9a2883fbe2a60450\sp3gdr\tcpip.sys
[-] 2008-04-27 . 8E036EEC565910417EA020CE0962AA24 . 361344 . . [5.1.2600.5512] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-04-27 . D5E120A3BA164D2E7307A6688FEB26B2 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 153136]
"Creative WebCam Tray"="c:\programmi\Creative\Shared Files\CamTray.exe" [2005-10-27 299008]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-06-01 339968]
"NeroFilterCheck"="c:\programmi\File comuni\Ahead\Lib\NeroCheck.exe" [2007-03-09 153136]
"PWRISOVM.EXE"="c:\programmi\PowerISO\PWRISOVM.EXE" [2007-08-07 200704]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"RemoteControl8"="c:\programmi\CyberLink\PowerDVD8\PDVD8Serv.exe" [2008-02-18 77824]
"PDVD8LanguageShortcut"="c:\programmi\CyberLink\PowerDVD8\Language\Language.exe" [2007-12-14 50472]
"BDRegion"="c:\programmi\Cyberlink\Shared Files\brs.exe" [2007-11-14 91432]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-13 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-13 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-13 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-13 455168]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-03-09 2769336]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"nltide_3"="advpack.dll" [2009-03-08 128512]
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
ZDWLan Utility.lnk - c:\programmi\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe [2010-3-17 499712]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programmi\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4662:TCP"= 4662:TCP:TCP
"4672:UDP"= 4672:UDP:UDP
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [20/03/2010 20.20.58 162640]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};c:\programmi\CyberLink\PowerDVD8\000.fcl [01/02/2008 17.24.04 41456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [20/03/2010 20.20.59 19024]
R3 V0260VID;Live! Cam Vista IM;c:\windows\system32\drivers\V0260Vid.sys [01/07/2009 10.05.35 178913]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [09/09/2009 20.50.17 721904]
S2 Network WanMiniport First Position;Network WanMiniport First Position;c:\programmi\Telecom Italia\WanMiniport1st\srvany.exe [17/12/2003 0.08.48 8192]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys
c:\windows\system32\DRIVERS\ManyCam.sys
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service
c:\windows\system32\GameMon.des -service
S3 PsSdk41;PsSdk41;c:\windows\system32\drivers\pssdk41.sys [30/06/2009 21.53.42 36928]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contenuto della cartella 'Scheduled Tasks'
.
.
------- Scansione supplementare -------
.
uStart Page =
hxxp://www.google.it/firefox?client=fir ... t:officialmStart Page =
hxxp://www.google.it/firefox?client=fir ... t:officialuInternet Settings,ProxyOverride = 127.0.0.1
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
DPF: {F8160836-0C11-4CA4-AD87-944542C7BCBD} -
hxxp://hancdn.hangame.com/pub/plii/real/PubPlugin.cabFF - ProfilePath - c:\documents and settings\nico\Dati applicazioni\Mozilla\Firefox\Profiles\e86rgyb5.default\
FF - prefs.js: browser.search.defaulturl -
hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage -
hxxp://it.start3.mozilla.com/firefox?cl ... t:officialFF - plugin: c:\documents and settings\nico\Dati applicazioni\Facebook\npfbplugin_1_0_1.dll
FF - plugin: c:\documents and settings\nico\Dati applicazioni\Mozilla\plugins\npPxPlay.dll
FF - plugin: c:\programmi\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\programmi\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\programmi\Windows Live\Photo Gallery\NPWLPG.dll
---- FIREFOX POLICIES ----
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
URLSearchHooks-{0eb7d8b7-af6d-43e6-a33d-be81ca01c0c1} - (no file)
BHO-{0eb7d8b7-af6d-43e6-a33d-be81ca01c0c1} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Toolbar-{0eb7d8b7-af6d-43e6-a33d-be81ca01c0c1} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
AddRemove-{E2883E8F-472F-4fb0-9522-AC9BF37916A7} - c:\programmi\NOS\bin\getPlus_Helper.dll
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-03-21 20:01
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
"ImagePath"="\??\c:\programmi\CyberLink\PowerDVD8\000.fcl"
.
Ora fine scansione: 2010-03-21 20:05:27
ComboFix-quarantined-files.txt 2010-03-21 19:05
Pre-Run: 25.389.023.232 byte disponibili
Post-Run: 25.359.372.288 byte disponibili
- - End Of File - - 47507EE37CD8F4906BCDE40D873E65D2