ComboFix 08-12-09.03 - roberto 2008-12-10 20:13:15.7 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1040.18.665 [GMT 1:00]
Eseguito da: c:\documents and settings\roberto\Desktop\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\windows\system32\mpg4c32.dll
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_OREANS32
-------\Service_oreans32
((((((((((((((((((((((((( Files Creati Da 2008-11-10 al 2008-12-10 )))))))))))))))))))))))))))))))))))
.
2008-12-10 18:36 . 2008-12-10 18:37 <DIR> d-------- C:\Com-bo-Fix
2008-12-09 22:51 . 2008-12-09 23:05 <DIR> d-------- c:\documents and settings\Administrator\Dati applicazioni\OnlineArmor
2008-12-09 22:49 . 2008-04-30 15:41 <DIR> d--h----- c:\documents and settings\Administrator\Risorse di stampa
2008-12-09 22:49 . 2008-04-30 15:41 <DIR> d--h----- c:\documents and settings\Administrator\Risorse di rete
2008-12-09 22:49 . 2008-12-09 22:51 <DIR> dr------- c:\documents and settings\Administrator\Preferiti
2008-12-09 22:49 . 2008-04-30 14:50 <DIR> d--h----- c:\documents and settings\Administrator\Modelli
2008-12-09 22:49 . 2008-04-30 15:41 <DIR> dr------- c:\documents and settings\Administrator\Menu Avvio
2008-12-09 22:49 . 2008-12-10 20:14 <DIR> d--h----- c:\documents and settings\Administrator\Impostazioni locali
2008-12-09 22:49 . 2008-12-09 22:50 <DIR> dr------- c:\documents and settings\Administrator\Documenti
2008-12-09 22:49 . 2008-12-09 23:02 <DIR> dr-h----- c:\documents and settings\Administrator\Dati applicazioni
2008-12-09 22:49 . 2008-12-09 22:49 <DIR> d-------- c:\documents and settings\Administrator
2008-12-08 21:38 . 2008-12-08 21:38 33,824 --a------ c:\windows\system32\drivers\oreans32.sys
2008-12-08 21:18 . 2008-12-08 21:23 <DIR> d-------- c:\programmi\AVSMedia
2008-12-08 20:59 . 2008-12-08 21:00 <DIR> d-------- c:\documents and settings\roberto\Dati applicazioni\FLVPlayer4Free
2008-12-08 10:02 . 2008-12-10 18:26 <DIR> d-------- c:\programmi\FindyKill
2008-12-07 17:44 . 2008-12-07 18:05 <DIR> d-------- c:\programmi\The KMPlayer
2008-12-07 16:27 . 2008-12-07 16:27 <DIR> d-------- c:\programmi\Avira
2008-12-07 15:11 . 2008-12-07 15:12 <DIR> d-------- c:\programmi\XP TCPIP Repair
2008-12-07 15:09 . 2008-12-10 20:11 <DIR> d-------- c:\documents and settings\roberto\Dati applicazioni\OnlineArmor
2008-12-07 15:09 . 2008-12-07 15:09 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\OnlineArmor
2008-12-07 15:08 . 2008-12-07 15:08 <DIR> d-------- c:\programmi\Tall Emu
2008-12-07 15:08 . 2008-12-07 15:08 <DIR> d-------- C:\OnlineArmor
2008-12-07 15:08 . 2008-11-26 17:18 178,376 --a------ c:\windows\system32\drivers\OADriver.sys
2008-12-07 15:08 . 2008-11-26 17:18 30,920 --a------ c:\windows\system32\drivers\OAmon.sys
2008-12-07 15:08 . 2008-11-26 17:18 28,872 --a------ c:\windows\system32\drivers\OAnet.sys
2008-12-07 15:03 . 2008-12-10 18:37 <DIR> d-------- c:\programmi\SUPERAntiSpyware
2008-12-07 15:03 . 2008-12-07 15:03 <DIR> d-------- c:\programmi\File comuni\Wise Installation Wizard
2008-12-07 15:03 . 2008-12-07 15:03 <DIR> d-------- c:\documents and settings\roberto\Dati applicazioni\SUPERAntiSpyware.com
2008-12-07 15:03 . 2008-12-07 15:03 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\SUPERAntiSpyware.com
2008-12-07 15:02 . 2008-12-07 15:02 <DIR> d-------- c:\documents and settings\roberto\Dati applicazioni\UpdateStar
2008-12-07 14:58 . 2008-12-07 14:58 <DIR> d-------- c:\programmi\VS Revo Group
2008-12-07 13:49 . 2007-08-22 10:16 46,456 -ra------ c:\windows\system32\exitwx.exe
2008-12-06 19:44 . 2008-12-06 19:44 <DIR> d-------- c:\windows\LocalSSL
2008-12-06 19:12 . 2008-12-06 19:12 <DIR> d--h----- c:\windows\system32\GroupPolicy
2008-12-06 18:59 . 2008-12-06 18:59 268 --ah----- C:\sqmdata19.sqm
2008-12-06 18:59 . 2008-12-06 18:59 244 --ah----- C:\sqmnoopt19.sqm
2008-12-06 18:21 . 2008-12-06 18:21 268 --ah----- C:\sqmdata18.sqm
2008-12-06 18:21 . 2008-12-06 18:21 244 --ah----- C:\sqmnoopt18.sqm
2008-12-06 18:20 . 2008-12-06 18:20 <DIR> d-------- c:\documents and settings\roberto\Dati applicazioni\PCToolsFirewallPlus
2008-12-06 17:56 . 2008-12-06 19:04 <DIR> d-a------ c:\documents and settings\All Users\Dati applicazioni\TEMP
2008-12-06 15:33 . 2008-12-06 15:33 268 --ah----- C:\sqmdata17.sqm
2008-12-06 15:33 . 2008-12-06 15:33 244 --ah----- C:\sqmnoopt17.sqm
2008-12-06 15:30 . 2008-12-06 15:30 268 --ah----- C:\sqmdata16.sqm
2008-12-06 15:30 . 2008-12-06 15:30 244 --ah----- C:\sqmnoopt16.sqm
2008-12-06 15:12 . 2008-12-06 15:12 268 --ah----- C:\sqmdata15.sqm
2008-12-06 15:12 . 2008-12-06 15:12 244 --ah----- C:\sqmnoopt15.sqm
2008-12-06 15:11 . 2008-12-06 15:11 <DIR> d-------- c:\documents and settings\roberto\Dati applicazioni\Malwarebytes
2008-12-06 15:11 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-12-06 15:10 . 2008-12-06 15:11 <DIR> d-------- c:\programmi\Malwarebytes' Anti-Malware
2008-12-06 15:10 . 2008-12-06 15:10 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2008-12-06 15:10 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-05 16:57 . 2008-12-05 16:57 268 --ah----- C:\sqmdata14.sqm
2008-12-05 16:57 . 2008-12-05 16:57 244 --ah----- C:\sqmnoopt14.sqm
2008-12-04 22:56 . 2008-12-04 22:56 268 --ah----- C:\sqmdata13.sqm
2008-12-04 22:56 . 2008-12-04 22:56 244 --ah----- C:\sqmnoopt13.sqm
2008-12-04 22:17 . 2008-12-04 22:17 268 --ah----- C:\sqmdata12.sqm
2008-12-04 22:17 . 2008-12-04 22:17 244 --ah----- C:\sqmnoopt12.sqm
2008-12-04 14:34 . 2008-12-04 14:34 268 --ah----- C:\sqmdata11.sqm
2008-12-04 14:34 . 2008-12-04 14:34 244 --ah----- C:\sqmnoopt11.sqm
2008-12-04 12:39 . 2008-12-04 12:39 268 --ah----- C:\sqmdata10.sqm
2008-12-04 12:39 . 2008-12-04 12:39 244 --ah----- C:\sqmnoopt10.sqm
2008-12-04 10:44 . 2008-12-07 17:39 268 --ah----- C:\sqmdata09.sqm
2008-12-04 10:44 . 2008-12-07 17:39 244 --ah----- C:\sqmnoopt09.sqm
2008-12-04 00:24 . 2008-12-07 16:26 268 --ah----- C:\sqmdata08.sqm
2008-12-04 00:24 . 2008-12-07 16:26 244 --ah----- C:\sqmnoopt08.sqm
2008-12-04 00:17 . 2008-12-07 15:44 268 --ah----- C:\sqmdata07.sqm
2008-12-04 00:17 . 2008-12-07 15:44 244 --ah----- C:\sqmnoopt07.sqm
2008-12-04 00:03 . 2008-12-04 00:03 <DIR> d-------- c:\programmi\CCleaner
2008-12-04 00:03 . 2008-12-07 15:34 268 --ah----- C:\sqmdata06.sqm
2008-12-04 00:03 . 2008-12-07 15:34 244 --ah----- C:\sqmnoopt06.sqm
2008-12-02 21:21 . 2008-12-07 13:55 268 --ah----- C:\sqmdata05.sqm
2008-12-02 21:21 . 2008-12-07 13:55 244 --ah----- C:\sqmnoopt05.sqm
2008-12-02 20:53 . 2008-12-07 13:49 268 --ah----- C:\sqmdata04.sqm
2008-12-02 20:53 . 2008-12-07 13:49 244 --ah----- C:\sqmnoopt04.sqm
2008-12-02 20:49 . 2008-12-07 11:37 268 --ah----- C:\sqmdata03.sqm
2008-12-02 20:49 . 2008-12-07 11:37 244 --ah----- C:\sqmnoopt03.sqm
2008-12-02 20:43 . 2008-12-06 19:44 268 --ah----- C:\sqmdata02.sqm
2008-12-02 20:43 . 2008-12-06 19:44 244 --ah----- C:\sqmnoopt02.sqm
2008-12-02 15:00 . 2008-12-04 22:46 <DIR> d-------- c:\windows\kdefense
2008-12-02 14:27 . 2008-12-07 13:52 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Trend Micro
2008-12-02 14:19 . 2008-12-02 14:19 <DIR> d-------- c:\windows\system32\VIRepair
2008-12-01 20:05 . 2008-12-06 19:16 <DIR> d-------- c:\programmi\File comuni\PC Tools
2008-12-01 19:33 . 2008-12-01 19:33 <DIR> d-------- c:\documents and settings\roberto\Dati applicazioni\AVGTOOLBAR
2008-12-01 19:30 . 2008-12-01 19:34 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\avg8
2008-12-01 19:30 . 2008-12-01 19:30 45,568 --a------ c:\windows\system32\avgfwdx.dll
2008-12-01 19:30 . 2008-12-01 19:30 22,528 --a------ c:\windows\system32\drivers\avgfwdx.sys
2008-11-30 23:14 . 2007-09-27 15:22 261,632 --a------ c:\windows\system32\mcdvd_32.dll
2008-11-30 23:14 . 2003-05-21 23:50 156,910 --a------ c:\windows\WMSysPr8.prx
2008-11-30 23:14 . 2003-05-22 00:50 82,944 --a------ c:\windows\system32\vct3216.acm
2008-11-30 23:14 . 2004-02-04 22:11 81,920 --a------ c:\windows\system32\AC3ACM.acm
2008-11-30 23:14 . 2003-05-22 00:50 38,912 --a------ c:\windows\system32\alf2cd.acm
2008-11-30 23:14 . 2000-03-14 21:55 13,239 --a------ c:\windows\system32\Scg726.acm
2008-11-28 17:45 . 2008-11-28 17:45 <DIR> d--h----- c:\windows\PIF
2008-11-26 13:32 . 2008-11-30 23:24 <DIR> d-------- c:\documents and settings\roberto\Dati applicazioni\AVS4YOU
2008-11-26 13:32 . 2008-11-26 13:32 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\AVS4YOU
2008-11-26 12:47 . 2007-02-27 18:36 1,700,352 --a------ c:\windows\system32\GdiPlus.dll
2008-11-26 12:40 . 2008-12-08 21:30 <DIR> d-------- c:\programmi\File comuni\AVSMedia
2008-11-26 12:40 . 2008-12-08 21:30 <DIR> d-------- c:\programmi\AVS4YOU
2008-11-26 12:40 . 2002-01-05 16:48 974,848 --a------ c:\windows\system32\mfc70.dll
2008-11-26 12:40 . 2002-01-05 15:40 487,424 --a------ c:\windows\system32\msvcp70.dll
2008-11-26 12:40 . 2002-01-05 03:37 344,064 --a------ c:\windows\system32\msvcr70.dll
2008-11-26 12:40 . 2003-05-21 13:50 24,576 --a------ c:\windows\system32\msxml3a.dll
2008-11-25 23:36 . 2008-12-01 19:21 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab Setup Files
2008-11-25 17:13 . 2008-12-01 15:29 <DIR> d-------- c:\programmi\Burn4Free Toolbar
2008-11-25 17:13 . 2008-12-02 18:35 <DIR> d-------- c:\programmi\Burn4Free
2008-11-22 22:26 . 2008-11-22 22:26 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\TVU Networks
2008-11-22 22:25 . 2008-11-22 22:25 <DIR> d-------- c:\documents and settings\roberto\LocalLow
2008-11-20 12:15 . 2008-11-20 12:15 691,254 --a------ c:\windows\KMPBitmap.bmp
2008-11-16 12:42 . 2001-08-31 13:00 138,240 --a------ c:\windows\system32\fxsclntR.dll
2008-11-16 12:42 . 2001-08-31 13:00 138,240 --a--c--- c:\windows\system32\dllcache\fxsclntr.dll
2008-11-16 12:42 . 2001-08-31 13:00 112,128 --a------ c:\windows\system32\fxscfgwz.dll
2008-11-16 12:42 . 2001-08-31 13:00 112,128 --a--c--- c:\windows\system32\dllcache\fxscfgwz.dll
2008-11-16 12:42 . 2001-08-31 13:00 31,744 --a------ c:\windows\system32\fxsroute.dll
2008-11-16 12:42 . 2001-08-31 13:00 31,744 --a--c--- c:\windows\system32\dllcache\fxsroute.dll
2008-11-16 12:42 . 2001-08-31 13:00 11,264 --a------ c:\windows\system32\fxssend.exe
2008-11-16 12:42 . 2001-08-31 13:00 11,264 --a--c--- c:\windows\system32\dllcache\fxssend.exe
2008-11-16 12:42 . 2001-08-31 13:00 3,476 --a------ c:\windows\system32\fxsperf.ini
2008-11-16 12:42 . 2001-08-31 13:00 1,361 --a------ c:\windows\system32\fxscount.h
2008-11-13 15:29 . 2008-11-13 15:30 <DIR> d-------- c:\documents and settings\roberto\Dati applicazioni\kibisoft
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-10 08:23 --------- d-----w c:\programmi\eMule
2008-12-07 15:27 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Avira
2008-12-07 12:42 --------- d-----w c:\programmi\Spybot - Search & Destroy
2008-12-07 12:42 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2008-12-01 14:30 --------- d-----w c:\documents and settings\roberto\Dati applicazioni\Vso
2008-11-30 22:03 --------- d--h--w c:\programmi\InstallShield Installation Information
2008-11-30 22:03 --------- d-----w c:\programmi\CyberLink
2008-11-25 15:59 --------- d-----w c:\programmi\File comuni\Ahead
2008-11-15 15:46 --------- d-----w c:\programmi\DivX
2008-11-06 10:13 --------- d-----w c:\programmi\WinFlip
2008-11-04 14:57 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\IM
2008-11-04 14:55 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\IncrediMail
2008-10-28 22:03 --------- d-----w c:\programmi\Xara
2008-10-28 20:28 --------- d-----w c:\programmi\Common Files
2008-10-25 10:05 --------- d-----w c:\programmi\Traction Software
2008-10-25 10:02 --------- d-----w c:\documents and settings\roberto\Dati applicazioni\HTML Executable
2008-10-20 10:08 --------- d-----w c:\programmi\Microsoft Student
2008-10-20 10:07 --------- d-----w c:\programmi\Learning Essentials
2008-10-16 21:13 45,768 ----a-w c:\windows\system32\drivers\MiniIcpt.sys
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-04-30 17:39 47,360 ------w c:\documents and settings\roberto\Dati applicazioni\pcouffin.sys
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"MsnMsgr"="c:\programmi\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"DWQueuedReporting"="c:\progra~1\FILECO~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 39264]
"UpdateStar"="c:\documents and settings\roberto\Dati applicazioni\UpdateStar\UpdateStar.exe" [2008-12-03 4342000]
"SUPERAntiSpyware"="c:\programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-11-17 1805552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2002-10-12 294912]
"VirtualCloneDrive"="c:\programmi\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2004-08-20 45056]
"CloneCDTray"="c:\programmi\SlySoft\CloneCD\CloneCDTray.exe" [2004-12-09 57344]
"EPSON Stylus DX3800 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE" [2005-02-08 98304]
"SunJavaUpdateSched"="c:\programmi\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"@OnlineArmor GUI"="c:\programmi\Tall Emu\Online Armor\oaui.exe" [2008-11-26 6223048]
"avgnt"="c:\programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"AdslTaskBar"="stmctrl.dll" [2003-04-24 c:\windows\system32\stmctrl.dll]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-13 15360]
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Adobe Gamma Loader.lnk - c:\programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe [2008-08-02 113664]
Avvio veloce di Adobe Reader.lnk - c:\programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmi\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"=hex(2):76,69,73,74,61,75,69,2e,65,78,65,00
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-07-23 15:28 352256 c:\programmi\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.JPGL"= jpgl.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
R1 OADevice;OADriver;\??\c:\windows\system32\drivers\OADriver.sys [2008-12-07 178376]
R1 OAmon;OAmon;\??\c:\windows\system32\drivers\OAmon.sys [2008-12-07 30920]
R1 OAnet;OAnet;\??\c:\windows\system32\drivers\OAnet.sys [2008-12-07 28872]
R1 SASDIFSV;SASDIFSV;\??\c:\programmi\SUPERAntiSpyware\SASDIFSV.SYS [2008-11-17 8944]
R1 SASKUTIL;SASKUTIL;\??\c:\programmi\SUPERAntiSpyware\SASKUTIL.sys [2008-11-17 55024]
R2 nxsIO32;NextSensor Kernel I/O Driver;\??\c:\windows\System32\DRIVERS\nxsIO32.sys [2008-08-11 2208]
R2 OAcat;Online Armor Helper Service;"c:\programmi\Tall Emu\Online Armor\oacat.exe" [2008-12-07 1402568]
R3 DCamUSBNW800;TwinkleCam USB Camera;c:\windows\system32\DRIVERS\pcam800.sys [2008-05-07 238944]
R3 SASENUM;SASENUM;\??\c:\programmi\SUPERAntiSpyware\SASENUM.SYS [2008-11-17 7408]
R3 Stmatm;ATM/ADSL miniport;c:\windows\system32\DRIVERS\stmatm.sys [2008-04-30 60074]
R3 TaurusUsb;ADSL Modem USB Service;c:\windows\system32\DRIVERS\torususb.sys [2008-04-30 540589]
S2 Security Activity Dashboard Service;Security Activity Dashboard Service;c:\programmi\Trend Micro\TrendSecure\SecurityActivityDashboard\tmarsvc.exe []
S2 SvcOnlineArmor;Online Armor;c:\programmi\Tall Emu\Online Armor\oasrv.exe [2008-12-07 3321032]
S4 ADBLOCK.DLL;Outpost Firewall PlugIn (ADBLOCK.DLL);\??\c:\progra~1\Agnitum\OUTPOS~1\kernel\ADBLOCK.DLL []
S4 CONTENT.DLL;Outpost Firewall PlugIn (CONTENT.DLL);\??\c:\progra~1\Agnitum\OUTPOS~1\kernel\CONTENT.DLL []
S4 DNSCACHE.DLL;Outpost Firewall PlugIn (DNSCACHE.DLL);\??\c:\progra~1\Agnitum\OUTPOS~1\kernel\DNSCACHE.DLL []
S4 FTPFILT.DLL;Outpost Firewall PlugIn (FTPFILT.DLL);\??\c:\progra~1\Agnitum\OUTPOS~1\kernel\FTPFILT.DLL []
S4 HTMLFILT.DLL;Outpost Firewall PlugIn (HTMLFILT.DLL);\??\c:\progra~1\Agnitum\OUTPOS~1\kernel\HTMLFILT.DLL []
S4 HTTPFILT.DLL;Outpost Firewall PlugIn (HTTPFILT.DLL);\??\c:\progra~1\Agnitum\OUTPOS~1\kernel\HTTPFILT.DLL [2008-04-30 13248]
S4 IMAPFILT.DLL;Outpost Firewall PlugIn (IMAPFILT.DLL);\??\c:\progra~1\Agnitum\OUTPOS~1\kernel\IMAPFILT.DLL []
S4 MAILFILT.DLL;Outpost Firewall PlugIn (MAILFILT.DLL);\??\c:\progra~1\Agnitum\OUTPOS~1\kernel\MAILFILT.DLL []
S4 NNTPFILT.DLL;Outpost Firewall PlugIn (NNTPFILT.DLL);\??\c:\progra~1\Agnitum\OUTPOS~1\kernel\NNTPFILT.DLL []
S4 POP3FILT.DLL;Outpost Firewall PlugIn (POP3FILT.DLL);\??\c:\progra~1\Agnitum\OUTPOS~1\kernel\POP3FILT.DLL []
S4 PROTECT.DLL;Outpost Firewall PlugIn (PROTECT.DLL);\??\c:\progra~1\Agnitum\OUTPOS~1\kernel\PROTECT.DLL [2008-04-30 16000]
.
- - - - ORFÃOS REMOVIDOS - - - -
HKCU-Run-avpa - c:\windows\system32\avpo.exe
HKLM-Run-Cmaudio - cmicnfg.cpl
SafeBoot-sglfb.sys
SafeBoot-tga.sys
SafeBoot-wd.sys
SafeBoot-sacsvr
.
------- Supplementare di scansione -------
.
uSearchMigratedDefaultURL =
hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FireFox -: Profile - c:\documents and settings\roberto\Dati applicazioni\Mozilla\Firefox\Profiles\zxkcr76c.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE -
hxxp://it.start.mozilla.com/firefox?cli ... t:officialFF -: plugin - c:\programmi\Adobe\Acrobat 6.0\Reader\browser\nppdf32.dll
FF -: plugin - c:\programmi\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - c:\programmi\Yahoo!\Common\npyaxmpb.dll
FF -: plugin - f:\nuova cartella\Real Alternative\browser\plugins\nppl3260.dll
FF -: plugin - f:\nuova cartella\Real Alternative\browser\plugins\nprpjplug.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-12-10 20:14:54
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------
- - - - - - - > 'winlogon.exe'(456)
c:\programmi\SUPERAntiSpyware\SASWINLO.dll
.
Ora fine scansione: 2008-12-10 20:16:11
ComboFix-quarantined-files.txt 2008-12-10 19:15:52
Pre-Run: 24,228,102,144 byte disponibili
Post-Run: 24,214,503,424 byte disponibili
273 --- E O F --- 2008-06-20 22:46:34