ComboFix 09-07-09.08 - Utente 11/07/2009 11.01.08.2.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.1534.1150 [GMT 2:00]
Eseguito da: c:\documents and settings\Utente\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090710-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((( Files Creati Da 2009-06-11 al 2009-07-11 )))))))))))))))))))))))))))))))))))
.
2009-07-09 18:50 . 2009-07-10 14:13 -------- d-----w- c:\documents and settings\Utente\Contacts
2009-07-09 18:49 . 2009-07-09 18:49 -------- d-----w- c:\programmi\MSN Messenger
2009-07-09 16:51 . 2009-07-09 16:51 15240 ----a-w- c:\documents and settings\Utente\Dati applicazioni\Microsoft\IdentityCRL\ppcrlconfig.dll
2009-07-02 18:55 . 2009-07-02 18:55 41808 ----a-w- c:\windows\system32\xfcodec.dll
2009-06-29 10:24 . 2009-06-29 10:25 -------- d-----w- c:\programmi\TweakNow RegCleaner
2009-06-29 10:24 . 2009-06-29 10:24 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\TweakNow RegCleaner
2009-06-29 10:17 . 2009-06-29 10:17 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\Uniblue
2009-06-29 10:13 . 2008-06-19 15:24 28544 ----a-w- c:\windows\system32\drivers\pavboot.sys
2009-06-29 10:13 . 2009-06-29 10:13 -------- d-----w- c:\programmi\Panda Security
2009-06-28 12:56 . 2009-06-22 20:43 737280 ----a-w- c:\windows\system32\ChilkatUtil.dll
2009-06-28 12:56 . 2009-06-22 20:43 1994752 ----a-w- c:\windows\system32\ChilkatMail_v7_9.dll
2009-06-28 12:56 . 2009-06-22 20:43 1277952 ----a-w- c:\windows\system32\ChilkatCert.dll
2009-06-28 11:20 . 2009-06-28 11:20 33824 ----a-w- c:\windows\system32\drivers\oreans32.sys
2009-06-26 19:08 . 2009-06-26 19:08 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\WNR
2009-06-26 19:08 . 2009-06-26 19:08 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\WNR
2009-06-26 19:08 . 2009-06-26 19:08 -------- d-----w- c:\programmi\Proxy Switcher Standard
2009-06-21 17:18 . 2008-04-13 09:45 26112 -c--a-w- c:\windows\system32\dllcache\usbser.sys
2009-06-21 17:18 . 2008-04-13 09:45 26112 ----a-w- c:\windows\system32\drivers\usbser.sys
2009-06-21 17:18 . 2008-03-21 11:57 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2009-06-21 17:14 . 2009-06-21 17:19 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\Nokia
2009-06-21 17:14 . 2009-06-21 17:19 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\PC Suite
2009-06-21 17:14 . 2009-06-21 17:18 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\PC Suite
2009-06-21 17:12 . 2009-06-21 17:12 -------- d-----w- c:\programmi\File comuni\PCSuite
2009-06-21 17:12 . 2009-06-21 17:12 -------- d-----w- c:\programmi\File comuni\Nokia
2009-06-21 17:11 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2009-06-21 17:11 . 2009-06-21 17:11 -------- d-----w- c:\programmi\PC Connectivity Solution
2009-06-21 17:11 . 2009-02-09 06:37 7808 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2009-06-21 17:11 . 2009-02-09 06:37 7808 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2009-06-21 17:11 . 2009-02-09 06:37 22016 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2009-06-21 17:11 . 2009-02-09 06:37 659968 ----a-w- c:\windows\system32\nmwcdcocls.dll
2009-06-21 17:11 . 2009-02-09 06:37 17664 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2009-06-21 17:11 . 2009-02-09 06:32 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll
2009-06-21 17:11 . 2009-02-09 06:37 91136 ----a-w- c:\windows\system32\nmwcdcls.dll
2009-06-21 17:11 . 2009-06-21 17:12 -------- d-----w- c:\programmi\Nokia
2009-06-21 17:10 . 2001-08-30 21:07 5632 ----a-w- c:\windows\system32\ptpusb.dll
2009-06-21 17:10 . 2008-04-13 17:13 159232 ----a-w- c:\windows\system32\ptpusd.dll
2009-06-21 17:10 . 2008-04-13 09:45 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2009-06-21 17:10 . 2008-04-13 09:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-06-21 17:09 . 2009-06-21 17:05 33705352 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}\Nokia_PC_Suite_7_1_30_8_ita_web.exe
2009-06-21 17:09 . 2009-06-21 17:09 95232 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}\Installer\CommonCustomActions\pcswpcsi.exe
2009-06-21 17:09 . 2009-06-21 17:09 8192 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}\Installer\CommonCustomActions\UninstCCD.exe
2009-06-21 17:09 . 2009-06-21 17:09 61440 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-06-21 17:09 . 2009-06-21 17:09 10240 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}\Installer\CommonCustomActions\UninstPCS.exe
2009-06-21 17:09 . 2009-06-21 17:09 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Installations
2009-06-18 13:30 . 2007-07-19 16:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2009-06-13 12:38 . 2009-06-13 12:38 -------- d-----w- c:\documents and settings\Utente\Impostazioni locali\Dati applicazioni\WMTools Downloaded Files
2009-06-13 12:32 . 2009-06-13 12:32 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\Samsung
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-10 19:54 . 2009-04-16 13:28 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\Xfire
2009-07-08 18:13 . 2009-04-18 14:05 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\uTorrent
2009-07-07 17:12 . 2009-04-16 13:28 -------- d-----w- c:\programmi\Xfire
2009-07-03 18:47 . 2009-06-10 14:59 138608 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-07-03 18:47 . 2009-06-10 14:59 189800 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-06-29 12:53 . 2009-04-16 13:39 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\Free Download Manager
2009-06-21 17:19 . 2009-06-21 17:19 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2009-06-21 17:19 . 2009-06-21 17:19 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2009-06-21 17:18 . 2009-06-21 17:18 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-06-21 17:18 . 2009-06-21 17:18 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-06-21 17:12 . 2009-06-02 13:43 -------- d-----w- c:\programmi\DIFX
2009-06-10 15:39 . 2009-06-10 14:59 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-06-10 15:38 . 2009-02-17 08:18 -------- d--h--w- c:\programmi\InstallShield Installation Information
2009-06-10 14:59 . 2009-06-10 14:59 22328 ----a-w- c:\documents and settings\Utente\Dati applicazioni\PnkBstrK.sys
2009-06-10 14:59 . 2009-06-10 14:59 22328 ----a-w- c:\documents and settings\Utente\Dati applicazioni\PnkBstrK.sys
2009-06-10 14:43 . 2009-06-10 14:43 -------- d-----w- c:\programmi\Activision
2009-06-08 17:36 . 2009-06-08 14:19 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\NexonEU
2009-06-08 16:38 . 2009-06-08 14:19 -------- d-----w- c:\programmi\Combat Arms EU
2009-06-08 14:19 . 2009-06-08 14:19 98304 ----a-w- c:\documents and settings\All Users\Dati applicazioni\NexonEU\NGM\nxgameeu.dll
2009-06-08 14:19 . 2009-06-08 14:19 81920 ----a-w- c:\documents and settings\All Users\Dati applicazioni\NexonEU\NGM\npNxGameeu.dll
2009-06-08 14:19 . 2009-06-08 14:19 532480 ----a-w- c:\documents and settings\All Users\Dati applicazioni\NexonEU\NGM\NGMDll.dll
2009-06-08 14:19 . 2009-06-08 14:19 331776 ----a-w- c:\documents and settings\All Users\Dati applicazioni\NexonEU\NGM\NGMResource.dll
2009-06-08 14:19 . 2009-06-08 14:19 258352 ----a-w- c:\documents and settings\All Users\Dati applicazioni\NexonEU\NGM\unicows.dll
2009-06-08 14:19 . 2009-06-08 14:19 155648 ----a-w- c:\documents and settings\All Users\Dati applicazioni\NexonEU\NGM\NGM.exe
2009-06-06 18:36 . 2009-02-17 07:55 64552 ----a-w- c:\documents and settings\Utente\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-06-06 18:32 . 2009-06-06 18:32 -------- d-----w- c:\programmi\File comuni\Windows Live
2009-06-06 17:56 . 2009-06-06 17:56 98304 ----a-w- c:\documents and settings\All Users\Dati applicazioni\NexonUS\NGM\nxgameus.dll
2009-06-06 17:56 . 2009-06-06 17:56 81920 ----a-w- c:\documents and settings\All Users\Dati applicazioni\NexonUS\NGM\npNxGameUS.dll
2009-06-06 17:56 . 2009-06-06 17:56 520192 ----a-w- c:\documents and settings\All Users\Dati applicazioni\NexonUS\NGM\NGMDll.dll
2009-06-06 17:56 . 2009-06-06 17:56 335872 ----a-w- c:\documents and settings\All Users\Dati applicazioni\NexonUS\NGM\NGMResource.dll
2009-06-06 17:56 . 2009-06-06 17:56 258352 ----a-w- c:\documents and settings\All Users\Dati applicazioni\NexonUS\NGM\unicows.dll
2009-06-06 17:56 . 2009-06-06 17:56 167936 ----a-w- c:\documents and settings\All Users\Dati applicazioni\NexonUS\NGM\NGM.exe
2009-06-06 17:56 . 2009-06-06 17:56 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\NexonUS
2009-06-06 17:16 . 2009-06-06 17:12 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\PMB Files
2009-06-06 17:12 . 2009-06-06 17:12 -------- d-----w- c:\programmi\Pando Networks
2009-06-02 13:48 . 2009-06-02 13:42 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2009-06-02 13:42 . 2009-06-02 13:20 -------- d-----w- c:\programmi\Samsung
2009-06-02 13:24 . 2008-04-14 12:00 85218 ----a-w- c:\windows\system32\perfc010.dat
2009-06-02 13:24 . 2008-04-14 12:00 491810 ----a-w- c:\windows\system32\perfh010.dat
2009-05-31 17:49 . 2009-02-17 13:45 -------- d-----w- c:\programmi\Java
2009-05-31 17:47 . 2009-05-31 17:47 152576 ----a-w- c:\documents and settings\Utente\Dati applicazioni\Sun\Java\jre1.6.0_13\lzma.dll
2009-05-28 19:08 . 2009-05-28 19:08 -------- d-----w- c:\programmi\Veoh Networks
2009-05-28 16:47 . 2009-05-28 16:47 -------- d-----w- c:\documents and settings\LocalService\Dati applicazioni\Xfire
2009-05-26 17:55 . 2009-05-26 17:50 -------- d-----w- c:\programmi\Google
2009-05-26 17:53 . 2009-05-26 17:50 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Google Updater
2009-05-17 11:46 . 2009-05-17 11:46 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\DivX
2009-05-17 10:33 . 2009-05-17 10:31 -------- d-----w- c:\programmi\DivX
2009-05-17 10:33 . 2009-05-17 10:31 -------- d-----w- c:\programmi\File comuni\DivX Shared
2009-05-16 16:44 . 2009-05-10 13:37 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Skype
2009-05-16 16:43 . 2009-05-10 13:41 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\skypePM
2009-05-16 16:13 . 2009-05-16 16:13 0 ----a-w- c:\windows\nsreg.dat
2009-05-14 15:04 . 2009-04-16 13:39 -------- d-----w- c:\programmi\Free Download Manager
2009-05-11 10:47 . 2009-05-11 10:47 1302600 ----a-w- c:\windows\system32\WUDFUpdate_01007.dll
2009-05-10 13:45 . 2009-05-10 13:45 35840 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Skype\Plugins\Plugins\0542BFF0C7A449DEAF051AB2D4F66F51\SkypeTwitterUpdate.exe
2009-05-10 13:45 . 2009-05-10 13:45 180224 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Skype\Plugins\Plugins\0542BFF0C7A449DEAF051AB2D4F66F51\Interop.SKYPE4COMLib.dll
2009-05-10 13:41 . 2009-05-10 13:41 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-04-15 20:24 . 2009-04-15 20:24 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-04-15 20:24 . 2009-04-15 20:24 823296 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-04-15 20:24 . 2009-04-15 20:24 823296 ----a-w- c:\windows\system32\divx_xx07.dll
2009-04-15 20:24 . 2009-04-15 20:24 815104 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-04-15 20:24 . 2009-04-15 20:24 802816 ----a-w- c:\windows\system32\divx_xx11.dll
2009-04-15 20:24 . 2009-04-15 20:24 684032 ----a-w- c:\windows\system32\DivX.dll
2009-04-15 20:24 . 2009-04-15 20:24 1044480 ----a-w- c:\programmi\mozilla firefox\plugins\libdivx.dll
2009-04-15 20:24 . 2009-04-15 20:24 200704 ----a-w- c:\programmi\mozilla firefox\plugins\ssldivx.dll
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-26 39408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13680640]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-15 86016]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"TrueImageMonitor.exe"="c:\programmi\Acronis\TrueImage\TrueImageMonitor.exe" [2005-10-25 988565]
"Acronis Scheduler2 Service"="c:\programmi\File comuni\Acronis\Schedule2\schedhlp.exe" [2005-10-25 118784]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\soundman.exe [2006-11-17 577536]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-01-15 1657376]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=
"c:\\Programmi\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Documents and Settings\\All Users\\Dati applicazioni\\NexonUS\\NGM\\NGM.exe"=
"c:\\Documents and Settings\\All Users\\Dati applicazioni\\NexonEU\\NGM\\NGM.exe"=
"c:\\Programmi\\Combat Arms EU\\NMService.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Programmi\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Programmi\\MSN Messenger\\msnmsgr.exe"=
"c:\\Programmi\\MSN Messenger\\livecall.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"57651:TCP"= 57651:TCP:Pando Media Booster
"57651:UDP"= 57651:UDP:Pando Media Booster
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [29/06/2009 12.13.36 28544]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [23/02/2009 15.12.56 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [23/02/2009 15.12.56 20560]
S2 gupdate1c9de2a952d3872;Servizio di Google Update (gupdate1c9de2a952d3872);c:\programmi\Google\Update\GoogleUpdate.exe [26/05/2009 19.51.21 133104]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service
c:\windows\system32\GameMon.des -service
S3 NTProcDrv;Process creation detector for NT.;\??\c:\documents and settings\Utente\Desktop\Nuova cartella\NtProcDrv.sys
c:\documents and settings\Utente\Desktop\Nuova cartella\NtProcDrv.sys
.
Contenuto della cartella 'Scheduled Tasks'
2009-07-11 c:\windows\Tasks\Google Software Updater.job
- c:\programmi\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-26 17:50]
2009-07-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-05-26 17:51]
2009-07-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-05-26 17:51]
.
.
------- Scansione supplementare -------
.
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = 119.70.40.101:8080
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Scarica con Free Download Manager -
file://c:\programmi\Free Download Manager\dllink.htm
IE: Scarica i video con Free Download Manager -
file://c:\programmi\Free Download Manager\dlfvideo.htm
IE: Scarica selezionati con Free Download Manager -
file://c:\programmi\Free Download Manager\dlselected.htm
IE: Scarica tutto con Free Download Manager -
file://c:\programmi\Free Download Manager\dlall.htm
DPF: {7A0D1738-10EA-47FF-92BE-4E137B5BE1A4} -
hxxps://mpsnare.iesnare.com/StmOCX.cabFF - ProfilePath - c:\documents and settings\Utente\Dati applicazioni\Mozilla\Firefox\Profiles\l0w3nkdq.default\
FF - prefs.js: browser.search.defaulturl -
hxxp://search.live.com/results.aspx?FORM=IEFM1&q=FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage -
hxxp://www.google.it/FF - prefs.js: keyword.URL -
hxxp://search.live.com/results.aspx?FORM=IEFM1&q=FF - component: c:\programmi\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\documents and settings\All Users\Dati applicazioni\NexonEU\NGM\npNxGameeu.dll
FF - plugin: c:\documents and settings\All Users\Dati applicazioni\NexonUS\NGM\npNxGameUS.dll
FF - plugin: c:\programmi\Google\Google Updater\2.4.1591.6512\npCIDetect13.dll
FF - plugin: c:\programmi\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\programmi\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\programmi\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\programmi\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll
FF - plugin: c:\programmi\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-07-11 11:03
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
- - - - - - - > 'lsass.exe'(696)
c:\windows\system32\relog_ap.dll
- - - - - - - > 'explorer.exe'(1800)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Ora fine scansione: 2009-07-11 11.05.01
ComboFix-quarantined-files.txt 2009-07-11 09:04
ComboFix2.txt 2009-07-11 08:59
Pre-Run: 116.763.107.328 byte disponibili
Post-Run: 116.755.017.728 byte disponibili
233