ComboFix 10-05-13.02 - vinc 13/05/2010 23.13.54.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.2047.1534 [GMT 2:00]
Eseguito da: c:\documents and settings\vinc\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {0012EE84-FFFC-FFFF-0200-00004FBCC4F1}
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {00000002-0002-0000-14EF-9D7C08000A00}
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {00000002-0002-0000-3C24-9E7C08000A00}
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {00000002-0002-0000-7C25-9E7C08000A00}
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {001300D4-0000-0000-1000-00007454927C}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\vinc\Dati applicazioni\inst.exe
c:\programmi\eMule\lang\ar_AE.dll
c:\programmi\eMule\lang\ba_BA.dll
c:\programmi\eMule\lang\bg_BG.dll
c:\programmi\eMule\lang\ca_ES.dll
c:\programmi\eMule\lang\cz_CZ.dll
c:\programmi\eMule\lang\da_DK.dll
c:\programmi\eMule\lang\de_DE.dll
c:\programmi\eMule\lang\el_GR.dll
c:\programmi\eMule\lang\es_AS.dll
c:\programmi\eMule\lang\es_ES_T.dll
c:\programmi\eMule\lang\et_EE.dll
c:\programmi\eMule\lang\fa_IR.dll
c:\programmi\eMule\lang\fi_FI.dll
c:\programmi\eMule\lang\fr_BR.dll
c:\programmi\eMule\lang\fr_FR.dll
c:\programmi\eMule\lang\gl_ES.dll
c:\programmi\eMule\lang\he_IL.dll
c:\programmi\eMule\lang\hu_HU.dll
c:\programmi\eMule\lang\it_IT.dll
c:\programmi\eMule\lang\jp_JP.dll
c:\programmi\eMule\lang\ko_KR.dll
c:\programmi\eMule\lang\lt_LT.dll
c:\programmi\eMule\lang\lv_LV.dll
c:\programmi\eMule\lang\mt_MT.dll
c:\programmi\eMule\lang\nb_NO.dll
c:\programmi\eMule\lang\nl_NL.dll
c:\programmi\eMule\lang\nn_NO.dll
c:\programmi\eMule\lang\pl_PL.dll
c:\programmi\eMule\lang\pt_BR.dll
c:\programmi\eMule\lang\pt_PT.dll
c:\programmi\eMule\lang\ro_RO.dll
c:\programmi\eMule\lang\ru_RU.dll
c:\programmi\eMule\lang\sl_SI.dll
c:\programmi\eMule\lang\sq_AL.dll
c:\programmi\eMule\lang\sv_SE.dll
c:\programmi\eMule\lang\tr_TR.dll
c:\programmi\eMule\lang\ua_UA.dll
c:\programmi\eMule\lang\ug_CN.dll
c:\programmi\eMule\lang\va_ES.dll
c:\programmi\eMule\lang\va_ES_RACV.dll
c:\programmi\eMule\lang\vi_VN.dll
c:\programmi\eMule\lang\zh_CN.dll
c:\programmi\eMule\lang\zh_TW.dll
c:\windows\system32\uZQEtNDuIS.dll
.
((((((((((((((((((((((((( Files Creati Da 2010-04-13 al 2010-05-13 )))))))))))))))))))))))))))))))))))
.
2010-05-13 09:34 . 2010-05-13 09:34 388096 ----a-r- c:\documents and settings\vinc\Dati applicazioni\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-05-13 09:34 . 2010-05-13 09:34 -------- d-----w- c:\programmi\Trend Micro
2010-05-11 11:10 . 2010-05-11 11:11 -------- d-----w- c:\documents and settings\vinc\Impostazioni locali\Dati applicazioni\RadioSure
2010-05-08 16:38 . 2010-05-13 08:45 -------- d-----w- c:\programmi\File comuni\eBay
2010-05-08 16:38 . 2010-05-08 16:39 -------- d-----w- c:\programmi\VDOWNLOADER
2010-05-08 14:56 . 2010-05-08 14:56 -------- d-----w- c:\programmi\CCleaner
2010-05-07 18:25 . 2010-05-07 18:26 -------- d-----w- c:\programmi\Disk Cleaner
2010-05-05 13:11 . 2010-05-05 13:11 -------- d-----w- c:\documents and settings\vinc\Impostazioni locali\Dati applicazioni\Codemasters
2010-05-05 12:44 . 2010-05-05 12:44 -------- d-----w- c:\programmi\Codemasters
2010-05-04 19:15 . 2010-05-04 19:34 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\nabocorp
2010-05-04 15:26 . 2010-05-04 15:26 -------- d-----w- c:\documents and settings\vinc\Dati applicazioni\Apple Computer
2010-05-04 15:24 . 2010-05-04 15:24 -------- d-----w- c:\documents and settings\vinc\Impostazioni locali\Dati applicazioni\Apple Computer
2010-05-04 15:10 . 2010-05-04 15:20 -------- d-----w- c:\documents and settings\vinc\Dati applicazioni\Nikon
2010-05-04 15:03 . 2010-05-04 19:20 -------- d-----w- c:\programmi\File comuni\Nikon
2010-05-04 15:03 . 2010-05-04 15:07 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Ultima_T15
2010-05-04 15:03 . 2010-05-04 15:07 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\EnterNHelp
2010-05-04 15:00 . 2010-05-04 16:14 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Apple Computer
2010-04-28 09:02 . 2010-05-10 09:34 -------- d-----w- c:\documents and settings\vinc\dwhelper
2010-04-28 08:19 . 2010-04-28 08:19 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Comodo Downloader
2010-04-28 08:19 . 2010-04-28 08:19 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\COMODO
2010-04-17 16:59 . 2010-04-18 12:33 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Codemasters
2010-04-17 16:47 . 2010-04-17 16:47 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-04-17 15:51 . 2010-04-17 15:51 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-04-17 15:51 . 2010-04-17 15:55 -------- d-----w- c:\programmi\DAEMON Tools Lite
2010-04-17 14:54 . 2010-04-17 14:55 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\DAEMON Tools Pro
2010-04-17 14:54 . 2010-04-17 14:54 -------- d-----w- c:\documents and settings\vinc\Dati applicazioni\DAEMON Tools Pro
2010-04-17 12:43 . 2007-11-14 14:46 7677746 ----a-w- c:\windows\system\xlive.dll
2010-04-17 12:13 . 2010-04-17 12:13 -------- d-----w- c:\windows\Logs
2010-04-17 11:48 . 2010-04-17 16:03 -------- d-----w- c:\documents and settings\vinc\Dati applicazioni\DAEMON Tools Lite
2010-04-17 11:48 . 2010-04-17 11:50 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\DAEMON Tools Lite
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-13 20:57 . 2009-11-01 16:33 -------- d-----w- c:\programmi\Mozilla Thunderbird
2010-05-13 20:55 . 2001-08-31 14:00 84106 ----a-w- c:\windows\system32\perfc010.dat
2010-05-13 20:55 . 2001-08-31 14:00 489390 ----a-w- c:\windows\system32\perfh010.dat
2010-05-13 20:16 . 2009-11-01 20:37 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2010-05-11 11:25 . 2010-04-06 19:18 -------- d-----w- c:\programmi\DIFX
2010-05-10 11:19 . 2009-12-04 17:02 137824 ----a-w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\FontCache3.0.0.0.dat
2010-05-10 09:34 . 2010-02-27 20:30 -------- d-----w- c:\documents and settings\vinc\Dati applicazioni\vlc
2010-05-10 08:54 . 2009-11-16 19:13 1 ----a-w- c:\documents and settings\vinc\Dati applicazioni\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-05-06 08:36 . 2009-11-01 18:19 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-05 13:06 . 2009-11-01 14:29 18672 ----a-w- c:\documents and settings\vinc\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-05-05 12:44 . 2009-11-01 14:22 -------- d--h--w- c:\programmi\InstallShield Installation Information
2010-05-04 19:19 . 2010-05-04 15:07 0 ---h--w- c:\documents and settings\All Users\Dati applicazioni\PKP_DLdw.DAT
2010-05-04 19:18 . 2010-05-04 15:03 0 ---h--w- c:\documents and settings\All Users\Dati applicazioni\PKP_DLdu.DAT
2010-05-04 17:52 . 2009-11-04 16:27 -------- d-----w- c:\documents and settings\vinc\Dati applicazioni\dvdcss
2010-05-04 15:02 . 2003-03-19 10:05 106496 ----a-w- c:\windows\system32\ATL71.DLL
2010-05-04 13:16 . 2010-04-01 21:48 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2010-05-01 19:29 . 2009-12-02 13:35 -------- d-----w- c:\documents and settings\vinc\Dati applicazioni\Vso
2010-05-01 17:37 . 2009-12-02 14:18 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\vsosdk
2010-04-30 21:08 . 2010-04-13 11:18 -------- d-----w- c:\programmi\eMule
2010-04-29 13:39 . 2010-04-01 21:49 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 13:39 . 2010-04-01 21:49 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-28 08:17 . 2010-02-22 13:50 -------- d-----w- c:\programmi\COMODO
2010-04-19 12:58 . 2010-02-09 20:12 -------- d-----w- c:\documents and settings\vinc\Dati applicazioni\uTorrent
2010-04-18 19:29 . 2009-11-01 14:53 -------- d---a-w- c:\documents and settings\All Users\Dati applicazioni\TEMP
2010-04-18 19:28 . 2009-11-01 16:55 -------- d-----w- c:\programmi\SpywareBlaster
2010-04-11 17:25 . 2010-04-10 17:16 -------- d-----w- c:\documents and settings\vinc\Dati applicazioni\Auslogics
2010-04-11 17:22 . 2010-02-22 13:11 -------- d-----w- c:\programmi\Auslogics
2010-04-10 19:47 . 2009-11-01 16:29 -------- d-----w- c:\documents and settings\vinc\Dati applicazioni\IObit
2010-04-10 19:45 . 2009-12-04 16:17 -------- d-sh--w- c:\documents and settings\All Users\Dati applicazioni\{55A29068-F2CE-456C-9148-C869879E2357}
2010-04-10 16:04 . 2010-02-10 14:13 -------- d-----w- c:\documents and settings\vinc\Dati applicazioni\Media Player Classic
2010-04-10 11:40 . 2009-11-01 14:47 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Motive
2010-04-09 20:47 . 2009-11-01 14:46 -------- d-----w- c:\programmi\Telecom Italia
2010-04-08 23:26 . 2010-04-08 23:26 277240 ----a-w- c:\windows\system32\guard32.dll
2010-04-08 23:25 . 2010-04-08 23:25 86800 ----a-w- c:\windows\system32\drivers\inspect.sys
2010-04-08 23:25 . 2010-04-08 23:25 25240 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2010-04-08 23:25 . 2010-04-08 23:25 225344 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2010-04-08 23:25 . 2010-04-08 23:25 15464 ----a-w- c:\windows\system32\drivers\cmderd.sys
2010-04-06 19:20 . 2010-04-06 19:20 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Nokia
2010-04-06 19:16 . 2010-04-06 19:16 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Installations
2010-04-01 21:49 . 2010-04-01 21:49 -------- d-----w- c:\documents and settings\vinc\Dati applicazioni\Malwarebytes
2010-04-01 21:49 . 2010-04-01 21:49 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2010-03-31 21:39 . 2010-03-31 21:11 -------- d-----w- c:\documents and settings\vinc\Dati applicazioni\MusicMP3Get
2010-03-31 21:39 . 2010-03-31 21:11 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\MusicMP3Get
2010-03-30 11:14 . 2010-03-30 11:14 -------- d-----w- c:\programmi\Eusing Free Registry Cleaner
2010-03-27 13:15 . 2010-03-04 22:10 -------- d-----w- c:\documents and settings\vinc\Dati applicazioni\SoundSpectrum
2010-03-27 13:13 . 2010-03-04 22:05 -------- d-----w- c:\programmi\SoundSpectrum
2010-03-26 19:22 . 2010-03-22 18:30 -------- d-----w- c:\programmi\RapidSolution
2010-03-26 19:21 . 2009-11-30 22:03 -------- d-----w- c:\programmi\File comuni\AVSMedia
2010-03-26 14:28 . 2009-12-02 11:03 326064 ----a-w- c:\documents and settings\All Users\Dati applicazioni\RapidSolution\GUIcommon.dll
2010-03-24 16:18 . 2010-03-24 16:18 -------- d-----w- c:\programmi\VS Revo Group
2010-03-22 18:33 . 2010-03-22 18:33 476512 ----a-w- c:\documents and settings\All Users\Dati applicazioni\RapidSolution\AudialsOne_2009\RadioRip\RadioRip.dll
2010-03-22 18:33 . 2010-03-22 18:33 169312 ----a-w- c:\documents and settings\All Users\Dati applicazioni\RapidSolution\AudialsOne_2009\RadioRip\PlgSoundclick.dll
2010-03-22 18:33 . 2010-03-22 18:33 99680 ----a-w- c:\documents and settings\All Users\Dati applicazioni\RapidSolution\AudialsOne_2009\RadioRip\PlgIJigg.dll
2010-03-22 18:33 . 2010-03-22 18:33 128352 ----a-w- c:\documents and settings\All Users\Dati applicazioni\RapidSolution\AudialsOne_2009\RadioRip\PlgMyspace.dll
2010-03-22 18:33 . 2010-03-22 18:33 111968 ----a-w- c:\documents and settings\All Users\Dati applicazioni\RapidSolution\AudialsOne_2009\RadioRip\PlgPandora.dll
2010-03-22 18:33 . 2010-03-22 18:33 111968 ----a-w- c:\documents and settings\All Users\Dati applicazioni\RapidSolution\AudialsOne_2009\RadioRip\PlgLastfm.dll
2010-03-22 18:33 . 2010-03-22 18:33 230752 ----a-w- c:\documents and settings\All Users\Dati applicazioni\RapidSolution\AudialsOne_2009\RadioRip\PlgHypemachine.dll
2010-03-22 18:33 . 2010-03-22 18:33 91488 ----a-w- c:\documents and settings\All Users\Dati applicazioni\RapidSolution\AudialsOne_2009\RadioRip\PlgDefault.dll
2010-03-22 18:33 . 2010-03-22 18:33 140640 ----a-w- c:\documents and settings\All Users\Dati applicazioni\RapidSolution\AudialsOne_2009\RadioRip\PlgDeezer.dll
2010-03-22 18:33 . 2010-03-22 18:33 120160 ----a-w- c:\documents and settings\All Users\Dati applicazioni\RapidSolution\AudialsOne_2009\RadioRip\PlgGeneral.dll
2010-03-22 18:33 . 2010-03-22 18:33 495616 ----a-w- c:\documents and settings\All Users\Dati applicazioni\RapidSolution\AudialsOne_2009\EncodingBackend\lame_enc.dll
2010-03-22 18:32 . 2010-03-22 18:30 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\RapidSolution
2010-03-19 21:36 . 2009-11-08 15:06 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Chat Republic Games
2010-03-15 11:47 . 2010-03-08 17:15 -------- d-----w- c:\programmi\SamsungPrinterLiveUpdate
2010-03-10 06:15 . 2004-08-19 15:39 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-02-25 06:16 . 2004-08-19 15:39 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-24 13:11 . 2004-08-03 23:15 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-16 19:05 . 2004-08-19 15:34 2149888 ------w- c:\windows\system32\ntoskrnl.exe
2010-02-16 19:05 . 2004-08-19 15:34 2028032 ------w- c:\windows\system32\ntkrnlpa.exe
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\programmi\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"P17Helper"="SPIRun.dll" [2006-07-03 10752]
"Windows Defender"="c:\programmi\Windows Defender\MSASCui.exe" [2006-11-03 866584]
"COMODO Internet Security"="c:\programmi\COMODO\COMODO Internet Security\cfp.exe" [2010-04-08 2029456]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 11:28 72208 ----a-w- c:\programmi\File comuni\Logishrd\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Auslogics BoostSpeed]
2009-12-11 15:44 480368 ----a-w- c:\programmi\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2009-08-20 12:25 2363392 ----a-w- c:\programmi\File comuni\LightScribe\LightScribeControlPanel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung PanelMgr]
2009-08-28 05:40 606208 ----a-w- c:\windows\Samsung\PanelMgr\SSMMgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VolPanel]
2007-02-28 16:50 180224 ------w- c:\programmi\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"COMODO Internet Security"="c:\programmi\COMODO\COMODO Internet Security\cfp.exe" -h
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
R0 pe3ah4nc;DiRT Environment Driver (pe3ah4nc);c:\windows\system32\drivers\pe3ah4nc.sys [18/05/2007 21.53.01 64880]
R0 ps6ah4nc;DiRT Synchronization Driver (ps6ah4nc);c:\windows\system32\drivers\ps6ah4nc.sys [18/05/2007 21.52.38 55160]
R0 ps7ah4nc;DiRT Synchronization Driver (ps7ah4nc);c:\windows\system32\drivers\ps7ah4nc.sys [17/08/2007 19.34.24 68208]
R0 ViBus;ViBus;c:\windows\system32\drivers\ViBus.sys [22/11/2009 21.37.00 16896]
R0 ViPrt;VIA SATA IDE Device Driver;c:\windows\system32\drivers\ViPrt.sys [22/11/2009 21.37.00 52736]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [09/04/2010 1.25.46 225344]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [09/04/2010 1.25.46 25240]
R2 AntiVirMailService;Avira AntiVir MailGuard;c:\programmi\Avira\AntiVir Desktop\avmailc.exe [01/11/2009 17.01.04 194817]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\programmi\Avira\AntiVir Desktop\sched.exe [01/11/2009 17.01.06 108289]
R2 AntiVirWebService;Avira AntiVir WebGuard;c:\programmi\Avira\AntiVir Desktop\avwebgrd.exe [01/11/2009 17.01.05 434945]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [01/11/2009 18.58.37 10384]
R2 WinDefend;Windows Defender;c:\programmi\Windows Defender\MsMpEng.exe [03/11/2006 20.19.58 13592]
R3 RRNetCapMP;RRNetCapMP;c:\windows\system32\drivers\rrnetcap.sys [10/12/2009 16.45.04 27168]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [17/04/2010 17.51.55 691696]
S2 Network WanMiniport First Position;Network WanMiniport First Position;c:\programmi\Telecom Italia\WanMiniport1st\srvany.exe [09/04/2010 22.47.20 8192]
S2 pr2ah4nc;DiRT Drivers Auto Removal (pr2ah4nc);c:\windows\system32\pr2ah4nc.exe svc --> c:\windows\system32\pr2ah4nc.exe svc [?]
S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]
S3 RRNetCap;RRNetCap Service;c:\windows\system32\drivers\rrnetcap.sys [10/12/2009 16.45.04 27168]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 12:24 451872 ----a-w- c:\programmi\File comuni\LightScribe\LSRunOnce.exe
.
Contenuto della cartella 'Scheduled Tasks'
2010-05-13 c:\windows\Tasks\MP Scheduled Scan.job
- c:\programmi\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uInternet Settings,ProxyOverride = 127.0.0.1
LSP: c:\programmi\Avira\AntiVir Desktop\avsda.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\vinc\Dati applicazioni\Mozilla\Firefox\Profiles\3fi0vzgd.default\
FF - plugin: c:\documents and settings\vinc\Dati applicazioni\Mozilla\Firefox\Profiles\3fi0vzgd.default\extensions\DeviceDetection@logitech.com\plugins\npLogitechDeviceDetection.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-05-13 23:19
Windows 5.1.2600 Service Pack 3 NTFS
detected NTDLL code modification:
ZwClose, ZwOpenFile
scansione processi nascosti ...
scansione entrate autostart nascoste ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
P17Helper = Rundll32 SPIRun.dll,RunDLLEntry?
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
- - - - - - - > 'winlogon.exe'(1868)
c:\windows\system32\Ati2evxx.dll
c:\programmi\file comuni\logishrd\bluetooth\LBTWlgn.dll
c:\programmi\file comuni\logishrd\bluetooth\LBTServ.dll
.
Ora fine scansione: 2010-05-13 23:22:05
ComboFix-quarantined-files.txt 2010-05-13 21:22
Pre-Run: 11.654.901.760 byte disponibili
Post-Run: 11.615.793.152 byte disponibili
- - End Of File - - CD74009F3CCD6F15A312D5AAF557C946