ciao, allego il log di combofix.
ComboFix 10-03-06.06 - Administrator 07/03/2010 11.44.20.1.1 - x86 MINIMAL
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.1279.885 [GMT 1:00]
Eseguito da: c:\documents and settings\Administrator\Desktop\ComboFix.exe
FW: Alice Total Security Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Microsoft
c:\windows\jestertb.dll
c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\AutoRun.inf
c:\windows\system32\dumphive.exe
c:\windows\system32\iAlmcoin.dll
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\msconfig.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\ps2.bat
c:\windows\system32\SrchSTS.exe
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe
E:\Autorun.inf
.
((((((((((((((((((((((((( Files Creati Da 2010-02-07 al 2010-03-07 )))))))))))))))))))))))))))))))))))
.
2010-03-07 09:50 . 2010-03-07 09:50 -------- d-----w- c:\documents and settings\Administrator\DoctorWeb
2010-03-07 08:35 . 2010-03-07 08:35 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\HPAppData
2010-03-06 21:27 . 2010-03-07 08:10 -------- d-----w- c:\programmi\Navilog1
2010-03-06 21:19 . 2010-03-06 21:19 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2010-03-06 21:18 . 2010-03-06 21:18 -------- d-----w- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\Mozilla
2010-03-06 18:53 . 2010-03-06 18:53 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-02-27 16:55 . 2010-02-27 16:55 -------- d-----w- c:\programmi\Maxis
2010-02-27 16:45 . 2010-02-27 16:47 -------- d-----w- c:\documents and settings\Proprietario\Impostazioni locali\Dati applicazioni\Paint.NET
2010-02-27 16:19 . 2010-02-27 16:19 -------- d-----w- c:\documents and settings\Proprietario\Impostazioni locali\Dati applicazioni\Mozilla
2010-02-27 12:23 . 2010-02-27 12:23 -------- d-----w- c:\programmi\Mattgo27 Apps
2010-02-27 12:12 . 2010-02-27 12:12 -------- d-----w- c:\documents and settings\Firo\Impostazioni locali\Dati applicazioni\HP
2010-02-24 14:04 . 2010-02-24 14:04 -------- d-----w- c:\programmi\Core Services
2010-02-21 06:09 . 1999-06-25 10:55 149504 ----a-w- c:\windows\UNWISE.EXE
2010-02-20 18:11 . 2010-02-23 19:32 -------- d-----w- c:\programmi\Aquadelic
2010-02-17 16:23 . 2009-11-05 15:44 75712 ----a-w- c:\windows\system32\ashoddac.dll
2010-02-17 12:14 . 2010-02-17 12:14 -------- d-----w- c:\documents and settings\Firo\Impostazioni locali\Dati applicazioni\kompozer.net
2010-02-17 12:14 . 2010-02-17 12:14 -------- d-----w- c:\documents and settings\Firo\Dati applicazioni\kompozer.net
2010-02-15 13:32 . 2007-10-23 08:27 110592 ----a-w- c:\documents and settings\Firo\Dati applicazioni\U3\temp\cleanup.exe
2010-02-15 13:29 . 2008-05-02 09:41 3493888 ---ha-w- c:\documents and settings\Firo\Dati applicazioni\U3\temp\Launchpad Removal.exe
2010-02-15 13:28 . 2010-02-15 13:38 -------- d-----w- c:\documents and settings\Firo\Dati applicazioni\U3
2010-02-15 06:39 . 2010-02-15 06:39 -------- d-----w- c:\programmi\TrueCrypt
2010-02-15 06:34 . 2010-02-15 06:34 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\TrueCrypt
2010-02-14 14:07 . 2010-02-14 14:07 109872 ----a-w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\FontCache3.0.0.0.dat
2010-02-13 14:39 . 2010-02-13 14:39 -------- d-----w- c:\documents and settings\Firo\Impostazioni locali\Dati applicazioni\OOoLive
2010-02-12 19:35 . 2010-02-12 19:36 -------- d-----w- c:\documents and settings\Firo\Dati applicazioni\Nvu
2010-02-08 14:42 . 2010-02-08 14:42 -------- d-----w- c:\documents and settings\Firo\Dati applicazioni\Ashampoo
2010-02-06 19:49 . 2010-02-06 19:49 -------- d-----w- C:\.Trash-999
2010-02-06 17:13 . 2010-02-06 17:13 -------- d-----w- c:\documents and settings\Proprietario\Dati applicazioni\loesch
2010-02-06 17:11 . 2010-02-06 17:11 -------- d--h--r- c:\documents and settings\Proprietario\Dati applicazioni\SecuROM
2010-02-06 17:08 . 2010-02-06 17:08 -------- d-----w- c:\documents and settings\Proprietario\Dati applicazioni\Loescher
2010-02-06 17:08 . 2010-02-06 17:08 108144 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-02-06 17:07 . 2010-02-06 17:07 -------- d-----w- c:\documents and settings\Proprietario\Dati applicazioni\Ashampoo
2010-02-06 17:07 . 2010-02-06 17:07 -------- d-----w- c:\documents and settings\Proprietario\Impostazioni locali\Dati applicazioni\ashampoo
2010-02-06 17:07 . 2010-02-06 17:07 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\ashampoo
2010-02-05 16:42 . 2010-02-05 16:42 -------- d-----w- c:\documents and settings\Proprietario\Dati applicazioni\Canneverbe_Limited
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-07 09:51 . 2009-12-07 15:47 -------- d-----w- c:\programmi\Windows Live
2010-03-06 21:37 . 2009-08-17 19:46 492205088 --sha-w- c:\windows\system32\drivers\fidbox.dat
2010-03-06 18:29 . 2009-08-17 19:46 6594008 --sha-w- c:\windows\system32\drivers\fidbox.idx
2010-03-06 18:26 . 2009-08-17 18:03 -------- d-----w- c:\documents and settings\Proprietario\Dati applicazioni\HPAppData
2010-03-06 17:07 . 2009-08-17 19:44 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2010-03-06 17:03 . 2010-03-06 17:04 14336 ----a-w- c:\windows\Internet Logs\xDBC.tmp
2010-03-06 17:03 . 2010-03-06 17:04 5463040 ----a-w- c:\windows\Internet Logs\xDBD.tmp
2010-03-06 17:00 . 2010-03-06 17:04 5462528 ----a-w- c:\windows\Internet Logs\xDBE.tmp
2010-03-06 17:00 . 2010-03-06 17:03 300032 ----a-w- c:\windows\Internet Logs\xDBB.tmp
2010-03-06 16:15 . 2009-09-07 17:35 -------- d-----w- c:\documents and settings\Mery\Dati applicazioni\HPAppData
2010-03-01 14:17 . 2009-11-01 11:03 -------- d-----w- c:\documents and settings\chiara\Dati applicazioni\HPAppData
2010-03-01 12:41 . 2009-11-06 18:33 -------- d-----w- c:\documents and settings\Firo\Dati applicazioni\HPAppData
2010-02-28 12:34 . 2010-02-28 13:17 223744 ----a-w- c:\windows\Internet Logs\xDBA.tmp
2010-02-28 02:58 . 2009-10-12 06:12 11786892 ----a-w- c:\windows\Internet Logs\tvDebug.Zip
2010-02-27 18:07 . 2010-02-28 00:59 187392 ----a-w- c:\windows\Internet Logs\xDB9.tmp
2010-02-27 18:03 . 2009-09-06 13:15 -------- d-----w- c:\documents and settings\Proprietario\Dati applicazioni\vlc
2010-02-27 16:52 . 2009-09-08 10:04 -------- d--h--w- c:\programmi\FX Uninstall Information
2010-02-27 16:39 . 2003-01-02 01:08 -------- d--h--w- c:\programmi\InstallShield Installation Information
2010-02-27 13:49 . 2010-02-27 13:52 196608 ----a-w- c:\windows\Internet Logs\xDB8.tmp
2010-02-27 13:10 . 2009-11-07 14:55 -------- d-----w- c:\documents and settings\Firo\Dati applicazioni\uTorrent
2010-02-26 16:49 . 2010-02-26 17:12 37888 ----a-w- c:\windows\Internet Logs\xDB6.tmp
2010-02-26 16:49 . 2010-02-26 17:12 5334528 ----a-w- c:\windows\Internet Logs\xDB7.tmp
2010-02-26 15:10 . 2010-02-26 15:24 622080 ----a-w- c:\windows\Internet Logs\xDB5.tmp
2010-02-25 19:33 . 2010-02-26 10:57 328192 ----a-w- c:\windows\Internet Logs\xDB4.tmp
2010-02-24 20:06 . 2009-12-20 16:31 1 ----a-w- c:\documents and settings\Firo\Dati applicazioni\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-02-24 19:58 . 2010-02-24 19:59 65024 ----a-w- c:\windows\Internet Logs\xDB3.tmp
2010-02-24 16:58 . 2010-02-24 16:59 259072 ----a-w- c:\windows\Internet Logs\xDB2.tmp
2010-02-23 19:46 . 2010-02-24 11:58 278528 ----a-w- c:\windows\Internet Logs\xDB1.tmp
2010-02-22 17:00 . 2009-11-08 17:25 -------- d-----w- c:\documents and settings\Firo\Dati applicazioni\vlc
2010-02-20 15:38 . 2010-02-20 15:38 100871 ----a-w- c:\windows\Internet Logs\vsmon_2nd_2010_02_20_16_04_02_small.dmp.zip
2010-02-19 12:06 . 2009-11-14 17:48 1 ----a-w- c:\documents and settings\chiara\Dati applicazioni\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-02-17 16:27 . 2010-02-17 16:27 68581 ----a-w- c:\windows\Internet Logs\vsmon_2nd_2010_02_17_16_47_42_small.dmp.zip
2010-02-12 18:34 . 2009-09-07 11:19 -------- d-----w- c:\documents and settings\Proprietario\Dati applicazioni\ZipGenius
2010-02-05 16:42 . 2003-01-02 01:07 43000 ----a-w- c:\documents and settings\Proprietario\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-02-05 12:12 . 2010-02-05 12:12 68760 ----a-w- c:\windows\Internet Logs\vsmon_2nd_2010_02_05_12_49_14_small.dmp.zip
2010-02-03 15:55 . 2010-02-03 15:54 -------- d-----w- c:\documents and settings\Proprietario\Dati applicazioni\DeepBurner
2010-02-02 19:50 . 2010-02-02 19:50 -------- d-----w- c:\documents and settings\chiara\Dati applicazioni\Auslogics
2010-02-02 19:26 . 2009-11-29 15:37 43000 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2010-02-01 16:58 . 2010-01-31 17:49 -------- d-----w- c:\documents and settings\Firo\Dati applicazioni\Canneverbe_Limited
2010-02-01 06:59 . 2010-02-01 06:59 -------- d-----w- c:\programmi\eDonkey2000
2010-01-31 17:50 . 2010-01-31 17:49 -------- d-----w- c:\documents and settings\Firo\Dati applicazioni\DeepBurner
2010-01-30 11:20 . 2010-01-30 11:20 65884 ----a-w- c:\windows\Internet Logs\vsmon_2nd_2010_01_30_12_01_49_small.dmp.zip
2010-01-27 17:33 . 2010-01-27 17:33 65320 ----a-w- c:\windows\Internet Logs\vsmon_2nd_2010_01_27_16_48_30_small.dmp.zip
2010-01-25 08:54 . 2009-09-08 17:05 -------- d-----w- c:\programmi\Microsoft Silverlight
2010-01-17 12:34 . 2010-01-17 12:34 -------- d-----w- c:\documents and settings\Firo\Dati applicazioni\THeUDS
2010-01-17 10:51 . 2009-12-22 17:51 153414 ----a-w- c:\windows\hpoins15.dat
2010-01-14 11:31 . 2009-10-21 17:22 -------- d-----w- c:\documents and settings\Mery\Dati applicazioni\vlc
2010-01-13 13:06 . 2010-01-13 13:05 -------- d-----w- c:\documents and settings\Firo\Dati applicazioni\Skype
2010-01-10 15:14 . 2010-01-10 15:14 161296 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2010-01-07 13:04 . 2010-01-04 10:04 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2010-01-06 15:26 . 2009-12-31 18:45 -------- d-----w- c:\programmi\File comuni\BMM Shared
2010-01-06 10:14 . 2009-11-06 18:30 43000 ----a-w- c:\documents and settings\Firo\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-01-05 15:26 . 2003-01-02 07:35 80008 ----a-w- c:\windows\system32\perfc010.dat
2010-01-05 15:26 . 2003-01-02 07:35 480058 ----a-w- c:\windows\system32\perfh010.dat
2010-01-04 12:01 . 2009-09-06 10:32 43000 ----a-w- c:\documents and settings\Mery\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-12-31 16:50 . 2009-08-18 01:17 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-30 13:39 . 2009-12-30 13:39 0 -c--a-w- c:\windows\nsreg.dat
2009-12-21 19:06 . 2003-01-02 07:35 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-17 16:19 . 2009-12-17 16:19 65304 ----a-w- c:\windows\Internet Logs\vsmon_2nd_2009_12_17_16_44_07_small.dmp.zip
2009-12-17 07:40 . 2003-01-01 23:43 346112 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:08 . 2003-01-02 07:34 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-09 10:07 . 2003-01-02 07:35 2192896 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-09 10:07 . 2002-09-10 03:34 2069760 ----a-w- c:\windows\system32\ntkrnlpa.exe
2004-02-19 21:01 . 2009-08-18 02:00 0 --sha-w- c:\windows\SMINST\HPCD.SYS
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVIEW"="nview.dll" [2003-05-03 835654]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm Client"="c:\programmi\Alice Total Security\zlclient.exe" [2009-04-14 982408]
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
HP Digital Imaging Monitor.lnk - c:\programmi\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=
"d:\\Programmi\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [20/09/2009 16.23.43 133104]
--- Altri Servizi/Drivers In Memoria ---
*Deregistered* - DwShield00002ED4
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contenuto della cartella 'Scheduled Tasks'
2010-03-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-09-20 15:23]
2010-03-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-09-20 15:23]
2010-03-07 c:\windows\Tasks\User_Feed_Synchronization-{7B31EF90-7255-4BEF-ADAD-5844F5B1E605}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
2010-03-07 c:\windows\Tasks\User_Feed_Synchronization-{B2ECD27E-98F2-47B2-9078-BD2D92C4ACC7}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
2010-03-07 c:\windows\Tasks\User_Feed_Synchronization-{F88A73C3-BF82-4225-BF55-104B864B3BD1}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Scansione supplementare -------
.
mSearch Bar = hxxp://srch-it9.hpwis.com/
FF - ProfilePath - c:\documents and settings\Administrator\Dati applicazioni\Mozilla\Firefox\Profiles\ysmajbvs.default\
FF - component: c:\programmi\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBook.dll
FF - component: c:\programmi\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll
FF - component: c:\programmi\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll
FF - component: c:\programmi\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSaturn.dll
FF - component: c:\programmi\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSeymour.dll
FF - component: c:\programmi\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll
FF - component: c:\programmi\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll
FF - component: c:\programmi\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll
FF - component: c:\programmi\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll
FF - component: c:\programmi\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll
FF - component: c:\programmi\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll
FF - component: c:\programmi\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll
FF - component: c:\programmi\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\programmi\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\programmi\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\programmi\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\plugins\nphpclipbook.dll
FF - plugin: d:\programmi\Adobe\Reader 9.0\Reader\browser\nppdf32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
d:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
d:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
d:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
d:\programmi\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
d:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
d:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
d:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
d:\programmi\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
d:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
d:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
d:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
d:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
d:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
d:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
d:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
d:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
d:\programmi\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
d:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
d:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
d:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
d:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
d:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
d:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
d:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
d:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
d:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
d:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
d:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
d:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
d:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
d:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
d:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-03-07 11:50
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
[HKEY_USERS\S-1-5-21-2089025705-2109489055-494430103-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,da,fe,d2,f9,48,ae,fc,49,a5,69,4c,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,da,fe,d2,f9,48,ae,fc,49,a5,69,4c,\
.
Ora fine scansione: 2010-03-07 11:53:13
ComboFix-quarantined-files.txt 2010-03-07 10:52
Pre-Run: 14.339.440.640 byte disponibili
Post-Run: 14.520.426.496 byte disponibili
- - End Of File - - AAF7BBE24600B22564093851869CF1A4
