Finalmente ci sono riuscito ecco qui il report
ComboFix 08-12-29.02 - JollyRoger 2008-12-30 13:19:55.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1040.18.2047.1644 [GMT 1:00]
Eseguito da: c:\documents and settings\JollyRoger\desktop\abc.exe
Interruttori di comando utilizzati :: /killall
* Creato nuovo punto di ripristino
ATENÇÃO - ESTA MAQUINA NAO TEM A CONSOLE DE RECUPERAÇÃO INSTALADA !!.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\128718.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\129750.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\133625.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\154156.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\154984.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\158906.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\179375.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\180109.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\180453.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\297203.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\343875.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\344312.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\344390.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\357859.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\359187.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\359718.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\360859.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\361703.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\362265.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\378765.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\379578.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\379937.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\388890.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\395421.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\396171.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\396703.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\418968.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\431546.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\432140.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\432281.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\85762156.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\85762921.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\85767968.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\85780906.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\85781718.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\downld\85782078.exe
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\srosa.sys
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\srosa2.sys
c:\documents and settings\JollyRoger\Dati applicazioni\drivers\winupgro.exe
c:\documents and settings\JollyRoger\Dati applicazioni\m
C:\InfoSat.txt
c:\windows\msvrc20.dll
c:\windows\system32\tmp20.tmp
c:\windows\system32\w32apiw.dll
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_SROSA
-------\Legacy_SROSA
-------\Legacy_SK9OU0S
-------\Service_sK9Ou0s
((((((((((((((((((((((((( Files Creati Da 2008-11-28 al 2008-12-30 )))))))))))))))))))))))))))))))))))
.
2221-09-28 03:36 . 2221-09-28 03:36 3,120 --a------ c:\windows\MF_C432.lfa
2221-09-28 03:36 . 2221-09-28 03:36 3,120 --a------ c:\windows\MF_C426.lfa
2221-09-28 03:36 . 2221-09-28 03:36 3,120 --a------ c:\windows\MF_C421.lfa
2221-09-28 03:36 . 2221-09-28 03:36 3,120 --a------ c:\windows\MF_C420.lfa
2008-12-28 16:35 . 2008-12-30 13:20 <DIR> d--h----- c:\documents and settings\JollyRoger\Dati applicazioni\drivers
2008-12-12 16:21 . 2008-04-13 11:41 8,192 --a------ c:\windows\system32\drivers\changer.sys
2008-12-12 16:21 . 2008-04-13 11:41 8,192 --a--c--- c:\windows\system32\dllcache\changer.sys
2008-12-12 16:07 . 2008-12-12 16:07 <DIR> d-------- c:\programmi\PC Drivers HeadQuarters
2008-12-12 16:07 . 2008-12-12 16:07 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\PC Drivers HeadQuarters
2008-12-12 14:45 . 2008-12-12 14:47 <DIR> d-------- c:\programmi\Rockstar Games
2008-12-12 14:00 . 2008-12-12 14:01 1,492 --a------ c:\windows\system32\mmdriver.inf
2008-12-12 00:13 . 2008-12-12 00:13 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\ATI
2008-12-12 00:06 . 2008-12-12 00:08 <DIR> d-------- c:\programmi\ATI Technologies
2008-12-12 00:06 . 2008-12-01 14:35 593,920 --------- c:\windows\system32\ati2sgag.exe
2008-12-11 23:57 . 2008-12-11 23:58 10 --a------ c:\windows\WININIT.INI
2008-12-10 00:56 . 2008-12-29 00:07 54,156 --ah----- c:\windows\QTFont.qfn
2008-12-10 00:56 . 2008-12-10 00:56 1,409 --a------ c:\windows\QTFont.for
2008-12-10 00:36 . 2008-05-30 14:19 507,400 --a------ c:\windows\system32\XAudio2_1.dll
2008-12-10 00:36 . 2008-05-30 14:18 238,088 --a------ c:\windows\system32\xactengine3_1.dll
2008-12-10 00:36 . 2008-05-30 14:17 65,032 --a------ c:\windows\system32\XAPOFX1_0.dll
2008-12-10 00:36 . 2008-05-30 14:17 25,608 --a------ c:\windows\system32\X3DAudio1_4.dll
2008-12-10 00:34 . 2008-12-10 00:47 <DIR> d-------- c:\programmi\Microsoft Games for Windows - LIVE
2008-12-08 16:24 . 2008-12-08 16:24 50 --a------ c:\windows\MegaManager.INI
2008-12-06 18:53 . 2008-12-06 18:53 268 --ah----- C:\sqmdata14.sqm
2008-12-06 18:53 . 2008-12-06 18:53 244 --ah----- C:\sqmnoopt14.sqm
2008-12-03 11:40 . 2008-12-03 11:40 <DIR> d-------- c:\documents and settings\JollyRoger\Dati applicazioni\Nitro PDF
2008-12-03 11:38 . 2008-12-03 11:38 <DIR> d-------- c:\programmi\Nitro PDF
2008-12-03 11:38 . 2008-12-03 11:38 <DIR> d-------- c:\programmi\File comuni\Nitro PDF
2008-12-03 11:38 . 2008-12-03 11:38 <DIR> d-------- c:\programmi\File comuni\BCL Technologies
2008-12-03 11:38 . 2008-12-03 11:38 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Nitro PDF
2008-12-02 11:48 . 2008-12-02 11:48 <DIR> d-------- c:\programmi\Digital Support
2008-12-02 11:48 . 2008-12-02 11:48 <DIR> d-------- c:\documents and settings\JollyRoger\Dati applicazioni\Digital Support
2008-12-01 21:52 . 2008-12-01 21:52 425,984 --a------ c:\windows\system32\ATIDEMGX.dll
2008-12-01 21:46 . 2008-12-01 21:46 11,304,960 --a------ c:\windows\system32\atioglxx.dll
2008-12-01 21:41 . 2008-12-01 21:41 188,416 --a------ c:\windows\system32\atipdlxx.dll
2008-12-01 21:40 . 2008-12-01 21:40 147,456 --a------ c:\windows\system32\Oemdspif.dll
2008-12-01 21:40 . 2008-12-01 21:40 143,360 --a------ c:\windows\system32\ati2evxx.dll
2008-12-01 21:40 . 2008-12-01 21:40 43,520 --a------ c:\windows\system32\ati2edxx.dll
2008-12-01 21:40 . 2008-12-01 21:40 26,112 --a------ c:\windows\system32\Ati2mdxx.exe
2008-12-01 21:38 . 2008-12-01 21:38 598,016 --a------ c:\windows\system32\ati2evxx.exe
2008-12-01 21:37 . 2008-12-01 21:37 53,248 --a------ c:\windows\system32\ATIDDC.DLL
2008-12-01 21:19 . 2008-12-01 21:19 307,200 --a------ c:\windows\system32\atiiiexx.dll
2008-12-01 21:11 . 2008-12-01 21:11 3,107,788 --a------ c:\windows\system32\ativvaxx.dat
2008-12-01 21:11 . 2008-12-01 21:11 3,107,788 --a------ c:\windows\system32\ativva5x.dat
2008-12-01 21:11 . 2008-12-01 21:11 887,724 --a------ c:\windows\system32\ativva6x.dat
2008-12-01 21:11 . 2008-12-01 21:11 69,112 --a------ c:\windows\system32\ativvaxx.cap
2008-12-01 20:57 . 2008-12-01 20:57 48,640 --a------ c:\windows\system32\amdpcom32.dll
2008-12-01 20:53 . 2008-12-01 20:53 401,408 --a------ c:\windows\system32\atikvmag.dll
2008-12-01 20:53 . 2008-12-01 20:53 45,056 --a------ c:\windows\system32\amdcalrt.dll
2008-12-01 20:53 . 2008-12-01 20:53 45,056 --a------ c:\windows\system32\amdcalcl.dll
2008-12-01 20:52 . 2008-12-01 20:52 86,016 --a------ c:\windows\system32\atiadlxx.dll
2008-12-01 20:52 . 2008-12-01 20:52 17,408 --a------ c:\windows\system32\atitvo32.dll
2008-12-01 20:51 . 2008-12-01 20:51 53,248 --a------ c:\windows\system32\drivers\ati2erec.dll
2008-12-01 20:50 . 2008-12-01 20:50 3,252,224 --a------ c:\windows\system32\Amdcaldd.dll
2008-12-01 20:50 . 2008-12-01 20:50 286,720 --a------ c:\windows\system32\atiok3x2.dll
2008-11-29 15:21 . 2008-12-06 14:09 <DIR> d-------- c:\documents and settings\JollyRoger\Dati applicazioni\mIRC
2008-11-21 13:25 . 2008-11-21 13:25 268 --ah----- C:\sqmdata13.sqm
2008-11-21 13:25 . 2008-11-21 13:25 244 --ah----- C:\sqmnoopt13.sqm
2008-11-15 00:48 . 2008-11-15 00:48 <DIR> d-------- c:\programmi\Windows Sidebar
2008-11-12 13:57 . 2008-11-12 13:57 <DIR> d-------- c:\programmi\MSXML 4.0
2008-11-12 13:51 . 2008-09-04 18:15 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2008-11-12 13:51 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-08 16:50 . 2008-11-08 16:50 <DIR> d-------- c:\programmi\Ministero beni culturali
2008-11-08 13:08 . 2008-11-08 13:08 <DIR> d-------- c:\programmi\HD Tune Pro
2008-11-02 23:57 . 2008-11-02 23:57 <DIR> d-------- c:\windows\Logs
2008-11-02 23:57 . 2008-05-30 14:11 3,850,760 --a------ c:\windows\system32\D3DX9_38.dll
2008-11-02 23:57 . 2008-05-30 14:11 1,491,992 --a------ c:\windows\system32\D3DCompiler_38.dll
2008-11-02 23:57 . 2008-05-30 14:11 467,984 --a------ c:\windows\system32\d3dx10_38.dll
2008-11-02 14:35 . 2008-11-02 14:35 <DIR> d-------- c:\documents and settings\JollyRoger\Dati applicazioni\Capcom
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-30 01:02 --------- d---a-w c:\documents and settings\All Users\Dati applicazioni\TEMP
2008-12-28 17:06 --------- d-----w c:\programmi\Panda Security
2008-12-28 15:42 --------- d-----w c:\programmi\SpywareBlaster
2008-12-28 02:00 --------- d-----w c:\documents and settings\JollyRoger\Dati applicazioni\Spyware Terminator
2008-12-24 02:00 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Spyware Terminator
2008-12-14 02:00 --------- d-----w c:\programmi\Spyware Terminator
2008-12-12 15:08 --------- d--h--w c:\programmi\InstallShield Installation Information
2008-12-12 09:37 --------- d-----w c:\documents and settings\JollyRoger\Dati applicazioni\uTorrent
2008-12-10 23:47 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2008-12-09 15:50 138,184 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2008-12-01 22:13 3,452,928 ----a-w c:\windows\system32\drivers\ati2mtag.sys
2008-11-14 23:50 --------- d-----w c:\programmi\Nero
2008-11-14 23:50 --------- d-----w c:\programmi\File comuni\Nero
2008-11-14 23:36 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\Nero
2008-11-09 00:06 --------- d-----w c:\programmi\File comuni\Adobe
2008-10-30 23:11 --------- d-----w c:\documents and settings\JollyRoger\Dati applicazioni\EPSON
2008-10-30 23:05 --------- d-----w c:\documents and settings\All Users\Dati applicazioni\UDL
2008-10-30 14:05 --------- d-----w c:\programmi\WinClamAVShield
2008-10-30 12:52 141,312 ----a-w c:\windows\system32\drivers\sp_rsdrv2.sys
2008-10-29 10:19 --------- d-----w c:\programmi\File comuni\Adobe AIR
2008-10-29 10:19 --------- d-----w c:\documents and settings\JollyRoger\Dati applicazioni\com.uplayme.airclient.9B472EFF9A3BAE26509EDFEDD3D8214233BACDB1.1
2008-10-29 10:18 --------- d-----w c:\programmi\ManyCam 2.3
2008-10-28 14:51 --------- d-----w c:\documents and settings\JollyRoger\Dati applicazioni\HiYo
2008-09-05 14:04 288,256 ----a-w c:\windows\WLXPGSS.SCR
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpeedItUpEX"="c:\programmi\Speeditup Free\SpeedItUp.exe" [2008-07-22 2274816]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"tsnpstd3"="c:\windows\tsnpstd3.exe" [2007-03-30 262144]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-18 843776]
"SpywareTerminator"="c:\programmi\Spyware Terminator\SpywareTerminatorShield.exe" [2008-12-30 1783808]
"Nitro PDF Printer Monitor"="c:\programmi\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe" [2008-09-02 210224]
"StartCCC"="c:\programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"SoundMAXPnP"="c:\programmi\Analog Devices\Core\smax4pnp.exe" [2007-10-09 1036288]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 c:\windows\system32\HdAShCut.exe]
c:\documents and settings\JollyRoger\Menu Avvio\Programmi\Esecuzione automatica\
FreePOPs.lnk - c:\programmi\FreePOPs\freepopsd.exe [2007-11-17 49152]
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Logitech SetPoint.lnk - c:\programmi\Logitech\SetPoint\SetPoint.exe [2008-02-09 434176]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoStrCmpLogical"= 1 (0x1)
"NoRecentDocsNetHood"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 1 (0x1)
"MemCheckBoxInRunDlg"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoWelcomeScreen"= 1 (0x1)
"NoRecentDocsNetHood"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.X264"= x264vfw.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\IncrediMail\\bin\\ImApp.exe"=
"c:\\Programmi\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Programmi\\IncrediMail\\bin\\ImpCnt.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programmi\\IncrediMail\\bin\\ImLc.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"d:\\Programmi\\Codemasters\\GRID\\GRID.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\livecall.exe"=
"d:\\Programmi\\KONAMI\\Pro Evolution Soccer 2009\\pes2009.exe"=
"c:\\Programmi\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Programmi\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
R0 VIRAGTLT;VIRAGTLT;c:\windows\system32\drivers\VIRAGTLT.SYS [2008-03-04 39808]
R1 sp_rsdrv2;Spyware Terminator Driver 2;\??\c:\windows\system32\drivers\sp_rsdrv2.sys [2008-10-30 141312]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0;c:\programmi\File comuni\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys [2008-01-14 21632]
S1 SASDIFSV;SASDIFSV; []
S1 SASKUTIL;SASKUTIL; []
S2 RoxLiveShare10;LiveShare P2P Server 10; []
S2 SessionLauncher;SessionLauncher; []
S2 viritsvclite;Virit eXplorer Lite;c:\vexplite\viritsvc.exe [2008-03-23 57344]
S3 AEXPAM;Philips SmartManage Service;c:\windows\system32\Drivers\aexpamdrv.sys [2005-12-20 27008]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2008-08-02 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2008-08-02 8320]
S3 PRODIGY;PRODIGY;c:\windows\system32\Drivers\PRODIGY.SYS [2008-08-18 32377]
S3 SASENUM;SASENUM; []
.
Contenuto della cartella 'Scheduled Tasks'
2008-12-26 c:\windows\Tasks\1-Click Maintenance.job
- c:\programmi\TuneUp Utilities 2008\OneClick.exe [2008-01-08 13:31]
.
- - - - ORFÃOS REMOVIDOS - - - -
BHO-{4B0FAF5A-67C4-4625-AE07-B0DBADA16EBF} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
WebBrowser-{A057A204-BACC-4D26-C39E-35F1D2A32EC8} - (no file)
SafeBoot-sglfb.sys
SafeBoot-tga.sys
SafeBoot-wd.sys
SafeBoot-sacsvr
.
------- Supplementare di scansione -------
.
uStart Page = about:blank
IE: Add to AMV Converter...
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: MediaManager tool grab multimedia file
IE: {{c95fe080-8f5d-11d2-a20b-00aa003c157a} - hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,77,65,62,5c,72,65,6c-,61,74,65,64,2e,68,74,6d,00
TCP: {3AC33E7D-EB52-4DC1-A851-6EA0ECBC4D6E} = 212.216.112.112,212.216.172.62
FF - ProfilePath - c:\documents and settings\JollyRoger\Dati applicazioni\Mozilla\Firefox\Profiles\dufxs4g0.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:blank
FF - prefs.js: keyword.URL -
hxxp://it.search.yahoo.com/search?ei=utf-8&fr=megaup&p=FF - plugin: c:\documents and settings\All Users\Dati applicazioni\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\programmi\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\programmi\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\programmi\Microsoft Silverlight\2.0.31005.0\npctrl.1.0.30716.0.dll
FF - plugin: c:\programmi\Microsoft Silverlight\2.0.31005.0\npctrl.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\npzylomgamesplayer.dll
ATTENTION: FIREFOX POLICES IS IN FORCE FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 200000
FF - user.js: content.notify.interval - 100000
FF - user.js: content.switch.threshold - 650000
FF - user.js: nglayout.initialpaint.delay - 300
FF - user.js: network.http.pipelining - false
FF - user.js: browser.feeds.handler - ask
FF - user.js: network.http.proxy.pipelining - false.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-12-30 13:22:51
Windows 5.1.2600 Service Pack 3 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------
- - - - - - - > 'winlogon.exe'(764)
c:\windows\system32\Ati2evxx.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\system32\PnkBstrA.exe
c:\programmi\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\programmi\File comuni\Logitech\KHAL\KHALMNPR.EXE
c:\programmi\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Ora fine scansione: 2008-12-30 13:24:10 - macchina è stato riavviato
ComboFix-quarantined-files.txt 2008-12-30 12:24:08
Pre-Run: 82,815,168,512 byte disponibili
Post-Run: 82,618,638,336 byte disponibili
300 --- E O F --- 2008-12-18 12:35:54