ciao ecco il log dopo la procedura date indicata
ComboFix 12-06-08.01 - NANDO 09/06/2012 1.05.05.8.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.2909.2397 [GMT 2:00]
Eseguito da: c:\documents and settings\NANDO\Desktop\ComboFix.exe
AV: Kaspersky Anti-Virus *Disabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Anti-Virus *Disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Esecuzione precedente -------
.
c:\programmi\Application Updater\ApplicationUpdater.exe
c:\programmi\Application Updater\config.ini
c:\programmi\File comuni\Spigot\Search Settings\baidu_ff.xml
c:\programmi\File comuni\Spigot\Search Settings\baidu_ie.xml
c:\programmi\File comuni\Spigot\Search Settings\config.ini
c:\programmi\File comuni\Spigot\Search Settings\Lang\res1031.ini
c:\programmi\File comuni\Spigot\Search Settings\Lang\res1033.ini
c:\programmi\File comuni\Spigot\Search Settings\Lang\res1034.ini
c:\programmi\File comuni\Spigot\Search Settings\Lang\res1036.ini
c:\programmi\File comuni\Spigot\Search Settings\Lang\res1040.ini
c:\programmi\File comuni\Spigot\Search Settings\SearchSettings.exe
c:\programmi\File comuni\Spigot\Search Settings\wth.dll
c:\programmi\File comuni\Spigot\Search Settings\yahoo_ff.xml
c:\programmi\File comuni\Spigot\Search Settings\yahoo_ie.xml
c:\programmi\File comuni\Spigot\Search Settings\yandex_ff.xml
c:\programmi\File comuni\Spigot\Search Settings\yandex_ie.xml
c:\programmi\File comuni\Spigot\wtxpcom\chrome.manifest
c:\programmi\File comuni\Spigot\wtxpcom\components\chrome.manifest
c:\programmi\File comuni\Spigot\wtxpcom\components\IFBHOHelperWidgiToolbar.xpt
c:\programmi\File comuni\Spigot\wtxpcom\components\IFBHOWidgiToolbar.xpt
c:\programmi\File comuni\Spigot\wtxpcom\components\install.rdf
c:\programmi\File comuni\Spigot\wtxpcom\components\WidgiToolbarFF.dll
c:\programmi\File comuni\Spigot\wtxpcom\components\WidgiToolbarFF.dll.10
c:\programmi\File comuni\Spigot\wtxpcom\components\WidgiToolbarFF.dll.11
c:\programmi\File comuni\Spigot\wtxpcom\components\WidgiToolbarFF.dll.12
c:\programmi\File comuni\Spigot\wtxpcom\components\WidgiToolbarFF.dll.13
c:\programmi\File comuni\Spigot\wtxpcom\components\WidgiToolbarFF.dll.14
c:\programmi\File comuni\Spigot\wtxpcom\components\WidgiToolbarFF.dll.5
c:\programmi\File comuni\Spigot\wtxpcom\components\WidgiToolbarFF.dll.6
c:\programmi\File comuni\Spigot\wtxpcom\components\WidgiToolbarFF.dll.7
c:\programmi\File comuni\Spigot\wtxpcom\components\WidgiToolbarFF.dll.8
c:\programmi\File comuni\Spigot\wtxpcom\components\WidgiToolbarFF.dll.9
c:\programmi\File comuni\Spigot\wtxpcom\install.rdf
c:\programmi\pdfforge Toolbar\FF\chrome.manifest
c:\programmi\pdfforge Toolbar\FF\chrome\chrome.jar
c:\programmi\pdfforge Toolbar\FF\install.rdf
c:\programmi\pdfforge Toolbar\IE\5.8\config.ini
c:\programmi\pdfforge Toolbar\IE\5.8\pdfforgeToolbarIE.dll
c:\programmi\pdfforge Toolbar\Res\amazon.gif
c:\programmi\pdfforge Toolbar\Res\dropinsavings.gif
c:\programmi\pdfforge Toolbar\Res\dropinsavingsabt.gif
c:\programmi\pdfforge Toolbar\Res\ebay.gif
c:\programmi\pdfforge Toolbar\Res\facebook.gif
c:\programmi\pdfforge Toolbar\Res\googleplus.gif
c:\programmi\pdfforge Toolbar\Res\icon_settings.gif
c:\programmi\pdfforge Toolbar\Res\Lang\res1031.ini
c:\programmi\pdfforge Toolbar\Res\Lang\res1033.ini
c:\programmi\pdfforge Toolbar\Res\Lang\res1034.ini
c:\programmi\pdfforge Toolbar\Res\Lang\res1036.ini
c:\programmi\pdfforge Toolbar\Res\Lang\res1040.ini
c:\programmi\pdfforge Toolbar\Res\pdfc_branding.gif
c:\programmi\pdfforge Toolbar\Res\pdfc_branding_hover.gif
c:\programmi\pdfforge Toolbar\Res\pdfc_icon.gif
c:\programmi\pdfforge Toolbar\Res\pdfc_portal_logo.gif
c:\programmi\pdfforge Toolbar\Res\radio-close.gif
c:\programmi\pdfforge Toolbar\Res\radio-minimize.gif
c:\programmi\pdfforge Toolbar\Res\radiobeta.gif
c:\programmi\pdfforge Toolbar\Res\search-button-hover.gif
c:\programmi\pdfforge Toolbar\Res\search-button.gif
c:\programmi\pdfforge Toolbar\Res\search-chevron-hover.gif
c:\programmi\pdfforge Toolbar\Res\search-chevron.gif
c:\programmi\pdfforge Toolbar\Res\search_amazon.gif
c:\programmi\pdfforge Toolbar\Res\search_baidu.gif
c:\programmi\pdfforge Toolbar\Res\search_ebay.gif
c:\programmi\pdfforge Toolbar\Res\search_yahoo.gif
c:\programmi\pdfforge Toolbar\Res\search_yandex.gif
c:\programmi\pdfforge Toolbar\Res\twitter.gif
c:\programmi\pdfforge Toolbar\Res\widgets.xml
c:\programmi\pdfforge Toolbar\WidgiHelper.exe
.
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_APPLICATION_UPDATER
-------\Service_Application Updater
.
.
((((((((((((((((((((((((( Files Creati Da 2012-05-08 al 2012-06-08 )))))))))))))))))))))))))))))))))))
.
.
2012-06-08 11:02 . 2012-06-08 22:43 97961 ----a-w- c:\windows\system32\drivers\klick.dat
2012-06-08 11:02 . 2012-06-08 22:43 115369 ----a-w- c:\windows\system32\drivers\klin.dat
2012-06-08 11:02 . 2012-06-08 22:59 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Kaspersky Lab
2012-06-08 10:54 . 2012-06-08 10:54 -------- d-----w- C:\_OTL
2012-06-08 10:00 . 2012-06-08 10:00 -------- d-----w- c:\programmi\Dropbox
2012-06-08 09:59 . 2012-06-08 23:00 -------- d-----w- c:\documents and settings\NANDO\Dati applicazioni\Dropbox
2012-05-24 07:46 . 2012-05-24 07:46 -------- d-----w- c:\documents and settings\NANDO\Impostazioni locali\Dati applicazioni\Sun
2012-05-24 07:46 . 2012-05-24 07:46 -------- d-----w- c:\programmi\File comuni\Java
2012-05-24 07:46 . 2012-05-24 07:46 -------- d-----w- c:\programmi\Oracle
2012-05-24 07:46 . 2012-05-24 07:46 -------- d-----w- c:\documents and settings\NANDO\Dati applicazioni\Oracle
2012-05-24 07:46 . 2012-04-04 16:47 772504 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-05-24 07:43 . 2012-05-24 07:43 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-24 07:43 . 2012-05-24 07:43 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-23 10:37 . 2012-05-23 17:01 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Avira
2012-05-23 08:19 . 2009-09-14 11:42 32272 ----a-w- c:\windows\system32\drivers\klim5.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-31 13:21 . 2009-10-27 05:54 603136 ----a-w- c:\windows\system32\crypt32.dll
2012-04-11 13:51 . 2008-04-13 18:55 2030080 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-11 13:51 . 2009-10-27 05:54 1862272 ----a-w- c:\windows\system32\win32k.sys
2012-04-11 13:51 . 2008-04-13 18:54 2151936 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-04 16:47 . 2009-10-27 05:50 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-04-04 16:47 . 2010-06-01 06:24 687504 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-28 16:26 . 2012-03-28 18:08 141120 ----a-w- C:\unhider.exe
2012-03-28 16:10 . 2012-03-28 18:08 9502424 ----a-w- C:\mbam.setup.exe
2012-05-02 14:47 . 2011-05-06 07:58 97208 ----a-w- c:\programmi\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2012-06-08_10.10.11 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-06-08 22:57 . 2012-06-08 22:57 16384 c:\windows\temp\Perflib_Perfdata_364.dat
+ 2009-10-27 05:54 . 2012-06-08 10:54 94368 c:\windows\system32\perfc010.dat
- 2009-10-27 05:54 . 2012-05-24 07:45 94368 c:\windows\system32\perfc010.dat
- 2009-10-27 05:54 . 2012-05-24 07:45 72628 c:\windows\system32\perfc009.dat
+ 2009-10-27 05:54 . 2012-06-08 10:54 72628 c:\windows\system32\perfc009.dat
+ 2009-09-09 16:01 . 2009-09-09 16:01 27675 c:\windows\system32\drivers\klopp.dat
- 2009-10-27 05:54 . 2012-05-24 07:45 515750 c:\windows\system32\perfh010.dat
+ 2009-10-27 05:54 . 2012-06-08 10:54 515750 c:\windows\system32\perfh010.dat
+ 2009-10-27 05:54 . 2012-06-08 10:54 444370 c:\windows\system32\perfh009.dat
- 2009-10-27 05:54 . 2012-05-24 07:45 444370 c:\windows\system32\perfh009.dat
+ 2009-10-28 20:24 . 2009-10-28 20:24 219664 c:\windows\system32\klogon.dll
+ 2012-06-08 11:01 . 2012-06-08 11:01 223760 c:\windows\system32\drivers\klif.sys
+ 2009-09-01 12:29 . 2009-09-01 12:29 128016 c:\windows\system32\drivers\kl1.sys
+ 2012-06-08 11:02 . 2012-06-08 11:02 3878912 c:\windows\Installer\3fafe.msi
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\documents and settings\NANDO\Dati applicazioni\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\documents and settings\NANDO\Dati applicazioni\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\documents and settings\NANDO\Dati applicazioni\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\documents and settings\NANDO\Dati applicazioni\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FlashCAD"="c:\programmi\FlashCAD\FlashCAD.exe" [BU]
"TomTomHOME.exe"="c:\programmi\TomTom HOME 2\TomTomHOMERunner.exe" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HWSetup"="c:\programmi\TOSHIBA\TOSHIBA Applet\HWSetup.exe" [2004-05-01 28672]
"SVPWUTIL"="c:\programmi\Toshiba\Windows Utilities\SVPWUTIL.exe" [2009-04-28 90112]
"Ce****"="c:\programmi\TOSHIBA\*****\Ce****.exe" [2009-06-04 827392]
"TDispVol"="TDispVol.exe" [2009-04-24 208896]
"DDWMon"="c:\programmi\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe" [2007-04-26 495616]
"Zooming"="ZoomingHook.exe" [2005-06-06 24576]
"SmoothView"="c:\programmi\TOSHIBA\Utilità di zoom TOSHIBA\SmoothView.exe" [2008-09-10 143360]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-05-21 143360]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-05-21 163840]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-05-21 135168]
"RTHDCPL"="RTHDCPL.EXE" [2009-07-28 18671104]
"SynTPEnh"="c:\programmi\Synaptics\SynTP\SynTPEnh.exe" [2009-07-20 1545512]
"TPSMain"="TPSMain.exe" [2009-08-26 266240]
"TCtryIOHook"="TCtrlIOHook.exe" [2009-04-30 28672]
"TAccessibility"="c:\programmi\TOSHIBA\Accessibility\TAccessibility.exe" [2009-04-24 110592]
"TWebCamera"="c:\programmi\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2009-05-26 2549624]
"TPNF"="c:\program files\TOSHIBA\TouchPad\TPTray.exe" [2009-05-08 81920]
"DLSService"="c:\programmi\DYMO\DYMO Label Software\DLSService.exe" [2009-10-28 55808]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\ssmmgr.exe" [2009-08-28 614400]
"RIMBBLaunchAgent.exe"="c:\programmi\File comuni\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192]
"SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe" [2012-01-17 252296]
"AVP"="c:\programmi\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe" [2009-10-28 315736]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"TOSHIBA Online Product Information"="c:\programmi\TOSHIBA\Toshiba Online Product Information\topi.exe" [2009-03-16 6158240]
.
c:\documents and settings\NANDO\Menu Avvio\Programmi\Esecuzione automatica\
Adobe Gamma.lnk - c:\programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
Dropbox.lnk - c:\documents and settings\NANDO\Dati applicazioni\Dropbox\bin\Dropbox.exe [2012-6-7 27502520]
.
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Windows Search.lnk - c:\programmi\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programmi\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\NANDO\\Dati applicazioni\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R2 tdudf;TOSHIBA UDF File System Driver;c:\windows\system32\drivers\tdudf.sys [26/03/2007 14.22.18 105856]
R2 trudf;TOSHIBA DVD-RAM UDF File System Driver;c:\windows\system32\drivers\trudf.sys [19/02/2007 14.15.32 134016]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [29/04/2010 11.03.35 110080]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [23/05/2012 10.19.50 32272]
R3 PGEffect;Pangu effect driver;c:\windows\system32\drivers\PGEffect.sys [29/04/2010 11.15.04 24064]
R3 RTL8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\drivers\rtl8192se.sys [29/04/2010 11.09.44 555648]
S2 ONDA Autorun CDROM Monitor;ONDA Autorun CDROM Monitor;c:\windows\system32\SupportAppXL\onda_mon.exe [27/01/2011 20.37.27 86016]
S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [24/05/2012 9.43.45 257696]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [29/04/2010 11.07.38 1684736]
S3 DlinkUDSMBus;DlinkUDSMBus;c:\windows\system32\Drivers\DlinkUDSMBus.sys --> c:\windows\system32\Drivers\DlinkUDSMBus.sys [?]
S3 esgiguard;esgiguard;\??\c:\programmi\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\programmi\Enigma Software Group\SpyHunter\esgiguard.sys [?]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys --> c:\windows\system32\DRIVERS\ewusbnet.sys [?]
S3 FARMNTIO;FARMNTIO;c:\windows\system32\drivers\FarMntIo.sys [04/07/2011 19.18.51 13184]
S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys --> c:\windows\system32\DRIVERS\ewusbfake.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\programmi\Mozilla Maintenance Service\maintenanceservice.exe [02/05/2012 16.47.42 129976]
S3 ONDAusbmdm6k;ONDA Proprietary USB Driver;c:\windows\system32\DRIVERS\ONDAusbmdm6k.sys --> c:\windows\system32\DRIVERS\ONDAusbmdm6k.sys [?]
S3 ONDAusbnet;ONDA USB-NDIS miniport;c:\windows\system32\DRIVERS\ONDAusbnet.sys --> c:\windows\system32\DRIVERS\ONDAusbnet.sys [?]
S3 ONDAusbnmea;ONDA NMEA Port;c:\windows\system32\DRIVERS\ONDAusbnmea.sys --> c:\windows\system32\DRIVERS\ONDAusbnmea.sys [?]
S3 ONDAusbser6k;ONDA Diagnostic Port;c:\windows\system32\DRIVERS\ONDAusbser6k.sys --> c:\windows\system32\DRIVERS\ONDAusbser6k.sys [?]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [29/04/2010 11.07.06 165888]
S3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys --> c:\windows\system32\DRIVERS\Rts516xIR.sys [?]
S3 UpgradeService;Project Barcode Reader;c:\programmi\Project srl\Project Archivia Barcode reader\BarcodeReaderService.exe [09/06/2008 15.44.00 36864]
.
Contenuto della cartella 'Scheduled Tasks'
.
2012-06-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-24 07:43]
.
.
------- Scansione supplementare -------
.
mStart Page = hxxp://www.sembrarpaz.com/start.php
uInternet Connection Wizard,ShellNext = iexplore
IE: Aggiungi ad Anti-Banner - c:\programmi\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\ie_banner_deny.htm
IE: Cerca nel web - c:\programmi\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\documents and settings\NANDO\Dati applicazioni\Mozilla\Firefox\Profiles\gawqmdr7.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - SweetIM Search
FF - prefs.js: browser.startup.homepage - hxxp://www.virgilio.it/
FF - prefs.js: keyword.URL - hxxp://it.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=302398&p=
.
.
------- Associazioni dei file -------
.
.scr=AutoCADScriptFile
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
HKLM-Run-SearchSettings - c:\programmi\File comuni\Spigot\Search Settings\SearchSettings.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
GMER - Rootkit Detector and Remover
Rootkit scan 2012-06-09 01:11
Windows 5.1.2600 Service Pack 3 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'explorer.exe'(2304)
c:\windows\system32\WININET.dll
c:\documents and settings\NANDO\Dati applicazioni\Dropbox\bin\DropboxExt.14.dll
c:\windows\system32\TDispVol.dll
c:\windows\system32\msi.dll
c:\windows\system32\TPwrCfg.DLL
c:\windows\system32\TPwrReg.dll
c:\windows\system32\TPSTrace.DLL
.
Ora fine scansione: 2012-06-09 01:12:47
ComboFix-quarantined-files.txt 2012-06-08 23:12
ComboFix2.txt 2012-06-08 10:11
ComboFix3.txt 2012-03-29 17:56
ComboFix4.txt 2012-03-29 14:07
.
Pre-Run: 159.946.366.976 byte disponibili
Post-Run: 159.923.269.632 byte disponibili
.
- - End Of File - - 0F752B4AE767661E33850C8E7C43663C