nulla di nulla nemmeno li

come vedi qui non ce nulla



e nei registri che vedi,li ho controllati tutti uno ad un e non cè nulla riguardo a pctools




se andavi a dare un occhiata alle mie pagine precedenti,vedi che (come gia ho detto) le chiavi si trovano quì,non dove mi indichi te




qual è la prossima mossa?

Per le password di Google Chrome eccoti come salvartele Link

Per il problema aggiornamenti con la chiavetta potresti andare da qualcuno che ha una connessione veloce (con un drive in tasca) e salvarti almeno il SP1 e SP2 ,per poi installarteli off line . Potrebbe essere necessario tra il SP1 e il SP2 installre prima un aggiornamento on line di 5 MB (dico potrebbe perchè è da parecchio che non lo faccio su Vista ,e le cose cambiano in continuazione)

Comunque permettimi di dirti con il dovuto rispetto,che non è bello vedere (in alcuni tuoi commenti) il tuo modo di dire grazie.

Conosco shap molto poco ,ma tutti qui in questo forum possono confermare che su questi tipi di problematiche è il migliore (assieme a r16)

Purtroppo da remoto è difficile a volte aiutare,e individuare subito il problema.

shapiro,ho provato con Regseeker,le trova tutte e le cancella,ma si ricreano al riavvio

comunque ecco un altro disperato come me... potete trovarlo in questo riferimento

no no,le ho trovate proprio tutte con reg seeker,basta mettere il nome della sys (ad esempio PCTCore) e ne trova una cinquantina,poi le elimino una ad una senza farne il back up,ma al riavvio se riapro reg seeker e le ricerco le trovo tutte di nuovo al loro posto,hai dato un occhiata a questo povero disperato come me? lo trovi quì.

no no ti ringrazio

apri il registro e cerca tra queste chiavi, vedo che sei sveglia



HKEY_CURRENT_USER \ Software \ PCTools \ Spyware Doctor
HKEY_LOCAL_MACHINE\SOFTWARE\PCTools\Spyware Doctor HKEY_LOCAL_MACHINE \ SOFTWARE \ PCTools \ Spyware Doctor
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\Spyware Doct HKEY_LOCAL_MACHINE

oppure scaricati Revo Uninstaller

fai anche pulizia con ccleaner registro compreso

vado a nanna

Notte kikka ;)

gia tutto provato shapy,
HKEY_CURRENT_USER \ Software \ PCTools \ Spyware Doctor
HKEY_LOCAL_MACHINE\SOFTWARE\PCTools\Spyware Doctor HKEY_LOCAL_MACHINE \ SOFTWARE \ PCTools \ Spyware Doctor
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\Spyware Doct HKEY_LOCAL_MACHINE
NON ESISTONO fra le chiavi esistenti.

revo cel hogia e l ho gia lanciato da mesi piu volte,niente da fare....non cancella nè trova nulla.

ccleaner lo uso 20 volte al giorno,ho un sacco di programmi di pulizia,antivirus ecc,mi mancavano quelli che mi hai dati tu e forse qualke altro... anzi,volgio farti un regalo,forse questo software non lo conosci...me l ha dato un mio amico francese,è similissimo a combofix
,ma è (secondo il mio modestissimo parere) molto piu efficace,utilizza (come mi ha spiegato la persona che me lo ha dato) un euristica di scansione avanzata che prima di scansionare un file sospetto lo "stuzzica" cercando di lanciarlo e controllandone la reazione... se l eseguibile scansionato risponde simulando a sua volta una reazione sospetta pre_scan(così si chiama) lo mette in quarantena. per chi non l ha mai provato posso dire che questo ti trova veramente cose particolarmente nascoste,l unica pecca che ha è che ti disattiva l antivirus e il controllo account utente,ma poi basta riattivarli e torna tutto apposto... per chi volesse provarlo questo è il link.

E' Natale.
@kikkas93:

Scarica Combofix (usa Internet Explorer)

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Salvalo sul desktop. (è obligatorio)

Importante: Disabilita il tuo antivirus e chiudi TUTTI i programmi aperti,(Firewall compreso) e dopo aver scaricato COMBOFIX, chiudi la connessione.

Doppio click su combofix.exe (se usi Vista: tasto destro su Combofix.exe e clicca su: "Esegui come Amministratore" )

Se ti verrà chiesto se vuoi Installare LA CONSOLE DI RIPRISTINO DI EMERGENZA, clicca NO.

E' probabile che ti siano inviati messaggi dall'antivirus,(o dallo stesso Combofix) tu ignorali, e prosegui tranquillamente.

Durante l'operazione di scansione è importante non usare il PC (neanche il mouse) e attendere pazientemente la fine delle operazioni.
Al termine, verrà creato un file log sul Desktop, chiamato C:\ComboFix.txt.
Postalo qui.

ciao r16,grazie di essere intervenuto,la tua fama ti precede
dunque.... ho usato combofix una dozzina di volte,ma comunque una in piu ormai non penso che distrugga il so piu di quanto è gia stato massacrato da me...

una domanda prima che tu inizi a visionare il log: come mai nonostante io ho disattivato avira,lui mi ha interrotto per 5 volte la scansione di ComboFix con questo messaggio? C:\ComboFix\CF31777.3exe(comunque io gli ho dato per tutte e 5 le volte il comando di lasciarlo passare...
P.S. se leggi polizia di stato o roba del genere non spaventarti,cel ha lasciato mio fratello che mel ha regalato il pc.
ECCO IL LOG FRESCO


ComboFix 11-12-25.03 - polizia di Stato 26/12/2011 17.26.29.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.39.1040.18.2046.1313 [GMT 1:00]
Eseguito da: c:\users\polizia di Stato\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Creati Da 2011-11-26 al 2011-12-26 )))))))))))))))))))))))))))))))))))
.
.
2011-12-26 16:34 . 2011-12-26 16:34 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-12-26 14:43 . 2011-12-26 14:43 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AB3B9362-A15F-49FC-A552-5F786DC3FE66}\offreg.dll
2011-12-26 06:13 . 2011-12-26 06:13 -------- d-----w- c:\users\Default
2011-12-26 04:58 . 2011-12-26 04:58 -------- d-----w- c:\windows\Application Data
2011-12-25 23:37 . 2011-12-25 23:37 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-12-25 05:15 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AB3B9362-A15F-49FC-A552-5F786DC3FE66}\mpengine.dll
2011-12-25 01:28 . 2011-12-25 22:27 -------- d-----w- C:\Kill'em
2011-12-24 16:52 . 2011-12-24 16:52 -------- d-----w- c:\program files\Microsoft.NET
2011-12-24 01:57 . 2011-09-09 17:23 2469760 ----a-w- c:\windows\system32\BootMan.exe
2011-12-24 01:57 . 2011-07-29 12:54 86408 ----a-w- c:\windows\system32\setupempdrv03.exe
2011-12-24 01:57 . 2011-07-29 12:54 19840 ----a-w- c:\windows\system32\EuEpmGdi.dll
2011-12-24 01:57 . 2011-12-24 01:57 -------- d-----w- c:\program files\EASEUS
2011-12-24 01:14 . 2011-12-24 05:03 -------- d-----w- c:\windows\system32\NtmsData
2011-12-21 16:54 . 2011-03-03 15:40 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-12-21 16:54 . 2011-03-03 13:35 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-12-21 16:54 . 2010-09-06 16:20 125952 ----a-w- c:\windows\system32\srvsvc.dll
2011-12-21 16:54 . 2010-09-06 16:19 17920 ----a-w- c:\windows\system32\netevent.dll
2011-12-21 16:53 . 2011-03-12 21:55 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-12-21 16:53 . 2009-08-24 11:36 377344 ----a-w- c:\windows\system32\winhttp.dll
2011-12-21 15:37 . 2010-02-12 10:32 293376 ----a-w- c:\windows\system32\browserchoice.exe
2011-12-21 15:22 . 2011-02-22 13:33 1068544 ----a-w- c:\windows\system32\DWrite.dll
2011-12-21 15:22 . 2011-02-22 13:33 797696 ----a-w- c:\windows\system32\FntCache.dll
2011-12-21 15:22 . 2011-02-22 14:13 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-12-21 15:21 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\system32\gameux.dll
2011-12-21 15:18 . 2009-08-14 13:49 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2011-12-21 15:18 . 2009-08-14 13:49 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2011-12-21 15:18 . 2009-08-14 13:49 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2011-12-21 15:18 . 2009-08-14 13:49 19968 ----a-w- c:\windows\system32\ARP.EXE
2011-12-21 15:18 . 2009-08-14 13:49 10240 ----a-w- c:\windows\system32\finger.exe
2011-12-21 15:18 . 2009-08-14 13:48 105984 ----a-w- c:\windows\system32\netiohlp.dll
2011-12-21 15:18 . 2009-08-14 13:49 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2011-12-21 15:18 . 2009-08-14 13:49 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2011-12-21 15:16 . 2010-08-31 15:46 954752 ----a-w- c:\windows\system32\mfc40.dll
2011-12-21 15:16 . 2010-08-31 15:46 954288 ----a-w- c:\windows\system32\mfc40u.dll
2011-12-21 15:16 . 2009-06-15 14:52 499712 ----a-w- c:\windows\system32\kerberos.dll
2011-12-21 15:16 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll
2011-12-21 15:16 . 2009-07-15 12:39 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2011-12-21 15:14 . 2011-04-21 13:58 273408 ----a-w- c:\windows\system32\drivers\afd.sys
2011-12-21 15:13 . 2010-04-05 17:02 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2011-12-21 15:13 . 2010-06-18 17:31 36864 ----a-w- c:\windows\system32\rtutils.dll
2011-12-21 15:02 . 2009-09-10 14:58 1418752 ----a-w- c:\program files\Windows Media Player\setup_wm.exe
2011-12-21 15:02 . 2009-09-10 14:58 310784 ----a-w- c:\windows\system32\unregmp2.exe
2011-12-21 02:10 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2011-12-21 02:10 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2011-12-21 02:10 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2011-12-21 02:03 . 2009-11-09 12:30 8192 ----a-w- c:\windows\system32\iisrstap.dll
2011-12-21 02:03 . 2009-11-09 10:48 14848 ----a-w- c:\windows\system32\iisreset.exe
2011-12-21 02:03 . 2009-11-09 12:30 153600 ----a-w- c:\windows\system32\iisRtl.dll
2011-12-21 02:03 . 2010-02-20 23:06 24064 ----a-w- c:\windows\system32\nshhttp.dll
2011-12-21 02:03 . 2009-11-09 12:28 51712 ----a-w- c:\windows\system32\admwprox.dll
2011-12-21 02:03 . 2009-11-09 12:28 27136 ----a-w- c:\windows\system32\ahadmin.dll
2011-12-21 02:03 . 2010-02-20 23:05 30720 ----a-w- c:\windows\system32\httpapi.dll
2011-12-21 02:03 . 2010-02-20 20:53 411648 ----a-w- c:\windows\system32\drivers\http.sys
2011-12-21 02:03 . 2009-11-09 12:32 10752 ----a-w- c:\windows\system32\wamregps.dll
2011-12-21 01:57 . 2011-08-25 16:15 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-12-21 01:57 . 2011-08-25 13:31 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2011-12-21 01:57 . 2011-08-25 16:14 563712 ----a-w- c:\windows\system32\oleaut32.dll
2011-12-21 01:57 . 2011-08-25 16:14 238080 ----a-w- c:\windows\system32\oleacc.dll
2011-12-21 01:55 . 2011-07-06 15:31 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-12-21 01:54 . 2011-04-14 14:59 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-12-21 01:52 . 2011-02-22 13:23 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-12-21 01:51 . 2009-12-04 18:29 1314816 ----a-w- c:\windows\system32\quartz.dll
2011-12-21 01:51 . 2009-12-04 18:30 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2011-12-21 01:51 . 2009-12-04 18:28 22528 ----a-w- c:\windows\system32\msyuv.dll
2011-12-21 01:51 . 2009-12-04 18:28 31744 ----a-w- c:\windows\system32\msvidc32.dll
2011-12-21 01:51 . 2009-12-04 18:28 13312 ----a-w- c:\windows\system32\msrle32.dll
2011-12-21 01:51 . 2009-12-04 18:28 123904 ----a-w- c:\windows\system32\msvfw32.dll
2011-12-21 01:51 . 2009-12-04 18:28 82944 ----a-w- c:\windows\system32\mciavi32.dll
2011-12-21 01:51 . 2009-12-04 18:28 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2011-12-21 01:51 . 2009-12-04 18:27 91136 ----a-w- c:\windows\system32\avifil32.dll
2011-12-21 01:35 . 2010-04-05 17:01 67072 ----a-w- c:\windows\system32\asycfilt.dll
2011-12-21 01:07 . 2010-08-20 16:05 867328 ----a-w- c:\windows\system32\wmpmde.dll
2011-12-21 00:46 . 2011-09-30 15:57 707584 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-12-21 00:31 . 2011-06-17 16:03 375808 ----a-w- c:\windows\system32\winsrv.dll
2011-12-21 00:30 . 2010-05-27 20:08 81920 ----a-w- c:\windows\system32\iccvid.dll
2011-12-21 00:30 . 2011-10-14 16:02 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-12-21 00:27 . 2011-04-29 15:59 276992 ----a-w- c:\windows\system32\schannel.dll
2011-12-21 00:26 . 2010-01-13 17:34 98304 ----a-w- c:\windows\system32\cabview.dll
2011-12-21 00:26 . 2010-10-18 13:37 81920 ----a-w- c:\windows\system32\consent.exe
2011-12-21 00:26 . 2009-08-10 12:35 355328 ----a-w- c:\windows\system32\WSDApi.dll
2011-12-21 00:22 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
2011-12-21 00:02 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll
2011-12-21 00:02 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe
2011-12-21 00:02 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2011-12-21 00:02 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll
2011-12-21 00:02 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll
2011-12-21 00:02 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll
2011-12-21 00:02 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll
2011-12-21 00:02 . 2009-08-06 18:23 171608 ----a-w- c:\windows\system32\wuwebv.dll
2011-12-21 00:02 . 2009-08-06 17:44 33792 ----a-w- c:\windows\system32\wuapp.exe
2011-12-20 22:57 . 2009-11-08 09:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-12-20 22:57 . 2009-11-08 09:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-12-20 22:57 . 2009-11-08 09:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-12-20 22:57 . 2009-11-08 09:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-12-20 22:57 . 2009-11-08 09:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-12-20 22:49 . 2011-12-20 22:51 -------- d-----w- c:\windows\system32\config\systemprofile\{56a1c942-ba0f-4a8f-b0db-7dd302a7a9bd}
2011-12-20 22:48 . 2009-07-14 17:45 38480 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2011-12-20 22:48 . 2009-07-14 17:45 445008 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2011-12-20 22:48 . 2011-12-20 22:48 -------- d-sh--we c:\programdata\Preferiti
2011-12-20 22:48 . 2011-12-20 22:48 -------- d-sh--we c:\programdata\Modelli
2011-12-20 22:48 . 2011-12-20 22:48 -------- d-sh--we c:\programdata\Menu Avvio
2011-12-20 22:48 . 2011-12-20 22:48 -------- d-sh--we c:\programdata\Documenti
2011-12-20 22:48 . 2011-12-20 22:48 -------- d-sh--we c:\programdata\Dati applicazioni
2011-12-20 22:48 . 2011-12-20 22:48 -------- d-sh--we c:\program files\File comuni
2011-12-20 22:47 . 2011-12-26 05:08 -------- d-----w- c:\windows\Debug
2011-12-20 22:43 . 2011-12-20 22:43 -------- d-----w- c:\windows\system32\config\systemprofile\{e4340636-4fce-4122-bbb3-80b7f0c29ea9}
2011-12-20 22:15 . 2011-12-25 15:05 -------- d-----w- c:\users\polizia di Stato
2011-12-20 22:15 . 2011-12-25 15:05 -------- d-----w- c:\users\Administrator
2011-12-20 22:12 . 2011-12-20 22:22 -------- d-----w- c:\programdata\NVIDIA
2011-12-20 22:12 . 2011-12-25 05:12 -------- d-sh--w- c:\windows\Installer
2011-12-20 22:12 . 2009-10-03 05:02 584296 ----a-w- c:\windows\system32\nvuninst.exe
2011-12-20 22:11 . 2011-12-20 22:11 -------- d-----w- c:\program files\Motorola
2011-12-20 22:11 . 2011-12-20 22:11 -------- d-----w- c:\program files\Synaptics
2011-12-20 21:58 . 2007-05-31 08:21 224136 ----a-w- c:\windows\system32\drivers\UMDF\WpdRapi2.dll
2011-12-17 15:59 . 2011-12-20 22:19 -------- d-----w- c:\program files\Intel
2011-12-17 15:59 . 2000-01-01 00:00 53248 ----a-w- c:\windows\system32\CSVer.dll
2011-12-16 20:38 . 2011-12-20 22:22 -------- d-----w- c:\program files\RefreshPC
2011-12-16 20:38 . 2002-06-13 12:02 32768 ----a-w- c:\windows\system32\svcmgr.ocx
2011-12-15 03:17 . 2011-12-15 03:17 407312 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-12-15 00:35 . 2011-12-15 00:35 319456 ----a-w- c:\windows\DIFxAPI.dll
2011-12-15 00:34 . 2011-12-15 00:36 -------- d--h--w- c:\program files\Temp
2011-12-15 00:13 . 2010-01-10 18:40 118784 ----a-w- c:\windows\system32\MSSTDFMT.DLL
2011-12-15 00:13 . 2010-01-10 18:40 1071088 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2011-12-12 21:49 . 2011-12-20 22:22 -------- d-----w- c:\program files\Unknown Device Identifier
2011-12-12 08:23 . 2011-12-12 08:23 106904 ----a-w- c:\windows\system32\drivers\avfwot.sys
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-22 03:33 . 2011-11-22 03:34 69632 ----a-w- c:\windows\system32\javacpl.cpl
2011-11-21 17:54 . 2011-11-21 17:54 23624 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-11-16 21:50 . 2011-11-16 21:50 1060864 ----a-w- c:\windows\system32\mfc71.dll
2011-11-16 21:50 . 2011-11-16 21:50 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-11-16 21:50 . 2011-11-16 21:50 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2011-11-15 13:29 . 2011-11-15 15:34 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-10-28 10:03 . 2011-11-20 17:48 70536 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2011-10-28 10:02 . 2011-11-20 14:45 185560 ----a-w- c:\windows\system32\drivers\PCTSD.sys
2011-10-28 10:01 . 2011-11-20 17:49 17848 ----a-w- c:\windows\system32\drivers\pctBTFix.sys
2011-10-28 09:41 . 2011-11-20 17:49 105792 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys
2011-10-28 09:40 . 2011-11-20 17:49 252840 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2011-10-22 14:11 . 2011-11-20 14:45 331880 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2011-10-22 14:11 . 2011-11-20 14:45 162584 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2011-10-07 16:52 . 2011-11-20 14:45 341656 ----a-w- c:\windows\system32\drivers\pctDS.sys
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-02-04 281768]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-27 1721640]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-10-03 13826664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoChangeAnimation"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyPictures"= 0 (0x0)
"NoStartMenuMyMusic"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoChangeAnimation"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoFileAssociate"= 0 (0x0)
"NoSimpleStartMenu"= 0 (0x0)
"NoStartMenuMyGames"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HijackThis startup scan]
2010-03-25 17:42 388096 ----a-w- c:\program files\Trend Micro\HiJackThis\HiJackThis.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
2009-11-24 10:07 323640 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
2009-10-26 13:46 1458176 ----a-w- c:\program files\Motorola\SMSERIAL\sm56hlpr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-11-22 03:34 77824 ----a-w- c:\program files\Java\jre1.6.0\bin\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2010-07-04 19:51 17408 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]
2009-04-11 13:18 2153472 ----a-w- c:\windows\System32\oobefldr.dll
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-01-12 227896]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R4 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\Avira\AntiVir Desktop\avmailc.exe [2011-12-07 340136]
R4 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2011-12-07 428200]
R4 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-12-07 136360]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
bthsvcs REG_MULTI_SZ BthServ
rsmsvcs REG_MULTI_SZ ntmssvc
.
Contenuto della cartella 'Scheduled Tasks'
.
2011-12-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2341135496-3086221404-111232173-1000Core.job
- c:\users\polizia di Stato\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-15 08:59]
.
2011-12-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2341135496-3086221404-111232173-1000UA.job
- c:\users\polizia di Stato\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-15 08:59]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.0.1
.
.
------- Associazioni dei file -------
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-26 17:35
Windows 6.0.6002 Service Pack 2 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\S-1-5-21-2341135496-3086221404-111232173-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Streams\Desktop]
@DACL=(02 0000)
"TaskbarWinXP"=hex:0c,00,00,00,08,00,00,00,06,00,00,00,00,00,00,00,b0,e2,2b,d8,
64,57,d0,11,a9,6e,00,c0,4f,d7,05,a2,22,00,1c,00,0a,11,00,00,1a,00,00,00,01,\
"Toolbars"=hex:11,00,00,00,00,00,00,00
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1E901C4F-AC04-4fe6-9064-2905218766F3}\{500E3631-1DA4-422A-8E8D-39B712098950}\data]
@DACL=(02 0000)
"Activity"=dword:00000003
"CisHaveAV"=dword:00000000
"CisHaveFW"=dword:00000001
"CisIsFree"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1E901C4F-AC04-4fe6-9064-2905218766F3}\{D519A262-6F52-464B-B894-376312E60163}\data]
@DACL=(02 0000)
"Activity"=dword:00000003
"CisHaveAV"=dword:00000000
"CisHaveFW"=dword:00000001
"CisIsFree"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Search\Gather\Windows\SystemIndex\Extensions]
@DACL=(02 0000)
"IncludedExtensions"=dword:00000000
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Search\Gather\Windows\SystemIndex\Mappings]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Search\Gather\Windows\SystemIndex\Protocols]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Search\Gather\Windows\SystemIndex\Sites]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Search\Gather\Windows\SystemIndex\StartPages]
@DACL=(02 0000)
"NewStartPageIdentifier"=dword:00000004
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Search\Gather\Windows\SystemIndex\StreamLog]
@DACL=(02 0000)
"CurrentStreamLog"=dword:00000003
"MaxLogs"=dword:00000005
"StreamLogCount"=dword:00000002
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\Answer]
@DACL=(02 0000)
"1"="ATA<cr>"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\Clients]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\EnableCallerID]
@DACL=(02 0000)
"1"="at+vcid=1<cr>"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\EnableDistinctiveRing]
@DACL=(02 0000)
"1"="at+vdr=1<cr>"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\Fax]
@DACL=(02 0000)
"HardwareFlowControl"="1"
"SetupCommand"="ATS7=60/Q3"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\GenerateDigit]
@DACL=(02 0000)
"1"="at+vts=<Digit><cr>"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\Hangup]
@DACL=(02 0000)
"1"="ATH<cr>"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\Init]
@DACL=(02 0000)
"1"="AT<cr>"
"2"="AT&F&D2&C1V1S0=0E0<cr>"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\LineSetPlayFormat]
@DACL=(02 0000)
"1"="at+vsm=129<cr>"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\LineSetRecordFormat]
@DACL=(02 0000)
"1"="at+vsm=129<cr>"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\Monitor]
@DACL=(02 0000)
"1"="ATS0=0<cr>"
"2"="None"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\Settings]
@DACL=(02 0000)
"Prefix"="AT"
"Terminator"="<cr>"
"DialPrefix"="D"
"DialSuffix"=";"
"SpeakerVolume_Low"="L0"
"SpeakerVolume_Med"="L2"
"SpeakerVolume_High"="L3"
"SpeakerMode_Off"="M0"
"SpeakerMode_Dial"="M1"
"SpeakerMode_On"="M2"
"SpeakerMode_Setup"="M3"
"FlowControl_Off"="\\Q0"
"FlowControl_Hard"="\\Q3"
"FlowControl_Soft"="\\Q1"
"ErrorControl_On"="\\N7"
"ErrorControl_Off"="\\N0"
"ErrorControl_Forced"="\\N6"
"Compression_On"="%C1"
"Compression_Off"="%C0"
"Pulse"="P"
"Tone"="T"
"Blind_Off"="X4"
"Blind_On"="X3"
"CallSetupFailTimer"="S7=<#>"
"InactivityTimeout"="\\T<#>"
"Modulation_CCITT"="*LS1"
"Modulation_Bell"="*LS0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\SpeakerPhoneDisable]
@DACL=(02 0000)
"1"="at+vls=1<cr>"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\SpeakerPhoneEnable]
@DACL=(02 0000)
"1"="at+vls=13<cr>"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\SpeakerPhoneMute]
@DACL=(02 0000)
"1"="at+vls=9<cr>"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\SpeakerPhoneSetVolumeGain]
@DACL=(02 0000)
"1"="at+vgt=<vol><cr>"
"2"="at+vgr=<gain><cr>"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\SpeakerPhoneUnMute]
@DACL=(02 0000)
"1"="at+vls=13<cr>"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\StartPlay]
@DACL=(02 0000)
"1"="at+vtx<cr>"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\StartRecord]
@DACL=(02 0000)
"1"="at+vrx<cr>"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\StopPlay]
@DACL=(02 0000)
"1"="None"
"2"="NoResponse"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\StopRecord]
@DACL=(02 0000)
"1"="None"
"2"="NoResponse"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\VoiceAnswer]
@DACL=(02 0000)
"1"="at+fclass=8<cr>"
"2"="at+vls=1<cr>"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\VoiceDialNumberSetup]
@DACL=(02 0000)
"1"="at+fclass=8<cr>"
"2"="at+vrn=7;+vra=0<cr>"
"3"="at+vtd=10<cr>"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\VoiceToDataAnswer]
@DACL=(02 0000)
"1"="at+fclass=0<cr>"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\WaveDriver]
@DACL=(02 0000)
"BaudRate"=hex:00,c2,01,00
"XformID"=hex:04,00
"WaveDevices"=hex:01,00
"XformModule"="umdmxfrm.dll"
"WaveHardwareID"="RockwellADPCMVoiceModemWave"
"WaveInstance"=dword:00000000
.
Ora fine scansione: 2011-12-26 17:39:24
ComboFix-quarantined-files.txt 2011-12-26 16:39
.
Pre-Run: 106.941.870.080 byte disponibili
Post-Run: 106.975.703.040 byte disponibili
.
- - End Of File - - 1884F7FE2C65B444EA36C7B633582202

P.P.S. il mio pc è un hp dv-6000,il mio so è windows vista home premium 32bit

Salve
Non esagerare coi prog di pulizia, sei novizia.
RegSeeker non è per principianti, raschia a fondo e non viene più aggiornato da molti anni(ultima versione 1.55 del 2005 almeno da me)
laonde sui sistemi recenti può fare dei disastri se non si sa cosa togliere.
Alfonso lo aveva recensito,poi lo ha tolto, troppo rischioso per chi non conosce il sistema.
Fidati per il futuro delle guide che vedi nel post di Alfonso,
grazie Alf ,mi hai preceduto, taglio corto
Saluti
YUUUUUHH è tornato r16
Buona caccia(ma mi sa che è rognoso assai)