La parte antispyware di Skyb ...mi sembra abbastanza complicata.


Rinunciare a Spybot S&D (senza Tea Timer) significa, comunque, rinunciare ad integrare l'immunizzazione offerta da SpywareBlaster per la sicurezza della navigazione WEB.




EDIT Anche in questo caso ...alcuni sintomi di ipocondria informatica..

SpyBot e Superantispyware li uso per fare le scansioni ogni tanto, ma non sempre. Adaware l'ho disinstallato l'avevo installato per i blocchi al pc, per vedere se era qualche virus. Spyware Doctor l'avevo messo sempre per i blocchi ma poi non lo uso perchè si appesantisce il pc, togliendolo ho meno fastidi, anche se internet explorer a volte si blocca e poi si riavvia.Insomma tutti questi programmi perchè ho sempre paura dei virus e dei trojan. Adesso che faccio provo di nuovo con Combofix? Grazie mille :)

Ciao, allora, ho provato ancora ad installare gli aggiornamenti..che ne frattempo erano 13, me ne ha installato solo 1.
qui incollo l'altra scansione con Combofix.

ComboFix 10-01-13.0B - Utente 14/01/2010 18.11.49.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.39.1040.18.3066.1856 [GMT 1:00]
Eseguito da: c:\users\Utente\Desktop\ComboFix.exe
Opzioni usate :: c:\users\Utente\Desktop\CFScript.txt
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Spyware Terminator *disabled* (Updated) {55EE49A8-16BE-4601-BBE6-607B7F7317DE}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Doctor Alex Antispyware
c:\program files\Doctor Alex Antispyware\DoctorAlex.chm
c:\program files\Doctor Alex Antispyware\DoctorAlex.exe
c:\program files\Doctor Alex Antispyware\EULA.rtf
c:\program files\Doctor Alex Antispyware\problems.dat
c:\program files\Doctor Alex Antispyware\uninstall.exe
c:\program files\Spyware Doctor
c:\program files\Spyware Doctor\Alert.exe
c:\program files\Spyware Doctor\Alert.ini
c:\program files\Spyware Doctor\alert.wav
c:\program files\Spyware Doctor\avdb\av10-000.vdb
c:\program files\Spyware Doctor\avdb\BLST.bin
c:\program files\Spyware Doctor\avdb\info.dbsdk
c:\program files\Spyware Doctor\avdb\SFS2.bin
c:\program files\Spyware Doctor\avdb\vdb.xml
c:\program files\Spyware Doctor\avengine\PCTAVEng.dll
c:\program files\Spyware Doctor\avengine\SDAVgate.dll
c:\program files\Spyware Doctor\BH.dll
c:\program files\Spyware Doctor\bpo-sdhelp.chm
c:\program files\Spyware Doctor\cdialogs.dll
c:\program files\Spyware Doctor\ChineseSimp.lng
c:\program files\Spyware Doctor\ChineseTrad.lng
c:\program files\Spyware Doctor\commhlpr.dll
c:\program files\Spyware Doctor\commlib.dll
c:\program files\Spyware Doctor\CommLibLite.dll
c:\program files\Spyware Doctor\commom.dll
c:\program files\Spyware Doctor\csi-sdhelp.chm
c:\program files\Spyware Doctor\csi-sdhelp_pr.chm
c:\program files\Spyware Doctor\ctr-sdhelp.chm
c:\program files\Spyware Doctor\cze-sdhelp.chm
c:\program files\Spyware Doctor\Czech.lng
c:\program files\Spyware Doctor\dan-sdhelp.chm
c:\program files\Spyware Doctor\Danish.lng
c:\program files\Spyware Doctor\deu-sdhelp.chm
c:\program files\Spyware Doctor\Deutsch.lng
c:\program files\Spyware Doctor\drvctl.exe
c:\program files\Spyware Doctor\Dutch.lng
c:\program files\Spyware Doctor\eng-sdhelp.chm
c:\program files\Spyware Doctor\English.lng
c:\program files\Spyware Doctor\EnglishBritish.lng
c:\program files\Spyware Doctor\esp-sdhelp.chm
c:\program files\Spyware Doctor\euk-sdhelp.chm
c:\program files\Spyware Doctor\filehlpr.dll
c:\program files\Spyware Doctor\FileStorage.sdp
c:\program files\Spyware Doctor\fin-sdhelp.chm
c:\program files\Spyware Doctor\Finnish.lng
c:\program files\Spyware Doctor\fre-sdhelp.chm
c:\program files\Spyware Doctor\French.lng
c:\program files\Spyware Doctor\gre-sdhelp.chm
c:\program files\Spyware Doctor\Greek.lng
c:\program files\Spyware Doctor\history\syslog.dad
c:\program files\Spyware Doctor\history\syslog.das
c:\program files\Spyware Doctor\history\userlog.dad
c:\program files\Spyware Doctor\history\userlog.das
c:\program files\Spyware Doctor\homepage.url
c:\program files\Spyware Doctor\html\SiteBlockResp_SD_ChineseSimp.html
c:\program files\Spyware Doctor\html\SiteBlockResp_SD_ChineseTrad.html
c:\program files\Spyware Doctor\html\SiteBlockResp_SD_Czech.html
c:\program files\Spyware Doctor\html\SiteBlockResp_SD_Danish.html
c:\program files\Spyware Doctor\html\SiteBlockResp_SD_Deutsch.html
c:\program files\Spyware Doctor\html\SiteBlockResp_SD_Dutch.html
c:\program files\Spyware Doctor\html\SiteBlockResp_SD_English.html
c:\program files\Spyware Doctor\html\SiteBlockResp_SD_EnglishBritish.html
c:\program files\Spyware Doctor\html\SiteBlockResp_SD_Finnish.html
c:\program files\Spyware Doctor\html\SiteBlockResp_SD_French.html
c:\program files\Spyware Doctor\html\SiteBlockResp_SD_Greek.html
c:\program files\Spyware Doctor\html\SiteBlockResp_SD_Italian.html
c:\program files\Spyware Doctor\html\SiteBlockResp_SD_Japanese.html
c:\program files\Spyware Doctor\html\SiteBlockResp_SD_Korean.html
c:\program files\Spyware Doctor\html\SiteBlockResp_SD_Norwegian.html
c:\program files\Spyware Doctor\html\SiteBlockResp_SD_Polski.html
c:\program files\Spyware Doctor\html\SiteBlockResp_SD_Portuguese.html
c:\program files\Spyware Doctor\html\SiteBlockResp_SD_PortugueseBrazilian.html
c:\program files\Spyware Doctor\html\SiteBlockResp_SD_Russian.html
c:\program files\Spyware Doctor\html\SiteBlockResp_SD_Spanish.html
c:\program files\Spyware Doctor\html\SiteBlockResp_SD_Swedish.html
c:\program files\Spyware Doctor\html\SiteBlockResp_SD_Thai.html
c:\program files\Spyware Doctor\html\SiteBlockResp_SD_Turkish.html
c:\program files\Spyware Doctor\html\SiteBlockResp_SDR_ChineseSimp.html
c:\program files\Spyware Doctor\IDBLib.sdp
c:\program files\Spyware Doctor\Immunizer.sdp
c:\program files\Spyware Doctor\inethlpr.dll
c:\program files\Spyware Doctor\InnoHelpers.dll
c:\program files\Spyware Doctor\ita-sdhelp.chm
c:\program files\Spyware Doctor\Italian.lng
c:\program files\Spyware Doctor\jap-sdhelp.chm
c:\program files\Spyware Doctor\Japanese.lng
c:\program files\Spyware Doctor\KDSInterface.txt
c:\program files\Spyware Doctor\klg.dat
c:\program files\Spyware Doctor\kor-sdhelp.chm
c:\program files\Spyware Doctor\Korean.lng
c:\program files\Spyware Doctor\Languages.xml
c:\program files\Spyware Doctor\Localizer.sdp
c:\program files\Spyware Doctor\LuLng\ChineseSimp.lng
c:\program files\Spyware Doctor\LuLng\ChineseTrad.lng
c:\program files\Spyware Doctor\LuLng\Czech.lng
c:\program files\Spyware Doctor\LuLng\Danish.lng
c:\program files\Spyware Doctor\LuLng\Deutsch.lng
c:\program files\Spyware Doctor\LuLng\Dutch.lng
c:\program files\Spyware Doctor\LuLng\English.lng
c:\program files\Spyware Doctor\LuLng\EnglishBritish.lng
c:\program files\Spyware Doctor\LuLng\Finnish.lng
c:\program files\Spyware Doctor\LuLng\French.lng
c:\program files\Spyware Doctor\LuLng\Greek.lng
c:\program files\Spyware Doctor\LuLng\Italian.lng
c:\program files\Spyware Doctor\LuLng\Japanese.lng
c:\program files\Spyware Doctor\LuLng\Korean.lng
c:\program files\Spyware Doctor\LuLng\Norwegian.lng
c:\program files\Spyware Doctor\LuLng\Polski.lng
c:\program files\Spyware Doctor\LuLng\Portuguese.lng
c:\program files\Spyware Doctor\LuLng\PortugueseBrazilian.lng
c:\program files\Spyware Doctor\LuLng\Russian.lng
c:\program files\Spyware Doctor\LuLng\Spanish.lng
c:\program files\Spyware Doctor\LuLng\Swedish.lng
c:\program files\Spyware Doctor\LuLng\Thai.lng
c:\program files\Spyware Doctor\LuLng\Turkish.lng
c:\program files\Spyware Doctor\ned-sdhelp.chm
c:\program files\Spyware Doctor\NetworkLayer\blacklistlsp.txt
c:\program files\Spyware Doctor\NetworkLayer\blacklistlsp.txt.sig
c:\program files\Spyware Doctor\NetworkLayer\InstSGTool.dll
c:\program files\Spyware Doctor\NetworkLayer\Microsoft.VC80.CRT.manifest
c:\program files\Spyware Doctor\NetworkLayer\msvcm80.dll
c:\program files\Spyware Doctor\NetworkLayer\msvcp80.dll
c:\program files\Spyware Doctor\NetworkLayer\msvcr80.dll
c:\program files\Spyware Doctor\NetworkLayer\PCTCFFix.exe
c:\program files\Spyware Doctor\NetworkLayer\PCTCFHook.dll
c:\program files\Spyware Doctor\NetworkLayer\PCTLsp.dll
c:\program files\Spyware Doctor\NetworkLayer\PCTSecUtility.dll
c:\program files\Spyware Doctor\NetworkLayer\PluginDllSG.dll
c:\program files\Spyware Doctor\NfyMan.sdp
c:\program files\Spyware Doctor\nor-sdhelp.chm
c:\program files\Spyware Doctor\Norwegian.lng
c:\program files\Spyware Doctor\PCTGMhk.dll
c:\program files\Spyware Doctor\PCTMime.dll
c:\program files\Spyware Doctor\PCToolsComponents.bpl
c:\program files\Spyware Doctor\pctsAuxs.exe
c:\program files\Spyware Doctor\PCTSDInj32.sys
c:\program files\Spyware Doctor\pctsGui.exe
c:\program files\Spyware Doctor\pctsSvc.exe
c:\program files\Spyware Doctor\pctsTray.exe
c:\program files\Spyware Doctor\PCTWSC.dll
c:\program files\Spyware Doctor\PDialogs.dll
c:\program files\Spyware Doctor\plugins\Behavior.sdp
c:\program files\Spyware Doctor\plugins\Browsers.SDP
c:\program files\Spyware Doctor\plugins\cookie.sdp
c:\program files\Spyware Doctor\plugins\email.sdp
c:\program files\Spyware Doctor\plugins\grAV.sdp
c:\program files\Spyware Doctor\plugins\grfiles.SDP
c:\program files\Spyware Doctor\plugins\grImmunizer.SDP
c:\program files\Spyware Doctor\plugins\grregistry.SDP
c:\program files\Spyware Doctor\plugins\KLGuard.SDP
c:\program files\Spyware Doctor\plugins\Network.SDP
c:\program files\Spyware Doctor\plugins\Process.SDP
c:\program files\Spyware Doctor\plugins\ScriptEngine.SDP
c:\program files\Spyware Doctor\plugins\SDNET.SDP
c:\program files\Spyware Doctor\plugins\Site.sdp
c:\program files\Spyware Doctor\plugins\StartUp.SDP
c:\program files\Spyware Doctor\pol-sdhelp.chm
c:\program files\Spyware Doctor\Polski.lng
c:\program files\Spyware Doctor\por-sdhelp.chm
c:\program files\Spyware Doctor\Portuguese.lng
c:\program files\Spyware Doctor\PortugueseBrazilian.lng
c:\program files\Spyware Doctor\PWindow.dll
c:\program files\Spyware Doctor\quarantine.sdp
c:\program files\Spyware Doctor\RebootManager.sdp
c:\program files\Spyware Doctor\RefDB.bin6
c:\program files\Spyware Doctor\RefDB.old
c:\program files\Spyware Doctor\RegHelper.dll
c:\program files\Spyware Doctor\rtl100.bpl
c:\program files\Spyware Doctor\rus-sdhelp.chm
c:\program files\Spyware Doctor\Russian.lng
c:\program files\Spyware Doctor\scaneng.sdp
c:\program files\Spyware Doctor\SDContextExt.dll
c:\program files\Spyware Doctor\sdcore.dll
c:\program files\Spyware Doctor\sdextra.sdp
c:\program files\Spyware Doctor\SDInfo.sdp
c:\program files\Spyware Doctor\sdinvoker.exe
c:\program files\Spyware Doctor\sdloader.exe
c:\program files\Spyware Doctor\sdnet\MANIFEST.1
c:\program files\Spyware Doctor\SDNetPlugin.dll
c:\program files\Spyware Doctor\SDNetPlugin.ini
c:\program files\Spyware Doctor\SDNetPlugin.txt
c:\program files\Spyware Doctor\sdSTasks.def
c:\program files\Spyware Doctor\sdwvhlp.dll
c:\program files\Spyware Doctor\Settings.cfg
c:\program files\Spyware Doctor\Settings.sdp
c:\program files\Spyware Doctor\SH.dll
c:\program files\Spyware Doctor\smum32.dll
c:\program files\Spyware Doctor\SOFactory.sdp
c:\program files\Spyware Doctor\Spanish.lng
c:\program files\Spyware Doctor\Sqlite3DB.dll
c:\program files\Spyware Doctor\stasks.sdp
c:\program files\Spyware Doctor\SUErrorLog.txt
c:\program files\Spyware Doctor\swe-sdhelp.chm
c:\program files\Spyware Doctor\Swedish.lng
c:\program files\Spyware Doctor\SysAccess.dll
c:\program files\Spyware Doctor\SystemMonitor.sdp
c:\program files\Spyware Doctor\TFEngine\MsvcRedist.msi
c:\program files\Spyware Doctor\TFEngine\TFAPI.dll
c:\program files\Spyware Doctor\TFEngine\TFCfg.dll
c:\program files\Spyware Doctor\TFEngine\TFDBM.dll
c:\program files\Spyware Doctor\TFEngine\TFE.dll
c:\program files\Spyware Doctor\TFEngine\TFExt.dll
c:\program files\Spyware Doctor\TFEngine\TFExtCli.dll
c:\program files\Spyware Doctor\TFEngine\TfFsMon.sys
c:\program files\Spyware Doctor\TFEngine\TfKbMon.sys
c:\program files\Spyware Doctor\TFEngine\TFLog.dll
c:\program files\Spyware Doctor\TFEngine\TFMisc.dll
c:\program files\Spyware Doctor\TFEngine\TFMon.dll
c:\program files\Spyware Doctor\TFEngine\TfNetMon.sys
c:\program files\Spyware Doctor\TFEngine\TFNI.dll
c:\program files\Spyware Doctor\TFEngine\TFO.dll
c:\program files\Spyware Doctor\TFEngine\TFQT.dll
c:\program files\Spyware Doctor\TFEngine\TFRK.dll
c:\program files\Spyware Doctor\TFEngine\TFScan.dll
c:\program files\Spyware Doctor\TFEngine\TFServer.dll
c:\program files\Spyware Doctor\TFEngine\TFService.exe
c:\program files\Spyware Doctor\TFEngine\TFSF.dll
c:\program files\Spyware Doctor\TFEngine\TfSysMon.sys
c:\program files\Spyware Doctor\TFEngine\TFTM.dll
c:\program files\Spyware Doctor\TFEngine\TFUndo.dll
c:\program files\Spyware Doctor\TFEngine\TFWAH.dll
c:\program files\Spyware Doctor\TFEngine\TFWS.dll
c:\program files\Spyware Doctor\tha-sdhelp.chm
c:\program files\Spyware Doctor\Thai.lng
c:\program files\Spyware Doctor\TransactionResults\Transaction10.xml
c:\program files\Spyware Doctor\TransactionResults\Transaction11.xml
c:\program files\Spyware Doctor\TransactionResults\Transaction12.xml
c:\program files\Spyware Doctor\TransactionResults\Transaction13.xml
c:\program files\Spyware Doctor\TransactionResults\Transaction8.xml
c:\program files\Spyware Doctor\TransactionResults\Transaction9.xml
c:\program files\Spyware Doctor\tur-sdhelp.chm
c:\program files\Spyware Doctor\Turkish.lng
c:\program files\Spyware Doctor\ugLng\ChineseSimp.lng
c:\program files\Spyware Doctor\ugLng\ChineseTrad.lng
c:\program files\Spyware Doctor\ugLng\Czech.lng
c:\program files\Spyware Doctor\ugLng\Danish.lng
c:\program files\Spyware Doctor\ugLng\Deutsch.lng
c:\program files\Spyware Doctor\ugLng\Dutch.lng
c:\program files\Spyware Doctor\ugLng\English.lng
c:\program files\Spyware Doctor\ugLng\EnglishBritish.lng
c:\program files\Spyware Doctor\ugLng\Finnish.lng
c:\program files\Spyware Doctor\ugLng\French.lng
c:\program files\Spyware Doctor\ugLng\Greek.lng
c:\program files\Spyware Doctor\ugLng\Italian.lng
c:\program files\Spyware Doctor\ugLng\Japanese.lng
c:\program files\Spyware Doctor\ugLng\Korean.lng
c:\program files\Spyware Doctor\ugLng\Norwegian.lng
c:\program files\Spyware Doctor\ugLng\Polski.lng
c:\program files\Spyware Doctor\ugLng\Portuguese.lng
c:\program files\Spyware Doctor\ugLng\PortugueseBrazilian.lng
c:\program files\Spyware Doctor\ugLng\Russian.lng
c:\program files\Spyware Doctor\ugLng\Spanish.lng
c:\program files\Spyware Doctor\ugLng\Swedish.lng
c:\program files\Spyware Doctor\ugLng\Thai.lng
c:\program files\Spyware Doctor\ugLng\Turkish.lng
c:\program files\Spyware Doctor\ugLng\Ukrainian.lng
c:\program files\Spyware Doctor\UmInject32.exe
c:\program files\Spyware Doctor\unins000.dat
c:\program files\Spyware Doctor\unins000.exe
c:\program files\Spyware Doctor\unins000.msg
c:\program files\Spyware Doctor\Update.exe
c:\program files\Spyware Doctor\UpdateHlpr.dll
c:\program files\Spyware Doctor\Upgrade.exe
c:\program files\Spyware Doctor\upgrade.ini
c:\program files\Spyware Doctor\vcl100.bpl
c:\program files\Spyware Doctor\whitelist.sdp
c:\program files\Spyware Doctor\wlDefines.cfg
c:\programdata\Lavasoft
c:\programdata\Lavasoft\License\adaware.da2

.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_sdAuxService


((((((((((((((((((((((((( Files Creati Da 2009-12-14 al 2010-01-14 )))))))))))))))))))))))))))))))))))
.

2010-01-14 17:24 . 2010-01-14 17:28 -------- d-----w- c:\users\Utente\AppData\Local\temp
2010-01-14 17:24 . 2010-01-14 17:24 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-01-14 12:24 . 2010-01-14 12:25 -------- d-----w- c:\windows\system32\ca-ES
2010-01-14 12:24 . 2010-01-14 12:25 -------- d-----w- c:\windows\system32\eu-ES
2010-01-14 12:24 . 2010-01-14 12:25 -------- d-----w- c:\windows\system32\vi-VN
2010-01-14 12:20 . 2010-01-14 12:20 -------- d-----w- c:\windows\system32\SPReview
2010-01-14 12:08 . 2009-04-10 22:28 928768 ----a-w- c:\windows\system32\scavenge.dll
2010-01-14 12:08 . 2009-04-10 22:27 57856 ----a-w- c:\windows\system32\compcln.exe
2010-01-14 12:02 . 2009-04-10 22:28 876032 ----a-w- c:\windows\system32\wer.dll
2010-01-14 12:00 . 2010-01-14 12:00 -------- d-----w- c:\windows\system32\EventProviders
2009-12-29 10:01 . 2009-12-29 10:01 -------- d-----w- c:\programdata\WindowsSearch

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-14 13:26 . 2008-01-21 06:30 662846 ----a-w- c:\windows\system32\perfh010.dat
2010-01-14 13:26 . 2008-01-21 06:30 120326 ----a-w- c:\windows\system32\perfc010.dat
2010-01-14 12:25 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2010-01-14 12:25 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-01-14 12:25 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2010-01-14 12:25 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2010-01-14 12:25 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2010-01-14 12:25 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2010-01-14 12:25 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2010-01-14 12:24 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-01-14 12:21 . 2008-12-12 05:24 -------- d-----w- c:\programdata\NVIDIA
2010-01-14 09:12 . 2009-11-16 14:19 66 ----a-w- c:\users\Utente\AppData\Roaming\isfree4_0.tmp
2010-01-08 07:35 . 2009-05-23 20:15 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-08 07:34 . 2009-05-28 08:32 5115824 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-07 15:07 . 2009-05-23 20:15 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2009-05-23 20:15 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-03 18:55 . 2009-12-03 06:57 -------- d-----w- c:\programdata\Spyware Terminator
2010-01-03 18:35 . 2009-12-03 06:58 -------- d-----w- c:\users\Utente\AppData\Roaming\Spyware Terminator
2010-01-02 22:08 . 2008-12-12 04:57 134208 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2009-12-26 15:20 . 2009-06-26 12:29 6580 --sha-w- c:\windows\system32\KGyGaAvL.sys
2009-12-12 15:31 . 2009-12-12 15:31 -------- d-----w- c:\programdata\PhotoMail
2009-12-12 15:31 . 2009-12-12 15:31 -------- d-----w- c:\program files\PhotoMail Maker
2009-12-11 17:51 . 2009-07-22 13:59 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-12-11 12:02 . 2009-06-04 09:30 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-12-11 11:17 . 2009-06-04 09:30 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-12-09 08:52 . 2008-11-20 18:21 -------- d-----w- c:\programdata\Microsoft Help
2009-12-07 11:09 . 2009-07-21 10:24 -------- d-----w- c:\program files\PC Tools Firewall Plus
2009-12-07 11:09 . 2009-05-17 12:42 -------- d-----w- c:\program files\CCleaner
2009-12-07 00:55 . 2009-12-07 00:55 174 ---ha-w- C:\aaw7boot.cmd
2009-12-06 14:34 . 2009-07-10 09:21 1356 ----a-w- c:\users\Utente\AppData\Local\d3d9caps.dat
2009-12-06 14:06 . 2009-06-26 21:43 -------- d-----w- c:\program files\Empty Temp Folders 2.8.3
2009-12-06 14:03 . 2009-12-03 06:57 -------- d-----w- c:\program files\Spyware Terminator
2009-12-03 06:58 . 2009-12-03 06:58 -------- d-----w- c:\program files\Crawler
2009-12-03 06:58 . 2009-12-03 06:58 6144 ----a-w- c:\programdata\Spyware Terminator\sp_rsdel.exe
2009-12-03 06:58 . 2009-12-03 06:58 5632 ----a-w- c:\programdata\Spyware Terminator\fileobjinfo.sys
2009-12-03 06:58 . 2009-12-03 06:58 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2009-12-01 08:53 . 2009-11-22 08:46 -------- d-----w- c:\program files\Microsoft Silverlight
2009-11-27 09:38 . 2009-10-30 22:53 -------- d-----w- c:\program files\SpywareBlaster
2009-11-22 10:05 . 2009-11-22 10:05 -------- d-----w- c:\users\Default\AppData\Roaming\Intel
2009-11-22 10:05 . 2009-11-22 10:05 -------- d-----w- c:\programdata\Roaming
2009-11-22 09:21 . 2009-11-22 09:21 -------- d-----w- c:\program files\Cisco
2009-11-22 09:21 . 2009-11-22 09:21 -------- d-----w- c:\program files\Common Files\Intel
2009-11-22 09:21 . 2009-11-22 09:21 -------- d-----w- c:\programdata\Intel
2009-11-22 09:21 . 2008-11-20 17:35 -------- d-----w- c:\program files\Intel
2009-11-22 08:46 . 2009-11-19 20:26 -------- d-----w- c:\program files\Microsoft
2009-11-05 11:58 . 2009-07-23 15:20 117760 ----a-w- c:\users\Utente\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-11-02 19:42 . 2009-10-03 00:30 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-06-25 22:51 . 2009-06-21 20:55 88 --sh--r- c:\windows\System32\06392D63C4.sys
2009-06-26 22:42 . 2009-06-26 12:29 88 --sh--r- c:\windows\System32\F1DCC01201.sys
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-07-29 16:52 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-07-18 13543968]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-07-18 92704]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-25 1049896]
"00PCTFW"="c:\program files\PC Tools Firewall Plus\FirewallGUI.exe" [2009-02-23 2652056]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"RtHDVCpl"="RtHDVCpl.exe" [2008-09-18 6294048]
"Skytel"="Skytel.exe" [2008-09-18 1833504]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-28 07:38 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-09-04 10:08 935288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-10-03 02:08 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeDeluxeAgent]
2008-07-24 14:54 147456 ------w- c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BkupTray]
2008-04-25 20:36 28672 ----a-w- c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
2008-07-24 14:54 167936 ------w- c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
2007-08-28 10:00 531272 ----a-w- c:\program files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eAudio]
2008-09-11 21:46 544768 ----a-w- c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
2008-07-29 16:52 526896 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
2008-08-01 08:51 405504 ----a-w- c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2008-07-20 09:45 182808 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IncrediMail]
2009-05-27 19:24 251264 ----a-w- c:\program files\IncrediMail\bin\IncMail.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2008-06-04 12:03 817672 ----a-w- c:\progra~1\LAUNCH~1\QtZgAcer.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2010-01-07 15:07 1394000 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
2001-07-09 09:50 155648 ----a-w- c:\windows\System32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
2006-03-21 11:19 69632 ----a-w- c:\program files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando]
2009-05-19 13:30 4046152 ----a-w- c:\program files\Pando Networks\Pando\pando.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie]
2008-07-18 15:04 167936 ------w- c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI]
2007-10-23 09:56 200704 ----a-w- c:\windows\PLFSetI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ProductReg]
2008-09-23 03:53 6144 ----a-w- c:\program files\Acer\WR_PopUp\ProductReg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2008-09-18 11:00 6294048 ----a-w- c:\windows\RtHDVCpl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
2009-12-03 06:58 2166784 ----a-w- c:\program files\Spyware Terminator\SpywareTerminatorShield.Exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate]
2009-12-03 06:58 3055616 ----a-w- c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2003-09-29 22:14 155648 ----a-r- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-06-15 21:01 148888 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2009-10-27 11:59 2000112 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Trash it Scheduler]
2004-07-14 18:19 151552 ----a-w- c:\program files\Trash it!\Trash It Scheduler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-21 02:25 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):b0,98,4d,50,15,95,ca,01

R0 PCTCore;PCTools KDS;c:\windows\System32\drivers\PCTCore.sys [21/07/2009 11.25.39 130936]
R1 pctgntdi;pctgntdi;c:\windows\System32\drivers\pctgntdi.sys [21/07/2009 11.25.38 159600]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [28/04/2009 10.33.42 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [28/04/2009 10.33.40 74480]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\System32\drivers\sp_rsdrv2.sys [03/12/2009 7.58.08 142592]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl [12/12/2008 6.17.13 61424]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [03/03/2008 13.11.14 16384]
R2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [12/12/2008 6.18.52 81504]
R2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [20/11/2008 18.51.29 24576]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [25/04/2008 21.36.20 45056]
R2 NTIPPKernel;NTIPPKernel;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [12/12/2008 6.18.53 122368]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [25/04/2008 21.36.02 131072]
R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\System32\drivers\PCTAppEvent.sys [21/07/2009 11.25.39 73840]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [04/06/2009 10.30.28 1153368]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [17/11/2008 7.40.22 3668480]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [21/11/2008 2.31.49 44064]
R3 pctplfw;pctplfw;c:\windows\System32\drivers\pctplfw.sys [21/07/2009 11.24.49 95640]
R3 winbondcir;Winbond IR Transceiver;c:\windows\System32\drivers\winbondcir.sys [28/03/2007 7.51.40 43008]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [28/04/2009 10.33.44 7408]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0410&s=2&o=vp32&d=1208&m=aspire_6930g
IE: Aggiungi all'elenco di stampa Easy-WebPrint - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Anteprima Easy-WebPrint - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Crawler Search - tbr:iemenu
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Stampa ad alta velocità Easy-WebPrint - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
IE: Stampa Easy-WebPrint - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
FF - ProfilePath - c:\users\Utente\AppData\Roaming\Mozilla\Firefox\Profiles\6371xw0r.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2207609&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Softonic Italia FF Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2207609&SearchSource=13
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xcomm.dll
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xshared.dll
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xsupport.dll
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xwsg.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

AddRemove-Doctor Alex Antispyware - c:\program files\Doctor Alex Antispyware\uninstall.exe
AddRemove-Spyware Doctor - c:\program files\Spyware Doctor\unins000.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-14 18:28
Windows 6.0.6002 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'Explorer.exe'(880)
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\WLANExt.exe
c:\program files\Avira\AntiVir Desktop\sched.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\acer\Mobility Center\MobilityService.exe
c:\program files\PC Tools Firewall Plus\FWService.exe
c:\windows\system32\PSIService.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\windows\system32\conime.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
.
**************************************************************************
.
Ora fine scansione: 2010-01-14 18:35:31 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2010-01-14 17:35
ComboFix2.txt 2010-01-14 13:14

Pre-Run: 196.487.348.224 byte disponibili
Post-Run: 195.904.929.792 byte disponibili

Current=1 Default=1 Failed=0 LastKnownGood=58 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58
- - End Of File - - BF30BAF854EA457BD9D07C7C0B53E00E

Rootkit scan 2010-01-14 18:28
Windows 6.0.6002 Service Pack 2 NTFS


Forse quello del SP2

Non ti dico nulla, non sono un Esperto neanch'io.


Confondi il download con l'installazione!


1 - il "file" lo deve scaricare dal sito Microsoft

2 - quel "file" deve essere installato, integrarsi a tutto il restante Sistema Operativo ed, in generale, agli altri programmi.



1 - NON riesci a fare il download con Windows Update

2 - NON ti riesce l'installazione di quel, non so come, hai scaricato

panchoz io spero che questi aggiornamenti mi tornino a funzionare, il fatto che non si riescano ad installare resta, io credo che se il numero aumenta, ciò vuol dire che li scarica ma non li installa, ho solo salvato il SP2 perchè nella schermata di windows update non sapevo dove cercarlo. (te l'ho detto che sono imbranata :))Per quanto riguarda i blocchi, r16, per ora non ci sono stati, ma a volte fa così per un po' e poi si blocca di nuovo, eventualmente disinstallerò anche Superantispyware. Grazie comunque di tutto :)) Ciao

ho solo salvato il SP2 perchè nella schermata di windows update non sapevo dove cercarlo

Non li DEVI cercare, arrivano in automatico, o perlomeno vieni AVVISATA che ci sono gli aggiornamenti.

Perchè l'Update ha delle Opzioni, al limite vai in Windows Update e clikki su "Controlla Aggiornamenti"

Non è cosa da poco, inoltre, che NON riesci ad installarli..e non fare la menefreghista ..non avrai il Sistema Operativo aggiornato compromettendola Sicurezza e la Stabilità del funzionamento.
E non avrai aggiornati neanche Office, Outlook, ecc
Devi risolverlo il problema ora, oppure "formatti". Non sai come formattare Vista...vai un centro assistenza...


SE, e ripeto SE, R16 ti ha detto di toglierti dalle OO Superantispyware ...fallo!!

Grazie r16 del programma adesso lo scarico, e anche a te panchoz per il link su vista. Per ora non ho avuto blocchi al pc, ma gli aggiornamenti ancora niente. Speriamo bene! al limite formatterò. Ciao :)