respiro perchè non riesco a seguirti, ho cliccato sul link e si è aperta la pagina microsoft e mi sono scaricata il service pack. Ho sbagliato? sul pc windows update non mi dava la voce service pack 2...scusa ma non sono esperta come dicevo prima con vista,m non ci capisco niente, con xp era tutto più semplice. Comunque ho fatto come mi avete consigliato ho fatto la scansione con combofix, ecco il log.
ComboFix 10-01-13.0B - Utente 14/01/2010 13.57.57.1.2 - x86
Microsoft® Windows Vistaâ„¢ Home Premium 6.0.6002.2.1252.39.1040.18.3066.1952 [GMT 1:00]
Eseguito da: c:\users\Utente\Desktop\ComboFix.exe
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Spyware Terminator *disabled* (Updated) {55EE49A8-16BE-4601-BBE6-607B7F7317DE}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\$recycle.bin\S-1-5-21-3982384129-3260629156-1579360498-500
c:\users\Utente\AppData\Roaming\.#
c:\windows\Suyin.reg
.
((((((((((((((((((((((((( Files Creati Da 2009-12-14 al 2010-01-14 )))))))))))))))))))))))))))))))))))
.
2010-01-14 12:24 . 2010-01-14 12:25 -------- d-----w- c:\windows\system32\ca-ES
2010-01-14 12:24 . 2010-01-14 12:25 -------- d-----w- c:\windows\system32\eu-ES
2010-01-14 12:24 . 2010-01-14 12:25 -------- d-----w- c:\windows\system32\vi-VN
2010-01-14 12:20 . 2010-01-14 12:20 -------- d-----w- c:\windows\system32\SPReview
2010-01-14 12:08 . 2009-04-10 22:28 928768 ----a-w- c:\windows\system32\scavenge.dll
2010-01-14 12:08 . 2009-04-10 22:27 57856 ----a-w- c:\windows\system32\compcln.exe
2010-01-14 12:02 . 2009-04-10 22:28 876032 ----a-w- c:\windows\system32\wer.dll
2010-01-14 12:00 . 2010-01-14 12:00 -------- d-----w- c:\windows\system32\EventProviders
2010-01-05 07:48 . 2010-01-05 07:48 -------- d-----w- c:\program files\Doctor Alex Antispyware
2009-12-29 10:01 . 2009-12-29 10:01 -------- d-----w- c:\programdata\WindowsSearch
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-14 12:36 . 2008-01-21 06:30 662846 ----a-w- c:\windows\system32\perfh010.dat
2010-01-14 12:36 . 2008-01-21 06:30 120326 ----a-w- c:\windows\system32\perfc010.dat
2010-01-14 12:25 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2010-01-14 12:25 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-01-14 12:25 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2010-01-14 12:25 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2010-01-14 12:25 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2010-01-14 12:25 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2010-01-14 12:25 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2010-01-14 12:24 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-01-14 12:21 . 2008-12-12 05:24 -------- d-----w- c:\programdata\NVIDIA
2010-01-14 09:12 . 2009-11-16 14:19 66 ----a-w- c:\users\Utente\AppData\Roaming\isfree4_0.tmp
2010-01-08 07:35 . 2009-05-23 20:15 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-08 07:34 . 2009-05-28 08:32 5115824 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-07 15:07 . 2009-05-23 20:15 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2009-05-23 20:15 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-03 18:55 . 2009-12-03 06:57 -------- d-----w- c:\programdata\Spyware Terminator
2010-01-03 18:35 . 2009-12-03 06:58 -------- d-----w- c:\users\Utente\AppData\Roaming\Spyware Terminator
2010-01-02 22:08 . 2008-12-12 04:57 134208 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2009-12-26 15:20 . 2009-06-26 12:29 6580 --sha-w- c:\windows\system32\KGyGaAvL.sys
2009-12-12 15:31 . 2009-12-12 15:31 -------- d-----w- c:\programdata\PhotoMail
2009-12-12 15:31 . 2009-12-12 15:31 -------- d-----w- c:\program files\PhotoMail Maker
2009-12-11 17:51 . 2009-07-22 13:59 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-12-11 12:02 . 2009-06-04 09:30 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-12-11 11:17 . 2009-06-04 09:30 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-12-09 08:52 . 2008-11-20 18:21 -------- d-----w- c:\programdata\Microsoft Help
2009-12-07 15:18 . 2009-12-06 23:37 -------- d-----w- c:\programdata\Lavasoft
2009-12-07 11:09 . 2009-07-21 10:49 -------- d-----w- c:\program files\Spyware Doctor
2009-12-07 11:09 . 2009-07-21 10:24 -------- d-----w- c:\program files\PC Tools Firewall Plus
2009-12-07 11:09 . 2009-05-17 12:42 -------- d-----w- c:\program files\CCleaner
2009-12-07 00:55 . 2009-12-07 00:55 174 ---ha-w- C:\aaw7boot.cmd
2009-12-06 14:34 . 2009-07-10 09:21 1356 ----a-w- c:\users\Utente\AppData\Local\d3d9caps.dat
2009-12-06 14:06 . 2009-06-26 21:43 -------- d-----w- c:\program files\Empty Temp Folders 2.8.3
2009-12-06 14:03 . 2009-12-03 06:57 -------- d-----w- c:\program files\Spyware Terminator
2009-12-03 06:58 . 2009-12-03 06:58 -------- d-----w- c:\program files\Crawler
2009-12-03 06:58 . 2009-12-03 06:58 6144 ----a-w- c:\programdata\Spyware Terminator\sp_rsdel.exe
2009-12-03 06:58 . 2009-12-03 06:58 5632 ----a-w- c:\programdata\Spyware Terminator\fileobjinfo.sys
2009-12-03 06:58 . 2009-12-03 06:58 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2009-12-01 08:53 . 2009-11-22 08:46 -------- d-----w- c:\program files\Microsoft Silverlight
2009-11-27 09:38 . 2009-10-30 22:53 -------- d-----w- c:\program files\SpywareBlaster
2009-11-22 10:05 . 2009-11-22 10:05 -------- d-----w- c:\users\Default\AppData\Roaming\Intel
2009-11-22 10:05 . 2009-11-22 10:05 -------- d-----w- c:\programdata\Roaming
2009-11-22 09:21 . 2009-11-22 09:21 -------- d-----w- c:\program files\Cisco
2009-11-22 09:21 . 2009-11-22 09:21 -------- d-----w- c:\program files\Common Files\Intel
2009-11-22 09:21 . 2009-11-22 09:21 -------- d-----w- c:\programdata\Intel
2009-11-22 09:21 . 2008-11-20 17:35 -------- d-----w- c:\program files\Intel
2009-11-22 08:46 . 2009-11-19 20:26 -------- d-----w- c:\program files\Microsoft
2009-11-05 11:58 . 2009-07-23 15:20 117760 ----a-w- c:\users\Utente\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-11-02 19:42 . 2009-10-03 00:30 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-06-25 22:51 . 2009-06-21 20:55 88 --sh--r- c:\windows\System32\06392D63C4.sys
2009-06-26 22:42 . 2009-06-26 12:29 88 --sh--r- c:\windows\System32\F1DCC01201.sys
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-07-29 16:52 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-07-18 13543968]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-07-18 92704]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-25 1049896]
"00PCTFW"="c:\program files\PC Tools Firewall Plus\FirewallGUI.exe" [2009-02-23 2652056]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"RtHDVCpl"="RtHDVCpl.exe" [2008-09-18 6294048]
"Skytel"="Skytel.exe" [2008-09-18 1833504]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-28 07:38 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup
backupExtension=.CommonStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-09-04 10:08 935288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-10-03 02:08 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeDeluxeAgent]
2008-07-24 14:54 147456 ------w- c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BkupTray]
2008-04-25 20:36 28672 ----a-w- c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
2008-07-24 14:54 167936 ------w- c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
2007-08-28 10:00 531272 ----a-w- c:\program files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eAudio]
2008-09-11 21:46 544768 ----a-w- c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
2008-07-29 16:52 526896 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
2008-08-01 08:51 405504 ----a-w- c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2008-07-20 09:45 182808 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IncrediMail]
2009-05-27 19:24 251264 ----a-w- c:\program files\IncrediMail\bin\IncMail.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2008-06-04 12:03 817672 ----a-w- c:\progra~1\LAUNCH~1\QtZgAcer.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2010-01-07 15:07 1394000 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
2001-07-09 09:50 155648 ----a-w- c:\windows\System32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
2006-03-21 11:19 69632 ----a-w- c:\program files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando]
2009-05-19 13:30 4046152 ----a-w- c:\program files\Pando Networks\Pando\pando.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie]
2008-07-18 15:04 167936 ------w- c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI]
2007-10-23 09:56 200704 ----a-w- c:\windows\PLFSetI.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ProductReg]
2008-09-23 03:53 6144 ----a-w- c:\program files\Acer\WR_PopUp\ProductReg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2008-09-18 11:00 6294048 ----a-w- c:\windows\RtHDVCpl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
2009-12-03 06:58 2166784 ----a-w- c:\program files\Spyware Terminator\SpywareTerminatorShield.Exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate]
2009-12-03 06:58 3055616 ----a-w- c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2003-09-29 22:14 155648 ----a-r- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-06-15 21:01 148888 ----a-w- c:\program files\Java\jre6\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2009-10-27 11:59 2000112 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Trash it Scheduler]
2004-07-14 18:19 151552 ----a-w- c:\program files\Trash it!\Trash It Scheduler.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-21 02:25 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):b0,98,4d,50,15,95,ca,01
R0 PCTCore;PCTools KDS;c:\windows\System32\drivers\PCTCore.sys [21/07/2009 11.25.39 130936]
R1 pctgntdi;pctgntdi;c:\windows\System32\drivers\pctgntdi.sys [21/07/2009 11.25.38 159600]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [28/04/2009 10.33.42 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [28/04/2009 10.33.40 74480]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\System32\drivers\sp_rsdrv2.sys [03/12/2009 7.58.08 142592]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl [12/12/2008 6.17.13 61424]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [03/03/2008 13.11.14 16384]
R2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [12/12/2008 6.18.52 81504]
R2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [20/11/2008 18.51.29 24576]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [25/04/2008 21.36.20 45056]
R2 NTIPPKernel;NTIPPKernel;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [12/12/2008 6.18.53 122368]
R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\System32\drivers\PCTAppEvent.sys [21/07/2009 11.25.39 73840]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [04/06/2009 10.30.28 1153368]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [17/11/2008 7.40.22 3668480]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [21/11/2008 2.31.49 44064]
R3 pctplfw;pctplfw;c:\windows\System32\drivers\pctplfw.sys [21/07/2009 11.24.49 95640]
R3 winbondcir;Winbond IR Transceiver;c:\windows\System32\drivers\winbondcir.sys [28/03/2007 7.51.40 43008]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [25/04/2008 21.36.02 131072]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [28/04/2009 10.33.44 7408]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [21/07/2009 11.49.24 348752]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0410&s=2&o=vp32&d=1208&m=aspire_6930g
IE: Aggiungi all'elenco di stampa Easy-WebPrint - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Anteprima Easy-WebPrint - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Crawler Search - tbr:iemenu
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Stampa ad alta velocità Easy-WebPrint - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
IE: Stampa Easy-WebPrint - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
FF - ProfilePath - c:\users\Utente\AppData\Roaming\Mozilla\Firefox\Profiles\6371xw0r.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2207609&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Softonic Italia FF Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2207609&SearchSource=13
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xcomm.dll
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xshared.dll
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xsupport.dll
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xwsg.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
HKLM-Run-eRecoveryService - (no file)
MSConfigStartUp-AntiFreeze - c:\program files\AntiFreeze\AntiFreeze.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-01-14 14:09
Windows 6.0.6002 Service Pack 2 NTFS
scansione processi nascosti ...
scansione entrate autostart nascoste ...
Scansione files nascosti ...
Scansione completata con successo
Files nascosti: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Ora fine scansione: 2010-01-14 14:14:19
ComboFix-quarantined-files.txt 2010-01-14 13:14
Pre-Run: 198.357.159.936 byte disponibili
Post-Run: 197.715.447.808 byte disponibili
Current=1 Default=1 Failed=0 LastKnownGood=1 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56
- - End Of File - - 71B86909CDF59E643ABBC76FEC8DE627
