Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Mi controllate il log di Hijack

Mi controllate il log di Hijack Opzioni
Topic Precedente · Topic Sucessivo
markvs
Inviato: Saturday, February 20, 2010 1:20:41 PM
Rank: AiutAmico

Iscritto dal : 2/20/2010
Posts: 86
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13.18.40, on 20/02/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmi\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\Windows Live\Messenger\msnmsgr.exe
C:\Programmi\Windows Live\Contacts\wlcomm.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Malwarebytes' Anti-Malware\mbam.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Outlook Express\msimn.exe
C:\DOCUME~1\LEONARDO\IMPOST~1\Temp\Directory temporanea 1 per HiJackThis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ui.skype.com/ui/0/4.0.0.206/it/abandoninstall?source=lightinstaller&page=tsMain
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O1 - Hosts: www.truemoney.game www.truemoney.game
O1 - Hosts: 81.94.208.20 www.bet365.com
O1 - Hosts: 66.212.235.13 www.europoker.com
O1 - Hosts: 213.52.230.223 it.pacificpoker.com
O1 - Hosts: 213.52.244.15 it.888.com
O1 - Hosts: 62.7.228.141 www.eurobet.org
O1 - Hosts: 88.81.154.57 www.partybets.com
O1 - Hosts: 195.72.133.1 payments.bwin.com
O1 - Hosts: 213.52.243.41 www.bet1128.com
O1 - Hosts: 217.15.106.34 www.casinonazionale.com
O1 - Hosts: 217.212.244.132 www4.king.com
O1 - Hosts: 217.212.244.94 king.com
O1 - Hosts: 217.212.244.94 www.king.com
O1 - Hosts: 77.87.179.127 www.pokerstars.com
O1 - Hosts: 77.87.179.127 pokerstars.com
O1 - Hosts: 213.212.82.181 www.globetscore.com
O1 - Hosts: 212.62.21.228 poker.betfair.com
O1 - Hosts: 205.205.29.66 everestpoker.com
O1 - Hosts: 195.72.133.1 payments.bwin.com
O1 - Hosts: 193.33.228.182 www.betway.com
O1 - Hosts: 84.20.193.56 www5.betfair.com
O1 - Hosts: 213.212.72.122 enigma.globet.co.uk
O1 - Hosts: 88.81.154.73 WWW.GAMEBOOKERS.CO.UK
O1 - Hosts: 213.212.82.184 www.globet.tv
O1 - Hosts: 195.72.134.100 www.bwin.com
O1 - Hosts: 212.12.47.72 www.pg24.it
O1 - Hosts: 83.138.175.137 www.betshop.com
O1 - Hosts: 195.226.152.63 www.sportingbet.com
O1 - Hosts: 195.226.152.49 it.sportingbet.com
O1 - Hosts: 217.168.168.223 www.expekt.com
O1 - Hosts: 195.72.135.33 www.betandwin.com
O1 - Hosts: 216.152.164.80 www.pinnaclesports.com
O1 - Hosts: 66.246.195.42 www.swapbets.com
O1 - Hosts: 89.187.70.53 www.jokerbets.com
O1 - Hosts: 217.20.33.19 www.casinopokerlasvegas.com
O1 - Hosts: 62.7.228.141 www.eurobet.com
O1 - Hosts: 213.212.82.185 www.globet.com
O1 - Hosts: 61.31.228.197 www.007bets.com
O1 - Hosts: 207.210.235.29 www.007sportsbetting.com
O1 - Hosts: 207.210.235.29 www.07sports.com
O1 - Hosts: 65.36.221.8 www.1001casino.com
O1 - Hosts: 66.199.173.138 www.100kcasino.com
O1 - Hosts: www.101-casino.com www.101-casino.com
O1 - Hosts: 89.234.62.2 www.10bet.com
O1 - Hosts: www.10handpokercasino.com www.10handpokercasino.com
O1 - Hosts: 69.57.144.67 www.1luckygambler.com
O1 - Hosts: 64.202.189.170 www.1on1footballsportsbetting.com
O1 - Hosts: 216.188.26.235 www.1sportbook.com
O1 - Hosts: www.1st-free-casino-online.com www.1st-free-casino-online.com
O1 - Hosts: 64.70.249.150 www.1stlines.com
O1 - Hosts: 209.130.152.244 www.1stonlineinternetcasino.com
O1 - Hosts: 208.109.110.40 www.24caratcasino.com
O1 - Hosts: 87.237.68.203 www.24dogs.com
O1 - Hosts: 217.168.174.80 www.24hbet.com
O1 - Hosts: 217.168.174.32 www.24hpoker.com
O1 - Hosts: 190.7.195.3 www.2betdsi.com
O1 - Hosts: 64.40.109.33 www.4platinumsportsbook.com
O1 - Hosts: 83.138.185.248 www.4sportsbetting.com
O1 - Hosts: 200.122.156.227 www.4sportspicks.com
O1 - Hosts: 66.11.151.208 www.52bet.com
O1 - Hosts: 216.194.167.160 www.5dimes.com
O1 - Hosts: 8.15.231.115 www.7-11-casino.com
O1 - Hosts: www.7onlinecasino.com www.7onlinecasino.com
O1 - Hosts: 190.7.195.4 www.7palms.com
O1 - Hosts: 213.52.244.34 www.888casino.com
O1 - Hosts: 205.178.145.65 www.888casinoonnet.com
O1 - Hosts: 67.18.145.89 www.888-free-casino-games.com
O1 - Hosts: 64.151.123.213 www.888-online-casino.com
O1 - Hosts: 209.62.72.173 www.88sportsbetting.com
O1 - Hosts: 216.194.167.25 www.abcislands.com
O1 - Hosts: 64.21.102.230 www.acescasino.net
O1 - Hosts: 204.188.172.109 www.acropoliscasinos.com
O1 - Hosts: 80.120.174.220 www.admiralbet.com
O1 - Hosts: 205.236.235.23 www.advantagesportsbetting.com
O1 - Hosts: 217.15.106.34 www.aldocoppolacasino.com
O1 - Hosts: 207.210.235.29 www.allbetsrus.com
O1 - Hosts: 69.90.199.66 www.allprosportsbook.com
O1 - Hosts: 64.15.67.230 www.allsportscasino.com
O1 - Hosts: 64.69.65.202 www.AllSportsMarket.com
O1 - Hosts: 205.178.189.131 www.allstarsportsbook.com
O1 - Hosts: 74.55.4.114 www.allytab.com
O1 - Hosts: 68.178.232.100 www.americancasinoonline.com
O1 - Hosts: 64.37.97.67 www.americas-onlinecasino.com
O1 - Hosts: www.anguilla-casino.com www.anguilla-casino.com
O1 - Hosts: 8.15.231.108 www.anytimewager.com
O1 - Hosts: 66.235.222.14 www.apexsportsbook.com
O1 - Hosts: 212.56.159.148 www.astrabet.com
O1 - Hosts: 204.174.223.205 www.athomesportsbook.com
O1 - Hosts: 193.16.108.100 www.attheraces.co.uk
O1 - Hosts: 195.173.72.122 www.attheraces.com
O1 - Hosts: 64.15.67.230 www.aztecgaming.com
O1 - Hosts: 66.199.173.138 www.baccaratcasino.com
O1 - Hosts: 217.160.95.49 www.backandlay.com
O1 - Hosts: 208.73.212.12 www.bcbets.com
O1 - Hosts: 64.40.118.91 www.belmontcasino.com
O1 - Hosts: 66.11.152.30 www.bestecasino.com
O1 - Hosts: 201.224.248.54 www.bestlinesports.com
O1 - Hosts: 65.36.221.8 www.best-online-casinos.1001casino.com
O1 - Hosts: 217.168.164.75 www.bestpoker.com
O1 - Hosts: 87.248.209.102 www.bet19.com
O1 - Hosts: 217.168.162.99 www.bet24.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: BrowserHelper Class - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - C:\Programmi\SGPSA\SearchAssistant.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [nwiz] C:\Programmi\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [egui] "C:\Programmi\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programmi\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-1659004503-1965331169-839522115-1003\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: PartyPoker.it - {4B21E152-BA59-4ebf-B522-8C55B265EE1A} - C:\Programmi\PartyItalia\PartyPokerIt\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.it - {4B21E152-BA59-4ebf-B522-8C55B265EE1A} - C:\Programmi\PartyItalia\PartyPokerIt\RunApp.exe (file missing)
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Intralot Poker - {D87CB314-19C3-4f62-9237-8072CE2B9D9C} - C:\Programmi\Intralot\IntralotPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: Intralot Poker - {D87CB314-19C3-4f62-9237-8072CE2B9D9C} - C:\Programmi\Intralot\IntralotPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1248806218375
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4EBBD591-8FD0-429F-A8F6-180DD975246C}: NameServer = 208.67.222.222,208.67.220.220
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Programmi\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Programmi\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 11805 bytes



GRAZIE ANTICIPATAMENTE!!!
Torna in alto
 
Sponsor
Inviato: Saturday, February 20, 2010 1:20:41 PM

 
Torna in alto
 
paolopa
Inviato: Saturday, February 20, 2010 1:28:43 PM

Rank: AiutAmico

Iscritto dal : 10/14/2008
Posts: 2,777
temo che il tuo file host sia seriamente inquinato,la procedura per ripristinare quello di default è questa:
scarica questo http://www.runscanner.net/ , il tool e' stand alone, avvialo e lascialo su expert mode, clicca extra stuff, scegli host file editor e premi reset to default.magari per questa operazione aspetta il benestare di qualche esperto,magari preferiscono agire tramite hijack.
fai una scansione con malwarebytes antimalware(credo che tu ce l abbia gia installato)AGGIORNALO e fai una scansione COMPLETA.dovrai anche aggiornare all sp3,è importante per la sicurezza.
Torna in alto
 
r16
Inviato: Saturday, February 20, 2010 3:01:09 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Ciao markvs .
Esegui pure, le indicazioni di Paolopa.
Poi una domanda: il Nod32, lo hai acquistato?
Altra cosa: hai scaricato HJT in una cartella temporanea.
Disistallalo, e lo reistalli in "Programmi" oppure in "Documenti".
Torna in alto
 
markvs
Inviato: Saturday, February 20, 2010 3:07:45 PM
Rank: AiutAmico

Iscritto dal : 2/20/2010
Posts: 86
il nod32 è una versione di prova limitata...
ho rifatto di nuovo la scansione dopo aver ripristinato il file hosts
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15.06.26, on 20/02/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmi\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Outlook Express\msimn.exe
C:\Programmi\Windows Live\Messenger\msnmsgr.exe
C:\Programmi\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\LEONARDO\Documenti\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ui.skype.com/ui/0/4.0.0.206/it/abandoninstall?source=lightinstaller&page=tsMain
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: BrowserHelper Class - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - C:\Programmi\SGPSA\SearchAssistant.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [nwiz] C:\Programmi\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [egui] "C:\Programmi\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-1659004503-1965331169-839522115-1003\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: PartyPoker.it - {4B21E152-BA59-4ebf-B522-8C55B265EE1A} - C:\Programmi\PartyItalia\PartyPokerIt\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.it - {4B21E152-BA59-4ebf-B522-8C55B265EE1A} - C:\Programmi\PartyItalia\PartyPokerIt\RunApp.exe (file missing)
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Intralot Poker - {D87CB314-19C3-4f62-9237-8072CE2B9D9C} - C:\Programmi\Intralot\IntralotPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: Intralot Poker - {D87CB314-19C3-4f62-9237-8072CE2B9D9C} - C:\Programmi\Intralot\IntralotPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1248806218375
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4EBBD591-8FD0-429F-A8F6-180DD975246C}: NameServer = 208.67.222.222,208.67.220.220
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Programmi\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Programmi\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 6691 bytes
Torna in alto
 
r16
Inviato: Saturday, February 20, 2010 3:17:25 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Avvia hijackthis, metti la spunta alle voci che andrò ad elencarti e con tutte le applicazioni chiuse e disconnesso da Internet,premi su fix checked
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: BrowserHelper Class - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - C:\Programmi\SGPSA\SearchAssistant.dll (file missing)
O9 - Extra button: PartyPoker.it - {4B21E152-BA59-4ebf-B522-8C55B265EE1A} - C:\Programmi\PartyItalia\PartyPokerIt\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.it - {4B21E152-BA59-4ebf-B522-8C55B265EE1A} - C:\Programmi\PartyItalia\PartyPokerIt\RunApp.exe (file missing)
O9 - Extra button: Intralot Poker - {D87CB314-19C3-4f62-9237-8072CE2B9D9C} - C:\Programmi\Intralot\IntralotPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: Intralot Poker - {D87CB314-19C3-4f62-9237-8072CE2B9D9C} - C:\Programmi\Intralot\IntralotPoker\RunApp.exe (file missing)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55. cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab

Dai una pulita (registro compreso)con CCleaner: http://www.aiutamici.com/software?ID=11223
Nella schermata iniziale di CCleaner, clicca su Opzioni e poi Avanzate, togli il segno di spunta a: Cancella i file in Windows Temp solo se più vecchi di 48 ore. (poi esegui le pulizie)

Riavvia il pc.

Scarica Combofix

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Salvalo sul desktop.

Importante: Disabilita il tuo antivirus e chiudi TUTTI i programmi aperti,(Firewall compreso) e dopo aver scaricato COMBOFIX, chiudi la connessione.

Doppio click su combofix.exe (comparirà una videata.)

E' probabile che ti siano inviati messaggi dall'antivirus,(o dallo stesso Combofix) tu ignorali.

Se ti verrà chiesto se vuoi Installare LA CONSOLE DI RIPRISTINO DI EMERGENZA, clicca NO.

Durante l'operazione di scansione è importante non usare il PC (neanche il mouse) e attendere pazientemente la fine delle operazioni.
Al termine, verrà creato un file log sul Desktop, chiamato C:\ComboFix.txt. Postalo qui.

N.B:
Sconsiglio di provare antivirus "Trial" (per prova )
Ce ne sono di ottimi, e gratis in rete.
Torna in alto
 
paolopa
Inviato: Saturday, February 20, 2010 3:21:46 PM

Rank: AiutAmico

Iscritto dal : 10/14/2008
Posts: 2,777
scusate,ma se no mi dimentico:ricordati di usare l immunizzazione di spybot visto che ce l hai installato.lo aggiorni una volta alla settimana e poi clicchi su "immunizza".
Torna in alto
 
markvs
Inviato: Saturday, February 20, 2010 3:57:15 PM
Rank: AiutAmico

Iscritto dal : 2/20/2010
Posts: 86
Ho seguito le tue indicazioni, questo è il log di combofix!


ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((( Files Creati Da 2010-01-20 al 2010-02-20 )))))))))))))))))))))))))))))))))))
.

2011-07-26 21:57 . 2011-07-26 21:57 -------- d-----w- c:\programmi\Lavalys
2011-07-26 21:56 . 2011-07-26 21:56 -------- d-----w- c:\windows\uninstall\WashAndGo
2011-07-26 21:56 . 2011-07-26 21:56 -------- d-----w- c:\windows\uninstall
2010-02-20 13:28 . 2010-02-20 13:28 -------- d-----w- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\Runscanner.net
2010-02-20 12:33 . 2010-02-20 12:33 -------- d-----w- c:\documents and settings\LEONARDO\Impostazioni locali\Dati applicazioni\Runscanner.net
2010-02-20 12:11 . 2010-02-20 12:11 -------- d-----w- c:\documents and settings\LEONARDO\Dati applicazioni\Malwarebytes
2010-02-20 12:11 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-20 12:11 . 2010-02-20 12:11 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2010-02-20 12:11 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-20 12:11 . 2010-02-20 12:11 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2010-02-17 19:11 . 2010-02-17 19:11 -------- d-----w- c:\programmi\Er Finestra
2010-02-16 12:10 . 2010-02-16 12:10 0 ----a-w- c:\windows\nsreg.dat
2010-02-07 18:38 . 2010-02-07 18:38 -------- d-----w- c:\programmi\ESET

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-20 14:41 . 2009-07-27 06:57 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2010-02-19 14:15 . 2009-07-27 07:17 -------- d-----w- c:\programmi\eMule
2010-02-10 20:09 . 2009-07-29 11:16 -------- d-----w- c:\programmi\PokerStars.IT
2010-02-10 18:57 . 2009-08-28 19:32 -------- d-----w- c:\programmi\File comuni\Adobe
2010-02-07 18:24 . 2009-07-26 22:10 -------- d--h--w- c:\programmi\InstallShield Installation Information
2010-01-10 23:53 . 2009-11-10 20:02 -------- d-----w- c:\programmi\Circle Developement
2009-12-14 01:01 . 2001-08-31 12:00 79292 ----a-w- c:\windows\system32\perfc010.dat
2009-12-14 01:01 . 2001-08-31 12:00 478808 ----a-w- c:\windows\system32\perfh010.dat
2009-11-28 14:39 . 2009-11-28 14:23 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="c:\programmi\NVIDIA Corporation\nView\nwiz.exe" [2009-08-12 1657376]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-17 13877248]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-08-17 86016]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"egui"="c:\programmi\ESET\ESET NOD32 Antivirus\egui.exe" [2007-11-08 1418496]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-19 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-22 00:57 35760 ----a-w- c:\programmi\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
2008-08-14 05:58 611712 ----a-w- c:\programmi\File comuni\Adobe\CS4ServiceManager\CS4ServiceManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-10-30 11:57 369200 ----a-w- c:\programmi\DAEMON Tools Lite\DTLite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-07-27 07:15 133104 ----atw- c:\documents and settings\LEONARDO\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-09-04 23:54 417792 ----a-w- c:\programmi\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 14:07 2260480 --sha-r- c:\programmi\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-11-17 18:50 149280 ----a-w- c:\programmi\Java\jre6\bin\jusched.exe


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"BITS"=3 (0x3)
"Eventlog"=2 (0x2)
"mnmsrvc"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\File comuni\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4

R0 a347bus;a347bus;c:\windows\system32\DRIVERS\a347bus.sys [2004-04-30 160640]
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-11-28 691696]
S0 a347scsi;a347scsi;c:\windows\System32\Drivers\a347scsi.sys [2004-04-30 5248]
S1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys [2008-10-08 34312]
S2 ekrn;Eset Service;c:\programmi\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-10-08 468224]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2008-07-25 845184]

.
Contenuto della cartella 'Scheduled Tasks'

2010-01-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-1965331169-839522115-1003Core.job
- c:\documents and settings\LEONARDO\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2009-07-27 07:15]

2010-01-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-1965331169-839522115-1003UA.job
- c:\documents and settings\LEONARDO\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2009-07-27 07:15]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.facebook.com/
uInternet Connection Wizard,ShellNext = hxxp://ui.skype.com/ui/0/4.0.0.206/it/abandoninstall?source=lightinstaller&page=tsMain
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {4EBBD591-8FD0-429F-A8F6-180DD975246C} = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\documents and settings\LEONARDO\Dati applicazioni\Mozilla\Firefox\Profiles\k66su2zf.default\
FF - prefs.js: browser.startup.homepage - www.google.it
FF - plugin: c:\documents and settings\LEONARDO\Impostazioni locali\Dati applicazioni\Google\Update\1.2.183.13\npGoogleOneClick8.dll

---- FIREFOX POLICIES ----
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

HKLM-Run-Logitech Hardware Abstraction Layer - KHALMNPR.EXE
AddRemove-HijackThis - c:\docume~1\LEONARDO\IMPOST~1\Temp\Directory temporanea 1 per HiJackThis.zip\HijackThis.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-20 15:50
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(360)
c:\programmi\File comuni\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
Ora fine scansione: 2010-02-20 15:52:08
ComboFix-quarantined-files.txt 2010-02-20 14:52

Pre-Run: 61.789.376.512 byte disponibili
Post-Run: 61.750.362.112 byte disponibili

- - End Of File - - 9E5934D0D16B936DC779E81AA1C61EB3
Torna in alto
 
r16
Inviato: Saturday, February 20, 2010 4:06:07 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Il log è a posto.
Per eliminare i vari Tooll scaricati: (Combofix)
Scarica OTC by OldTimer sul desktop:
http://oldtimer.geekstogo.com/OTC.exe
doppio clic per eseguirlo
Clicca su CleanUp.
Ti chiederà di riavviare il pc.
Clicca sì.
Poi puoi eliminarlo.

Riscontri problemi?
Ti consiglio (poi vedi tu) di aggiornare il S.O:
http://www.microsoft.com/downloads/details.aspx?FamilyID=5b33b5a8-5e76-401f-be08-1e1555d4f3d4&DisplayLang=it
Torna in alto
 
markvs
Inviato: Saturday, February 20, 2010 7:08:05 PM
Rank: AiutAmico

Iscritto dal : 2/20/2010
Posts: 86
ho seguito i tuoi consigli... ora volevo chiederti un altro piacere, il mio pc è lento ad avviarsi... rispetto a qualche mese fa, metteva meno tempo a caricare lo sfondo nero di xp che carica la barra, al max ci metteva 6 barre di caricamento... ora ce ne vogliono almeno 30 :S
da cosa dipende?? grazie ancora
Torna in alto
 
r16
Inviato: Saturday, February 20, 2010 8:37:16 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Dipende da quanti programmi, hai installato in questi ultimi mesi.
Se hai installato film, giochi, albun di foto.
Più cose che metti dentro il pc, e più diventa "pesante".
Se cominci, a eliminare programmi, che non ti servono, o che usi una volta all'anno, se salvi le cose a cui tieni, in cd, oppure in un HD esterno, i tempi si ridurranno notevolmente.
Non puoi pretendere di avere la "botte" piena, e la moglie ubriaca. Whistle

Torna in alto
 
paolopa
Inviato: Saturday, February 20, 2010 8:46:10 PM

Rank: AiutAmico

Iscritto dal : 10/14/2008
Posts: 2,777
r16 ha scritto:
Dipende da quanti programmi, hai installato in questi ultimi mesi.
Se hai installato film, giochi, albun di foto.
Più cose che metti dentro il pc, e più diventa "pesante".
Se cominci, a eliminare programmi, che non ti servono, o che usi una volta all'anno, se salvi le cose a cui tieni, in cd, oppure in un HD esterno, i tempi si ridurranno notevolmente.
Non puoi pretendere di avere la "botte" piena, e la moglie ubriaca. Whistle


giustissimo,io inoltre uso parecchi programmi portatili stipati in un apposita partizioncina,al posto di quelli che si installano,faccio la deframmentazione ad intervalli regolari,non sovraccarico di icone il desktop ed eseguo le pulizie con una certa frequenza.
Torna in alto
 
r16
Inviato: Saturday, February 20, 2010 8:53:56 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Altra cosa:
Quando di disistallano programmi e altre cose, il più delle volte rimangono "rimasugli" nell'Editor del registro.
Io, una volta che ho pulito il registro, ho eliminato la bellezza di quasi 300 chiavi inutili.
E me ne sono accorto, visto che il pc ci ha messo la metà del tempo a caricarsi.
Torna in alto
 
paolopa
Inviato: Saturday, February 20, 2010 8:56:01 PM

Rank: AiutAmico

Iscritto dal : 10/14/2008
Posts: 2,777
@r16:basta ccleaner per pulire il registro o è meglio una tantum usare qualcosa di piu' energico?
Torna in alto
 
r16
Inviato: Saturday, February 20, 2010 9:41:01 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
paolopa ha scritto:
@r16:basta ccleaner per pulire il registro o è meglio una tantum usare qualcosa di piu' energico?

Basta CCleaner.
Se non si è più che pratici, inutile rischiare di fare danni.
Ho visto i cosidetti software "specifici" fare grossi danni. Whistle
Torna in alto
 
Utenti presenti in questo topic
Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Mi controllate il log di Hijack


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.