Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Mi controllate per favore, grazie Opzioni
pippo39
Inviato: Sunday, February 16, 2014 11:42:02 AM
Rank: AiutAmico

Iscritto dal : 4/2/2005
Posts: 125
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11.44.15, on 16/02/2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\Programmi\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\Twain_32\Samsung\SCX4623\Scan2pc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
C:\Programmi\Telecom Italia\WanMiniport1st\WanMiniport1st_srv.exe
C:\Programmi\PDF Architect\HelperService.exe
C:\Programmi\PDF Architect\ConversionService.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\NetFaxServer.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Java\Java Update\jucheck.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrator\Documenti\Download\SoftonicDownloader_per_hijackthis.exe
C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Programmi\PDF Architect\PDFIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Programmi\PDF Architect\PDFIEPlugin.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Programmi\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [4623 Scan2PC] "C:\WINDOWS\Twain_32\Samsung\SCX4623\Scan2pc.exe"
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] D:\Pulizia\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_5_502_146_Plugin.exe -update plugin
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programmi\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Network WanMiniport First Position - Unknown owner - C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Programmi\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Programmi\PDF Architect\ConversionService.exe
O23 - Service: Samsung Network Fax Server - Samsung Electronics Co., Ltd. - C:\WINDOWS\system32\spool\drivers\w32x86\3\NetFaxServer.exe

--
End of file - 5890 bytes
Sponsor
Inviato: Sunday, February 16, 2014 11:42:02 AM

 
r16
Inviato: Sunday, February 16, 2014 11:51:07 AM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Ciao.
Se non dici i problemi che riscontri devo anch'io tirare a indovinare.....Whistle
Segui alla lettera questa guida:
http://forum.aiutamici.com/yaf_postst90814_Guida-per-eliminare-le-pagine-pubblicitarie-SOLO-LETTURA.aspx
Posta i log come indicato a fine pagina.
pippo39
Inviato: Sunday, February 16, 2014 11:58:01 AM
Rank: AiutAmico

Iscritto dal : 4/2/2005
Posts: 125
I problemi sono: computer lentissimo all'apertura, e connessioni lente.Grazie
r16
Inviato: Sunday, February 16, 2014 1:57:28 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
pippo39 ha scritto:
I problemi sono: computer lentissimo all'apertura, e connessioni lente.Grazie

Ok, segui la guida.
pippo39
Inviato: Monday, February 17, 2014 8:17:54 AM
Rank: AiutAmico

Iscritto dal : 4/2/2005
Posts: 125
lo farò grazie
pippo39
Inviato: Monday, February 17, 2014 12:12:55 PM
Rank: AiutAmico

Iscritto dal : 4/2/2005
Posts: 125
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Versione database: v2014.02.16.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Administrator :: PIERO-591791275 [amministratore]

17/02/2014 8.32.22
mbam-log-2014-02-17 (08-32-22).txt

Tipo di scansione: Scansione completa (C:\|K:\|L:\|)
Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File di sistema | Euristica/Extra | Euristica/Shuriken | PUP | PUM
Opzioni di scansione disattivate: P2P
Elementi esaminati: 238408
Tempo impiegato: 1 ore, 9 minuti, 3 secondi

Processi rilevati in memoria: 0
(non sono stati rilevati elementi nocivi)

Moduli di memoria rilevati: 0
(non sono stati rilevati elementi nocivi)

Chiavi di registro rilevate: 3
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Spostato in quarantena ed eliminato con successo.
HKLM\SOFTWARE\Vittalia\AxtanInstaller (PUP.Optional.BundleInstaller.A) -> Spostato in quarantena ed eliminato con successo.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Spostato in quarantena ed eliminato con successo.

Valori di registro rilevati: 2
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Dati: {FEFD7A0B-685A-11E2-BF29-84763FCB86D4} -> Spostato in quarantena ed eliminato con successo.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Dati: {FEFD7A0B-685A-11E2-BF29-84763FCB86D4} -> Spostato in quarantena ed eliminato con successo.

Voci rilevate nei dati di registro: 0
(non sono stati rilevati elementi nocivi)

Cartelle rilevate: 0
(non sono stati rilevati elementi nocivi)

File rilevati: 9
C:\Documents and Settings\Administrator\Documenti\Download\SoftonicDownloader_per_hijackthis.exe (PUP.Optional.Softonic.A) -> Spostato in quarantena ed eliminato con successo.
C:\Documents and Settings\Administrator\Documenti\Download\SoftonicDownloader_per_pdfcreator.exe (PUP.Optional.Softonic.A) -> Spostato in quarantena ed eliminato con successo.
C:\Qoobox\Quarantine\C\Programmi\DealPly\DealPlyIE.dll.vir (PUP.DealPly) -> Spostato in quarantena ed eliminato con successo.
C:\Qoobox\Quarantine\C\Programmi\DealPly\DealPlyUpdate.exe.vir (PUP.Optional.Dealply) -> Spostato in quarantena ed eliminato con successo.
C:\Qoobox\Quarantine\C\Programmi\DealPly\DealPlyUpdateRun.exe.vir (PUP.Optional.Dealply) -> Spostato in quarantena ed eliminato con successo.
C:\Qoobox\Quarantine\C\Programmi\DealPly\uninst.exe.vir (PUP.Optional.Dealply) -> Spostato in quarantena ed eliminato con successo.
C:\WINDOWS\Installer\3a2bb0.msi (PUP.Optional.SweetIM) -> Spostato in quarantena ed eliminato con successo.
C:\WINDOWS\Installer\3a2bb8.msi (PUP.Optional.SweetIM) -> Spostato in quarantena ed eliminato con successo.
C:\WINDOWS\Installer\3a2bc0.msi (PUP.Optional.SweetIM) -> Spostato in quarantena ed eliminato con successo.

(fine)



# AdwCleaner v3.018 - Report created 17/02/2014 at 10:24:07
# Updated 28/01/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Administrator - PIERO-591791275
# Running from : D:\Pulizia\Programmi_PULITURA_AIUTAMICI\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\Administrator\Dati applicazioni\pdfforge
File Deleted : C:\WINDOWS\Tasks\GinyasBrowserCompanion Chrome Watcher.job
File Deleted : C:\WINDOWS\Tasks\GinyasBrowserCompanion FireFox Watcher.job
File Deleted : C:\WINDOWS\Tasks\GinyasBrowserCompanion Stats Report.job
File Deleted : C:\WINDOWS\Tasks\GinyasBrowserCompanion Update Checker.job

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Programmi\SweetIM\Communicator\SweetPacksUpdateManager.exe]
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\Vittalia
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sweetpacks Bundle Uninstaller
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v17.0 (it)

[ File : C:\Documents and Settings\Administrator\Dati applicazioni\Mozilla\Firefox\Profiles\h27rd050.default-1354343879015\prefs.js ]

Line Deleted : user_pref("extentions.y2layers.defaultEnableAppsList", "twittube,buzzdock,YontooNewOffers");
Line Deleted : user_pref("extentions.y2layers.installId", "cbcd2002-8b52-4980-a874-a1cfbcc52de5");

[ File : C:\Documents and Settings\Administrator\Dati applicazioni\Mozilla\Firefox\Profiles\q78431w1.default\prefs.js ]


-\\ Google Chrome v32.0.1700.107

[ File : C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : urls_to_restore_on_startup
Deleted : search_url

*************************

AdwCleaner[R0].txt - [2820 octets] - [17/02/2014 10:21:43]
AdwCleaner[S0].txt - [2783 octets] - [17/02/2014 10:24:07]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2843 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Microsoft Windows XP x86
Ran by Administrator on 17/02/2014 at 11.13.28,71
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1715567821-1078145449-1801674531-500\Software\sweetim



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17/02/2014 at 11.33.35,43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Microsoft Windows XP x86
Ran by Administrator on 17/02/2014 at 11.13.28,71
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1715567821-1078145449-1801674531-500\Software\sweetim



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17/02/2014 at 11.33.35,43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pippo39
Inviato: Monday, February 17, 2014 5:39:09 PM
Rank: AiutAmico

Iscritto dal : 4/2/2005
Posts: 125
Dopo la pulizia invio nuovo log
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17.41.28, on 17/02/2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\Programmi\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\Twain_32\Samsung\SCX4623\Scan2pc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Programmi\Java\jre6\bin\jqs.exe
D:\Pulizia\Malwarebytes' Anti-Malware\mbamscheduler.exe
D:\Pulizia\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
C:\Programmi\Telecom Italia\WanMiniport1st\WanMiniport1st_srv.exe
D:\Pulizia\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Programmi\PDF Architect\HelperService.exe
C:\Programmi\PDF Architect\ConversionService.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\NetFaxServer.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Java\Java Update\jucheck.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Programmi\PDF Architect\PDFIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Programmi\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [4623 Scan2PC] "C:\WINDOWS\Twain_32\Samsung\SCX4623\Scan2pc.exe"
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programmi\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - D:\Pulizia\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - D:\Pulizia\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Network WanMiniport First Position - Unknown owner - C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Programmi\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Programmi\PDF Architect\ConversionService.exe
O23 - Service: Samsung Network Fax Server - Samsung Electronics Co., Ltd. - C:\WINDOWS\system32\spool\drivers\w32x86\3\NetFaxServer.exe

--
End of file - 5811 bytes
r16
Inviato: Monday, February 17, 2014 7:29:57 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Ciao.
Mi servirebbe anche il log di OTL.
Ti pregherei di postarli come indicato a fine link.
Infine vorrei sapere se riscontri ancora problemi.
pippo39
Inviato: Tuesday, February 18, 2014 8:13:35 AM
Rank: AiutAmico

Iscritto dal : 4/2/2005
Posts: 125
OTL.Txt_1.txt

Si, purtroppo è ancora molto lento alla accensione del pc. e molto lento a aprire tutte le cartelle
pippo39
Inviato: Tuesday, February 18, 2014 8:16:05 AM
Rank: AiutAmico

Iscritto dal : 4/2/2005
Posts: 125
Se tutto andasse a posto, dopo i tuoi suggerimenti, cioè se dopo va tutto bene, posso io fare una copa con acronis. Grazie
r16
Inviato: Tuesday, February 18, 2014 6:52:53 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Avvia hijackthis, metti la spunta alle voci che andrò ad elencarti e con tutte le applicazioni chiuse e disconnesso da Internet,premi su "fix checked":

Commenta:
O4 - HKLM\..\Run: [4623 Scan2PC] "C:\WINDOWS\Twain_32\Samsung\SCX4623\Scan2pc.exe"
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe


Poi:
Dai una pulita (registro compreso)con CCleaner http://www.aiutamici.com/software?ID=11223

Poi:
Provvedi a svuotare del suo contenuto la cartella Prefetch :
clicca su Risorse del Computer
clicca su Disco locale C:
cerca, all’interno delle cartelle che saranno visualizzate la cartella Windows, aprila ed, al suo interno, cerca la cartella Prefetch, la apri ed elimina tutte le voci conservate al suo interno ( non eliminare la cartella)

SVUOTA IL CESTINO

Apri CCleaner.
Clicca su "Strumenti".
Clicca su "Ripristino Sistema"
Seleziona TUTTI i punti di ripristino e poi clicca "Rimuovi".

N.B:
Il punto segnalato in grigio (il primo) non lo puoi eliminare per motivi di sicurezza.

Vedi se il pc è migliorato.
pippo39
Inviato: Wednesday, February 19, 2014 8:05:36 AM
Rank: AiutAmico

Iscritto dal : 4/2/2005
Posts: 125
Si è molto migliorato, grazie: posso adesso fare una copia con Acronis?
Di nuovo grazie. Piero
Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.