Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Pc lento Opzioni
eufonio
Inviato: Thursday, October 18, 2012 11:56:04 PM
Rank: AiutAmico

Iscritto dal : 1/18/2002
Posts: 76
scusa non avevo visto l'ultima parte delle tue istruzioni

http://www.freefilehosting.net/log_52
eufonio
Inviato: Friday, October 19, 2012 5:21:14 PM
Rank: AiutAmico

Iscritto dal : 1/18/2002
Posts: 76
riesci a vedere il file?
shapiro
Inviato: Friday, October 19, 2012 5:26:03 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
sto cercando di farlo ma e' pesantissimo

sai dirmi nel frattempo in due parole cosa ha rilevato?
pokerdassi
Inviato: Friday, October 19, 2012 5:55:58 PM

Rank: AiutAmico

Iscritto dal : 8/31/2007
Posts: 3,453
SCUSATE MA HO SBAGLIATO POST
eufonio
Inviato: Friday, October 19, 2012 5:58:28 PM
Rank: AiutAmico

Iscritto dal : 1/18/2002
Posts: 76
per quel che mi riesce di capire non mi sembra abbia rilevato nulla, c'è una colonna dove accanto ad ogni voce c'è ok, l'unica voce diversa è
Not processed C:\pagefile.sys Object is locked
shapiro
Inviato: Friday, October 19, 2012 6:02:12 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164


fai questa scansione possibilmente in modalita' provvisoria (tasto F8 all'avvio di windows)

Scarica e installa malwarebytes
Aggiornalo: clicca sulla scheda "aggiornamenti" => "controlla aggiornamenti"
Esegui una "scansione completa" (seleziona l'opzione)
A scansione completa, fai clic su OK => Mostra i Risultati.
Assicurarti che tutto sia selezionato e clicca clic su Rimuovi selezionati.
Se ti chiede di riavviare, riavvia per completare il processo di pulizia.
Posta il rapporto .
eufonio
Inviato: Friday, October 19, 2012 7:54:53 PM
Rank: AiutAmico

Iscritto dal : 1/18/2002
Posts: 76
questo è il log di malwarebytes:

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.19.10

Windows XP Service Pack 3 x86 NTFS (Safe Mode/Networking)
Internet Explorer 8.0.6001.18702
Administrator :: UTENTE-2B22613E [administrator]

19/10/2012 18.13.39
mbam-log-2012-10-19 (18-13-39).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 454707
Time elapsed: 1 hour(s), 4 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
shapiro
Inviato: Saturday, October 20, 2012 1:05:09 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164

sembrerebbe tutto a posto

riscontri sempre lo stesso problema o noti miglioramneti?
eufonio
Inviato: Saturday, October 20, 2012 1:57:50 PM
Rank: AiutAmico

Iscritto dal : 1/18/2002
Posts: 76
mi sembra vada abbastanza bene anche se in alcuni momenti fatica a passare da una finestra all'altra.
shapiro
Inviato: Saturday, October 20, 2012 4:39:18 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164

facciamo un controllo per eliminare i residui

Scarica OTL e salvalo sul desktop

Metti la spunta su SCAN ALL USERS.

Sotto output, metti la spunta su minimal output

Clicca sulla freccettina di File Age e seleziona 60 Days

Metti la spunta a LOP Check e Purity Check.

Clicca su RUN SCAN

Lascia fare la scansione senza interferire.

Al termine della scansione trovi 2 log sul desktop. OTL.txt ed Extras.txt, salvali e caricali su Wikisend

eufonio
Inviato: Saturday, October 20, 2012 6:37:54 PM
Rank: AiutAmico

Iscritto dal : 1/18/2002
Posts: 76
shapiro
Inviato: Saturday, October 20, 2012 9:12:35 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
apri otl copia nello spazio bianco sotto "Custom Scans\Fixes" questo codice (non copiare Code:)

Code:
:OTL
SRV - (WPFFontCache_v0400) --  File not found
DRV - (WDICA) --  File not found
DRV - (PROCEXP151) -- C:\WINDOWS\system32\Drivers\PROCEXP151.SYS File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCIDump) --  File not found
DRV - (lbrtfdc) --  File not found
DRV - (i2omgmt) --  File not found
DRV - (Changer) --  File not found
DRV - (catchme) -- C:\ComboFix\catchme.sys File not found
DRV - (ALSysIO) -- C:\DOCUME~1\Utente\IMPOST~1\Temp\ALSysIO.sys File not found
IE - HKU\S-1-5-21-842925246-1844823847-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it
IE - HKU\S-1-5-21-842925246-1844823847-1801674531-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
FF - prefs.js..browser.startup.homepage: "http://search.findeer.com/"
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
[2012/10/16 23.21.12 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/10/17 22.48.44 | 140,121,576 | ---- | C] () -- C:\Documents and Settings\Utente\Desktop\setup_11.0.0.1245.x01_2012_10_17_23_14.exe
[2012/10/16 23.21.46 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/10/16 23.21.46 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/10/16 23.21.46 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/10/16 23.21.46 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/10/16 23.21.46 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/04/12 09.01.13 | 000,006,627 | ---- | C] () -- C:\WINDOWS\cfgall.ini
@Alternate Data Stream - 368 bytes -> C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\desktop.ini:722b2b1c349a06abf0e866180e5a7e63
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Dati applicazioni\TEMP:58A5270D

:Files
ipconfig /flushdns /c

:commands
[purity]
[Reboot]


clicca su RUN FIX attendi la fine della scansione e posta il log che rilascia

controlla queste cartelle se non le conosci, eliminale


C:\Documents and Settings\Utente\Desktop\Sygic

C:\Documents and Settings\Utente\Dati applicazioni\Uhqa

C:\Documents and Settings\Utente\Dati applicazioni\Zeon
eufonio
Inviato: Saturday, October 20, 2012 10:21:19 PM
Rank: AiutAmico

Iscritto dal : 1/18/2002
Posts: 76
la prima cartella l'ho creata io le altre due le ho eliminate.
Questo il log

========== OTL ==========
Service WPFFontCache_v0400 stopped successfully!
Service WPFFontCache_v0400 deleted successfully!
File File not found not found.
Service WDICA stopped successfully!
Service WDICA deleted successfully!
File File not found not found.
Service PROCEXP151 stopped successfully!
Service PROCEXP151 deleted successfully!
File C:\WINDOWS\system32\Drivers\PROCEXP151.SYS File not found not found.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
File File not found not found.
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
File File not found not found.
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
File File not found not found.
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
File File not found not found.
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
File File not found not found.
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
File File not found not found.
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
File File not found not found.
Service Changer stopped successfully!
Service Changer deleted successfully!
File File not found not found.
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\ComboFix\catchme.sys File not found not found.
Service ALSysIO stopped successfully!
Service ALSysIO deleted successfully!
File C:\DOCUME~1\Utente\IMPOST~1\Temp\ALSysIO.sys File not found not found.
HKU\S-1-5-21-842925246-1844823847-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-842925246-1844823847-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Prefs.js: "http://search.findeer.com/" removed from browser.startup.homepage
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
C:\Qoobox\Quarantine\Registry_backups folder moved successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\URTTEMP folder moved successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32 folder moved successfully.
C:\Qoobox\Quarantine\C\WINDOWS folder moved successfully.
C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Dati applicazioni\TEMP folder moved successfully.
C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Dati applicazioni folder moved successfully.
C:\Qoobox\Quarantine\C\Documents and Settings\All Users folder moved successfully.
C:\Qoobox\Quarantine\C\Documents and Settings folder moved successfully.
C:\Qoobox\Quarantine\C folder moved successfully.
C:\Qoobox\Quarantine folder moved successfully.
Folder move failed. C:\Qoobox\BackEnv scheduled to be moved on reboot.
C:\Qoobox folder moved successfully.
C:\Documents and Settings\Utente\Desktop\setup_11.0.0.1245.x01_2012_10_17_23_14.exe moved successfully.
C:\WINDOWS\PEV.exe moved successfully.
C:\WINDOWS\MBR.exe moved successfully.
C:\WINDOWS\sed.exe moved successfully.
C:\WINDOWS\grep.exe moved successfully.
C:\WINDOWS\zip.exe moved successfully.
C:\WINDOWS\cfgall.ini moved successfully.
ADS C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\desktop.ini:722b2b1c349a06abf0e866180e5a7e63 deleted successfully.
ADS C:\Documents and Settings\All Users\Dati applicazioni\TEMP:58A5270D deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Configurazione IP di Windows
Impossibile svuotare la cache del resolver DNS: Errore nell'esecuzione della funzione.
C:\Documents and Settings\Utente\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Utente\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.69.0 log created on 10202012_220134

Files\Folders moved on Reboot...
File\Folder C:\Qoobox\BackEnv not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
shapiro
Inviato: Sunday, October 21, 2012 12:32:51 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164

fai queste pulizie

Installa Ccleaner

ccleaner

durante l’installazione deseleziona l’opzione per la barra di Yahoo, lo apri, vai in Opzioni>Avanzate, togli la spunta a “Cancella file temp diwindows solo se più vecchi di 48 ore”, poi avvialo, seleziona "Analizza" ed alla fine dell'analisi premi "Avvia pulizia''


clicca su Registro, nella pagina successiva clicca Trova problemi, poi al termine dello scan clicca su Ripara selezionati , risposndi di sì alla richiesta di salvare il backup (salvalo in una cartella a piacimento) poi ripara tutti gli elementi trovati.

scarica http://www.atribune.org/ccount/click.php?id=1

non ha bisogno di installazione

Avvia ATF Cleaner.exe con un doppio click

- clicca sul menu main
- seleziona la casella Select All
- clicca sul pulsante Empty selected
- aspetta l'avviso Done Cleaning.
(se non vuoi eliminare le password togli la spunta)
(se usi opera o firefox,spunta anche le loro sezioni)

disattiva il ripristino

riavvia

riattivalo e crea un nuovo punto


svuota la cartella prefetch ( non eliminarla)

fai una deframmentazione del disco, penso che il tuo pc na ha bisogno

apri otl e clicca su clean up poi posta un log aggiornato di hijackthis






eufonio
Inviato: Sunday, October 21, 2012 5:53:28 PM
Rank: AiutAmico

Iscritto dal : 1/18/2002
Posts: 76
Ho fatto tutto e questo è il log di hijackthis

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17.52.27, on 21/10/12
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Programmi\IObit\Advanced SystemCare 6\ASCService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\EMLPROXY.EXE
C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\SAPISSVC.EXE
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Common Files\Motive\McciCMService.exe
C:\Programmi\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\opssvc.exe
C:\Programmi\Telecom Italia\WanMiniport1st\WanMiniport1st_srv.exe
C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\quhlpsvc.exe
C:\Programmi\Macrium\Reflect\ReflectService.exe
C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\SCANWSCS.EXE
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\onlinent.exe
C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\SCANMSG.EXE
C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\UPSCHD.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\IObit\Advanced SystemCare 6\DelayLoad.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Quick Heal Core UI] "C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\strtupap.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Apri con ScanSoft PDF Converter 4.1 - res://C:\Programmi\ScanSoft\PDF Professional 4.0\cnvres_ita.dll /100
O8 - Extra context menu item: Converti destinazione link in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti destinazione link in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti i link selezionati in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Converti i link selezionati in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Converti in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti nel file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti selezione in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti selezione in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.telecomitalia.it
O15 - Trusted Zone: http://www.tim.it
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Programmi\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Core Mail Protection - Quick Heal Technologies (P) Ltd. - C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\EMLPROXY.EXE
O23 - Service: Core Scanning Server - Quick Heal Technologies (P) Ltd. - C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\SAPISSVC.EXE
O23 - Service: Core Scanning ServerEx - Quick Heal Technologies (P) Ltd. - C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\SAPISSVC.EXE
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Alcatel-Lucent - C:\Programmi\Common Files\Motive\McciCMService.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Network WanMiniport First Position - Unknown owner - C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
O23 - Service: Online Protection System - Quick Heal Technologies (P) Ltd. - C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\opssvc.exe
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Programmi\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
O23 - Service: Quick Update Service - Quick Heal Technologies (P) Ltd. - C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\quhlpsvc.exe
O23 - Service: Macrium Reflect Image Mounting Service (ReflectService.exe) - Unknown owner - C:\Programmi\Macrium\Reflect\ReflectService.exe
O23 - Service: Quick Heal AntiVirus Pro Helper Service WSC (ScanWscS) - Quick Heal Technologies (P) Ltd. - C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\SCANWSCS.EXE
O23 - Service: ServiceLayer - Nokia - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 10065 bytes
shapiro
Inviato: Sunday, October 21, 2012 6:07:21 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164

per me sei a posto, se il pc va bene possiamo anche chiudere

eufonio
Inviato: Sunday, October 21, 2012 6:28:10 PM
Rank: AiutAmico

Iscritto dal : 1/18/2002
Posts: 76
Ok, mi sembra possa andare, grazie per il tuo prezioso aiuto.
Un'ultima cosa devo disinstallare combofix e se si basta farlo da pannello di controllo?
Grazie ancora
shapiro
Inviato: Sunday, October 21, 2012 8:19:07 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164


combofix non dovrebbe essere piu' nel pc lo hai rimosso quando hai aperto otl e cliccato su clean up
eufonio
Inviato: Monday, October 22, 2012 6:53:27 PM
Rank: AiutAmico

Iscritto dal : 1/18/2002
Posts: 76
perfetto, grazie ancora
Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.