Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

computer estremamente lemto posto LOG Opzioni
fiart50
Inviato: Thursday, January 29, 2009 5:12:02 PM

Rank: AiutAmico

Iscritto dal : 8/17/2008
Posts: 387
ciao a tuti.. da stamattina ho il pc estremamente lente mi fate una controllatina al log???? grazie ragazzi


ogfile of Trend Micro HijackThis v2.0.2
Scan saved at 17.10.57, on 29/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\COMODO\Firewall\cmdagent.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Programmi\Microsoft LifeCam\MSCamS32.exe
C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Programmi\Eset\nod32krn.exe
C:\Programmi\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmi\Multimedia Combo Set\MouseDrv.exe
C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe
C:\Programmi\COMODO\Firewall\cfp.exe
C:\Programmi\Eset\nod32kui.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\Programmi\Multimedia Combo Set\PS2USBKbdDrv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe
C:\Programmi\IncrediMail\bin\IMApp.exe
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Programmi\Windows Live\Messenger\usnsvc.exe
C:\Programmi\Safari\Safari.exe
C:\Programmi\eMule\emule.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmi\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [WireLessMouse ] C:\Programmi\Multimedia Combo Set\MouseDrv.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Programmi\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Programmi\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WireLessKeyboard ] C:\Programmi\Multimedia Combo Set\PS2USBKbdDrv.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [StartCCC] C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [EPSON Stylus DX7400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE /FU "C:\WINDOWS\TEMP\E_S669.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [IncrediMail] C:\Programmi\IncrediMail\bin\IncMail.exe /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD5/JSCDL/jre/6u11-b90/jinstall-6u11-windows-i586-jc.cab?AuthParam=1229441350_40e17d239fa9d6194b9a074ae182a1dd&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD5/JSCDL/jre/6u11-b90/jinstall-6u11-windows-i586-jc.cab&File=jinstall-6u11-windows-i586-jc.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{732B0EF4-37EF-4888-BC91-503A8D9C71E9}: NameServer = 85.37.17.11 85.38.28.69
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmi\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Programmi\COMODO\Firewall\cmdagent.exe
O23 - Service: FreePOPs - Unknown owner - C:\Programmi\FreePOPs\freepopsservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programmi\Eset\nod32krn.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Programmi\Spyware Terminator\sp_rsser.exe

--
End of file - 9283 bytes

Sponsor
Inviato: Thursday, January 29, 2009 5:12:02 PM

 
shapiro
Inviato: Thursday, January 29, 2009 5:16:46 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
ciao

a parte ► O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) non vedo niente



scarica Malwarebytes


http://www.malwarebytes.org/mbam/program/mbam-setup.exe



1) lo installi
2) lo aggiorni
3) fai una scansione scegliendo la modalità completa
4) NON eliminare le eventuali minacce che rileva
5) finita la scansione seleziona il tabellino log, apri il file di testo e postalo sul forum



______


Scarica Lop S&D | http://eric.71.mespages.googlepages.com/LopSD.exe
con tutte le applicazioni chiuse e disconnesso
doppio click su LopSD
scegli la lingua E (invio)
1 (ricerca) invio

al termine dello scan riavvia LopSD
questa volta scegli l'opzione 2 (invio)

allega il report C:\LopR.txt insieme ad un nuovo log di hijackthis
fiart50
Inviato: Thursday, January 29, 2009 6:08:28 PM

Rank: AiutAmico

Iscritto dal : 8/17/2008
Posts: 387
ogfile of Trend Micro HijackThis v2.0.2
Scan saved at 17.10.57, on 29/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\COMODO\Firewall\cmdagent.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Programmi\Microsoft LifeCam\MSCamS32.exe
C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Programmi\Eset\nod32krn.exe
C:\Programmi\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmi\Multimedia Combo Set\MouseDrv.exe
C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe
C:\Programmi\COMODO\Firewall\cfp.exe
C:\Programmi\Eset\nod32kui.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\Programmi\Multimedia Combo Set\PS2USBKbdDrv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe
C:\Programmi\IncrediMail\bin\IMApp.exe
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Programmi\Windows Live\Messenger\usnsvc.exe
C:\Programmi\Safari\Safari.exe
C:\Programmi\eMule\emule.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmi\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [WireLessMouse ] C:\Programmi\Multimedia Combo Set\MouseDrv.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Programmi\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Programmi\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WireLessKeyboard ] C:\Programmi\Multimedia Combo Set\PS2USBKbdDrv.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [StartCCC] C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [EPSON Stylus DX7400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE /FU "C:\WINDOWS\TEMP\E_S669.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [IncrediMail] C:\Programmi\IncrediMail\bin\IncMail.exe /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD5/JSCDL/jre/6u11-b90/jinstall-6u11-windows-i586-jc.cab?AuthParam=1229441350_40e17d239fa9d6194b9a074ae182a1dd&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD5/JSCDL/jre/6u11-b90/jinstall-6u11-windows-i586-jc.cab&File=jinstall-6u11-windows-i586-jc.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{732B0EF4-37EF-4888-BC91-503A8D9C71E9}: NameServer = 85.37.17.11 85.38.28.69
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmi\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Programmi\COMODO\Firewall\cmdagent.exe
O23 - Service: FreePOPs - Unknown owner - C:\Programmi\FreePOPs\freepopsservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programmi\Eset\nod32krn.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Programmi\Spyware Terminator\sp_rsser.exe

--
End of file - 9283 bytes


LOG MALWAREBYTES


Malwarebytes' Anti-Malware 1.32
Versione del database: 1646
Windows 5.1.2600 Service Pack 3

29/01/2009 18.04.47
mbam-log-2009-01-29 (18-04-47).txt

Tipo di scansione: Scansione rapida
Elementi scansionati: 59233
Tempo trascorso: 4 minute(s), 28 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 0

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
(Nessun elemento malevolo rilevato)

Valori di registro infetti:
(Nessun elemento malevolo rilevato)

Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
(Nessun elemento malevolo rilevato)


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18.06.51, on 29/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\COMODO\Firewall\cmdagent.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Programmi\Microsoft LifeCam\MSCamS32.exe
C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Programmi\Eset\nod32krn.exe
C:\Programmi\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmi\Multimedia Combo Set\MouseDrv.exe
C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe
C:\Programmi\COMODO\Firewall\cfp.exe
C:\Programmi\Eset\nod32kui.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\Programmi\Multimedia Combo Set\PS2USBKbdDrv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Programmi\Windows Live\Messenger\usnsvc.exe
C:\Programmi\Safari\Safari.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmi\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [WireLessMouse ] C:\Programmi\Multimedia Combo Set\MouseDrv.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Programmi\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Programmi\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WireLessKeyboard ] C:\Programmi\Multimedia Combo Set\PS2USBKbdDrv.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [StartCCC] C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [EPSON Stylus DX7400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE /FU "C:\WINDOWS\TEMP\E_S669.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [IncrediMail] C:\Programmi\IncrediMail\bin\IncMail.exe /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD5/JSCDL/jre/6u11-b90/jinstall-6u11-windows-i586-jc.cab?AuthParam=1229441350_40e17d239fa9d6194b9a074ae182a1dd&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD5/JSCDL/jre/6u11-b90/jinstall-6u11-windows-i586-jc.cab&File=jinstall-6u11-windows-i586-jc.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{732B0EF4-37EF-4888-BC91-503A8D9C71E9}: NameServer = 85.37.17.11 85.38.28.69
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmi\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Programmi\COMODO\Firewall\cmdagent.exe
O23 - Service: FreePOPs - Unknown owner - C:\Programmi\FreePOPs\freepopsservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programmi\Eset\nod32krn.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Programmi\Spyware Terminator\sp_rsser.exe

--
End of file - 9213 bytes

shapiro
Inviato: Thursday, January 29, 2009 6:15:17 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
manca il report di Lop S&D

hai postato due volte il log di hjt, e non hai fatto la scansione completa
fiart50
Inviato: Thursday, January 29, 2009 6:33:03 PM

Rank: AiutAmico

Iscritto dal : 8/17/2008
Posts: 387
Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Savio ( Administrator )
BOOT : Normal boot
Antivirus : Sistema Antivirus NOD32 2.70 2.70 (Activated)
Firewall : COMODO Firewall 3.5 (Activated)
C:\ (Local Disk) - NTFS - Total:149 Go (Free:79 Go)
D:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 29/01/2009|18.27 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing folders in DATIAP~1

[15/12/2008|19.56] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Adobe
[27/01/2009|20.34] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Apple
[28/01/2009|11.57] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Apple Computer
[06/09/2008|22.33] C:\DOCUME~1\ALLUSE~1\DATIAP~1\BVRP Software
[02/11/2008|10.35] C:\DOCUME~1\ALLUSE~1\DATIAP~1\comodo
[18/08/2008|21.22] C:\DOCUME~1\ALLUSE~1\DATIAP~1\EPSON
[18/08/2008|20.49] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Google
[18/08/2008|23.50] C:\DOCUME~1\ALLUSE~1\DATIAP~1\HP
[22/01/2009|18.09] C:\DOCUME~1\ALLUSE~1\DATIAP~1\IM
[24/01/2009|13.43] C:\DOCUME~1\ALLUSE~1\DATIAP~1\IncrediMail
[26/08/2008|10.38] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Kaspersky Lab Setup Files
[20/08/2008|22.47] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Malwarebytes
[28/01/2009|18.36] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Microsoft
[14/01/2009|16.06] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Microsoft Help
[12/09/2008|09.11] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Motive
[19/08/2008|19.02] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Nero
[22/01/2009|23.00] C:\DOCUME~1\ALLUSE~1\DATIAP~1\PlayFirst
[18/08/2008|20.52] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Skype
[18/08/2008|23.49] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Sonic
[24/01/2009|00.53] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Spyware Terminator
[22/01/2009|23.05] C:\DOCUME~1\ALLUSE~1\DATIAP~1\TEMP
[18/08/2008|21.25] C:\DOCUME~1\ALLUSE~1\DATIAP~1\UDL
[19/08/2008|16.41] C:\DOCUME~1\ALLUSE~1\DATIAP~1\Windows Genuine Advantage
[23/08/2008|11.57] C:\DOCUME~1\ALLUSE~1\DATIAP~1\WLInstaller
[0|File] C:\DOCUME~1\ALLUSE~1\DATIAP~1\byte
[26|Directory] C:\DOCUME~1\ALLUSE~1\DATIAP~1\byte disponibili

[19/08/2008|21.49] C:\DOCUME~1\DEFAUL~1\DATIAP~1\Microsoft
[0|File] C:\DOCUME~1\DEFAUL~1\DATIAP~1\byte
[3|Directory] C:\DOCUME~1\DEFAUL~1\DATIAP~1\byte disponibili

[19/08/2008|18.05] C:\DOCUME~1\LOCALS~1\DATIAP~1\Microsoft
[0|File] C:\DOCUME~1\LOCALS~1\DATIAP~1\byte
[3|Directory] C:\DOCUME~1\LOCALS~1\DATIAP~1\byte disponibili

[18/08/2008|22.05] C:\DOCUME~1\NETWOR~1\DATIAP~1\Microsoft
[0|File] C:\DOCUME~1\NETWOR~1\DATIAP~1\byte
[3|Directory] C:\DOCUME~1\NETWOR~1\DATIAP~1\byte disponibili

[04/12/2008|18.40] C:\DOCUME~1\Savio\DATIAP~1\Adobe
[18/08/2008|21.09] C:\DOCUME~1\Savio\DATIAP~1\AdobeUM
[19/08/2008|11.03] C:\DOCUME~1\Savio\DATIAP~1\Ahead
[28/01/2009|01.51] C:\DOCUME~1\Savio\DATIAP~1\Apple Computer
[18/08/2008|19.29] C:\DOCUME~1\Savio\DATIAP~1\ATI
[02/11/2008|10.16] C:\DOCUME~1\Savio\DATIAP~1\Comodo
[27/10/2008|14.37] C:\DOCUME~1\Savio\DATIAP~1\EPSON
[09/11/2008|00.00] C:\DOCUME~1\Savio\DATIAP~1\Free Download Manager
[20/09/2008|23.57] C:\DOCUME~1\Savio\DATIAP~1\FrostWire
[20/11/2008|14.08] C:\DOCUME~1\Savio\DATIAP~1\GlarySoft
[19/08/2008|10.01] C:\DOCUME~1\Savio\DATIAP~1\Google
[20/10/2008|21.05] C:\DOCUME~1\Savio\DATIAP~1\HP
[18/08/2008|19.00] C:\DOCUME~1\Savio\DATIAP~1\Identities
[07/11/2008|16.55] C:\DOCUME~1\Savio\DATIAP~1\InstallPad
[18/08/2008|21.22] C:\DOCUME~1\Savio\DATIAP~1\InstallShield
[04/10/2008|13.59] C:\DOCUME~1\Savio\DATIAP~1\LG Electronics
[28/01/2009|19.08] C:\DOCUME~1\Savio\DATIAP~1\LimeWire
[19/08/2008|00.10] C:\DOCUME~1\Savio\DATIAP~1\Macromedia
[20/08/2008|22.47] C:\DOCUME~1\Savio\DATIAP~1\Malwarebytes
[26/08/2008|15.36] C:\DOCUME~1\Savio\DATIAP~1\Media Player Classic
[28/01/2009|18.36] C:\DOCUME~1\Savio\DATIAP~1\Microsoft
[19/08/2008|00.26] C:\DOCUME~1\Savio\DATIAP~1\Motive
[24/08/2008|23.02] C:\DOCUME~1\Savio\DATIAP~1\Mozilla
[19/08/2008|19.04] C:\DOCUME~1\Savio\DATIAP~1\Nero
[20/01/2009|23.00] C:\DOCUME~1\Savio\DATIAP~1\Netscape
[25/01/2009|22.42] C:\DOCUME~1\Savio\DATIAP~1\Opera
[29/08/2008|12.14] C:\DOCUME~1\Savio\DATIAP~1\PCToolsFirewallPlus
[22/01/2009|23.00] C:\DOCUME~1\Savio\DATIAP~1\PlayFirst
[06/10/2008|15.48] C:\DOCUME~1\Savio\DATIAP~1\Real
[22/01/2009|17.17] C:\DOCUME~1\Savio\DATIAP~1\Skype
[22/01/2009|17.16] C:\DOCUME~1\Savio\DATIAP~1\skypePM
[24/01/2009|00.51] C:\DOCUME~1\Savio\DATIAP~1\Spyware Terminator
[18/08/2008|20.49] C:\DOCUME~1\Savio\DATIAP~1\Sun
[19/08/2008|00.08] C:\DOCUME~1\Savio\DATIAP~1\Talkback
[11/10/2008|16.45] C:\DOCUME~1\Savio\DATIAP~1\vlc
[27/11/2008|00.32] C:\DOCUME~1\Savio\DATIAP~1\VSRevoGroup
[19/08/2008|17.42] C:\DOCUME~1\Savio\DATIAP~1\Windows Desktop Search
[19/08/2008|19.36] C:\DOCUME~1\Savio\DATIAP~1\Windows Search
[10/10/2008|09.15] C:\DOCUME~1\Savio\DATIAP~1\WinPatrol
[19/08/2008|10.22] C:\DOCUME~1\Savio\DATIAP~1\WinRAR
[0|File] C:\DOCUME~1\Savio\DATIAP~1\byte
[42|Directory] C:\DOCUME~1\Savio\DATIAP~1\byte disponibili

--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks

[27/01/2009 20.34][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[29/01/2009 12.45][--ah-----] C:\WINDOWS\tasks\SA.DAT
[31/08/2001 11.00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing Folders in C:\Programmi

[21/01/2009|18.52] C:\Programmi\ABBYY FineReader 6.0 Sprint
[15/12/2008|19.56] C:\Programmi\Adobe
[27/01/2009|20.34] C:\Programmi\Apple Software Update
[18/08/2008|19.24] C:\Programmi\ATI Technologies
[09/01/2009|01.33] C:\Programmi\Avanquest update
[28/01/2009|01.50] C:\Programmi\Bonjour
[13/11/2008|23.46] C:\Programmi\CamStudio
[18/08/2008|20.22] C:\Programmi\CCleaner
[18/08/2008|20.29] C:\Programmi\Common Files
[02/11/2008|10.16] C:\Programmi\COMODO
[18/08/2008|18.54] C:\Programmi\ComPlus Applications
[18/08/2008|19.18] C:\Programmi\DIFX
[29/01/2009|17.09] C:\Programmi\eMule
[18/08/2008|21.24] C:\Programmi\epson
[13/11/2008|21.23] C:\Programmi\Eset
[28/01/2009|01.49] C:\Programmi\File comuni
[31/12/2008|00.48] C:\Programmi\FreePOPs
[05/09/2008|09.43] C:\Programmi\Google
[18/08/2008|23.45] C:\Programmi\Hewlett-Packard
[18/08/2008|23.45] C:\Programmi\HP
[24/01/2009|13.43] C:\Programmi\IncrediMail
[24/10/2008|19.46] C:\Programmi\InstallShield Installation Information
[28/01/2009|01.47] C:\Programmi\Internet Explorer
[15/12/2008|14.31] C:\Programmi\Java
[13/11/2008|23.33] C:\Programmi\K-Lite Codec Pack
[04/10/2008|13.52] C:\Programmi\LG Electronics
[04/10/2008|13.54] C:\Programmi\LG PC Suite
[22/09/2008|21.06] C:\Programmi\LimeWire
[24/01/2009|15.49] C:\Programmi\Magentic
[05/01/2009|15.36] C:\Programmi\Malwarebytes' Anti-Malware
[17/09/2008|17.24] C:\Programmi\Messenger
[19/08/2008|17.20] C:\Programmi\Microsoft CAPICOM 2.1.0.2
[18/08/2008|18.57] C:\Programmi\microsoft frontpage
[18/08/2008|22.32] C:\Programmi\Microsoft LifeCam
[19/08/2008|16.01] C:\Programmi\Microsoft Office
[24/10/2008|19.46] C:\Programmi\Microsoft Reader
[22/10/2008|11.57] C:\Programmi\Microsoft Silverlight
[19/08/2008|16.01] C:\Programmi\Microsoft Visual Studio
[19/08/2008|16.06] C:\Programmi\Microsoft Visual Studio 8
[19/08/2008|16.01] C:\Programmi\Microsoft Works
[19/08/2008|16.00] C:\Programmi\Microsoft.NET
[08/01/2009|00.38] C:\Programmi\Motorola
[09/01/2009|01.40] C:\Programmi\Motorola Phone Tools
[17/09/2008|17.13] C:\Programmi\Movie Maker
[27/01/2009|19.41] C:\Programmi\Mozilla Firefox
[19/08/2008|17.18] C:\Programmi\MSBuild
[18/08/2008|18.54] C:\Programmi\MSN
[18/08/2008|18.54] C:\Programmi\MSN Gaming Zone
[18/08/2008|21.59] C:\Programmi\MSXML 4.0
[19/08/2008|17.20] C:\Programmi\MSXML 6.0
[18/08/2008|19.42] C:\Programmi\Multimedia Combo Set
[19/08/2008|19.02] C:\Programmi\Nero
[18/08/2008|20.09] C:\Programmi\Nero-NE7591 (D)
[17/09/2008|17.10] C:\Programmi\NetMeeting
[27/01/2009|22.33] C:\Programmi\Netscape
[22/01/2009|23.05] C:\Programmi\Oberon Media
[17/09/2008|17.27] C:\Programmi\Outlook Express
[28/08/2008|18.24] C:\Programmi\Paint.NET
[28/10/2008|10.49] C:\Programmi\PDFCreator
[26/08/2008|15.57] C:\Programmi\Real
[18/08/2008|19.32] C:\Programmi\Realtek
[19/08/2008|17.15] C:\Programmi\Reference Assemblies
[27/01/2009|20.34] C:\Programmi\Safari
[18/08/2008|18.54] C:\Programmi\Servizi in linea
[19/10/2008|18.36] C:\Programmi\SIW
[18/08/2008|20.53] C:\Programmi\Skype
[24/01/2009|00.53] C:\Programmi\Spyware Terminator
[19/08/2008|00.35] C:\Programmi\Telecom Italia
[21/08/2008|23.18] C:\Programmi\Trend Micro
[18/08/2008|19.00] C:\Programmi\Uninstall Information
[24/08/2008|17.51] C:\Programmi\VS Revo Group
[31/12/2008|00.47] C:\Programmi\vso
[05/09/2008|09.37] C:\Programmi\Western Digital
[24/01/2009|00.53] C:\Programmi\WinClamAVShield
[19/08/2008|17.42] C:\Programmi\Windows Desktop Search
[23/08/2008|11.59] C:\Programmi\Windows Live
[19/08/2008|17.28] C:\Programmi\Windows Media Connect 2
[17/09/2008|17.10] C:\Programmi\Windows Media Player
[17/09/2008|17.10] C:\Programmi\Windows NT
[18/08/2008|20.42] C:\Programmi\WindowsUpdate
[18/08/2008|20.12] C:\Programmi\WinRAR
[18/08/2008|18.57] C:\Programmi\xerox
[20/08/2008|23.19] C:\Programmi\YouTube Downloader
[19/12/2008|13.09] C:\Programmi\Zeallsoft
[0|File] C:\Programmi\byte
[86|Directory] C:\Programmi\byte disponibili

--------------------\\ Listing Folders in C:\Programmi\File comuni

[15/12/2008|19.56] C:\Programmi\File comuni\Adobe
[04/12/2008|18.42] C:\Programmi\File comuni\Adobe AIR
[19/08/2008|18.55] C:\Programmi\File comuni\Ahead
[28/01/2009|11.54] C:\Programmi\File comuni\Apple
[19/08/2008|16.01] C:\Programmi\File comuni\DESIGNER
[18/08/2008|23.48] C:\Programmi\File comuni\HP
[18/08/2008|21.26] C:\Programmi\File comuni\InstallShield
[23/09/2008|15.53] C:\Programmi\File comuni\Java
[24/10/2008|19.46] C:\Programmi\File comuni\Microsoft Shared
[19/08/2008|00.30] C:\Programmi\File comuni\Motive
[08/01/2009|00.38] C:\Programmi\File comuni\Motorola Shared
[18/08/2008|18.55] C:\Programmi\File comuni\MSSoap
[19/08/2008|19.03] C:\Programmi\File comuni\Nero
[22/01/2009|23.00] C:\Programmi\File comuni\Oberon Media
[18/08/2008|19.50] C:\Programmi\File comuni\ODBC
[06/10/2008|15.47] C:\Programmi\File comuni\Real
[18/08/2008|18.55] C:\Programmi\File comuni\Services
[18/08/2008|20.53] C:\Programmi\File comuni\Skype
[18/08/2008|23.49] C:\Programmi\File comuni\Sonic Shared
[18/08/2008|19.50] C:\Programmi\File comuni\SpeechEngines
[17/09/2008|17.27] C:\Programmi\File comuni\System
[18/08/2008|21.56] C:\Programmi\File comuni\WindowsLiveInstaller
[06/10/2008|15.47] C:\Programmi\File comuni\xing shared
[0|File] C:\Programmi\File comuni\byte
[25|Directory] C:\Programmi\File comuni\byte disponibili

--------------------\\ Process

( 46 Processes )

... OK !

--------------------\\ Searching with S_Lop

No Lop folder found !

--------------------\\ Searching for Lop Files - Folders

No Lop folder found !

--------------------\\ Searching within the Registry

..... OK !

--------------------\\ Checking the Hosts file

Hosts file CLEAN


--------------------\\ Searching for hidden files with Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-29 18:30:29
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Searching for other infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Savio\Desktop\MUSICA SAVIO\Abba\Disc 2\12-The Visitors (Crackin' Up)-ABBA.mp3
C:\DOCUME~1\Savio\Desktop\MUSICA SAVIO\Pino Daniele discografia 30 album by Lello\1987 - Bonne soirèe\- 9- Scrack.mp3
C:\DOCUME~1\Savio\Impostazioni locali\Temporary Internet Files\Content.IE5\DGHA06K8\mdcrackfast-300x219[1].gif


[F:996][D:76]-> C:\DOCUME~1\Savio\IMPOST~1\Temp
[F:980][D:0]-> C:\DOCUME~1\Savio\Cookies
[F:20437][D:114]-> C:\DOCUME~1\Savio\IMPOST~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 29/01/2009|17.54 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 29/01/2009|17.59 - Option : [2]
3 - "C:\Lop SD\LopR_3.txt" - 29/01/2009|18.25 - Option : [1]
4 - "C:\Lop SD\LopR_4.txt" - 29/01/2009|18.32 - Option : [2]

--------------------\\ Scan completed at 18.32.05

shapiro
Inviato: Thursday, January 29, 2009 6:44:11 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
manca la scansione completa di malwarebytes
fiart50
Inviato: Thursday, January 29, 2009 8:36:30 PM

Rank: AiutAmico

Iscritto dal : 8/17/2008
Posts: 387
alwarebytes' Anti-Malware 1.32
Versione del database: 1646
Windows 5.1.2600 Service Pack 3

29/01/2009 20.35.58
mbam-log-2009-01-29 (20-35-58).txt

Tipo di scansione: Scansione completa (C:\|)
Elementi scansionati: 157834
Tempo trascorso: 54 minute(s), 42 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 0

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
(Nessun elemento malevolo rilevato)

Valori di registro infetti:
(Nessun elemento malevolo rilevato)

Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
(Nessun elemento malevolo rilevato)
shapiro
Inviato: Thursday, January 29, 2009 8:59:12 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
ultimamente hai installato qualche programma?

fiart50
Inviato: Thursday, January 29, 2009 10:30:19 PM

Rank: AiutAmico

Iscritto dal : 8/17/2008
Posts: 387
beh.. ne installo e disinstallo diversi.. perche'???? incredimail ho installato,.. qualche browser nuovo tipo safari,.. perche'???.. problemi??. io vedo che la scansione e' priva di virus!!!.. che dici??

shapiro
Inviato: Friday, January 30, 2009 9:15:07 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
questa lentezza la noti sempre o solo quando usi emule?

prova la deframmentazione del disco, vediamo se recupera

fai pulizia con ► http://www.filehippo.com/download_ccleaner/

eseguilo 2 volte
Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.