Salve! Cosa ne pensate di questa immagine che ogni tanto spesssssso viene fuori? Sarà il motivo del mancato collegamento con msn?

Ciao.
Non mi piace per niente quell'immagine :
Scarica ed installa MalwareBytes:
clicca qui per il download : http://www.malwarebytes.org/
Prima di fare la scansione AGGIORNALO.
Esegui una scansione completa del sistema e, una volta terminata la scansione,assicurati che tutti i files evidenziati, siano selezionati, e clicca Rimuovi Selezionati
Posta il log.
Poi Posta anche un log di HJT

Formattare per cosa tutor .......
Per uno stupido Rugue ?

Ciao.
Fai queste scansioni specifiche per MSN.
NB: MSN deve restare chiuso.
Installa MSNfix : http://sosvirus.changelog.fr/msnfix.Zip
scompatta il file Zip che hai, precedentemente posizionato sul desktop (verrà creata una cartella)
lancia MSNfix file batch
digita I per impostare la lingua, e, premi invio
digita R per cercare il malware
digita N per eliminare ciò che trova
digita A per creare il log da pubblicare
digita R per ripulire il registro ed uscire
digita Q per terminare MSNfix
All'interno della cartella posizionata sul desktop, verranno creati un file Zip ed un log:
provvedi a cestinare, solo il file Zip e ripulisci il cestino.
salva il log che verrà rilasciato
*********************************************************************************************************
Scarica MSN Cleaner: http://www.mesea.com/descargar/utilseg/msncleaner%201.5.6%28www.portalmes.com%29.Zip

Installa MSN Cleaner
scompatta il file Zip che hai precedentemente posizionato sul desktop (verrà creata una icona)
chiudi tutte le pagine Internet eventualmente aperte
lancia MSN Cleaner
imposta la lingua in italiano
clicca sul tasto Analizza per lanciare la scansione
seleziona gli eventuali file infetti rilevati
clicca sul tasto Cancella per provvedere alla loro rimozione
clicca sul tasto Report per creare il log da pubblicare
clicca sul tasto Esci per chiudere il programma
Verrà rilasciato il log.

Perchè il Nod32 rileva come una minaccia MSNfix .
Disabilita temporaneamente Nod e fai la scansione. (sconnesso da internet)

Dopo aver fatto una scansione è venuto fuori quanto riportato sott. Come faccio a disabilitare NOD? non trovo l'applicazione "disabilita". Non vorrei sembrare pedante non prendertala più ditanto. Cmq grazie ancora. Ciao
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-17 14:51:00
Windows 5.1.2600 Service Pack 3 FAT NTAPI

scanning hidden processes ...

C:\documents and settings\user\impostazioni locali\dati applicazioni\wesgoyo.exe [228]

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

C:\WINDOWS\Prefetch\WESGOYO.EXE-29557411.pf 65536 bytes
C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\wesgoyo.exe 229376 bytes
C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\wesgoyo_nav.dat 294912 bytes
C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\wesgoyo.dat 32768 bytes
C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\wesgoyo_navps.dat 32768 bytes

scan completed successfully
hidden processes: 1
hidden services: 0
hidden files: 5

Spero di aver seguito bene le tue istruzioni. Di seguito il log. Mi spieghi perchè alcuni file del perfib_perfdata_ecc...non possono essere eliminati? Quli programmi sono aperti sotto tale icona (nero ShowTime). Grazie ed....paziente attendo. Pino

ComboFix 09-01-17.04 - User 2009-01-18 17.25.54.1 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.894.417 [GMT 1:00]
Eseguito da: c:\documents and settings\User\Desktop\ComboFix.exe
AV: Sistema Antivirus NOD32 2.70 *On-access scanning disabled* (Outdated)
* Creato nuovo punto di ripristino
* Resident AV is active


ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\User\Impostazioni locali\Dati applicazioni\wesgoyo.dat
c:\documents and settings\User\Impostazioni locali\Dati applicazioni\wesgoyo.exe
c:\documents and settings\User\Impostazioni locali\Dati applicazioni\wesgoyo_nav.dat
c:\documents and settings\User\Impostazioni locali\Dati applicazioni\wesgoyo_navps.dat

.
((((((((((((((((((((((((( Files Creati Da 2008-12-18 al 2009-01-18 )))))))))))))))))))))))))))))))))))
.

2009-01-17 16:16 . 2009-01-17 16:16 <DIR> d-------- c:\programmi\SweetIM
2009-01-17 16:16 . 2009-01-17 16:16 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\SweetIM
2009-01-17 12:34 . 2009-01-17 12:34 <DIR> d-------- C:\BackUpMSNCleaner
2009-01-16 19:41 . 2009-01-16 19:41 25,440 --a------ c:\documents and settings\User\jjfglqzv.exe
2009-01-16 19:18 . 2009-01-16 19:18 <DIR> d-------- c:\programmi\Malwarebytes' Anti-Malware
2009-01-16 19:18 . 2009-01-16 19:18 <DIR> d-------- c:\documents and settings\User\Dati applicazioni\Malwarebytes
2009-01-16 19:18 . 2009-01-16 19:18 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-01-16 19:18 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-16 19:18 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-16 19:13 . 2009-01-16 19:13 <DIR> d--hs---- C:\FOUND.000
2009-01-16 18:38 . 2009-01-16 18:38 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\TEMP
2009-01-16 17:04 . 2009-01-16 17:04 <DIR> d-------- c:\documents and settings\User\Tracing
2009-01-16 16:50 . 2009-01-16 16:50 <DIR> d-------- c:\programmi\Microsoft SQL Server Compact Edition
2009-01-16 16:50 . 2006-11-29 13:06 3,426,072 --a------ c:\windows\system32\d3dx9_32.dll
2009-01-16 16:49 . 2009-01-16 16:49 <DIR> d-------- c:\programmi\Microsoft
2009-01-16 16:48 . 2009-01-16 16:48 <DIR> d-------- c:\programmi\Windows Live SkyDrive
2009-01-16 16:37 . 2009-01-16 16:37 <DIR> d-------- c:\programmi\File comuni\Windows Live
2009-01-16 16:35 . 2009-01-16 16:35 25,440 --a------ c:\documents and settings\User\zgeznaeu.exe
2009-01-16 16:10 . 2009-01-16 16:10 <DIR> d-------- c:\programmi\Lavasoft
2009-01-16 14:47 . 2009-01-16 14:47 25,440 --a------ c:\documents and settings\User\rlgflvvl.exe
2009-01-16 14:47 . 2009-01-16 14:47 25,440 --a------ c:\documents and settings\User\hvspzqik.exe
2009-01-16 14:46 . 2009-01-16 14:46 25,440 --a------ c:\documents and settings\User\bhlowhbf.exe
2008-12-26 22:24 . 2008-12-26 22:25 <DIR> d-------- c:\programmi\MSXML 4.0
2008-12-26 18:11 . 2008-12-26 18:11 <DIR> d-------- c:\programmi\SIW
2008-12-26 17:13 . 2008-12-26 17:13 <DIR> d-------- c:\documents and settings\User\Dati applicazioni\Ahead
2008-12-26 17:12 . 2008-12-26 17:13 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Ahead
2008-12-26 17:10 . 2008-12-26 17:10 <DIR> d-------- c:\programmi\Nero
2008-12-26 17:10 . 2008-12-26 17:10 <DIR> d-------- c:\programmi\File comuni\Ahead
2008-12-26 17:10 . 2008-12-26 17:10 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Nero
2008-12-26 16:41 . 2008-12-26 16:41 <DIR> d-------- c:\documents and settings\User\Dati applicazioni\CyberLink
2008-12-26 16:40 . 2008-12-26 16:40 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\CyberLink
2008-12-26 16:36 . 2008-12-26 16:36 <DIR> d-------- c:\documents and settings\User\Dati applicazioni\SoundSpectrum
2008-12-26 16:35 . 2008-12-26 16:35 <DIR> d-------- c:\programmi\SoundSpectrum
2008-12-25 10:02 . 2006-10-26 19:56 32,592 --a------ c:\windows\system32\msonpmon.dll
2008-12-25 10:00 . 2008-12-25 10:00 <DIR> d-------- c:\programmi\Microsoft Works
2008-12-25 09:59 . 2008-12-25 09:59 <DIR> d-------- c:\programmi\MSBuild
2008-12-25 09:58 . 2008-12-25 09:58 <DIR> d-------- c:\programmi\Microsoft.NET
2008-12-25 09:54 . 2008-12-25 09:54 <DIR> d-------- c:\programmi\Microsoft Visual Studio 8
2008-12-25 09:53 . 2008-12-25 09:53 <DIR> d-------- c:\windows\SHELLNEW
2008-12-25 09:53 . 2008-12-25 09:53 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2008-12-25 09:52 . 2008-12-25 09:52 <DIR> dr-h----- C:\MSOCache
2008-12-25 00:18 . 2008-12-25 00:18 8,840 --a------ c:\windows\SEC1396.PNF
2008-12-25 00:14 . 2008-12-25 00:14 <DIR> d-------- c:\windows\system32\it
2008-12-25 00:14 . 2008-12-25 00:14 <DIR> d-------- c:\windows\system32\bits
2008-12-25 00:14 . 2008-12-25 00:14 <DIR> d-------- c:\windows\l2schemas
2008-12-25 00:11 . 2008-12-25 00:11 <DIR> d-------- c:\windows\ServicePackFiles
2008-12-25 00:05 . 2008-12-25 00:05 2,948 --a------ c:\windows\SEC9C.PNF
2008-12-24 16:26 . 2004-08-03 22:29 1,897,408 --------- c:\windows\system32\drivers\nv4_mini.sys
2008-12-24 16:25 . 2004-08-03 22:41 1,041,536 --------- c:\windows\system32\drivers\hsfdpsp2.sys
2008-12-24 15:54 . 2008-06-14 18:32 272,768 --------- c:\windows\system32\drivers\bthport.sys
2008-12-24 15:54 . 2008-06-14 18:32 272,768 --------- c:\windows\system32\dllcache\bthport.sys
2008-12-24 15:54 . 2008-08-14 11:04 138,496 --------- c:\windows\system32\dllcache\afd.sys
2008-12-24 15:53 . 2008-12-11 11:57 333,952 --------- c:\windows\system32\dllcache\srv.sys
2008-12-24 15:52 . 2008-09-15 16:24 1,846,400 --------- c:\windows\system32\dllcache\win32k.sys
2008-12-24 15:51 . 2008-08-14 14:22 2,192,896 --------- c:\windows\system32\dllcache\ntoskrnl.exe
2008-12-24 15:51 . 2008-08-14 14:22 2,148,864 --------- c:\windows\system32\dllcache\ntkrnlmp.exe
2008-12-24 15:51 . 2008-08-14 14:22 2,069,760 --------- c:\windows\system32\dllcache\ntkrnlpa.exe
2008-12-24 15:51 . 2008-08-14 14:22 2,027,520 --------- c:\windows\system32\dllcache\ntkrpamp.exe
2008-12-24 15:51 . 2008-10-24 12:21 455,296 --------- c:\windows\system32\dllcache\mrxsmb.sys
2008-12-24 15:51 . 2008-05-08 15:02 203,136 --------- c:\windows\system32\dllcache\rmcast.sys
2008-12-24 15:50 . 2008-04-11 20:04 691,712 --------- c:\windows\system32\dllcache\inetcomm.dll
2008-12-24 15:50 . 2008-10-15 17:36 337,408 --------- c:\windows\system32\dllcache\netapi32.dll
2008-12-24 14:32 . 2008-12-24 14:32 <DIR> d-------- c:\programmi\Windows Defender
2008-12-24 14:17 . 2008-12-24 14:17 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Office Genuine Advantage

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-13 06:36 3,593,216 ----a-w c:\windows\system32\dllcache\mshtml.dll
2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-04 23:38 308,072 ----a-w c:\windows\WLXPGSS.SCR
2008-12-02 21:37 49,480 ----a-w c:\windows\system32\sirenacm.dll
2008-10-23 12:36 286,720 ----a-w c:\windows\system32\gdi32.dll
2008-10-23 12:36 286,720 ------w c:\windows\system32\dllcache\gdi32.dll
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\programmi\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2008-10-08 173368]

[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2008-10-08 12:22 1172792 --a------ c:\programmi\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\programmi\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\programmi\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-16 68856]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-17 64512]
"AzMixerSel"="c:\programmi\Realtek\InstallShield\AzMixerSel.exe" [2006-04-14 53248]
"ntiMUI"="c:\programmi\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 45056]
"Acer ePresentation HPD"="c:\acer\Empowering Technology\ePresentation\ePresentation.exe" [2006-03-31 204800]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-09-07 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-09-07 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-09-07 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-09-07 455168]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-05-30 421888]
"Boot"="c:\acer\Empowering Technology\ePower\Boot.exe" [2006-03-15 579584]
"SynTPEnh"="c:\programmi\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 761946]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-06-23 602112]
"ATICCC"="c:\programmi\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 90112]
"BisonBar"="c:\windows\BUtilityBar\BisonBar.exe" [2006-09-08 245760]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\eRAgent.exe" [2006-06-01 413696]
"snpstd"="c:\windows\vsnpstd.exe" [2004-06-10 286720]
"TomTomHOME.exe"="c:\programmi\TomTom HOME\TomTomHOME.exe" [2006-12-12 3577512]
"Motive SmartBridge"="c:\progra~1\ALICET~1\SMARTB~1\MotiveSB.exe" [2006-04-21 438359]
"nod32kui"="c:\programmi\Eset\nod32kui.exe" [2007-08-10 949376]
"Adobe Photo Downloader"="c:\programmi\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 63712]
"SunJavaUpdateSched"="c:\programmi\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"GrooveMonitor"="c:\programmi\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
"NeroFilterCheck"="c:\programmi\File comuni\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SweetIM"="c:\programmi\SweetIM\Messenger\SweetIM.exe" [2009-01-01 111928]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-27 c:\windows\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 c:\windows\SkyTel.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=tnljin.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Messenger\\MSMSGS.EXE"=
"c:\\Programmi\\LimeWire\\LimeWire.exe"=
"c:\\Programmi\\eMule\\eMule.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\groove.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programmi\\Windows Media Player\\wmplayer.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Sync\\WindowsLiveSync.exe"=

R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2007-08-10 15424]
R4 WinDefend;Windows Defender;c:\programmi\Windows Defender\MsMpEng.exe [2006-11-03 13592]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{729c2f9a-3398-11dc-bbd2-0016d466302d}]
\Shell\AutoRun\command - F:\InstallTomTomHOME.exe
.
Contenuto della cartella 'Scheduled Tasks'

2009-01-18 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-04-23 17:17]

2008-12-26 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-04-23 17:17]

2009-01-18 c:\windows\Tasks\MP Scheduled Scan.job
- c:\programmi\Windows Defender\MpCmdRun.exe [2006-11-03 19:20]
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

HKCU-Run-wesgoyo - c:\documents and settings\user\impostazioni locali\dati applicazioni\wesgoyo.exe
HKLM-Run-LaunchApp - (no file)


.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://it.intl.acer.yahoo.com
uSearchURL,(Default) = hxxp://it.rd.yahoo.com/customize/ycomp/defaults/su/*http://it.yahoo.com
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\windows\system32\imon.dll

O16 -: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd

O16 -: {CEDDF50D-9FA7-41A8-BCD0-6350D1ED2306} - hxxp://aiuto.alice.it/ata/static/installers/WebflowActiveXInstaller_4-1-5.cab
c:\windows\Downloaded Program Files\WebflowActiveXInstaller.inf
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-18 17:27:30
Windows 5.1.2600 Service Pack 3 FAT NTAPI

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\S-1-5-21-2676623971-4244041325-2221878006-1005\Software\Local AppWizard-Generated Applications\Launch Tool]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\ATI Technologies Inc.\Driver ATI]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{2A9FC36D-364D-4234-8C61-89B815492E9C}\TypeLib]
@DACL=(02 0000)
@SACL=
@="{ABF53D68-3112-41D1-B382-402BEDF2C9E5}"
"Version"="7.0.0"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6EE4DCBB-CE99-4994-A12A-242CEBDD691C}\TypeLib]
@DACL=(02 0000)
@SACL=
@="{CCA2F244-F479-42FD-A561-8551046AEA64}"
"Version"="3.0.1"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{877883EB-56B2-4736-815E-1BA97B44D3E5}\TypeLib]
@DACL=(02 0000)
@SACL=
@="{497980CE-36F0-4A2A-9C58-4FD4CEE5994E}"
"Version"="4.0.0"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{8C822816-06E7-4b2d-967B-7611B2AC9CC7}\TypeLib]
@DACL=(02 0000)
@SACL=
@="{637C67E8-CD4E-46A3-B6E9-A800DA907148}"
"Version"="1.0.0"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{A698C8BC-E677-4030-8676-18FF0095C239}\TypeLib]
@DACL=(02 0000)
@SACL=
@="{B92FDB59-104B-4899-89F3-6BFF68729012}"
"Version"="3.0.8"

[HKEY_LOCAL_MACHINE\software\CyberLink\PowerDVD\6.0]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\CyberLink\PowerDVD\BuildInfo]
@DACL=(02 0000)
@SACL=
"SR_No"="DVD060322-04"
"Setup"="051215"
"RC"="050527_Acer"
"Help"="050527_Acer"
"Readme"="050304"
"Skin"="ACER_050518"
"OlReg"="051122v2"
"RegRC"="050810v2"
"TrialDialog RC"="-"
"Ver"="6.00.1530"
"Utility"="1102"
"UI"="1530g_Acer(a)"
"UI98"="1530g_Acer(a)"
"DShow"="2129_Acer"
"AVSetting"="3428"
"CPXM"="2207"
"Other"="1215"
"CL264"="-"
"Pou"="1423"
"TrialDialog"="-"

[HKEY_LOCAL_MACHINE\software\CyberLink\PowerDVD\UserReg]
@DACL=(02 0000)
@SACL=
"SR_No"="DVD060322-04"
"Prod_Name"="PowerDVD"
"Prod_Ver"="6.0"
"CustomerNO"="3612"
"Hardware"="Desktop PC"
"Channel"="OEM"
"RegVType"="OEM 2CH"

[HKEY_LOCAL_MACHINE\software\Microsoft\Advanced INF Setup\IEHomePageInfo\RegBackup]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\services]
@DACL=(02 0000)
@SACL=
"NoServices"=dword:00000000

[HKEY_LOCAL_MACHINE\software\muvee Technologies\030625]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\muvee Technologies\muvee SDK - NTI_5]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\NewTech Infosystems\NTI CD-MakerV7\OEMUrl]
@DACL=(02 0000)
@SACL=
"Home"="http://global.acer.com"

[HKEY_LOCAL_MACHINE\software\Realtek Semiconductor Corp.\Realtek High Definition Audio Driver]
@DACL=(02 0000)
@SACL=
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(728)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(784)
c:\windows\system32\imon.dll
c:\programmi\Eset\pr_imon.dll
.
Ora fine scansione: 2009-01-18 17.28.43
ComboFix-quarantined-files.txt 2009-01-18 16:28:42

Pre-Run: 38.355.468.288 byte disponibili
Post-Run: 38,568,329,216 byte disponibili

308 --- E O F --- 2009-01-16 13:24:47

Si funziona abbastanza bene, non è velocissimo ma tutto considerato va benino. Frse dovrei aumentare le ram (c'è una da 1 GB). Cosa pensi debba farne di questi eseguibili? Sono programmi che secondo te sarebbe bene eliminare o? Cmq per ora grazie. Qualcosa ho già fatto grazie ai tuoi imputs. Ci sai fare!!!Vorrei chiederti qualcos'altro ma non credo sia il caso d postarlo su aiutamici, quanto meno non è corretto. A bientot Ciao tutor P.S. Normalmente mi rivolto al "nostro" forum il più delle volte per aiutare delle persone che si rivolgono a me (faccio il tutor ad un "nonno ppint"), ma questa volta ne ho avuto bisogno per il mio notebook.