Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » PC SEMPRE PIU' LENTO

2 pages: 1 [2]
PC SEMPRE PIU' LENTO Opzioni
Topic Precedente · Topic Sucessivo
and1cianci
Inviato: Saturday, October 24, 2009 6:23:03 PM
Rank: AiutAmico

Iscritto dal : 9/4/2006
Posts: 123
Per r16,
ti posto il log di combo fix. era il blocco degli script non disattuvato.Involontariamente ho toccato il mause, dimmi se debbo rifarlo. Grazie e spetto la tua risposta.

ComboFix 09-10-23.01 - carrefour 24/10/2009 18.10.41.1.2 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.511.139 [GMT 2:00]
Eseguito da: c:\documents and settings\carrefour\Desktop\ComboFix.exe
AV: Norton AntiVirus *On-access scanning disabled* (Updated) {B5510F6F-87E1-47F7-A411-360BC453007C}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\carrefour\Impostazioni locali\Dati applicazioni\feogg.dat
c:\documents and settings\carrefour\Impostazioni locali\Dati applicazioni\feogg_nav.dat
c:\documents and settings\carrefour\Impostazioni locali\Dati applicazioni\feogg_navps.dat
c:\documents and settings\carrefour\Impostazioni locali\Dati applicazioni\hbcdp.dat
c:\documents and settings\carrefour\Impostazioni locali\Dati applicazioni\hbcdp.exe
c:\documents and settings\carrefour\Impostazioni locali\Dati applicazioni\hbcdp_nav.dat
c:\documents and settings\carrefour\Impostazioni locali\Dati applicazioni\hbcdp_navps.dat
c:\programmi\QUAD Utilities
C:\test.txt
c:\windows\system\msvbvm60.dll
c:\windows\system32\E95THK16.EXE
c:\windows\system32\encapi32.dll
c:\windows\system32\select.dll
c:\windows\system32\SySInfo.ocx
c:\windows\system32\zip32.dll
c:\windows\winhelp.ini

.
((((((((((((((((((((((((( Files Creati Da 2009-09-24 al 2009-10-24 )))))))))))))))))))))))))))))))))))
.

2009-10-23 16:51 . 2009-10-23 16:51 -------- d-----w- c:\documents and settings\carrefour\Dati applicazioni\Windows Search
2009-10-21 15:38 . 2009-10-21 15:38 -------- d-----w- c:\programmi\File comuni\Windows Live
2009-10-21 15:37 . 2009-10-21 15:37 -------- d-----w- c:\programmi\Microsoft
2009-10-21 15:35 . 2008-03-07 17:02 98304 ------w- c:\windows\system32\dllcache\nlhtml.dll
2009-10-21 15:35 . 2008-03-07 17:02 29696 ------w- c:\windows\system32\dllcache\mimefilt.dll
2009-10-21 15:35 . 2008-03-07 17:02 192000 ------w- c:\windows\system32\dllcache\offfilt.dll
2009-10-20 10:21 . 2009-10-20 10:21 -------- d-----w- c:\windows\SQLTools9_KB970892_ENU
2009-10-20 10:17 . 2009-10-20 10:17 -------- d-----w- c:\windows\SQL9_KB970892_ENU
2009-10-16 18:32 . 2009-10-16 18:32 -------- d-----w- c:\documents and settings\Default User\Impostazioni locali
2009-10-11 17:21 . 2009-10-11 17:21 -------- d-----w- c:\windows\SQLTools9_KB960089_ENU
2009-10-11 17:17 . 2009-10-11 17:17 -------- d-----w- c:\windows\SQL9_KB960089_ENU
2009-10-11 09:55 . 2009-10-11 09:55 -------- d-----w- c:\documents and settings\NetworkService\Impostazioni locali\Dati applicazioni\PCHealth
2009-10-10 14:57 . 2009-10-10 14:57 -------- d-----w- c:\documents and settings\carrefour\Impostazioni locali\Dati applicazioni\PCHealth
2009-10-10 14:53 . 2009-10-10 14:53 -------- d-----w- c:\programmi\Microsoft CAPICOM 2.1.0.2
2009-10-10 13:27 . 2009-08-06 17:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-10-10 13:27 . 2009-08-06 17:23 215920 ----a-w- c:\windows\system32\muweb.dll
2009-10-08 16:41 . 2009-10-08 16:41 -------- d-----w- c:\programmi\Microsoft Silverlight
2009-10-03 13:24 . 2009-10-03 13:24 48640 ----a-w- c:\windows\grwprocs.dll
2009-10-03 13:24 . 2009-10-03 13:24 481614 ----a-w- c:\windows\alice.dat
2009-10-03 13:24 . 2009-10-03 13:24 405504 ----a-w- c:\windows\alice.scr
2009-10-02 15:48 . 2009-10-01 08:29 195440 ------w- c:\windows\system32\MpSigStub.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-11 16:10 . 2006-01-24 16:11 14 ----a-w- c:\windows\popcinfo.dat
2009-10-11 14:09 . 2003-10-18 12:18 105512 ----a-w- c:\documents and settings\carrefour\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-09-11 14:17 . 2002-09-10 10:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-10 12:54 . 2009-09-05 16:45 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 12:53 . 2009-09-05 16:45 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-06 16:15 . 2009-09-06 16:15 -------- d-----w- c:\programmi\Trend Micro
2009-09-05 16:45 . 2009-09-05 16:45 -------- d-----w- c:\documents and settings\carrefour\Dati applicazioni\Malwarebytes
2009-09-05 16:45 . 2009-09-05 16:45 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2009-09-05 16:45 . 2009-09-05 16:45 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-09-04 21:03 . 2002-09-10 10:00 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 07:56 . 2004-08-23 18:35 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-26 08:00 . 2002-09-10 10:00 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-20 13:09 . 2009-08-20 13:09 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-08-06 17:24 . 2004-08-03 11:59 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-06 17:24 . 2004-08-03 11:58 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-06 17:24 . 2005-05-26 02:16 44768 ----a-w- c:\windows\system32\wups2.dll
2009-08-06 17:24 . 2004-08-03 11:59 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-06 17:24 . 2003-09-04 12:21 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-08-06 17:24 . 2002-09-10 10:00 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-06 17:23 . 2004-08-03 12:00 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-06 17:23 . 2003-09-04 12:21 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-05 08:59 . 2004-02-28 16:34 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 17:26 . 2002-09-10 10:00 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-08-04 17:26 . 2002-09-09 11:34 2027520 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-08-04 10:04 . 2009-08-04 10:04 3942048 ----a-w- c:\programmi\malwarebytesAnti_malwar_-setup.exe
2009-03-25 08:27 . 2009-03-25 08:27 5649472 ----a-w- c:\programmi\gusetup.exe
2008-07-18 16:16 . 2008-07-18 16:16 5244440 ----a-w- c:\programmi\TVUPlayer2.3.7.1.exe
2008-03-28 13:51 . 2008-03-28 13:51 3199108 ----a-w- c:\programmi\Setup-SopCast-3.0.1-2008-3-28.exe
2008-01-21 20:22 . 2008-01-21 20:22 9739116 ----a-w- c:\programmi\InstSocr.exe
2008-01-15 18:57 . 2008-01-15 18:57 20907376 ----a-w- c:\programmi\aaw2007.exe
2007-08-09 06:17 . 2007-08-09 06:17 1563724 ----a-w- c:\programmi\icarbonsetup.exe
2007-03-11 10:14 . 2007-03-11 10:14 112 ----a-w- c:\programmi\Config.ini
2007-02-14 14:02 . 2007-02-14 14:02 4732416 ----a-w- c:\programmi\OnLineLiveSetup.msi
2006-10-31 15:48 . 2006-10-31 15:48 34698 ----a-w- c:\programmi\rojadirecta
2006-09-21 15:46 . 2006-09-21 15:46 1156042 ----a-w- c:\programmi\IEPrivacyKeeperSetup.exe
2006-08-04 16:19 . 2006-08-04 16:19 6227687 ----a-w- c:\programmi\Setup TvuPlayer.exe
2006-04-09 16:43 . 2006-04-09 16:43 516608 ----a-w- c:\programmi\Starter.exe
2006-01-30 16:11 . 2006-01-30 16:11 1082742 ----a-w- c:\programmi\WRar351it.exe
2005-04-28 15:21 . 2005-04-28 15:44 606666 ----a-w- c:\programmi\WinPlayer.exe
2005-04-13 15:27 . 2005-04-13 15:27 11760072 ----a-w- c:\programmi\Alice_ti_aiuta.exe
2003-04-27 13:24 . 2003-04-27 13:24 383254 ----a-w- c:\programmi\CDEX.HLP
2003-04-27 13:24 . 2003-04-27 13:24 96768 ----a-w- c:\programmi\libsndfile.dll
2003-04-27 13:23 . 2003-04-27 13:23 83456 ----a-w- c:\programmi\CDRip.dll
2003-04-27 13:23 . 2003-04-27 13:23 7051 ----a-w- c:\programmi\CDex.cnt
2003-03-24 19:25 . 2003-03-24 19:25 21652 ----a-w- c:\programmi\Changes.txt
2003-02-04 19:35 . 2003-02-04 19:35 4320 ----a-w- c:\programmi\ReadMe.txt
2002-08-07 20:07 . 2002-08-07 20:07 71680 ----a-w- c:\programmi\MACDll.dll
2002-07-06 11:25 . 2002-07-06 11:25 1007 ----a-w- c:\programmi\CDex.ini
2002-05-09 14:22 . 2002-05-09 14:22 537 ----a-w- c:\programmi\CDex.exe.manifest
2002-04-20 11:07 . 2002-04-20 11:07 69632 ----a-w- c:\programmi\WMA8Connect.dll
2001-03-10 11:18 . 2001-03-10 11:18 1044168 ----a-w- c:\programmi\vbrun60sp5.exe
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\programmi\Messenger\msmsgs.exe" [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2004-12-29 155648]
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"ccApp"="c:\programmi\File comuni\Symantec Shared\ccApp.exe" [2006-04-04 71304]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"Malwarebytes Anti-Malware (reboot)"="c:\programmi\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" [2007-02-15 77824]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\FILECO~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Messenger\\MSMSGS.EXE"=
"c:\\Programmi\\SopCast\\SopCast.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\carrefour\\Dati applicazioni\\SopCast\\adv\\SopAdver.exe"=
"c:\\Programmi\\TVAnts\\Tvants.exe"=
"c:\\Programmi\\SopCast\\adv\\SopAdver.exe"=
"c:\\Programmi\\SopCast\\sopvod.exe"=
"c:\\Programmi\\TVUPlayer\\TVUPlayer.exe"=

R2 MSSQL$VLSOLE24EXPRESS;SQL Server (VLSOLE24EXPRESS);c:\programmi\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [27/05/2009 3.27.04 29262680]
R2 Utilità di pianificazione di LiveUpdate automatico;Utilità di pianificazione di LiveUpdate automatico;c:\programmi\Symantec\LiveUpdate\AluSchedulerSvc.exe [24/10/2008 19.04.00 100032]
R2 WinDefend;Windows Defender;c:\programmi\Windows Defender\MsMpEng.exe [03/11/2006 18.19.58 13592]
S2 Network WanMiniport First Position;Network WanMiniport First Position;c:\programmi\Telecom Italia\WanMiniport1st\srvany.exe [17/04/2008 16.56.10 8192]
S2 wlidsvc;Windows Live ID Sign-in Assistant;c:\programmi\File comuni\Microsoft Shared\Windows Live\WLIDSVC.EXE [30/03/2009 16.28.36 1533808]
.
Contenuto della cartella 'Scheduled Tasks'

2009-10-24 c:\windows\Tasks\MP Scheduled Scan.job
- c:\programmi\Windows Defender\MpCmdRun.exe [2006-11-03 16:20]

2009-10-16 c:\windows\Tasks\Norton AntiVirus - Scansione del computer.job
- c:\progra~1\NORTON~1\Navw32.exe [2003-08-22 19:14]

2009-10-24 c:\windows\Tasks\GlaryInitialize.job
- c:\programmi\Glary Utilities\initialize.exe [2009-02-17 17:27]

2009-10-24 c:\windows\Tasks\User_Feed_Synchronization-{EB99D812-E6C0-40EE-9A81-3FF831D3F6A9}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.ansa.it/index.shtml
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Settings,ProxyOverride = 127.0.0.1
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Ricerca AltaVista - file://c:\documents and settings\carrefour\Dati applicazioni\ALTAVISTA\SelectedContextSearch_Ricerca AltaVista.htm
IE: Traduci - file://c:\documents and settings\carrefour\Dati applicazioni\ALTAVISTA\SelectedContextTranslation.htm
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-24 18:16
Windows 5.1.2600 Service Pack 3 FAT NTAPI

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\software\Realtek\AC97 Audio]
@DACL=(02 0000)
@SACL=
"SpoutPage"=hex:01

[HKEY_LOCAL_MACHINE\software\Sensaura\Environment]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Sensaura\Speaker]
@DACL=(02 0000)
@SACL=
"ChannelConfig"=dword:00000003
"SpeakerGeometry"=dword:0000000a
.
Ora fine scansione: 2009-10-24 18.18.12
ComboFix-quarantined-files.txt 2009-10-24 16:18

Pre-Run: 67.292.626.944 byte disponibili
Post-Run: 67.297.181.696 byte disponibili

- - End Of File - - 58D94806251CF941C9D398B81DE9E2B1
Torna in alto
 
r16
Inviato: Saturday, October 24, 2009 9:27:17 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Torna in alto
 
r16
Inviato: Saturday, October 24, 2009 9:31:45 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Riavvia il pc, e dimmi che problemi riscontri.
Le cose dovrebbero essere migliorate.
Torna in alto
 
and1cianci
Inviato: Sunday, October 25, 2009 11:58:01 AM
Rank: AiutAmico

Iscritto dal : 9/4/2006
Posts: 123
Ciao r16,
sembrerebbe che le cose effettivamente sono migliorate.La tua risposta delle ore 21,27 è vuota, mica volevi dirmi qualcosa? Otra aspetto il tuo OK per eliminare comboFix che mi disattiva l'antivirus. Ciao
Torna in alto
 
r16
Inviato: Sunday, October 25, 2009 1:22:52 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Commenta:
La tua risposta delle ore 21,27 è vuota, mica volevi dirmi qualcosa?

Niente di importante....Drool
Elimina Combofix.
Posta un log di HJT per una verifica.
Torna in alto
 
and1cianci
Inviato: Sunday, October 25, 2009 3:08:53 PM
Rank: AiutAmico

Iscritto dal : 9/4/2006
Posts: 123
Grazie.
Ti posto il log. di HJT.Fammi sapere.
Torna in alto
 
and1cianci
Inviato: Sunday, October 25, 2009 3:10:21 PM
Rank: AiutAmico

Iscritto dal : 9/4/2006
Posts: 123
Grazie.
Ti posto il log. di HJT.Fammi sapere.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15.09.44, on 25/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
C:\Programmi\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Programmi\File comuni\EPSON\eEBAPI\SAgent2.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
C:\Programmi\Telecom Italia\WanMiniport1st\WanMiniport1st_srv.exe
C:\Programmi\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Programmi\File comuni\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Programmi\File comuni\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\File comuni\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\PROGRA~1\ALICET~1\vendors\AliceRE\content\template\driven~1\syncer\MCCITR~1.EXE
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Norton AntiVirus\navapsvc.exe
C:\Programmi\Norton AntiVirus\SAVScan.exe
C:\Programmi\internet explorer\iexplore.exe
C:\Programmi\internet explorer\iexplore.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ansa.it/index.shtml
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497}_ - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn4\yt.dll (file missing)
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Guida per l'accesso a Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmi\Norton AntiVirus\NavShExt.dll
O2 - BHO: PDF-XChange Viewer IE-Plugin - {C5D07EB6-BBCE-4DAE-ACBB-D13A8D28CB1F} - C:\Programmi\Tracker Software\PDF-XChange Viewer\pdf-viewer\PDFXCviewIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AliceRE_McciTrayApp] C:\PROGRA~1\ALICET~1\vendors\AliceRE\content\template\driven~1\syncer\MCCITR~1.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Programmi\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\FILECO~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Ricerca AltaVista - file://C:\Documents and Settings\carrefour\Dati applicazioni\ALTAVISTA\SelectedContextSearch_Ricerca AltaVista.htm
O8 - Extra context menu item: Traduci - file://C:\Documents and Settings\carrefour\Dati applicazioni\ALTAVISTA\SelectedContextTranslation.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.tiscali.it
O17 - HKLM\System\CCS\Services\Tcpip\..\{E2B2580D-1293-415D-B80E-F572FCACBB77}: NameServer = 85.37.17.8 85.38.28.73
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Programmi\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Programmi\File comuni\EPSON\eEBAPI\SAgent2.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Servizio Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Programmi\Norton AntiVirus\navapsvc.exe
O23 - Service: Network WanMiniport First Position - Unknown owner - C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Programmi\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FILECO~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe

--
End of file - 8079 bytes
Torna in alto
 
r16
Inviato: Sunday, October 25, 2009 3:23:53 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Disattiva il ripristino configurazione di sistema, e tienilo disattivato, fino alla soluzione del problema http://guide.aiutamici.com/guide?C1=7&C2=68&ID=80121

Avvia hijackthis, metti la spunta alle voci che andrò ad elencarti e con tutte le applicazioni chiuse e disconnesso da Internet,premi su fix checked
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497}_ - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn4\yt.dll (file missing)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AliceRE_McciTrayApp] C:\PROGRA~1\ALICET~1\vendors\AliceRE\content\template\driven~1\syncer\MCCITR~1.E XE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Programmi\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background

Fai una pulizia registro compreso con CCleaner.

Riavvia il pc.

Poi:
Start\Esegui\copia e incolla la stringa %temp% clicca su Ok, svuota la cartella temp. (non eliminare la cartella)
Poi:
Provvedi a svuotare del suo contenuto la cartella Prefetch :
clicca su Risorse del Computer
clicca su Disco locale C:
cerca, all’interno delle cartelle che saranno visualizzate la cartella Windows, aprila ed, al suo interno, cerca la cartella Prefetch, la apri ed elimina tutte le voci conservate al suo interno ( non eliminare la cartella)
SVUOTA IL CESTINO

Fai uno ScanDisk approfondito, e una deframmentazione del HD.

Riattiva il ripristino configurazione di sistema.
Se il pc funziona bene, abbiamo finito.
Torna in alto
 
and1cianci
Inviato: Sunday, October 25, 2009 7:26:06 PM
Rank: AiutAmico

Iscritto dal : 9/4/2006
Posts: 123
FATTO.
Grazie di tutto. Sembrerebbe tutto ok.Ciao
Torna in alto
 
Utenti presenti in questo topic
Guest

2 pages: 1 [2]

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » PC SEMPRE PIU' LENTO


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.