Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Pc si riavvia da solo Opzioni
lauraz
Inviato: Saturday, August 31, 2013 11:11:36 AM

Rank: AiutAmico

Iscritto dal : 1/5/2005
Posts: 195
Ciao a tutti,è da un paio di giorni che il pc si riavvia da solo,adesso per poter scrivervi ho disattivato il riavvio automatico,le ventole girano bene e la temperatura mi sembra normale,ho letto che potrebbe essere un virus,come si fa a capirlo ???? Intanto vi allego il log :

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11.08.22, on 31/08/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Programmi\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\HomeTab\ProtectedSearch.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\Vtune\TBPanel.exe
C:\Programmi\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\vVX1000.exe
C:\Programmi\Microsoft Security Client\msseces.exe
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\Programmi\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Programmi\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE
C:\Programmi\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\WINDOWS\system32\ChgService.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Programmi\Java\jre7\bin\jqs.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\Programmi\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Programmi\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Programmi\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Max Kia Lalla\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Max Kia Lalla\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Max Kia Lalla\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - Default URLSearchHook is missing
O1 - Hosts: ÿþ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre7\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre7\bin\jp2ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programmi\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [Gainward] C:\Programmi\Vtune\TBPanel.exe /A
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [IAAnotif] C:\Programmi\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [MSC] "c:\Programmi\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Programmi\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [LifeCam] "C:\Programmi\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Programmi\File comuni\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Max Kia Lalla\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Programmi\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Programmi\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_S20F.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [uTorrent] "C:\Programmi\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Utilità controllo supporti di Picture Motion Browser.lnk = C:\Programmi\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Programmi\File comuni\DVDVideoSoft\plugins\freeytmp3downloader.htm
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{063AA456-F2A7-4352-8F9C-A39D022E6D1A}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{B38CC042-9883-4887-9260-8945F722EB2E}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{D202FF90-361B-4704-8672-BFE5CA874743}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{F9FAE593-1A0A-42BD-8203-62785BABC5A8}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{063AA456-F2A7-4352-8F9C-A39D022E6D1A}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{3CD2965A-1789-4F0A-B5E7-A97D9B7D1FD7}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS3\Services\Tcpip\..\{063AA456-F2A7-4352-8F9C-A39D022E6D1A}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\Skype4COM.dll
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Change Modem Device Service - Unknown owner - C:\WINDOWS\system32\ChgService.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Programmi\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Programmi\Java\jre7\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Programmi\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Programmi\Skype\Updater\Updater.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 10373 bytes
Sponsor
Inviato: Saturday, August 31, 2013 11:11:36 AM

 
r16
Inviato: Saturday, August 31, 2013 9:14:55 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Ciao.
Avvia hijackthis, metti la spunta alle voci che andrò ad elencarti e con tutte le applicazioni chiuse e disconnesso da Internet,premi su "fix checked":

Commenta:
O4 - HKLM\..\Run: [Gainward] C:\Programmi\Vtune\TBPanel.exe /A
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Programmi\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Max Kia Lalla\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Programmi\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Programmi\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_S20F.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [uTorrent] "C:\Programmi\uTorrent\uTorrent.exe"


Poi:
Scarica Adwcleaner sul desktop:
http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner
Clicca sul pulsante "Scan".
Finita la scansione clicca su "Clean"
Conferma con OK le varie finestre che ti compariranno.
Il pc si riavvierà, e uscirà il log con le eliminazioni.
Postalo qui.
lauraz
Inviato: Sunday, September 01, 2013 10:56:04 AM

Rank: AiutAmico

Iscritto dal : 1/5/2005
Posts: 195
Grazie per la risposta...ecco il log :

# AdwCleaner v3.001 - Report created 01/09/2013 at 10:50:21
# Updated 24/08/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Max Kia Lalla - MAX-6128F3031CD
# Running from : C:\Documents and Settings\Max Kia Lalla\desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Dati applicazioni\Babylon
Folder Deleted : C:\Programmi\Browser Updater
Folder Deleted : C:\Programmi\delta
Folder Deleted : C:\Programmi\HomeTab
Folder Deleted : C:\Programmi\Red Sky
Folder Deleted : C:\Programmi\TornTV.com
Folder Deleted : C:\Documents and Settings\Max Kia Lalla\IECompatCache
Folder Deleted : C:\Documents and Settings\Max Kia Lalla\Impostazioni locali\Dati applicazioni\DownTango
Folder Deleted : C:\Documents and Settings\Max Kia Lalla\Impostazioni locali\Dati applicazioni\Max Secure Software
Folder Deleted : C:\Documents and Settings\Max Kia Lalla\Impostazioni locali\Dati applicazioni\PackageAware
Folder Deleted : C:\Documents and Settings\Max Kia Lalla\Impostazioni locali\Dati applicazioni\SimplyTech
Folder Deleted : C:\Documents and Settings\Max Kia Lalla\Dati applicazioni\DSite
Folder Deleted : C:\Documents and Settings\Max Kia Lalla\Dati applicazioni\dvdvideosoftiehelpers
Folder Deleted : C:\Documents and Settings\Max Kia Lalla\Dati applicazioni\Nosibay
Folder Deleted : C:\Documents and Settings\Max Kia Lalla\Dati applicazioni\quickclick
Folder Deleted : C:\Documents and Settings\Max Kia Lalla\Dati applicazioni\Systweak
Folder Deleted : C:\Documents and Settings\Max Kia Lalla\Menu Avvio\Programmi\TornTV.com
Folder Deleted : C:\Programmi\Mozilla Firefox\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
Folder Deleted : C:\Documents and Settings\Max Kia Lalla\Dati applicazioni\Mozilla\Firefox\Profiles\rqwtrq8h.default\Extensions\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
Folder Deleted : C:\Documents and Settings\Max Kia Lalla\Dati applicazioni\Mozilla\Firefox\Profiles\rqwtrq8h.default\Extensions\ffxtlbr@delta.com
[!] Folder Deleted : C:\Documents and Settings\Max Kia Lalla\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\jbpcjmidkkgldeplajgnbpjkfpmpeepb
File Deleted : C:\Documents and Settings\Max Kia Lalla\Dati applicazioni\Mozilla\Firefox\Profiles\rqwtrq8h.default\Extensions\torntv2@torntv.com.xpi
File Deleted : C:\END
File Deleted : C:\Documents and Settings\Max Kia Lalla\Dati applicazioni\Mozilla\Firefox\Profiles\rqwtrq8h.default\searchplugins\Askcom.xml
File Deleted : C:\Documents and Settings\Max Kia Lalla\Dati applicazioni\Mozilla\Firefox\Profiles\rqwtrq8h.default\searchplugins\Babylon.xml
File Deleted : C:\Documents and Settings\Max Kia Lalla\Dati applicazioni\Mozilla\Firefox\Profiles\rqwtrq8h.default\searchplugins\delta.xml
File Deleted : C:\Documents and Settings\Max Kia Lalla\Dati applicazioni\Mozilla\Firefox\Profiles\rqwtrq8h.default\searchplugins\GoogleFeed.xml
File Deleted : C:\Documents and Settings\Max Kia Lalla\Dati applicazioni\Mozilla\Firefox\Profiles\rqwtrq8h.default\searchplugins\Web Search.xml
File Deleted : C:\Programmi\Mozilla Firefox\searchplugins\Web Search.xml
File Deleted : C:\Documents and Settings\Max Kia Lalla\Dati applicazioni\Mozilla\Firefox\Profiles\rqwtrq8h.default\user.js
File Deleted : C:\Documents and Settings\Max Kia Lalla\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jbpcjmidkkgldeplajgnbpjkfpmpeepb_0.localstorage
File Deleted : C:\Documents and Settings\Max Kia Lalla\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jbpcjmidkkgldeplajgnbpjkfpmpeepb_0.localstorage-journal
File Deleted : C:\WINDOWS\Tasks\Browser Updater.job
File Deleted : C:\WINDOWS\Tasks\Protected Search.job

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Iminent.MMServer.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.TinyUrl.TinyfyingArgs.DownloadArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.TinyUrl.TinyfyingArgs.LinkToPromoteArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.TinyUrl.TinyfyingArgs.RawDataArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.TinyUrl.TinyfyingArgs.TinyUrlArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.TinyUrl.TinyfyingArgs.ViralLinkArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.TinyUrl.UrlTinyfier
Key Deleted : HKLM\SOFTWARE\Classes\IminentMMServer.ACPlayer
Key Deleted : HKLM\SOFTWARE\Classes\IminentMMServer.ACPlayer.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKCU\Software\de8fd0e534e843
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{13C8734A-1AD2-4500-9F65-10D99AD80F54}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8E948448-E97B-4864-8177-546200709672}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{913FAA37-8CDB-4144-9047-E2A950CD967E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{425F621C-217C-40AD-B22F-4EFCFF452800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Programmi\Mail.Ru Games\Allods Online Italia\bin\GameCenterLight\GameCenter@Mail.Ru.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Programmi\Mail.Ru Games\Allods Online Italia\bin\Launcher.exe]
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\lollipop
Key Deleted : HKCU\Software\Nosibay
Key Deleted : HKCU\Software\ProtectedSearch
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\ChatZum Toolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Delta
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6421DD1B-F425-487F-945D-381A847D6901}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{96E2E493-C484-43E3-9B95-D62EE7D40D3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{96E2E493-C484-43E3-9B95-D62EE7D40D3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Protected Search_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdater

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [bProtectTabs]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]

-\\ Mozilla Firefox v

[ File : C:\Documents and Settings\Max Kia Lalla\Dati applicazioni\Mozilla\Firefox\Profiles\rqwtrq8h.default\prefs.js ]

Line Deleted : user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"descriptor\":\"c:\\\\WINDOWS\\\\Microsoft.NET\\\\Framework\\\\v3.5\\\\W[...]
Line Deleted : user_pref("extentions.y2layers.defaultEnableAppsList", "DropDownDeals,buzzdock,YontooNewOffers");
Line Deleted : user_pref("extentions.y2layers.installId", "5f0df04d-7c32-4bc8-b466-7e286a9e9614");
Line Deleted : user_pref("browser.search.selectedEngine", "Web Search");
Line Deleted : user_pref("browser.search.order.1", "Web Search");
Line Deleted : user_pref("browser.search.defaultengine", "Web Search");
Line Deleted : user_pref("browser.search.defaultenginename", "Web Search");
Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.certified-toolbar.com?si=42348&st=home&tid=3653&ver=2.8&ts=1368028550234&tguid=42348-3653-1368028550234-719B6EC1C693C316BEBF1368EBD0E341");
Line Deleted : user_pref("browser.newtab.url", "hxxp://search.certified-toolbar.com?si=42348&st=newtab&tid=3653&ver=2.8&ts=1368028550234&tguid=42348-3653-1368028550234-719B6EC1C693C316BEBF1368EBD0E341");
Line Deleted : user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=42348&st=chrome&tid=3653&ver=2.8&ts=1368028550234&tguid=42348-3653-1368028550234-719B6EC1C693C316BEBF1368EBD0E341&q=");

-\\ Google Chrome v

[ File : C:\Documents and Settings\Max Kia Lalla\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [15398 octets] - [01/09/2013 10:48:59]
AdwCleaner[S0].txt - [13604 octets] - [01/09/2013 10:50:21]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [13665 octets] ##########
r16
Inviato: Sunday, September 01, 2013 1:07:26 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Ciao.
Controlliamo lo stato generale del pc:

Scarica OTL, e salvalo sul desktop:

http://oldtimer.geekstogo.com/OTL.exe

Clicca sull'icona di OTL che trovi sul tuo desktop .

Metti la spunta su SCAN ALL USERS.

Sotto output, metti la spunta : minimal output

Clicca sulla freccettina di File Age e seleziona 60 Days

Metti la spunta a LOP Check e Purity Check.

Clicca su RUN SCAN

Lascia fare la scansione senza interferire.

Al termine della scansione trovi 2 log sul desktop. OTL.txt ed Extras.txt, salvali e caricali su Wikisend, per postarli sul forum.

Per postare il log:

Collegati ad internet e vai alla pagina WikiSend: http://www.wikisend.com/
Clicca sul bottone "Sfoglia"
Seleziona il file appena salvato
Clicca su Upload file
Dopo qualche secondo, vieni spostato su una nuova pagina con il link in diversi formati:
Download Link / Forum Link
Seleziona Forum Link, copialo e incollalo in un nuovo messaggio per il forum.
lauraz
Inviato: Sunday, September 01, 2013 4:32:16 PM

Rank: AiutAmico

Iscritto dal : 1/5/2005
Posts: 195
Ho solo questo file

OTL.Txt
r16
Inviato: Sunday, September 01, 2013 8:27:45 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Avvia OTL.

Sotto "Custom Scans\Fixes" copia-incolla questo codice:

Code:
:OTL
IE - HKU\S-1-5-21-1659004503-1965331169-839522115-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.certified-toolbar.com?si=42348&st=bs&tid=3653&ver=2.8&ts=1368028550234&tguid=42348-3653-1368028550234-719B6EC1C693C316BEBF1368EBD0E341&q={searchTerms}
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf:  File not found
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin:  File not found
[2012/11/06 07.40.13 | 000,715,038 | ---- | C] () -- C:\Documents and Settings\Max Kia Lalla\Impostazioni locali\Dati applicazioni\unins000.exe
[2012/11/06 07.40.13 | 000,004,916 | ---- | C] () -- C:\Documents and Settings\Max Kia Lalla\Impostazioni locali\Dati applicazioni\unins000.dat
[2010/03/01 23.32.54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Max Kia Lalla\Dati applicazioni\Panda Security
[2010/07/02 21.37.46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Max Kia Lalla\Dati applicazioni\Saqqarah

:Files
ipconfig /flushdns /c

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]
""=""%1" %*"

:commands
[purity]
[emptytemp]
[Emptyjava]
[EMPTYFLASH]
[start explorer]
[Reboot]

Clicca sul pulsante RUN FIX.
Lascia fare la scansione senza interferire.
Posta il log.
lauraz
Inviato: Monday, September 02, 2013 2:17:03 PM

Rank: AiutAmico

Iscritto dal : 1/5/2005
Posts: 195
Non riesco a farlo.....si riavvia prima del tempo
r16
Inviato: Tuesday, September 03, 2013 6:59:40 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Prova in Modalità provvisoria.
lauraz
Inviato: Wednesday, September 04, 2013 9:51:55 AM

Rank: AiutAmico

Iscritto dal : 1/5/2005
Posts: 195
r16
Inviato: Wednesday, September 04, 2013 7:20:24 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Il pc continua a riavviarsi?
lauraz
Inviato: Friday, September 06, 2013 12:47:18 AM

Rank: AiutAmico

Iscritto dal : 1/5/2005
Posts: 195
Oggi l'ho lasciato acceso tutto il giorno e non si è riavviato !!!!! Grazie...Grazie mille per l'aiuto !!!! :)
lauraz
Inviato: Monday, September 09, 2013 11:49:43 AM

Rank: AiutAmico

Iscritto dal : 1/5/2005
Posts: 195
Come non detto...si riavvia ancora ogni tanto ,in più non riesco a completare una scansione antivirus,ho provato anche con Avast,niente da fare,ad un certo punto si riavvia...che fare ???
r16
Inviato: Monday, September 09, 2013 6:25:18 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Scarica ed installa HitmanPro: clicca qui per il download (scegli la versione adatta al tuo S.O. - 32 Bit o 64 Bit)
http://www.surfright.nl/en/downloads
una volta lanciato, nella schermata principale clicca su Impostazioni
clicca su Licenza ed attiva la licenza;
lancia la scansione (lascia le impostazioni di default);
al termine della scansione ti verrà mostrato un riepilogo: nella finestra di riepilogo, in basso a sinistra, avrai modo di salvare il Report generato .
Postalo qui.
Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.