Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

R16 Mi controlli il log Combfix Opzioni
salvo14
Inviato: Sunday, June 21, 2009 9:33:37 PM
Rank: AiutAmico

Iscritto dal : 3/9/2001
Posts: 58
Ciao R16, per favore mi controlli il seguente log, ho il pc lento all'avvio soprattutto perde molto tempo a comparire l'icona della connessione ad internet (le due tele televisioni nella barra tray) e se prima non compaiono non cè nessuna connessione.
Ho già cancellato la cartella temp, ho svuotato la cartella prefect e fatto la scansione con jiackitis, ma non è successo niente.
Grazie.

ComboFix 09-06-20.04 - Salvatore 21/06/2009 21.17.22.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.1791.1283 [GMT 2:00]
Eseguito da: c:\documents and settings\Salvatore\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Salvatore\Dati applicazioni\Microsoft\Internet Explorer\Quick Launch\Clean Virus MSN.lnk
c:\windows\system32\AutoRun.inf
c:\windows\system32\hpzids01.dll
c:\windows\system32\mfc45.dll

.
((((((((((((((((((((((((( Files Creati Da 2009-05-21 al 2009-06-21 )))))))))))))))))))))))))))))))))))
.

2009-06-21 18:01 . 2009-06-21 18:01 -------- d-----w- c:\programmi\Unlocker
2009-06-21 17:42 . 2009-06-21 17:42 -------- d-----w- c:\programmi\Trend Micro
2009-06-20 11:13 . 2008-09-25 09:07 922464 ----a-w- c:\windows\system32\Incinerator.dll
2009-06-20 11:13 . 2008-04-17 08:45 9341 ----a-w- c:\windows\system32\drivers\filedisk.sys
2009-06-20 11:13 . 2008-09-24 08:32 28672 ----a-w- c:\windows\system32\iolobtdfg.exe
2009-06-20 11:13 . 2008-09-09 14:45 8192 ----a-w- c:\windows\system32\smrgdf.exe
2009-06-20 11:13 . 2009-06-20 11:13 -------- d-----w- c:\programmi\iolo
2009-06-19 18:10 . 2009-06-19 18:10 3561743 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-06-19 18:03 . 2009-06-19 18:05 117814 ----a-w- c:\windows\hpqins00.dat
2009-06-19 17:41 . 2009-06-19 17:41 -------- d-----w- c:\documents and settings\Salvo-Marco\Dati applicazioni\HP
2009-06-19 07:14 . 2009-06-09 19:44 27784 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\avgmfx86.sys
2009-06-17 11:02 . 2009-06-19 07:26 -------- d-----w- c:\documents and settings\Salvo-Marco\Tracing
2009-06-17 11:02 . 2009-06-17 11:02 69640 ----a-w- c:\documents and settings\Salvo-Marco\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-06-16 18:41 . 2009-06-16 18:42 -------- d-----w- c:\programmi\Free Hide Folder
2009-06-16 17:11 . 2009-06-16 17:13 -------- d-----w- c:\programmi\MP3Gain
2009-06-15 18:26 . 2009-06-15 18:26 -------- d-----w- c:\documents and settings\Salvo-Marco\Dati applicazioni\vlc
2009-06-15 17:20 . 2009-06-15 17:20 -------- d-----w- c:\windows\system32\NtmsData
2009-06-15 17:18 . 2009-06-15 17:18 -------- d--h--w- c:\windows\system32\GroupPolicy
2009-06-15 11:34 . 2009-06-15 11:34 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Office Genuine Advantage
2009-06-15 11:16 . 2009-06-15 11:16 -------- d-----w- c:\windows\system32\it
2009-06-15 11:16 . 2009-06-15 11:16 -------- d-----w- c:\windows\system32\bits
2009-06-15 11:16 . 2009-06-15 11:16 -------- d-----w- c:\windows\l2schemas
2009-06-15 11:13 . 2009-06-15 11:16 -------- d-----w- c:\windows\ServicePackFiles
2009-06-14 19:00 . 2009-06-14 19:00 -------- d-----w- c:\documents and settings\Salvo-Marco\Dati applicazioni\HPAppData
2009-06-14 09:43 . 2009-06-14 09:43 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\MotiveSysIDs
2009-06-14 09:40 . 2009-06-14 09:41 -------- d-----w- c:\programmi\TELE2
2009-06-14 09:40 . 2009-06-14 09:40 -------- d-----w- c:\documents and settings\Salvatore\Dati applicazioni\InstallShield
2009-06-14 09:40 . 2009-06-14 09:40 -------- d-----w- c:\programmi\Common Files
2009-06-13 22:47 . 2008-04-13 18:51 101120 ----a-w- c:\windows\system32\drivers\bthpan.sys
2009-06-13 22:47 . 2008-04-13 18:46 17024 ----a-w- c:\windows\system32\drivers\bthenum.sys
2009-06-13 22:47 . 2008-04-13 18:46 59136 ----a-w- c:\windows\system32\drivers\rfcomm.sys
2009-06-13 22:47 . 2008-04-14 02:14 152576 ----a-w- c:\windows\system32\irftp.exe
2009-06-13 22:47 . 2008-04-14 02:13 8192 ----a-w- c:\windows\system32\wshirda.dll
2009-06-13 22:47 . 2008-04-14 02:13 29696 ----a-w- c:\windows\system32\irmon.dll
2009-06-13 22:47 . 2008-04-13 18:46 18944 ----a-w- c:\windows\system32\drivers\bthusb.sys
2009-06-13 19:55 . 2004-08-03 20:29 25471 ------w- c:\windows\system32\drivers\watv10nt.sys
2009-06-13 19:55 . 2004-08-03 20:29 22271 ------w- c:\windows\system32\drivers\watv06nt.sys
2009-06-13 19:55 . 2004-08-03 20:29 11935 ------w- c:\windows\system32\drivers\wadv11nt.sys
2009-06-13 19:55 . 2004-08-03 20:29 11871 ------w- c:\windows\system32\drivers\wadv09nt.sys
2009-06-13 19:55 . 2004-08-03 20:29 11807 ------w- c:\windows\system32\drivers\wadv07nt.sys
2009-06-13 19:55 . 2004-08-03 20:29 11295 ------w- c:\windows\system32\drivers\wadv08nt.sys
2009-06-13 19:55 . 2004-08-03 20:41 95424 ------w- c:\windows\system32\drivers\slnthal.sys
2009-06-13 19:55 . 2004-08-03 20:41 13240 ------w- c:\windows\system32\drivers\slwdmsup.sys
2009-06-13 19:55 . 2004-08-03 20:41 404990 ------w- c:\windows\system32\drivers\slntamr.sys
2009-06-13 19:55 . 2004-08-03 20:41 129535 ------w- c:\windows\system32\drivers\slnt7554.sys
2009-06-13 19:55 . 2004-08-03 20:41 13776 ------w- c:\windows\system32\drivers\recagent.sys
2009-06-13 19:55 . 2004-08-03 20:29 166912 ------w- c:\windows\system32\drivers\s3gnbm.sys
2009-06-13 10:41 . 2009-06-21 10:33 -------- d--h--w- C:\$AVG8.VAULT$
2009-06-13 08:50 . 2009-06-19 06:58 -------- d-----w- C:\BywifiShare
2009-06-13 08:50 . 2009-06-13 08:50 -------- d-----w- C:\BywifiSave
2009-06-13 08:50 . 2009-06-15 17:24 -------- d-----w- c:\programmi\Velocizza Video
2009-06-13 06:06 . 2009-06-15 20:04 -------- d-----w- c:\programmi\Lphant
2009-06-12 10:53 . 2009-06-09 19:44 325896 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\avgldx86.sys
2009-06-12 10:53 . 2009-06-09 19:44 2301208 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\avguiadv.dll
2009-06-12 10:53 . 2009-06-09 19:44 1217816 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\avgfrw.exe
2009-06-12 10:53 . 2009-06-09 19:44 3401496 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\avgui.exe
2009-06-12 10:53 . 2009-06-09 19:44 1947928 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\avgtray.exe
2009-06-12 10:53 . 2009-06-09 19:44 1205528 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\avgabout.dll
2009-06-12 10:53 . 2009-06-12 10:53 1261344 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\avgwd.dll
2009-06-12 10:53 . 2009-06-12 10:53 829208 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\avgcfgx.dll
2009-06-12 10:53 . 2009-06-09 19:44 761112 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\avgscanx.exe
2009-06-12 10:53 . 2009-06-09 19:44 681752 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\avgsrmx.dll
2009-06-12 10:53 . 2009-06-09 19:44 341272 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\avgsrmax.exe
2009-06-12 10:53 . 2009-06-09 19:44 1085208 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\avgupd.exe
2009-06-11 17:22 . 2009-06-20 13:00 518 ----a-w- c:\documents and settings\Salvatore\Dati applicazioni\iolo\Registry\Last\restore.bat
2009-06-11 16:34 . 2009-06-11 16:34 -------- d-----w- c:\programmi\Accelera Programmi
2009-06-11 05:22 . 2008-10-16 12:06 268648 ----a-w- c:\windows\system32\mucltui.dll
2009-06-11 05:22 . 2008-10-16 12:06 208744 ----a-w- c:\windows\system32\muweb.dll
2009-06-10 20:03 . 2009-06-10 20:03 1549 ----a-w- c:\documents and settings\Salvatore\Dati applicazioni\iolo\restore.bat
2009-06-10 19:59 . 2009-06-10 19:59 -------- d-----w- c:\documents and settings\LocalService\Dati applicazioni\iolo
2009-06-10 19:51 . 2009-06-20 11:17 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\iolo
2009-06-10 19:51 . 2009-06-11 17:17 -------- d-----w- c:\documents and settings\Salvatore\Dati applicazioni\iolo
2009-06-10 19:28 . 2009-06-10 19:28 -------- d-----w- c:\programmi\IE New Window Maximizer
2009-06-10 12:19 . 2009-06-10 12:19 -------- d-----w- c:\programmi\AxBx
2009-06-10 12:03 . 2009-06-10 12:03 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Messenger Plus!
2009-06-10 11:55 . 2009-06-10 11:55 -------- d-----w- c:\programmi\Messenger Plus! Live
2009-06-10 11:48 . 2009-06-21 16:11 -------- d-----w- c:\documents and settings\Salvatore\Tracing
2009-06-10 11:47 . 2009-02-06 16:08 55152 ----a-w- c:\windows\system32\drivers\fssfltr_tdi.sys
2009-06-10 11:46 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2009-06-10 11:46 . 2009-06-10 11:46 -------- d-----w- c:\programmi\Microsoft SQL Server Compact Edition
2009-06-10 11:45 . 2009-06-10 11:45 -------- d-----w- c:\programmi\Microsoft
2009-06-10 11:45 . 2009-06-10 11:45 -------- d-----w- c:\programmi\Windows Live SkyDrive
2009-06-10 11:45 . 2009-06-10 11:47 -------- d-----w- c:\programmi\Windows Live
2009-06-10 11:38 . 2009-06-10 11:38 -------- d-----w- c:\programmi\File comuni\Windows Live
2009-06-10 10:56 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2009-06-10 10:56 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2009-06-10 10:56 . 2008-12-11 10:57 333952 -c----w- c:\windows\system32\dllcache\srv.sys
2009-06-10 10:56 . 2008-04-11 19:04 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2009-06-10 10:55 . 2008-10-15 16:36 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2009-06-10 10:55 . 2008-04-21 21:14 219136 -c----w- c:\windows\system32\dllcache\wordpad.exe
2009-06-09 22:32 . 2009-06-09 22:32 -------- d-----w- c:\documents and settings\Salvatore\Dati applicazioni\vlc
2009-06-09 22:31 . 2009-06-09 22:31 -------- d-----w- c:\programmi\VideoLAN
2009-06-09 22:05 . 2009-06-13 06:40 -------- d-----w- c:\documents and settings\Salvatore\Impostazioni locali\Dati applicazioni\Lphant
2009-06-09 21:15 . 2009-06-09 21:15 -------- d-----w- C:\Sandbox
2009-06-09 21:13 . 2009-06-21 18:06 -------- d-----w- c:\programmi\Sandboxie
2009-06-09 21:12 . 2004-08-19 13:39 25600 ----a-w- c:\documents and settings\LocalService\Dati applicazioni\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2009-06-09 21:11 . 2009-06-09 21:11 -------- d-----w- c:\programmi\Windows Media Connect 2
2009-06-09 21:10 . 2009-06-09 21:22 -------- d-----w- c:\windows\system32\LogFiles
2009-06-09 21:10 . 2009-06-09 21:11 -------- d-----w- c:\windows\system32\drivers\UMDF
2009-06-09 21:09 . 2009-06-09 21:09 -------- d-----w- c:\documents and settings\Salvatore\Dati applicazioni\Malwarebytes
2009-06-09 21:09 . 2009-06-17 09:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-09 21:09 . 2009-06-19 18:11 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2009-06-09 21:09 . 2009-06-17 09:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-09 21:09 . 2009-06-09 21:09 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-06-09 21:07 . 2009-06-09 21:07 -------- d-----w- c:\programmi\iISystem Wiper
2009-06-09 21:07 . 2009-06-10 15:17 -------- d-----w- c:\programmi\FreePOPs
2009-06-09 21:01 . 2009-06-15 11:16 -------- d-----w- c:\windows\system32\it-it

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-21 11:29 . 2009-06-12 14:46 -------- d-----w- c:\documents and settings\Salvo-Marco\Dati applicazioni\iolo
2009-06-19 18:39 . 2009-06-19 18:39 681984 ----a-w- c:\windows\isRS-000.tmp
2009-06-19 07:14 . 2009-06-09 19:44 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-06-18 19:03 . 2001-08-31 10:00 69916 ----a-w- c:\windows\system32\perfc010.dat
2009-06-18 19:03 . 2001-08-31 10:00 437604 ----a-w- c:\windows\system32\perfh010.dat
2009-06-15 12:05 . 2009-06-09 19:30 69640 ----a-w- c:\documents and settings\Salvatore\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-06-15 11:18 . 2009-06-09 18:48 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-06-15 05:15 . 2009-06-09 19:30 -------- d-----w- c:\documents and settings\Salvatore\Dati applicazioni\HP
2009-06-15 05:15 . 2009-06-09 19:25 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\HP
2009-06-14 09:40 . 2009-06-09 19:07 -------- d--h--w- c:\programmi\InstallShield Installation Information
2009-06-13 19:58 . 2009-06-09 19:21 -------- d-----w- c:\programmi\Microsoft Works
2009-06-12 14:49 . 2009-06-09 19:47 152529 ----a-w- c:\windows\hpoins14.dat
2009-06-12 10:53 . 2009-06-09 19:44 327688 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-06-12 10:53 . 2009-06-09 19:46 3298072 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\setup.exe
2009-06-12 10:53 . 2009-06-09 19:45 1452312 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\avgupd.dll
2009-06-09 20:57 . 2009-06-09 20:57 -------- d-----w- c:\programmi\CCleaner
2009-06-09 20:54 . 2009-06-09 20:54 -------- d-----w- c:\programmi\IObit
2009-06-09 20:54 . 2009-06-09 20:54 -------- d-----w- c:\documents and settings\Salvatore\Dati applicazioni\IObit
2009-06-09 20:53 . 2009-06-09 20:52 -------- d-----w- c:\programmi\File comuni\Adobe
2009-06-09 20:48 . 2009-06-09 20:37 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\RoboForm
2009-06-09 20:42 . 2009-06-09 20:42 -------- d-----w- c:\programmi\7-Zip
2009-06-09 20:37 . 2009-06-09 20:37 -------- d-----w- c:\programmi\Siber Systems
2009-06-09 20:28 . 2009-06-09 20:28 -------- d-----w- c:\documents and settings\Salvatore\Dati applicazioni\TomTom
2009-06-09 20:28 . 2009-06-09 20:27 -------- d-----w- c:\programmi\TomTom HOME 2
2009-06-09 20:23 . 2009-06-09 20:23 -------- d-----w- c:\programmi\File comuni\LightScribe
2009-06-09 20:22 . 2009-06-09 20:22 -------- d-----w- c:\documents and settings\Salvatore\Dati applicazioni\Ahead
2009-06-09 20:22 . 2009-06-09 20:20 -------- d-----w- c:\programmi\File comuni\Ahead
2009-06-09 20:20 . 2009-06-09 20:20 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Nero
2009-06-09 20:20 . 2009-06-09 20:20 -------- d-----w- c:\programmi\Nero
2009-06-09 20:15 . 2009-06-09 20:15 -------- d-----w- c:\programmi\Samsung
2009-06-09 20:13 . 2009-06-09 20:13 -------- d-----w- c:\programmi\MSXML 4.0
2009-06-09 20:13 . 2009-06-09 20:13 -------- d-----w- c:\documents and settings\Salvatore\Dati applicazioni\Nikon
2009-06-09 20:13 . 2009-06-09 20:09 -------- d-----w- c:\programmi\File comuni\Nikon
2009-06-09 20:12 . 2009-06-09 20:12 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Nikon
2009-06-09 20:12 . 2009-06-09 20:12 -------- d-----w- c:\programmi\File comuni\muvee Technologies
2009-06-09 20:12 . 2009-06-09 20:12 -------- d-----w- c:\programmi\Nikon
2009-06-09 20:12 . 2009-06-09 20:12 20 ---h--w- c:\documents and settings\All Users\Dati applicazioni\PKP_DLds.DAT
2009-06-09 20:12 . 2009-06-09 20:12 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Ultima_T15
2009-06-09 20:12 . 2009-06-09 20:12 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\EnterNHelp
2009-06-09 20:11 . 2009-06-09 20:11 -------- d-----w- c:\programmi\QuickTime
2009-06-09 20:11 . 2009-06-09 20:11 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Apple Computer
2009-06-09 20:10 . 2009-06-09 20:10 -------- d-----w- c:\programmi\ArcSoft
2009-06-09 20:10 . 2009-06-09 19:06 -------- d-----w- c:\programmi\File comuni\InstallShield
2009-06-09 19:58 . 2009-06-09 19:57 109390 ----a-w- c:\windows\hpqins11.dat
2009-06-09 19:55 . 2009-06-09 19:55 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\WEBREG
2009-06-09 19:52 . 2009-06-09 19:24 -------- d-----w- c:\programmi\HP
2009-06-09 19:52 . 2009-06-09 19:52 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\HPSSUPPLY
2009-06-09 19:52 . 2009-06-09 19:52 -------- d-----w- c:\documents and settings\Salvatore\Dati applicazioni\HPAppData
2009-06-09 19:51 . 2009-06-09 19:51 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\HP Product Assistant
2009-06-09 19:51 . 2009-06-09 19:51 -------- d-----w- c:\programmi\Hewlett-Packard
2009-06-09 19:46 . 2009-06-09 19:46 2052376 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\avgcorex.dll
2009-06-09 19:46 . 2009-06-09 19:46 352024 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\avgxch32.dll
2009-06-09 19:44 . 2009-06-09 19:44 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-06-09 19:44 . 2009-06-09 19:44 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-06-09 19:44 . 2009-06-09 19:46 486168 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\avgrsx.exe
2009-06-09 19:44 . 2009-06-09 19:46 424472 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\avgwdwsc.dll
2009-06-09 19:44 . 2009-06-09 19:46 312088 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\avglngx.dll
2009-06-09 19:44 . 2009-06-09 19:46 177432 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\avgmail.dll
2009-06-09 19:44 . 2009-06-09 19:45 755992 ----a-w- c:\documents and settings\All Users\Dati applicazioni\avg8\update\backup\avginet.dll
2009-06-09 19:44 . 2009-06-09 19:44 -------- d-----w- c:\programmi\AVG
2009-06-09 19:44 . 2009-06-09 19:44 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\avg8
2009-06-09 19:37 . 2009-06-09 19:37 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Hewlett-Packard
2009-06-09 19:25 . 2009-06-09 19:25 -------- d-----w- c:\programmi\File comuni\HP
2009-06-09 19:25 . 2009-06-09 19:25 -------- d-----w- c:\programmi\File comuni\Hewlett-Packard
2009-06-09 19:22 . 2009-06-09 19:22 -------- d-----w- c:\programmi\Microsoft.NET
2009-06-09 19:09 . 2009-06-09 19:09 -------- d-----w- c:\programmi\Realtek
2009-06-09 19:08 . 2009-06-09 19:08 315392 ----a-w- c:\windows\HideWin.exe
2009-06-09 19:08 . 2009-06-09 19:08 -------- d-----w- c:\programmi\S3
2009-06-09 19:06 . 2009-06-09 19:06 -------- d-----w- c:\programmi\VIA
2009-06-09 19:03 . 2009-06-09 19:03 -------- d-----w- c:\programmi\DIFX
2009-06-09 18:49 . 2009-06-09 18:49 -------- d-----w- c:\programmi\microsoft frontpage
2009-06-09 18:48 . 2009-06-09 18:48 -------- d-----w- c:\programmi\Servizi in linea
2009-06-09 18:46 . 2009-06-09 18:46 21840 ----a-w- c:\windows\system32\emptyregdb.dat
2009-05-07 15:32 . 2004-08-19 13:39 347648 ----a-w- c:\windows\system32\localspl.dll
2009-04-29 04:45 . 2004-08-19 13:39 827392 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:44 . 2004-08-19 13:39 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-04-19 19:47 . 2004-08-19 13:31 1847168 ----a-w- c:\windows\system32\win32k.sys
2009-04-15 14:52 . 2004-08-19 13:39 585216 ----a-w- c:\windows\system32\rpcrt4.dll
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"IE New Window Maximizer"="c:\programmi\IE New Window Maximizer\iemaximizer.exe" [2005-02-08 356352]
"MzCpuAccelerator"="c:\programmi\Accelera Programmi\MzCpuAccelerator.exe" [2009-01-10 199680]
"SandboxieControl"="c:\programmi\Sandboxie\SbieCtrl.exe" [2009-05-28 380416]
"RoboForm"="c:\programmi\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2009-06-09 160592]
"Advanced SystemCare 3"="c:\programmi\IObit\Advanced SystemCare 3\AWC.exe" [2009-04-30 2329936]
"bywifi"="c:\programmi\Velocizza Video\bywifi.exe" [2009-06-05 1048576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-12 1948440]
"bywifi"="c:\programmi\Velocizza Video\bywifi.exe" [2009-06-05 1048576]
"UnlockerAssistant"="c:\programmi\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]
"VTTimer"="VTTimer.exe" - c:\windows\system32\VTTimer.exe [2006-08-02 53248]
"S3Trayp"="S3trayp.exe" - c:\windows\system32\S3Trayp.exe [2006-07-10 176128]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-02-03 16116224]
"SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2006-05-20 2879488]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Salvatore\Menu Avvio\Programmi\Esecuzione automatica\
Collegamento a FreePOPs.lnk - c:\programmi\FreePOPs\freepopsd.exe [2008-12-27 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-06-09 19:44 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Adobe Reader Synchronizer.lnk]
backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^NkbMonitor.exe.lnk]
backup=c:\windows\pss\NkbMonitor.exe.lnkCommon Startup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Velocizza Video\\bywifi.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Programmi\\Lphant\\eLePhantClient.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"24585:TCP"= 24585:TCP:Lphant
"34586:UDP"= 34586:UDP:Lphant
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [09/06/2009 21.44.07 327688]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [09/06/2009 21.44.11 108552]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [09/06/2009 21.44.01 298776]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [10/06/2009 13.47.32 55152]
R2 ioloFileInfoList;iolo FileInfoList Service;c:\programmi\iolo\Common\Lib\ioloServiceManager.exe [20/06/2009 13.13.19 596840]
R2 ioloSystemService;iolo System Service;c:\programmi\iolo\Common\Lib\ioloServiceManager.exe [20/06/2009 13.13.19 596840]
R3 S3GIGP;S3GIGP;c:\windows\system32\drivers\S3gIGPm.sys [09/06/2009 21.08.19 659456]
R3 SbieDrv;SbieDrv;c:\programmi\Sandboxie\SbieDrv.sys [28/05/2009 15.32.24 108032]
S3 fsssvc;Windows Live Family Safety;c:\programmi\Windows Live\Family Safety\fsssvc.exe [06/02/2009 18.08.58 533360]

--- Altri Servizi/Drivers In Memoria ---

*Deregistered* - mchInjDrv

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contenuto della cartella 'Scheduled Tasks'

2009-06-21 c:\windows\Tasks\AWC AutoSweep.job
- c:\programmi\IObit\Advanced SystemCare 3\AutoSweep.exe [2009-06-10 13:35]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.virgilio.it/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = local
uSearchURL,(Default) = hxxp://it.rd.yahoo.com/customize/ycomp/defaults/su/*http://it.yahoo.com
IE: Compila Modulo - file://c:\programmi\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Personalizza - file://c:\programmi\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: RF Barra strumenti - file://c:\programmi\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Salva Moduli - file://c:\programmi\Siber Systems\AI RoboForm\RoboFormComSavePass.html
TCP: {02C43504-BE33-42FB-A316-D9189A85BC37} = 192.168.1.254,192.168.1.253
DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} - hxxps://safe.tele2.com/inc/AccountHelper.cab
.
.
------- Associazioni dei file -------
.
JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-21 21:19
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\ð•€|ÿÿÿÿ.•€|þ»Ñw*]
"0140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
Ora fine scansione: 2009-06-21 21.20.31
ComboFix-quarantined-files.txt 2009-06-21 19:20

Pre-Run: 239.624.896.512 byte disponibili
Post-Run: 239.720.550.400 byte disponibili

315 --- E O F --- 2009-06-16 08:13
Sponsor
Inviato: Sunday, June 21, 2009 9:33:37 PM

 
salvo14
Inviato: Sunday, June 21, 2009 10:29:25 PM
Rank: AiutAmico

Iscritto dal : 3/9/2001
Posts: 58
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22.28.24, on 21/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\iolo\common\lib\ioloServiceManager.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\S3trayp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Programmi\Velocizza Video\bywifi.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\IE New Window Maximizer\iemaximizer.exe
C:\Programmi\Accelera Programmi\MzCpuAccelerator.exe
C:\Programmi\Sandboxie\SbieCtrl.exe
C:\Programmi\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Programmi\IObit\Advanced SystemCare 3\AWC.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Programmi\FreePOPs\freepopsd.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Sandboxie\SbieSvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
c:\programmi\internet explorer\iexplore.exe
C:\Programmi\HP\Smart Web Printing\hpswp_clipbook.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.virgilio.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://it.rd.yahoo.com/customize/ycomp/defaults/su/*http://it.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9000/proxy.pac
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programmi\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Programmi\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Programmi\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BywifiBHO - {C4743D3E-20D7-4B52-84F2-5E4E277B2D82} - C:\Programmi\Velocizza Video\bywifiie.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Programmi\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [bywifi] C:\Programmi\Velocizza Video\bywifi.exe "-silent"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Programmi\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IE New Window Maximizer] C:\Programmi\IE New Window Maximizer\iemaximizer.exe
O4 - HKCU\..\Run: [MzCpuAccelerator] C:\Programmi\Accelera Programmi\MzCpuAccelerator.exe
O4 - HKCU\..\Run: [SandboxieControl] "C:\Programmi\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [RoboForm] "C:\Programmi\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Programmi\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [bywifi] C:\Programmi\Velocizza Video\bywifi.exe "-silent"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Collegamento a FreePOPs.lnk = C:\Programmi\FreePOPs\freepopsd.exe
O8 - Extra context menu item: Compila Modulo - file://C:\Programmi\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Personalizza - file://C:\Programmi\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: RF Barra strumenti - file://C:\Programmi\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Salva Moduli - file://C:\Programmi\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Compila - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Programmi\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Compila Modulo - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Programmi\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Salva - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Programmi\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Salva Moduli - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Programmi\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Libro dei ritagli HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Programmi\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Selezione intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Programmi\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Programmi\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RF Barra strumenti - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Programmi\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - https://safe.tele2.com/inc/AccountHelper.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{02C43504-BE33-42FB-A316-D9189A85BC37}: NameServer = 192.168.1.254,192.168.1.253
O17 - HKLM\System\CS1\Services\Tcpip\..\{02C43504-BE33-42FB-A316-D9189A85BC37}: NameServer = 192.168.1.254,192.168.1.253
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Programmi\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Programmi\iolo\common\lib\ioloServiceManager.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Programmi\Sandboxie\SbieSvc.exe

--
End of file - 9780 bytes
r16
Inviato: Sunday, June 21, 2009 11:35:25 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Ciao salvo14 .
Sono proprio necessari (non li conosco) questi programmi?
C:\Programmi\Accelera Programmi\MzCpuAccelerator.exe
C:\Programmi\Velocizza Video\bywifi.exe
Non vorrei che invece di "accelerare" o "velocizzare" .......rallentino il pc.
Comunque esegui queste indicazioni:
Avvia hijackthis, metti la spunta alle voci che andrò ad elencarti e con tutte le applicazioni chiuse e disconnesso da Internet,premi su fix checked
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [bywifi] C:\Programmi\Velocizza Video\bywifi.exe "-silent"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Programmi\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [MzCpuAccelerator] C:\Programmi\Accelera Programmi\MzCpuAccelerator.exe
O4 - HKCU\..\Run: [SandboxieControl] "C:\Programmi\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [RoboForm] "C:\Programmi\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Programmi\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [bywifi] C:\Programmi\Velocizza Video\bywifi.exe "-silent"
O4 - Startup: Collegamento a FreePOPs.lnk = C:\Programmi\FreePOPs\freepopsd.exe
Pulisci con CCleaner.
Riavvia il pc.
*********************************************************************************
Combofix ha eliminato delle infezioni.
Dopo la scansione con Combofix, il problema non si è risolto?
Fai anche una scansione con MBAM:
Scarica ed installa MalwareBytes:
clicca qui per il download : http://www.aiutamici.com/software?id=80346
Prima di fare la scansione AGGIORNALO. (è molto importante)
Esegui una scansione completa del sistema.
Posta il log.
salvo14
Inviato: Monday, June 22, 2009 8:39:35 PM
Rank: AiutAmico

Iscritto dal : 3/9/2001
Posts: 58
Ciao R16, ho fatto tutto quello da te indicatomi ma purtroppo non è successo niente, ti allego il log che mi hai richiesto.
grazie

Malwarebytes' Anti-Malware 1.38
Versione del database: 2323
Windows 5.1.2600 Service Pack 3

22/06/2009 20.17.44
mbam-log-2009-06-22 (20-17-44).txt

Tipo di scansione: Scansione completa (C:\|D:\|)
Elementi scansionati: 132194
Tempo trascorso: 21 minute(s), 54 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 0

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
(Nessun elemento malevolo rilevato)

Valori di registro infetti:
(Nessun elemento malevolo rilevato)

Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
(Nessun elemento malevolo rilevato)
r16
Inviato: Tuesday, June 23, 2009 12:10:11 AM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Proviamo con Kaspersky:
http://downloads5.kaspersky-labs.com/devbuilds/AVPTool/
Installa KASPERSKY VIRUS REMOVAL TOOL sul Desktop:
Doppio click sul Setup.exe.
verrà creata una apposta cartella sul Desktop e comparirà la schermata iniziale del Tool.
imposta le aree che intendi scansionare (Startup Objects e Disk boot sector sono impostate di default) e clicca "SCAN"
al termine della scansione sarà possibile rimuovere e/o mettere in quarantena i file infetti rilevati
salva il log che verrà rilasciato.

Clicca "Reports" poi - "Save to file" e per comodità salvalo sul Desktop.(poi lo posti qui)

Per eliminare Kaspersky Virus Removal Tool ,devi chiudere il programma cliccando X in alto alla finestra, ti comparirà una finestra, che ti chiederà se vuoi rimuovere completamente il programma dal tuo computer.
Clicca SI.
Dopo la disistallazione ti chiederà di riavviare il pc.
Clicca SI di nuovo.

Carica il log con le seguenti modalità:
Collegati ad internet e vai alla pagina WikiSend: http://www.wikisend.com/
Clicca sul bottone "Sfoglia"
Seleziona il file appena salvato
Clicca su Upload file
Dopo qualche secondo, vieni spostato su una nuova pagina con il link in diversi formati:
Download Link / Forum Link
Seleziona Forum Link, copialo e incollalo in un nuovo messaggio per il forum.
r16
Inviato: Wednesday, June 24, 2009 11:47:47 AM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Ciao.
Non si apre Mai un'altro topic, per lo stesso problema.
Il tuo problema non dipende da un virus.
Prova a chiedere al tuo gestore, se ci sono dei lavori in corso nella tua zona, e spiegagli il tuo problema.
Potresti fare anche questo tentativo:
Disistalla AVG con questo Tool:
http://www.grisoft.cz/filedir/util/avg_arm_sup_____.dir/avgremover.exe
Finita la disistallazione, fai una pulizia con CCleaner, e RIAVVIA il pc.

Installa Avira:
http://www.aiutamici.com/software?ID=10908
Fai una scansione, e vedi se la situazione migliora.
Non vorrei che fosse AVG il problema.
Tentar non nuoce.

salvo14
Inviato: Wednesday, June 24, 2009 8:41:30 PM
Rank: AiutAmico

Iscritto dal : 3/9/2001
Posts: 58
Ciao R16,
ho fatto come mi hai consigliato ma avira non ha trovato niente, il problema persiste, penso che tu possa avere ragione sul gestore perciò aspetterò qualche giorno e poi vedremo, desidero ringraziarti per l'assistenza e per la pasienza.
Ciao e a presto.
r16
Inviato: Wednesday, June 24, 2009 11:35:15 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
De Nada.
Ciao!Drool
Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.