Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » pc lento, malware nascosto?

6 pages: 1 2 3 [4] 5 6
pc lento, malware nascosto? Opzioni
Topic Precedente · Topic Sucessivo
giulietteb
Inviato: Monday, January 11, 2010 11:18:50 PM
Rank: AiutAmico

Iscritto dal : 1/6/2010
Posts: 38
scusa, aggiungo velocemente che sto svuotando il contenuto della cartella Temp, ma non mi fa buttare via un file che si chiama IadHide5.dll. (guardando meglio, è lì dal 2004 quindi forse non è cattivo...)
Vado avanti col resto
Torna in alto
 
r16
Inviato: Monday, January 11, 2010 11:31:25 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Quel file, (IadHide5.dll) viene usato da un sacco di programmi.
Per eliminarlo, si dovrebbe eliminare il programma a cui si riferisce.
Per il momento lascialo lì.
Torna in alto
 
giulietteb
Inviato: Tuesday, January 12, 2010 11:52:03 AM
Rank: AiutAmico

Iscritto dal : 1/6/2010
Posts: 38
buongiorno! eccomi
ho fatto tutto. Posto un altro log?
Torna in alto
 
monsee
Inviato: Tuesday, January 12, 2010 12:14:05 PM
Rank: AiutAmico

Iscritto dal : 4/5/2005
Posts: 22,971
Se lo posti, r16 potrà verificar per bene che tutto sia OK.
Torna in alto
 
giulietteb
Inviato: Tuesday, January 12, 2010 12:27:44 PM
Rank: AiutAmico

Iscritto dal : 1/6/2010
Posts: 38
ok! eccolo:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12.26.50, on 12/01/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\GtDetectSc.exe
E:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\system32\acs.exe
E:\WINDOWS\system32\agrsmsvc.exe
E:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
E:\Programmi\Bonjour\mDNSResponder.exe
E:\Programmi\TOSHIBA\ConfigFree\CFSvcs.exe
E:\Programmi\Intel\Wireless\Bin\EvtEng.exe
E:\Programmi\Java\jre6\bin\jqs.exe
E:\WINDOWS\system32\drivers\KodakCCS.exe
E:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
E:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\Explorer.EXE
E:\PROGRA~1\AVG\AVG8\avgemc.exe
E:\PROGRA~1\AVG\AVG8\avgrsx.exe
E:\Programmi\AVG\AVG8\avgcsrvx.exe
E:\Programmi\Canon\CAL\CALMAIN.exe
E:\Programmi\AVG\AVG8\avgcsrvx.exe
E:\WINDOWS\system32\TDispVol.exe
E:\WINDOWS\system32\TPSMain.exe
E:\Programmi\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
E:\WINDOWS\system32\TPSBattM.exe
E:\Programmi\TOSHIBA\E-KEY\CeEKey.exe
E:\Programmi\TOSHIBA\TouchPad\TPTray.exe
E:\Programmi\Synaptics\SynTP\SynTPEnh.exe
E:\Programmi\Camera Assistant Software for Toshiba\traybar.exe
E:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe
E:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe
E:\Programmi\Synaptics\SynTP\SynToshiba.exe
E:\Programmi\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
E:\Programmi\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
E:\WINDOWS\system32\ZoomingHook.exe
E:\Programmi\TOSHIBA\ConfigFree\NDSTray.exe
E:\WINDOWS\system32\TCtrlIOHook.exe
E:\Programmi\Camera Assistant Software for Toshiba\CEC_MAIN.exe
E:\WINDOWS\RTHDCPL.EXE
E:\Programmi\HP\HP Software Update\HPWuSchd2.exe
E:\WINDOWS\System32\spool\DRIVERS\W32X86\2\fpdisp4.exe
E:\Programmi\ScanSoft\OmniPageSE\opware32.exe
E:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
E:\Programmi\Java\jre6\bin\jusched.exe
E:\Programmi\Sony\Content Transfer\ContentTransferWMDetector.exe
E:\Programmi\File comuni\InstallShield\UpdateService\issch.exe
E:\PROGRA~1\AVG\AVG8\avgtray.exe
E:\Programmi\iTunes\iTunesHelper.exe
E:\Programmi\Intel\Wireless\Bin\Dot1XCfg.exe
E:\Programmi\Messenger\msmsgs.exe
E:\WINDOWS\System32\wbem\wmiapsrv.exe
E:\Programmi\File comuni\Nero\Lib\NMIndexStoreSvr.exe
E:\Programmi\PC Connectivity Solution\ServiceLayer.exe
E:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe
E:\Programmi\TOSHIBA\Bluetooth Monitor\BtMon2.exe
E:\Programmi\Kodak\Kodak EasyShare Software\bin\EasyShare.exe
E:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
E:\Programmi\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
E:\Documents and Settings\Francesca\Dati applicazioni\Dropbox\bin\Dropbox.exe
E:\Programmi\iPod\bin\iPodService.exe
E:\Programmi\Toshiba\TOSHIBA Controls\TFncKy.exe
E:\PROGRA~1\AVG\AVG8\avgnsx.exe
E:\WINDOWS\System32\svchost.exe
E:\Programmi\File comuni\Adobe\Updater5\AdobeUpdater.exe
E:\WINDOWS\system32\msiexec.exe
E:\Programmi\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - E:\Programmi\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - E:\Programmi\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing)
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - E:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - E:\Programmi\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\Programmi\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Diigo Toolbar Helper - {84053DA7-03DE-4FB6-80AE-202C04691D8A} - E:\Programmi\Diigo\DiigoToolbar.3.1.13.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - E:\Programmi\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - E:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - E:\Programmi\AskTBar\bar\1.bin\ASKTBAR.DLL (file missing)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - E:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Diigo Toolbar - {09197FFB-C236-4153-B268-31051E4F3B6C} - E:\Programmi\Diigo\DiigoToolbar.3.1.13.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - E:\Programmi\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [StartCCC] E:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [SVPWUTIL] E:\Programmi\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [CeEKEY] E:\Programmi\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPNF] E:\Programmi\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [Apoint] E:\Programmi\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [SynTPEnh] E:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "E:\Programmi\Camera Assistant Software for Toshiba\traybar.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] "E:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "E:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [ACU] E:\Programmi\Atheros\ACU.exe -nogui
O4 - HKLM\..\Run: [SmoothView] E:\Programmi\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [HPHUPD08] E:\Programmi\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [HP Software Update] E:\Programmi\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [FinePrint Dispatcher v4] E:\WINDOWS\System32\spool\DRIVERS\W32X86\2\fpdisp4.exe
O4 - HKLM\..\Run: [NeroFilterCheck] E:\Programmi\File comuni\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "E:\Programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [HPUsageTracking] "E:\Programmi\HP\HP UT\bin\hppusg.exe" "E:\Programmi\HP\HP UT\"
O4 - HKLM\..\Run: [Omnipage] E:\Programmi\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] E:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] E:\Programmi\Sony\Content Transfer\ContentTransferWMDetector.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "E:\Programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [ISUSPM Startup] E:\PROGRA~1\FILECO~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "E:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DNS7reminder] "E:\Programmi\Nuance\NaturallySpeaking10\Ereg\Ereg.exe" -r "E:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\Nuance\NaturallySpeaking10\Ereg.ini
O4 - HKLM\..\Run: [AVG8_TRAY] E:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "E:\Programmi\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "E:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MSMSGS] "E:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Programmi\File comuni\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] E:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [PcSync] E:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Dropbox.lnk = E:\Documents and Settings\Francesca\Dati applicazioni\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Bluetooth Monitor.lnk = ?
O4 - Global Startup: Kodak EasyShare software.lnk = E:\Programmi\Kodak\Kodak EasyShare Software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = E:\Programmi\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - E:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Programmi\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Programmi\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Programmi\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{6E09C7A5-41F8-411D-BD72-9462A3827EF9}: NameServer = 137.204.1.15,137.204.24.45
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - E:\Programmi\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - E:\Programmi\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgrsstarter - E:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Servizio di configurazione Atheros (ACS) - Atheros - E:\WINDOWS\system32\acs.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - E:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - E:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - E:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - E:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - E:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - E:\Programmi\Canon\CAL\CALMAIN.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - E:\Programmi\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - E:\Programmi\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GT Detect (GtDetectSc) - OptionNV - E:\WINDOWS\system32\GtDetectSc.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - E:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - E:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - E:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - E:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - E:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - E:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - E:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - E:\Programmi\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 14233 bytes
Torna in alto
 
a.roselli
Inviato: Tuesday, January 12, 2010 12:37:03 PM

Rank: Admin

Iscritto dal : 10/4/2000
Posts: 19,055
Ciao,
esegui queste operazioni

ATTENZIONE prima di procedere con le riparazioni, fate la copia di riserva dei vostri dati, a volte eliminando un virus il sistema potrebbe non riavviarsi.
____________________________

Disattiva il ripristino di configurazione, leggi qui come fare
http://guide.aiutamici.com/guide?C1=7&C2=68&ID=80121

Riavvia in modalità provvisoria, leggi qui come fare
http://guide.aiutamici.com/guide?C1=7&C2=68&ID=80122

apri HIJAC THIS ed elimina come indicato in questo articolo
http://guide.aiutamici.com/software?ID=11175
le righe che seguono.

==================================
R3 - URLSearchHook: (no name) - *{9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - E:\Programmi\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing)
-
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - E:\Programmi\AskTBar\bar\1.bin\ASKTBAR.DLL (file missing)
-
O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] E:\Programmi\Sony\Content Transfer\ContentTransferWMDetector.exe
==================================


Cancella file e cartele indicate in rosso nei percorsi indicati
==================================
E:\Programmi\AskTBar
E:\Programmi\Sony\Content Transfer\ContentTransferWMDetector.exe
==================================


Utilizza questo programma per eliminare eventuali spyware
http://www.aiutamici.com/software?ID=10831

sempre in modalità provvisoria fai una scansione Antivirus,

quindi riavvia il computer e riattiva il ripristino configurazione disattivato all'inizio di questa procedura e crea un nuovo punto di ripristino, leggi qui http://guide.aiutamici.com/guide?C1=7&C2=16&ID=80161

Nel sistema non é presente un Firewall, installa questo programma se non ne utilizzi già uno
http://www.aiutamici.com/software?ID=80361

Aggiorna il sistema operativo dal Windows Update

Ti consiglio di utilizzare questo programma per fare la copia di riserva del sistema, cosi se vieni infettato puoi ripristinare il sistema cosi come si trova, leggi la descrizione su aiutamici
http://www.aiutamici.com/software?ID=80274
alfonso_aiutamici@hotmail.it
Torna in alto
 
r16
Inviato: Tuesday, January 12, 2010 12:55:31 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Commenta:
E:\Programmi\Sony\Content Transfer\ContentTransferWMDetector.exe

Non è per rompere le scatole......Whistle
Ma eliminando quel file della Sony, potrebbe avere problemi, di trasferimento di file multimediali.
Torna in alto
 
a.roselli
Inviato: Tuesday, January 12, 2010 1:23:34 PM

Rank: Admin

Iscritto dal : 10/4/2000
Posts: 19,055
Sul controllo on line di hijack viene indicato con una x rossa e con questa descrizione

Sembra che il nome di questo programma sia identico al nome del file. In molti casi questo avviene con i trojans. Per essere sicuro, devi controllare questo file.

giulietteb utilizzi qualche programma SONY ?

alfonso_aiutamici@hotmail.it
Torna in alto
 
giulietteb
Inviato: Tuesday, January 12, 2010 2:21:41 PM
Rank: AiutAmico

Iscritto dal : 1/6/2010
Posts: 38
avevo un programma sony di un lettore mp3, installato un anno fa per conto di un'altra persona - l'ho rimosso. Facendo la ricerca, ho comunque una cartella sony in E:/programmi.
procedo col resto o faccio altro?
Torna in alto
 
a.roselli
Inviato: Tuesday, January 12, 2010 2:35:06 PM

Rank: Admin

Iscritto dal : 10/4/2000
Posts: 19,055
In questo caso cancella anche tutta la cartella SONY


alfonso_aiutamici@hotmail.it
Torna in alto
 
giulietteb
Inviato: Tuesday, January 12, 2010 2:45:42 PM
Rank: AiutAmico

Iscritto dal : 1/6/2010
Posts: 38
ci ho provato, ma proprio quel file (content transfer wmdetector) non ne vuole sapere di essere eliminato
Torna in alto
 
a.roselli
Inviato: Tuesday, January 12, 2010 2:55:54 PM

Rank: Admin

Iscritto dal : 10/4/2000
Posts: 19,055
Segui le indicazioni passo passo , devi rimuoverlo in MODALITA' PROVVISORIA

alfonso_aiutamici@hotmail.it
Torna in alto
 
monsee
Inviato: Tuesday, January 12, 2010 3:07:55 PM
Rank: AiutAmico

Iscritto dal : 4/5/2005
Posts: 22,971
In Modalità Provvisoria dovrebbe lasciarsi eliminare.
Se non dovessi riuscire, diccelo... che faccian fuori la cartella incriminata in altro modo.
Torna in alto
 
giulietteb
Inviato: Tuesday, January 12, 2010 3:22:38 PM
Rank: AiutAmico

Iscritto dal : 1/6/2010
Posts: 38
a.roselli ha scritto:
Ciao,

apri HIJAC THIS ed elimina... le righe che seguono.

==================================
R3 - URLSearchHook: (no name) - *{9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - E:\Programmi\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing)
-
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - E:\Programmi\AskTBar\bar\1.bin\ASKTBAR.DLL (file missing)
-
O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] E:\Programmi\Sony\Content Transfer\ContentTransferWMDetector.exe
==================================


le prime due righe (R3) non ci sono, le altre due sì
Torna in alto
 
r16
Inviato: Tuesday, January 12, 2010 3:51:01 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Elimina quelle che vedi.
Le altre, dovrebbero essere visibili in Modalità normale.
Torna in alto
 
giulietteb
Inviato: Tuesday, January 12, 2010 6:29:10 PM
Rank: AiutAmico

Iscritto dal : 1/6/2010
Posts: 38
Ciao a tutti,

hofatto tutto tranne questo, che rimando a stasera:

a.roselli ha scritto:
Ti consiglio di utilizzare questo programma per fare la copia di riserva del sistema, cosi se vieni infettato puoi ripristinare il sistema cosi come si trova, leggi la descrizione su aiutamici
http://www.aiutamici.com/software?ID=80274


In modalità provvisoria Spybot ha trovato parecchie cose, e le ho eliminate
AVG invece non ha trovato nulla

In modalità normale ho sistemato anche le due righe "R3 - URLSearchHook: (no name)..." che non vedevo, in Hijackthis, in modalità provvisoria

Qui sotto l'ultimo log di hijackthis: sono guarita??

grazie mille

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18.29.32, on 12/01/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\GtDetectSc.exe
E:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\system32\acs.exe
E:\WINDOWS\system32\agrsmsvc.exe
E:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
E:\Programmi\Bonjour\mDNSResponder.exe
E:\Programmi\TOSHIBA\ConfigFree\CFSvcs.exe
E:\Programmi\Intel\Wireless\Bin\EvtEng.exe
E:\Programmi\Java\jre6\bin\jqs.exe
E:\WINDOWS\system32\drivers\KodakCCS.exe
E:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
E:\WINDOWS\system32\HPZipm12.exe
E:\WINDOWS\Explorer.EXE
E:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
E:\WINDOWS\System32\svchost.exe
E:\PROGRA~1\AVG\AVG8\avgemc.exe
E:\PROGRA~1\AVG\AVG8\avgrsx.exe
E:\PROGRA~1\AVG\AVG8\avgnsx.exe
E:\Programmi\AVG\AVG8\avgcsrvx.exe
E:\Programmi\Canon\CAL\CALMAIN.exe
E:\Programmi\TOSHIBA\TOSHIBA Controls\TFncKy.exe
E:\WINDOWS\system32\TDispVol.exe
E:\Programmi\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
E:\WINDOWS\system32\TPSMain.exe
E:\Programmi\AVG\AVG8\avgcsrvx.exe
E:\Programmi\TOSHIBA\E-KEY\CeEKey.exe
E:\WINDOWS\system32\TPSBattM.exe
E:\Programmi\TOSHIBA\TouchPad\TPTray.exe
E:\Programmi\Synaptics\SynTP\SynTPEnh.exe
E:\Programmi\Camera Assistant Software for Toshiba\traybar.exe
E:\Programmi\Synaptics\SynTP\SynToshiba.exe
E:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe
E:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe
E:\Programmi\Camera Assistant Software for Toshiba\CEC_MAIN.exe
E:\Programmi\Atheros\ACU.exe
E:\Programmi\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
E:\WINDOWS\system32\ZoomingHook.exe
E:\Programmi\TOSHIBA\ConfigFree\NDSTray.exe
E:\WINDOWS\system32\TCtrlIOHook.exe
E:\WINDOWS\RTHDCPL.EXE
E:\Programmi\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
E:\Programmi\Intel\Wireless\Bin\Dot1XCfg.exe
E:\WINDOWS\System32\wbem\wmiapsrv.exe
E:\Programmi\HP\HP Software Update\HPWuSchd2.exe
E:\WINDOWS\System32\spool\DRIVERS\W32X86\2\fpdisp4.exe
E:\Programmi\ScanSoft\OmniPageSE\opware32.exe
E:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
E:\Programmi\Java\jre6\bin\jusched.exe
E:\Programmi\File comuni\InstallShield\UpdateService\issch.exe
E:\PROGRA~1\AVG\AVG8\avgtray.exe
E:\Programmi\iTunes\iTunesHelper.exe
E:\Programmi\Messenger\msmsgs.exe
E:\Programmi\File comuni\Nero\Lib\NMIndexStoreSvr.exe
E:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe
E:\Programmi\TOSHIBA\Bluetooth Monitor\BtMon2.exe
E:\Programmi\Kodak\Kodak EasyShare Software\bin\EasyShare.exe
E:\Programmi\PC Connectivity Solution\ServiceLayer.exe
E:\Programmi\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
E:\Documents and Settings\Francesca\Dati applicazioni\Dropbox\bin\Dropbox.exe
E:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
E:\Programmi\iPod\bin\iPodService.exe
E:\Programmi\Mozilla Firefox\firefox.exe
E:\Programmi\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - E:\Programmi\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - E:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - E:\Programmi\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\Programmi\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Diigo Toolbar Helper - {84053DA7-03DE-4FB6-80AE-202C04691D8A} - E:\Programmi\Diigo\DiigoToolbar.3.1.13.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - E:\Programmi\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - E:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - E:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Diigo Toolbar - {09197FFB-C236-4153-B268-31051E4F3B6C} - E:\Programmi\Diigo\DiigoToolbar.3.1.13.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - E:\Programmi\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [StartCCC] E:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [SVPWUTIL] E:\Programmi\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [CeEKEY] E:\Programmi\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPNF] E:\Programmi\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [Apoint] E:\Programmi\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [SynTPEnh] E:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "E:\Programmi\Camera Assistant Software for Toshiba\traybar.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] "E:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "E:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [ACU] E:\Programmi\Atheros\ACU.exe -nogui
O4 - HKLM\..\Run: [SmoothView] E:\Programmi\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [HPHUPD08] E:\Programmi\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [HP Software Update] E:\Programmi\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [FinePrint Dispatcher v4] E:\WINDOWS\System32\spool\DRIVERS\W32X86\2\fpdisp4.exe
O4 - HKLM\..\Run: [NeroFilterCheck] E:\Programmi\File comuni\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "E:\Programmi\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [HPUsageTracking] "E:\Programmi\HP\HP UT\bin\hppusg.exe" "E:\Programmi\HP\HP UT\"
O4 - HKLM\..\Run: [Omnipage] E:\Programmi\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] E:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "E:\Programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [ISUSPM Startup] E:\PROGRA~1\FILECO~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "E:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DNS7reminder] "E:\Programmi\Nuance\NaturallySpeaking10\Ereg\Ereg.exe" -r "E:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\Nuance\NaturallySpeaking10\Ereg.ini
O4 - HKLM\..\Run: [AVG8_TRAY] E:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "E:\Programmi\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "E:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MSMSGS] "E:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Programmi\File comuni\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] E:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [PcSync] E:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Dropbox.lnk = E:\Documents and Settings\Francesca\Dati applicazioni\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Bluetooth Monitor.lnk = ?
O4 - Global Startup: Kodak EasyShare software.lnk = E:\Programmi\Kodak\Kodak EasyShare Software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = E:\Programmi\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - E:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Programmi\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Programmi\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Programmi\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{6E09C7A5-41F8-411D-BD72-9462A3827EF9}: NameServer = 137.204.1.15,137.204.24.45
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - E:\Programmi\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - E:\Programmi\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgrsstarter - E:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Servizio di configurazione Atheros (ACS) - Atheros - E:\WINDOWS\system32\acs.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - E:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - E:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - E:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - E:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - E:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - E:\Programmi\Canon\CAL\CALMAIN.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - E:\Programmi\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - E:\Programmi\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GT Detect (GtDetectSc) - OptionNV - E:\WINDOWS\system32\GtDetectSc.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - E:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - E:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - E:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - E:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - E:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - E:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - E:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - E:\Programmi\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 13682 bytes
Torna in alto
 
monsee
Inviato: Tuesday, January 12, 2010 6:45:27 PM
Rank: AiutAmico

Iscritto dal : 4/5/2005
Posts: 22,971
A me sembra pulito, il tuo ultimo LOG...
Aspetta, in ogni caso, qualcuno più abile di me per averne conferma.
Soltanto una cosuccia, se posso: vedo che uso XP Service Pack 2... Suggerirei, per avere un Sistema più difeso e performante, di installare il Service Pack 3 (il quale, d'altra parte) è caricabile anche a partir da Aiutamici.
A parte il fatto -ovviamente- che non mi par di aver notato, sul Sistema tuo, alcun valido firewall...
Torna in alto
 
cbbusto
Inviato: Tuesday, January 12, 2010 7:04:16 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Bravo monsee Applause Applause il s:p:3 è molto importante, ma sono ancora molti a non averlo.
Torna in alto
 
monsee
Inviato: Tuesday, January 12, 2010 7:08:19 PM
Rank: AiutAmico

Iscritto dal : 4/5/2005
Posts: 22,971
Grazie, Busto!
Torna in alto
 
giulietteb
Inviato: Tuesday, January 12, 2010 8:25:44 PM
Rank: AiutAmico

Iscritto dal : 1/6/2010
Posts: 38
ho dimenticato anche questo "Aggiorna il sistema operativo dal Windows Update", adesso recupero!
Torna in alto
 
Utenti presenti in questo topic
Guest

6 pages: 1 2 3 [4] 5 6

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » pc lento, malware nascosto?


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.