Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » pc infinitamente lento/LOG hijack

3 pages: [1] 2 3
pc infinitamente lento/LOG hijack Opzioni
Topic Precedente · Topic Sucessivo
Roxy83
Inviato: Friday, August 20, 2010 11:41:37 AM

Rank: AiutAmico

Iscritto dal : 4/12/2006
Posts: 46
Ciao a tutti...
il mio pc è diventato lentissimo...nn solo nella navigazione internet, ma anche se faccio operazioni semplicissime senza connessione... forse la situazione è anche peggiorata da quando ho installato clamwin...forse è troppo pesante per il mio vecchio pc?....Ah è molto lento anche all'avvio, ma già da parecchio tempo...cmq nonostante l'avvio lento è solo da qualche giorno che è peggiorato...prima andava benino.. grazie a chiunque mi darà una mano...
Ecco il log



Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11.41.32, on 20/08/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17080)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir Desktop\sched.exe
C:\Programmi\Avira\AntiVir Desktop\avguard.exe
C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Common Files\Motive\McciCMService.exe
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
C:\Programmi\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
C:\Programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmi\Avira\AntiVir Desktop\avgnt.exe
C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Nikolas87\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nikolas87\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nikolas87\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nikolas87\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\msiexec.exe
C:\Programmi\Trend Micro\HijackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.it
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Programmi\myBabylon_English\tbmyB0.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programmi\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Programmi\myBabylon_English\tbmyB0.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Programmi\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Programmi\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O3 - Toolbar: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Programmi\myBabylon_English\tbmyB0.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [PAC207_Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Programmi\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
O4 - HKLM\..\Run: [ClamWin] "C:\Programmi\ClamWin\bin\ClamTray.exe" --logon
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Nikolas87\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Tasto di scelta rapida per l'avvio di AutoCAD.lnk = C:\Programmi\File comuni\Autodesk Shared\acstart16.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Apri in nuova scheda in primo piano - res://C:\Programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/230?df2f2cea25974f0ab782cc5053fdeae4
O8 - Extra context menu item: Apri in nuova scheda in secondo piano - res://C:\Programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/229?df2f2cea25974f0ab782cc5053fdeae4
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Programmi\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Nikolas87\Menu Avvio\Programmi\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{134DF068-191F-4C4C-A866-4B366D988569}: NameServer = 192.168.1.1
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Computer, Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Programmi\Common Files\Motive\McciCMService.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Programmi\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: ServiceLayer - Nokia - C:\Programmi\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 11945 bytes
Torna in alto
 
Sponsor
Inviato: Friday, August 20, 2010 11:41:37 AM

 
Torna in alto
 
shapiro
Inviato: Friday, August 20, 2010 11:54:39 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
ciao roxy83 e bentornata

segui queste operazioni, vediamo se riusciamo a recuperare

Lancia HiJackThis -> Clicca Do a scan only -> Metti la spunta a fianco della riga che ti segnalo qui sotto -> Clicca su Fix Checked

Code:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.it

    O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - (no file)

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll
    
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)

O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)




da pannello di controllo>>>>installazione applicazioni rimuovi tutte le toolbar che trovi


disattiva momentaneamente il tuo antivirus

scarica combofix

esegui ComboFix.exe
alla richiesta se vuoi installare la recovery console rispondi NO
- segui le instruzioni
- finita la scansione portati in C:\ e copia/incolla, nella tua prossima risposta, il contenuto del file di testo Combofix.txt

qui e' descritto come usare correttamente combofix
Torna in alto
 
logic
Inviato: Friday, August 20, 2010 11:55:58 AM

Rank: AiutAmico

Iscritto dal : 2/25/2010
Posts: 1,008
Torna in alto
 
a.roselli
Inviato: Friday, August 20, 2010 2:31:24 PM

Rank: Admin

Iscritto dal : 10/4/2000
Posts: 19,055
Ciao Roxy83

quando avrai risolto il problema con l'aiuto di shapiro, vai a leggere la Guida al PC Sicuro

http://software.aiutamici.com/software?ID=10886

ti fai una copia di riserva del sistema e in seguito non dovrai mai più venire qui nel forum, se in seguito avrai problemi ti basterà ripristinare la copia di riserva fatta quando il sistema era perfettamente funzionante.

Provare per credere.

alfonso_aiutamici@hotmail.it
Torna in alto
 
monsee
Inviato: Friday, August 20, 2010 3:48:17 PM
Rank: AiutAmico

Iscritto dal : 4/5/2005
Posts: 22,971
Torna in alto
 
sabbb
Inviato: Friday, August 20, 2010 7:16:01 PM
Rank: AiutAmico

Iscritto dal : 9/12/2009
Posts: 6,632
Torna in alto
 
Roxy83
Inviato: Saturday, August 21, 2010 9:54:01 AM

Rank: AiutAmico

Iscritto dal : 4/12/2006
Posts: 46
:-)....grazie Alfonso...terrò a mente il tuo consiglio e appena posso vado a leggere l'articolo...

Ciao Shapiro.... ti posto il log di combofix.... ;-)


ComboFix 10-08-19.02 - Nikolas87 21/08/2010 9.39.19.2.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.511.301 [GMT 2:00]
Eseguito da: c:\documents and settings\Nikolas87\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {00000002-0002-0000-6C25-9E7C08000A00}
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {00000002-0002-0000-2C24-9E7C08000A00}
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {00000002-0002-0000-3C24-9E7C08000A00}
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {00000002-0002-0000-7C25-9E7C08000A00}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {806ED0B3-FFA4-00FC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000000-0000-0000-0000-000000000000}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {806ED0B3-FFA4-00DA-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {806EE0B3-FFA4-00DA-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {806EE0B3-FFA4-00EB-0D24-347CA8A3377C}
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Nikolas87\Dati applicazioni\Desktopicon

.
((((((((((((((((((((((((( Files Creati Da 2010-07-21 al 2010-08-21 )))))))))))))))))))))))))))))))))))
.

2010-08-20 09:39 . 2010-08-20 09:39 388096 ----a-r- c:\documents and settings\Nikolas87\Dati applicazioni\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-08-16 16:18 . 2010-08-16 16:19 -------- d-----w- c:\documents and settings\Nikolas87\Dati applicazioni\.clamwin
2010-08-16 16:17 . 2010-08-16 16:17 -------- d-----w- c:\programmi\ClamWin
2010-08-16 16:17 . 2010-08-16 16:17 -------- d-----w- c:\documents and settings\All Users\.clamwin
2010-08-12 18:40 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-08-07 20:25 . 2010-08-07 20:25 348160 ----a-w- c:\documents and settings\Nikolas87\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-5e8e0348-n\msvcr71.dll
2010-08-07 20:25 . 2010-08-07 20:25 503808 ----a-w- c:\documents and settings\Nikolas87\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-5e8e0348-n\msvcp71.dll
2010-08-07 20:25 . 2010-08-07 20:25 61440 ----a-w- c:\documents and settings\Nikolas87\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-6f291ff3-n\decora-sse.dll
2010-08-07 20:25 . 2010-08-07 20:25 499712 ----a-w- c:\documents and settings\Nikolas87\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-5e8e0348-n\jmc.dll
2010-08-07 20:25 . 2010-08-07 20:25 12800 ----a-w- c:\documents and settings\Nikolas87\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-6f291ff3-n\decora-d3d.dll
2010-07-22 13:05 . 2010-07-22 13:05 -------- d-----w- c:\documents and settings\Nikolas87\Dati applicazioni\gtk-2.0
2010-07-22 13:02 . 2010-07-22 13:10 -------- d-----w- c:\documents and settings\Nikolas87\Impostazioni locali\Dati applicazioni\moovida Air
2010-07-22 13:01 . 2010-07-22 13:10 -------- d-----w- c:\documents and settings\Nikolas87\Dati applicazioni\moovida-1
2010-07-22 13:00 . 2010-07-22 13:00 -------- d-----w- c:\documents and settings\Nikolas87\Dati applicazioni\FissaSearch
2010-07-22 13:00 . 2010-07-22 13:00 102400 ----a-r- c:\documents and settings\Nikolas87\Dati applicazioni\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut6_206049A8CD534D8B87D5F66190F05AB3.exe
2010-07-22 13:00 . 2010-07-22 13:00 102400 ----a-r- c:\documents and settings\Nikolas87\Dati applicazioni\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut4_A414E067513C43BA8786F3DC788BC961.exe
2010-07-22 13:00 . 2010-07-22 13:00 102400 ----a-r- c:\documents and settings\Nikolas87\Dati applicazioni\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut3_BCB4A930B9F04A2480525A437423D92B.exe
2010-07-22 13:00 . 2010-07-22 13:00 102400 ----a-r- c:\documents and settings\Nikolas87\Dati applicazioni\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut2_B4703F8364D440ADB60E472AD5422128.exe
2010-07-22 12:57 . 2010-07-22 13:13 -------- d-----w- c:\programmi\Fluendo

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-20 11:26 . 2005-05-19 07:21 24 ----a-w- c:\windows\system32\DVCStateBkp-{00000000-00000000-0000000A-00001102-00000002-80271102}.dat
2010-08-20 11:26 . 2005-05-19 07:21 24 ----a-w- c:\windows\system32\DVCState-{00000000-00000000-0000000A-00001102-00000002-80271102}.dat
2010-08-20 11:24 . 2005-05-19 07:35 -------- d-----w- c:\programmi\Google
2010-08-20 11:23 . 2006-12-09 16:09 -------- d-----w- c:\programmi\Yahoo!
2010-08-18 09:17 . 2009-06-28 16:14 -------- d-----w- c:\documents and settings\Nikolas87\Dati applicazioni\uTorrent
2010-08-17 14:31 . 2001-08-31 13:00 534326 ----a-w- c:\windows\system32\perfh010.dat
2010-08-17 14:31 . 2001-08-31 13:00 105244 ----a-w- c:\windows\system32\perfc010.dat
2010-08-16 18:35 . 2010-07-15 09:38 -------- d-----w- c:\documents and settings\Nikolas87\Dati applicazioni\OfferBox
2010-08-12 18:21 . 2007-03-04 09:50 62052486 ----a-w- c:\windows\Internet Logs\tvDebug.zip
2010-08-11 20:00 . 2009-05-09 14:00 -------- d---a-w- c:\documents and settings\All Users\Dati applicazioni\TEMP
2010-08-11 15:54 . 2009-05-09 20:02 17 ----a-w- c:\programmi\stinger1001546.opt
2010-08-11 14:00 . 2010-01-07 12:28 1098 ----a-w- c:\programmi\aswclnr.log
2010-07-22 18:59 . 2009-07-01 07:30 -------- d-----w- c:\programmi\uTorrent
2010-06-30 12:31 . 2001-08-31 13:00 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:15 . 2006-02-24 13:22 832512 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 12:15 . 2009-05-10 11:42 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-06-24 12:15 . 2001-08-31 13:00 17408 ----a-w- c:\windows\system32\corpol.dll
2010-06-24 09:02 . 2007-04-08 15:16 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-22 11:59 . 2010-06-22 11:59 6656 ----a-w- c:\documents and settings\Nikolas87\Dati applicazioni\FissaSearch\FissaUninstaller.exe
2010-06-21 15:27 . 2001-08-31 13:00 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2001-08-31 13:00 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 14:31 . 2005-05-19 08:40 744448 ----a-w- c:\windows\PCHEALTH\HELPCTR\Binaries\helpsvc.exe
2010-06-14 07:41 . 2005-05-19 08:39 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-06-07 16:12 . 2005-05-27 12:39 103200 ----a-w- c:\documents and settings\Nikolas87\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-05-24 17:04 . 2010-05-24 17:04 348160 ----a-w- c:\documents and settings\Nikolas87\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3c1f5533-n\msvcr71.dll
2010-05-24 17:04 . 2010-05-24 17:04 503808 ----a-w- c:\documents and settings\Nikolas87\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3c1f5533-n\msvcp71.dll
2010-05-24 17:04 . 2010-05-24 17:04 61440 ----a-w- c:\documents and settings\Nikolas87\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-7c9d5fa9-n\decora-sse.dll
2010-05-24 17:04 . 2010-05-24 17:04 12800 ----a-w- c:\documents and settings\Nikolas87\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-7c9d5fa9-n\decora-d3d.dll
2010-05-24 17:04 . 2010-05-24 17:04 499712 ----a-w- c:\documents and settings\Nikolas87\Dati applicazioni\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3c1f5533-n\jmc.dll
2009-05-14 19:16 . 2009-05-14 19:16 407680 ----a-w- c:\programmi\aswclnr.exe
2009-05-09 13:10 . 2009-05-09 13:09 3534855 ----a-w- c:\programmi\stinger1001546.exe
2009-03-16 14:37 . 2007-04-17 10:10 17 ----a-w- c:\programmi\stinger.opt
2007-04-17 09:58 . 2007-04-17 09:41 17 ----a-w- c:\programmi\stng260.opt
2005-05-19 07:53 . 2005-05-19 07:35 104 --sh--r- c:\windows\system32\43927FEE86.sys
2010-03-10 11:03 . 2005-05-19 07:35 6632 --sha-w- c:\windows\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}"= "c:\programmi\myBabylon_English\tbmyB0.dll" [2010-06-07 2515552]

[HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]
2010-06-07 15:58 2515552 ----a-w- c:\programmi\myBabylon_English\tbmyB0.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}"= "c:\programmi\myBabylon_English\tbmyB0.dll" [2010-06-07 2515552]

[HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}"= "c:\programmi\myBabylon_English\tbmyB0.dll" [2010-06-07 2515552]

[HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-16 68856]
"Google Update"="c:\documents and settings\Nikolas87\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe" [2009-04-22 133104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-12-12 335872]
"avgnt"="c:\programmi\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"ZoneAlarm Client"="c:\programmi\Zone Labs\ZoneAlarm\zlclient.exe" [2009-02-15 981384]
"PAC207_Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584]
"SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe" [2010-01-11 246504]
"TkBellExe"="c:\programmi\File comuni\Real\Update_OB\realsched.exe" [2010-03-09 202256]
"NokiaMusic FastStart"="c:\programmi\Nokia\Ovi Player\NokiaOviPlayer.exe" [2010-03-04 2192672]
"ClamWin"="c:\programmi\ClamWin\bin\ClamTray.exe" [2010-05-24 86016]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-13 15360]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Tasto di scelta rapida per l'avvio di AutoCAD.lnk - c:\programmi\File comuni\Autodesk Shared\acstart16.exe [2005-3-5 10872]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Avvio veloce di Adobe Reader.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Avvio veloce di Adobe Reader.lnk
backup=c:\windows\pss\Avvio veloce di Adobe Reader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Kodak EasyShare software.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Kodak EasyShare software.lnk
backup=c:\windows\pss\Kodak EasyShare software.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Kodak software updater.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Kodak software updater.lnk
backup=c:\windows\pss\Kodak software updater.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Nikolas87^Menu Avvio^Programmi^Esecuzione automatica^Adobe Gamma.lnk]
path=c:\documents and settings\Nikolas87\Menu Avvio\Programmi\Esecuzione automatica\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
2004-12-14 16:57 458752 ----a-w- c:\programmi\Logitech\Video\ISStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
2004-12-14 16:51 217088 ----a-w- c:\programmi\Logitech\Video\LogiTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2006-09-01 14:57 282624 ----a-w- c:\programmi\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2006-12-15 01:23 75520 ----a-w- c:\programmi\Java\jre1.5.0_11\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-07-16 08:18 68856 ----a-w- c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-03-09 10:01 202256 ----a-w- c:\programmi\File comuni\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
2006-03-30 15:45 313472 ----a-r- c:\programmi\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"c:\\Programmi\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"c:\\Programmi\\Autodesk\\Backburner\\monitor.exe"=
"c:\\Programmi\\Autodesk\\Backburner\\manager.exe"=
"c:\\Programmi\\Autodesk\\Backburner\\server.exe"=
"c:\\Programmi\\Autodesk\\3ds Max 9\\3dsmax.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1756:UDP"= 1756:UDP:e mule UDP in uscita
"7501:TCP"= 7501:TCP:3d studio max
"1755:TCP"= 1755:TCP:e mule in entrata
"1756:TCP"= 1756:TCP:e mule TCP
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017

S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [15/09/2009 17.54.11 133104]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\85.tmp --> c:\windows\system32\85.tmp [?]
S3 Swlpad;Swlpad; [x]
.
Contenuto della cartella 'Scheduled Tasks'

2010-08-18 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2010-08-21 c:\windows\Tasks\Google Software Updater.job
- c:\programmi\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-14 15:51]

2010-08-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-09-15 15:53]

2010-08-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-09-15 15:53]

2010-08-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1957994488-842925246-1343024091-1003Core.job
- c:\documents and settings\Nikolas87\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2009-04-22 10:05]

2010-08-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1957994488-842925246-1343024091-1003UA.job
- c:\documents and settings\Nikolas87\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2009-04-22 10:05]

2010-08-21 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1957994488-842925246-1343024091-1003.job
- c:\programmi\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]

2010-08-19 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1957994488-842925246-1343024091-1003.job
- c:\programmi\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]

2010-08-19 c:\windows\Tasks\Symantec NetDetect.job
- c:\programmi\Symantec\LiveUpdate\NDETECT.EXE [2005-12-29 16:26]
.
.
------- Scansione supplementare -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8&rlz=1I7DVXA_en
mStart Page = hxxp://www.msn.com
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: Apri in nuova scheda in primo piano - c:\programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/230?df2f2cea25974f0ab782cc5053fdeae4
IE: Apri in nuova scheda in secondo piano - c:\programmi\Windows Live Toolbar\Components\it-it\msntabres.dll.mui/229?df2f2cea25974f0ab782cc5053fdeae4
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Translate this web page with Babylon - c:\programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Nikolas87\Menu Avvio\Programmi\IMVU\Run IMVU.lnk
TCP: {134DF068-191F-4C4C-A866-4B366D988569} = 192.168.1.1
.
.
------- Associazioni dei file -------
.
.scr=AutoCADScriptFile
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
MSConfigStartUp-Ad-Watch - c:\programmi\Lavasoft\Ad-Aware\AAWTray.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-21 09:50
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\85.tmp"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
"0140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(492)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(1728)
c:\windows\system32\WININET.dll
c:\programmi\Windows Media Player\wmpband.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Ora fine scansione: 2010-08-21 09:58:27
ComboFix-quarantined-files.txt 2010-08-21 07:58
ComboFix2.txt 2009-05-30 10:46

Pre-Run: 6.620.561.408 byte disponibili
Post-Run: 6.634.860.544 byte disponibili

- - End Of File - - 834B29226A64EE3595AACD040460273D
Torna in alto
 
shapiro
Inviato: Saturday, August 21, 2010 10:34:38 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
Roxy non vorrei che fosse un problema hardware il tuo....

combofix ha trovato ben poco

analiza questo file su virus total, non trovo nessu riscontro

c:\windows\system32\43927FEE86.sys

se hai installato ccleaner usalo

ccleaner

durante l’installazione deseleziona l’opzione per la barra di Yahoo, lo apri, vai in Opzioni>Avanzate, togli la spunta a “Cancella file temp diwindows solo se più vecchi di 48 ore”, poi avvialo, seleziona "Analizza" ed alla fine dell'analisi premi "Avvia pulizia''


clicca su Registro, nella pagina successiva clicca Trova problemi, poi al termine dello scan clicca su Ripara selezionati , risposndi di sì alla richiesta di salvare il backup (salvalo in una cartella a piacimento) poi ripara tutti gli elementi trovati.

scarica atf cleaner

Avvia ATF Cleaner.exe con un doppio click
- clicca sul menu main
- seleziona la casella Select All
- clicca sul pulsante Empty selected
- aspetta l'avviso Done Cleaning.
(se non vuoi eliminare le password togli la spunta)
(se usi opera o firefox,spunta anche le loro sezioni)


esegui uno scandisk come e' descritto qui

prova cosi' e vediamo se migliora

fammi avere il risultato di quel file, vediamo se e' da togliere

Torna in alto
 
fdaccc
Inviato: Saturday, August 21, 2010 10:39:50 AM

Rank: AiutAmico

Iscritto dal : 12/12/2009
Posts: 2,114

Torna in alto
 
shapiro
Inviato: Saturday, August 21, 2010 10:46:35 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
Torna in alto
 
fdaccc
Inviato: Saturday, August 21, 2010 10:55:01 AM

Rank: AiutAmico

Iscritto dal : 12/12/2009
Posts: 2,114
Torna in alto
 
monsee
Inviato: Saturday, August 21, 2010 12:10:43 PM
Rank: AiutAmico

Iscritto dal : 4/5/2005
Posts: 22,971
Torna in alto
 
panchoz
Inviato: Saturday, August 21, 2010 12:26:39 PM

Rank: AiutAmico

Iscritto dal : 11/6/2008
Posts: 2,452

Torna in alto
 
monsee
Inviato: Saturday, August 21, 2010 12:35:53 PM
Rank: AiutAmico

Iscritto dal : 4/5/2005
Posts: 22,971
Torna in alto
 
a.roselli
Inviato: Saturday, August 21, 2010 12:58:27 PM

Rank: Admin

Iscritto dal : 10/4/2000
Posts: 19,055
Gli ultimi interventi sono stati cancellati perché non attinenti con la richiesta di aiuto.

Per chiacchierare aprite nuove discussioni.


alfonso_aiutamici@hotmail.it
Torna in alto
 
panchoz
Inviato: Saturday, August 21, 2010 2:10:21 PM

Rank: AiutAmico

Iscritto dal : 11/6/2008
Posts: 2,452
Torna in alto
 
fdaccc
Inviato: Saturday, August 21, 2010 2:16:05 PM

Rank: AiutAmico

Iscritto dal : 12/12/2009
Posts: 2,114
Torna in alto
 
Roxy83
Inviato: Monday, August 23, 2010 8:43:05 AM

Rank: AiutAmico

Iscritto dal : 4/12/2006
Posts: 46
scusa l'ignoranza...virus total?
Torna in alto
 
a.roselli
Inviato: Monday, August 23, 2010 9:39:27 AM

Rank: Admin

Iscritto dal : 10/4/2000
Posts: 19,055
Roxy83, questo è solo un consiglio

visto che il sistema è lento, con virus o no, se fossi in te FAREI PRIMA UNA COPIA DI RISERVA DEI DATI, formatterei e reinstallerei tutto, leggi questa guida che sto facendo proprio adesso

http://www.aiutamici.com/ftp/software/WindowsXP_Guida.htm

una volta ripristinato il computer mi farei una copia di riserva, e in seguito a qualsiasi problema potrebbe avvenire, basterebbe ripristinare la copia di riserva e in mezz'ora riavresti il sistema come appena formattato, leggi quest'altro articolo

http://software.aiutamici.com/software?ID=10886

facci un pensierino.


alfonso_aiutamici@hotmail.it
Torna in alto
 
Utenti presenti in questo topic
Guest

3 pages: [1] 2 3

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » pc infinitamente lento/LOG hijack


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.