Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

computer lentissimo Opzioni
roberto1980
Inviato: Monday, December 06, 2010 9:20:30 AM
Rank: AiutAmico

Iscritto dal : 12/5/2010
Posts: 52
scusa ma come detto all'inizio io sono nuovo e non so come funziona ora spero di aver fatto bene e poi cos'è il log mbam non ne capisco tanto
Sponsor
Inviato: Monday, December 06, 2010 9:20:30 AM

 
miticoalex
Inviato: Monday, December 06, 2010 9:49:58 AM

Rank: AiutAmico

Iscritto dal : 10/19/2010
Posts: 14,635
roberto1980 ha scritto:
scusa ma come detto all'inizio io sono nuovo e non so come funziona ora spero di aver fatto bene e poi cos'è il log mbam non ne capisco tanto


il log mbam, è quello che ti viene esposto a fine scansione da malwarebytes,perciò copialo ed incollalo qui.

Inoltre ti consiglio di postare anche il log di hijack tihis ,leggi qui

ciao

roberto1980
Inviato: Monday, December 06, 2010 4:37:14 PM
Rank: AiutAmico

Iscritto dal : 12/5/2010
Posts: 52
allora r16 spero di averti inviato le cose giuste pe3rche ripeto non sono molto pratico comunque iltutto e di seguito

scusami e grazie per l'immensa pazienza che hai



Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Versione database: 5248

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

06/12/2010 16.32.01
mbam-log-2010-12-06 (16-31-51).txt

Tipo di scansione: Scansione completa (C:\|E:\|L:\|)
Elementi esaminati: 289718
Tempo trascorso: 2 ore, 9 minuti, 9 secondi

Processi infetti in memoria: 0
Moduli di memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Voci infette nei dati di registro: 0
Cartelle infette: 0
File infetti: 76

Processi infetti in memoria:
(Non sono stati rilevati elementi nocivi)

Moduli di memoria infetti:
(Non sono stati rilevati elementi nocivi)

Chiavi di registro infette:
(Non sono stati rilevati elementi nocivi)

Valori di registro infetti:
(Non sono stati rilevati elementi nocivi)

Voci infette nei dati di registro:
(Non sono stati rilevati elementi nocivi)

Cartelle infette:
(Non sono stati rilevati elementi nocivi)

File infetti:
c:\programmi\windows live\messenger\msimg32.dll (PUP.FunWebProducts) -> No action taken.
c:\programmi\windows live\messenger\riched20.dll (PUP.FunWebProducts) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072137.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072138.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072139.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072140.dll (Trojan.Vundo) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072141.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072142.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072143.dll (Trojan.Vundo) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072144.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072145.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072146.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072147.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072148.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072149.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072150.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072151.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072152.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072154.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072155.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072156.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072157.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072158.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072159.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072160.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072161.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072162.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072163.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072164.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072165.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072166.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072167.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072168.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072169.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072170.dll (Trojan.Vundo) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072172.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072173.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072174.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072175.dll (Trojan.Vundo) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072176.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072177.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072178.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072179.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072180.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072181.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072182.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072183.dll (Trojan.Vundo) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072184.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072185.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072186.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072187.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072188.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072190.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072191.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072192.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072193.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072194.exe (Trojan.Agent) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072195.dll (Trojan.Vundo) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072196.dll (Trojan.Vundo) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072197.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072198.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072199.dll (Trojan.Vundo) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072200.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072201.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072202.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072203.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072204.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072205.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072206.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072208.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072209.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072210.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072153.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072171.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072189.dll (Trojan.Hiloti.Gen) -> No action taken.
e:\system volume information\_restore{09c21368-6316-4fdb-bb09-9030a171a4df}\rp278\a0072207.dll (Trojan.Hiloti.Gen) -> No action taken.





Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16.36.00, on 06/12/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Common Files\Motive\McciCMService.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Vimicro Corporation\VMUVC\VMonitor.exe
C:\Programmi\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Programmi\HP\Digital Imaging\bin\hpqbam08.exe
C:\Programmi\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programmi\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programmi\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programmi\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [VMonitorVMUVC] "C:\Programmi\Vimicro Corporation\VMUVC\VMonitor.exe" VMUVC
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Programmi\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Programmi\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Visualizza o nasconde HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programmi\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Programmi\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Programmi\Common Files\Motive\McciCMService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 8326 bytes
r16
Inviato: Monday, December 06, 2010 6:01:19 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Elimina quello che ha trovato Malwarebytes, cliccando si "Rimuovi selezionati". (le caselline devono avere la spunta)

Disattiva il ripristino configurazione di sistema, e tienilo disattivato, fino alla soluzione del problema http://guide.aiutamici.com/guide?C1=7&C2=68&ID=80121

Dai una pulita (registro compreso)con CCleaner http://www.aiutamici.com/software?ID=11223

Poi:
Provvedi a svuotare del suo contenuto la cartella Prefetch :
clicca su Risorse del Computer
clicca su Disco locale C:
cerca, all’interno delle cartelle che saranno visualizzate la cartella Windows, aprila ed, al suo interno, cerca la cartella Prefetch, la apri ed elimina tutte le voci conservate al suo interno ( non eliminare la cartella)
SVUOTA IL CESTINO.
Poi:
Lancia Hijackthis e pulisci gli ADS in questo modo:(esclusivamente, su partizioni in NTFS):
clicca sulla voce Open the misc tool section.
clicca su Open ads spy.
togli la spunta alla voce Quick scan (windows base folder only)
clicca su Scan.
Aspetta pazientemente la fine della scansione.
se venissero rilevati ADS, spunta tutte le caselline e clicca su Remove selected

Fai uno ScanDisk, e una deframmentazione del HD.
Riattiva il ripristino configurazione di sistema



roberto1980
Inviato: Tuesday, December 07, 2010 7:19:23 PM
Rank: AiutAmico

Iscritto dal : 12/5/2010
Posts: 52
ciao r16,

ho fatto tutto quello che mi ai scritto e sembra che ora tutto funzioni però ora quando vado ad accendere il computer mi esce il seguente messaggio di errore:

Impossibile trovare il punto di ingresso APS initialize della procedura nella libreria di collegamento dinamico wlanapi. dii

di seguito di posto il log




Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19.19.01, on 07/12/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Common Files\Motive\McciCMService.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Vimicro Corporation\VMUVC\VMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Programmi\HP\Digital Imaging\bin\hpqbam08.exe
C:\Programmi\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\Alwil Software\Avast5\AvastUI.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programmi\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programmi\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programmi\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [VMonitorVMUVC] "C:\Programmi\Vimicro Corporation\VMUVC\VMonitor.exe" VMUVC
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Programmi\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Nero\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Visualizza o nasconde HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programmi\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Programmi\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Programmi\Common Files\Motive\McciCMService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 7602 bytes
r16
Inviato: Wednesday, December 08, 2010 2:30:48 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Commenta:
Impossibile trovare il punto di ingresso APS initialize della procedura nella libreria di collegamento dinamico wlanapi.

E' un problema di incompatibilità del software D-Link con il SP3 appena scaricato.
Per risolvere devi andare nella cartella :
C:\WINDOWS\$NtServicePackUninstall$
Aprirla, e copiare il file wlanapi.dll e ricopiarlo nelle cartelle:
D-Link\AirPlus G
ANI\ANIWZCS2
roberto1980
Inviato: Wednesday, December 08, 2010 9:00:03 PM
Rank: AiutAmico

Iscritto dal : 12/5/2010
Posts: 52
non ho trovato in c: windows
ne la cartella NtServicePackUnistall e ne D-link\AirPlus

come faccio?Brick wall Brick wall
r16
Inviato: Wednesday, December 08, 2010 10:36:44 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Con la funzione "Cerca" di Windows, digita in ambedue i campi : (fai il copia-incolla)
$NtServicePackUninstall$

La apri, e cerca il file:
wlanapi.dll

Lo copi, e lo incolli in questa cartella: (quella in grassetto)
C:\Programmi\D-Link\AirPlus G

Poi lo copi in quest'altra cartella: (quella in grassetto)
C:\Programmi\ANI\ANIWZCS2 Service




Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.