Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Problema Virus o qualcos'altro? Opzioni
superman91
Inviato: Sunday, March 27, 2011 5:19:31 AM
Rank: AiutAmico

Iscritto dal : 4/17/2007
Posts: 105
Salve a tutti ho un problema, da tempo ormai il mio pc va abbastanza lento, proprio lentezza anche nell'accendersi, forse qualche virus? In Gestione Periferiche ho il punto esclamativo sopra a ASInsHelp, ho letto su internet che è collegato con la scheda madre, sarà quello?

Questo è il mio log di hijackthis:

Code:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:18:20, on 27.03.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21256)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\xampp\apache\bin\httpd.exe
C:\WINDOWS\system32\ASTSRV.EXE
C:\WINDOWS\system32\crypserv.exe
C:\Programmi\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Programmi\File comuni\MAGIX Services\Database\bin\FABS.exe
C:\Programmi\Canon\IJPLM\IJPLMSVC.EXE
C:\Programmi\Java\jre6\bin\jqs.exe
C:\xampp\mysql\bin\mysqld.exe
C:\WINDOWS\system32\NLSSRV32.EXE
C:\Programmi\File comuni\PC Tools\sMonitor\StartManSvc.exe
C:\Programmi\CyberLink\Shared files\RichVideo.exe
C:\Programmi\Photodex\ProShowProducer\ScsiAccess.exe
c:\Programmi\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Administrator\Desktop\Programmi\TomTom HOME 2\TomTomHOMEService.exe
C:\Programmi\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
C:\WINDOWS\Explorer.EXE
C:\xampp\apache\bin\httpd.exe
C:\Programmi\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb02.exe
C:\Programmi\ESET\ESET NOD32 Antivirus\egui.exe
C:\Programmi\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\FreePOPs\freepopsd.exe
C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Programmi\eMule\eMule.exe
C:\WINDOWS\system32\mmc.exe
C:\Documents and Settings\Administrator\Desktop\RegSeeker\RegSeeker.exe
C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=;ftp=;https=;
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Programmi\Orbitdownloader\orbitcth.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmi\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: IeMonitorBho Class - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Programmi\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programmi\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Programmi\Orbitdownloader\GrabPro.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb02.exe
O4 - HKLM\..\Run: [egui] "C:\Programmi\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmi\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Programmi\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Programmi\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [UpdatePDRShortCut] "C:\Programmi\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Programmi\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\9.0"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Programmi\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AKVIS Retrialer from Unsofter.com] C:\Documents and Settings\Administrator\Desktop\AKVIS SmartMask v3.0.1027\AKVIS universal ReTrial\Retrialer.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Documents and Settings\Administrator\Desktop\Programmi\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [360Amigo] "C:\Program files\360Amigo\360Amigo.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-583907252-842925246-1177238915-500\..\Run: [TomTomHOME.exe] "C:\Documents and Settings\Administrator\Desktop\Programmi\TomTom HOME 2\TomTomHOMERunner.exe" (User '?')
O4 - HKUS\S-1-5-21-583907252-842925246-1177238915-500\..\Run: [360Amigo] "C:\Program files\360Amigo\360Amigo.exe" -autorun (User '?')
O4 - HKUS\S-1-5-21-583907252-842925246-1177238915-500\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-583907252-842925246-1177238915-500 Startup: FreePOPs.lnk = C:\Programmi\FreePOPs\freepopsd.exe (User '?')
O4 - Startup: FreePOPs.lnk = C:\Programmi\FreePOPs\freepopsd.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Download by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Aggiungi a PDF esistente - res://C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Aggiungi destinazione link a PDF esistente - res://C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append the content of the link to existing PDF file - res://C:\Programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Append the content of the selected links to existing PDF file - res://C:\Programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
O8 - Extra context menu item: Append to existing PDF file - res://C:\Programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Converti destinazione link in Adobe PDF - res://C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Converti in Adobe PDF - res://C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Create PDF file - res://C:\Programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: Create PDF file from the content of the link - res://C:\Programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: Create PDF files from the selected links - res://C:\Programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Programmi\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Scarica con Mipony - file://C:\Programmi\MiPony\Browser\IEContext.htm
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted IP range: http://192.168.1.1
O15 - ESC Trusted IP range: http://192.168.1.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmi\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: ObjectDockShellExt - {1984D045-52CF-49cd-DB77-08F378FEA4DB} - C:\Programmi\Stardock\ObjectDockPlus2\ODMenu.dll
O23 - Service: Apache2.2 - Apache Software Foundation - C:\xampp\apache\bin\httpd.exe
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\WINDOWS\system32\ASTSRV.EXE
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Programmi\File comuni\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Performance Toolkit Disk Defrag Service (DMDefragService) - PC Tools - C:\Programmi\PC Tools Utilities\Tools\Defrag\DMDefragSrv.exe
O23 - Service: Performance Toolkit Disk Repair Service (DMRepairService) - PC Tools - C:\Programmi\PC Tools Utilities\Tools\Repair\DMRepairSrv.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Programmi\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Programmi\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Programmi\File comuni\MAGIX Services\Database\bin\FABS.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Programmi\File comuni\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Programmi\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Programmi\File comuni\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: MySQL - MySQL AB - C:\xampp\mysql\bin\mysqld.exe
O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\system32\NLSSRV32.EXE
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - PC Tools - C:\Programmi\File comuni\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmi\CyberLink\Shared files\RichVideo.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Programmi\SiSoftware\SiSoftware Sandra Professional Home 2011.SP1a\RpcAgentSrv.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Programmi\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Programmi\File comuni\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Documents and Settings\Administrator\Desktop\Programmi\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Programmi\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe

--
End of file - 15427 bytes


Grazie a tutti per l'aiuto.
Sponsor
Inviato: Sunday, March 27, 2011 5:19:31 AM

 
a.roselli
Inviato: Monday, March 28, 2011 9:31:57 PM

Rank: Admin

Iscritto dal : 10/4/2000
Posts: 19,056
ASInsHelp appartiene a un programa dellA Asus, da gestione periferiche prova a rimuoverlo.

Fai una pulizia con CCleaner

http://www.aiutamici.com/software?ID=11223

e una deframmentazione con Auslogic o altro programma simile

http://www.aiutamici.com/software?ID=11435

Non dimenticare di fare una copia di riserva del sistema

http://www.aiutamici.com/software?ID=80274



alfonso_aiutamici@hotmail.it

superman91
Inviato: Tuesday, March 29, 2011 4:19:16 PM
Rank: AiutAmico

Iscritto dal : 4/17/2007
Posts: 105
Ora faccio, grazie. ALtra cosa, possibile che con google chrome ho 7 processi attivi chrome.exe ogni volta? Tra l'altro consumano tantissimo di memoria
a.roselli
Inviato: Tuesday, March 29, 2011 5:01:44 PM

Rank: Admin

Iscritto dal : 10/4/2000
Posts: 19,056
E' normale, per ogni finestra di Chrome che apri si apre un nuovo processo, uno dei punti di forza di Chrome e che se si blocca una scheda gli altri continuano a funzionare senza problemi. Chiudendo le schede si chiudono anche i processi.



alfonso_aiutamici@hotmail.it

superman91
Inviato: Tuesday, March 29, 2011 8:40:46 PM
Rank: AiutAmico

Iscritto dal : 4/17/2007
Posts: 105
Buonasera, mi sono dimenticato di dire che il mio antivirus , ESET NOD32 ogni tanto rileva dei virus, per esmepio:

A0190661.dll e si trovano in C:System Volume Information\_restore\qui tantissimi numeri\nome file.dll

Ogni tanto se ne presente uno nuovo ad esempio:

A0numeri.dll

Spero che mi sia spiegato, io li metto sempre in quarantena, però si ripresentano sempre.

Grazie, intanto sto deframmentando.
a.roselli
Inviato: Tuesday, March 29, 2011 9:06:28 PM

Rank: Admin

Iscritto dal : 10/4/2000
Posts: 19,056
La cartella Restore C:System Volume Information\_restore\ contiene i file del ripristino di configurazione, dove i programmi Antivirus non possono agire in scrittura, per eliminare i virus nella cartella Restore bisogna disattivare il ripristino di configurazione, riavviare il computer e riattivarlo.

Se non sai come fare leggi questo articolo
http://guide.aiutamici.com/guide?C1=7&C2=68&ID=80121



alfonso_aiutamici@hotmail.it

superman91
Inviato: Wednesday, March 30, 2011 1:15:24 PM
Rank: AiutAmico

Iscritto dal : 4/17/2007
Posts: 105
Fatto, ma purtroppo il pc ancora va lentissimo oppure si blocca proprio. Altre soluzioni?
a.roselli
Inviato: Wednesday, March 30, 2011 4:16:21 PM

Rank: Admin

Iscritto dal : 10/4/2000
Posts: 19,056
Se il sistema è stato danneggiato da un virus, conviene formattare e reinstallare tutto, quindi fare una copia di riserva del sistema e in seguito se hai dei problemi non dovrai perdere un'intera giornata di reinstallazione, basterà ripristinare la copia di riserva.



alfonso_aiutamici@hotmail.it

superman91
Inviato: Saturday, April 02, 2011 7:29:12 PM
Rank: AiutAmico

Iscritto dal : 4/17/2007
Posts: 105
Salve ho fatto la scansione con combofix ecco cosa a fatto: che cosa sarebbe questo?

\\.\PhysicalDrive0 - Bootkit TDL4 was found and disinfected HELP!

Code:
ComboFix 11-04-01.01 - Administrator 02.04.2011  18:36:12.8.2 - x86
Eseguito da: c:\documents and settings\Administrator\Desktop\ComboFix.exe
* Creato nuovo punto di ripristino
* Resident AV is active
.
.
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
.
(((((((((((((((((((((((((((((((((((((   Altre eliminazioni   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrator\Documenti\RegistroDiSistema 27 Marzo.reg
c:\documents and settings\All Users\Dati applicazioni\mazuki.dll
.
.
\\.\PhysicalDrive0 - Bootkit TDL4 was found and disinfected
.
(((((((((((((((((((((((((   Files Creati Da 2011-03-02 al 2011-04-02  )))))))))))))))))))))))))))))))))))
.
.
2011-03-31 00:38 . 2011-03-31 00:38    --------    d-----w-    c:\documents and settings\All Users\Dati applicazioni\Electronic Arts
2011-03-31 00:38 . 2011-03-31 00:38    --------    d-----w-    c:\documents and settings\All Users\Dati applicazioni\EA Core
2011-03-30 21:15 . 2011-03-30 21:15    --------    d-----w-    c:\programmi\Electronic Arts
2011-03-29 15:23 . 2011-03-29 15:23    --------    d-----w-    c:\programmi\Auslogics
2011-03-29 11:57 . 2011-03-29 11:57    --------    d-----w-    c:\documents and settings\Administrator\Dati applicazioni\Megamedia
2011-03-29 11:57 . 2011-03-29 11:57    --------    d-----w-    c:\documents and settings\All Users\Dati applicazioni\Megamedia
2011-03-29 11:57 . 2011-03-29 11:57    --------    d-----w-    c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\Megamedia
2011-03-28 13:02 . 2011-03-28 19:19    --------    d-----w-    c:\programmi\Youdagames
2011-03-25 18:37 . 2011-03-25 19:13    --------    d-----w-    c:\documents and settings\Administrator\Dati applicazioni\PC Tools Performance Toolkit
2011-03-25 18:23 . 2011-02-04 19:32    108056    ----a-w-    c:\windows\system32\drivers\PCTDMDefrag.sys
2011-03-25 18:23 . 2011-02-04 19:31    127256    ----a-w-    c:\windows\system32\drivers\PCTDSMon.sys
2011-03-25 18:23 . 2011-02-16 08:02    37344    ----a-w-    c:\windows\system32\CleanMFT32.exe
2011-03-25 18:23 . 2008-04-02 15:54    1101824    ----a-w-    c:\windows\system32\UniBox210.ocx
2011-03-25 18:23 . 2008-04-02 15:53    212992    ----a-w-    c:\windows\system32\UniBoxVB12.ocx
2011-03-25 18:23 . 2008-04-02 15:53    880640    ----a-w-    c:\windows\system32\UniBox10.ocx
2011-03-25 18:22 . 2011-03-25 18:24    --------    d-----w-    c:\programmi\File comuni\PC Tools
2011-03-25 18:22 . 2011-03-25 18:43    --------    d-----w-    c:\programmi\PC Tools Utilities
2011-03-25 18:22 . 2011-03-25 18:22    --------    d-----w-    c:\documents and settings\All Users\Dati applicazioni\PC Tools
2011-03-25 00:06 . 2011-03-25 00:57    --------    d-----w-    c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\RadioGet
2011-03-24 23:23 . 2011-03-25 01:59    --------    d-----w-    c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\Power2Go
2011-03-23 21:33 . 2011-03-23 21:33    --------    d-----w-    c:\documents and settings\Administrator\Dati applicazioni\ShinyTales
2011-03-23 21:22 . 2011-03-23 21:22    --------    d-----w-    c:\documents and settings\All Users\Dati applicazioni\MythPeople
2011-03-23 19:52 . 2011-03-23 19:52    --------    d-----w-    c:\documents and settings\Administrator\Dati applicazioni\Anthropics
2011-03-23 19:18 . 2011-03-23 19:19    --------    d-----w-    c:\programmi\Portrait Professional Studio 9
2011-03-23 15:30 . 2011-03-23 15:30    --------    d-----w-    c:\documents and settings\Administrator\Dati applicazioni\IBKPRO
2011-03-22 21:54 . 2011-03-22 21:54    0    ----a-w-    c:\documents and settings\All Users\Dati applicazioni\xml15E2.tmp
2011-03-22 21:54 . 2011-03-22 21:54    0    ----a-w-    c:\documents and settings\All Users\Dati applicazioni\xml15DF.tmp
2011-03-22 21:54 . 2011-03-22 21:54    14177    ----a-w-    c:\documents and settings\All Users\Dati applicazioni\xml15DD.tmp
2011-03-22 21:54 . 2011-03-22 21:54    8114    ----a-w-    c:\documents and settings\All Users\Dati applicazioni\xml15DB.tmp
2011-03-22 21:41 . 2011-03-22 21:41    --------    d-----w-    c:\programmi\SiSoftware
2011-03-21 14:43 . 2011-04-01 23:46    --------    d-----w-    c:\programmi\EA
2011-03-21 14:38 . 2011-03-21 14:38    --------    d-----w-    c:\windows\8A809006C25A4A3A9DAB94659BCDB107.TMP
2011-03-21 14:30 . 2011-03-21 14:30    --------    d-----w-    c:\windows\system32\xlive
2011-03-21 14:30 . 2011-03-21 14:32    --------    d-----w-    c:\programmi\Microsoft Games for Windows - LIVE
2011-03-21 00:19 . 2011-03-21 00:20    --------    d-----w-    c:\programmi\7-Zip
2011-03-19 13:33 . 2011-03-19 13:33    --------    d-----w-    c:\documents and settings\Administrator\Dati applicazioni\ERS G-Studio
2011-03-19 05:22 . 2011-03-19 05:22    --------    d-----w-    c:\documents and settings\Administrator\Dati applicazioni\Enki Games
2011-03-19 04:46 . 2011-03-19 12:34    --------    d-----w-    c:\documents and settings\Administrator\Dati applicazioni\Mipony
2011-03-19 04:46 . 2011-03-19 04:46    --------    d-----w-    c:\programmi\MiPony
2011-03-19 01:02 . 2011-03-30 18:39    --------    d-----w-    c:\documents and settings\Administrator\Dati applicazioni\FileZilla
2011-03-19 01:01 . 2011-03-30 18:37    --------    d-----w-    c:\programmi\FileZilla FTP Client
2011-03-18 21:28 . 2011-03-18 21:28    --------    d-----w-    c:\programmi\File comuni\Pegasus Imaging
2011-03-18 21:28 . 2011-03-18 21:28    --------    d-----w-    c:\programmi\File comuni\Yahoo!
2011-03-18 21:28 . 2011-03-18 21:28    --------    d-----w-    c:\documents and settings\All Users\Dati applicazioni\Studio 15
2011-03-18 21:28 . 2011-03-18 21:28    --------    d-----w-    c:\documents and settings\All Users\Dati applicazioni\Pinnacle Studio Plus
2011-03-18 17:19 . 2011-03-18 17:19    --------    d-----w-    c:\windows\system32\mapi
2011-03-16 21:43 . 2011-03-16 21:43    --------    d-----w-    c:\documents and settings\Administrator\Dati applicazioni\OtakuSoftware
2011-03-16 05:07 . 2011-03-16 05:07    --------    d-----w-    c:\documents and settings\Administrator\Dati applicazioni\ShaoLin
2011-03-15 20:06 . 2011-03-15 20:06    --------    d-----w-    c:\documents and settings\Administrator\Dati applicazioni\Obsidium
2011-03-15 20:06 . 2011-03-15 20:25    --------    d-----w-    c:\documents and settings\All Users\Dati applicazioni\AllMyMovies
2011-03-15 15:29 . 2011-03-15 15:29    --------    d-----w-    c:\programmi\Calcolo ICI
2011-03-15 10:16 . 2011-03-15 10:16    --------    d-----w-    c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\Badaboom
2011-03-15 10:12 . 2011-03-15 10:15    --------    d-----w-    c:\programmi\Badaboom2
2011-03-15 10:08 . 2011-03-15 10:08    --------    d-----w-    c:\programmi\File comuni\Java
2011-03-15 10:08 . 2011-03-15 10:08    0    ------w-    c:\windows\system32\REN4D92.tmp
2011-03-13 19:28 . 2011-03-13 19:28    --------    d-----w-    c:\documents and settings\Administrator\Dati applicazioni\MA2
2011-03-11 04:53 . 2011-03-18 17:07    --------    d-----w-    c:\programmi\File comuni\BioWare
2011-03-11 04:08 . 2011-01-08 03:27    837736    ------w-    c:\windows\system32\nvgenco322040.dll
2011-03-11 04:08 . 2011-01-08 03:27    941160    ------w-    c:\windows\system32\nvdispco322090.dll
2011-03-08 14:05 . 2011-03-08 14:05    --------    d-----w-    c:\documents and settings\LocalService\Dati applicazioni\CyberLink
2011-03-06 23:02 . 2011-03-27 18:32    --------    d-----w-    c:\documents and settings\Administrator\Dati applicazioni\ERS Game Studios
2011-03-05 20:55 . 2011-03-05 20:55    --------    d-----w-    c:\programmi\DsNET Corp
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-02 14:01 . 2009-12-09 06:24    5302    ----a-w-    c:\windows\system32\PerfStringBackup.TMP
2011-03-24 21:24 . 2009-04-23 20:08    29480    ------w-    c:\windows\system32\msxml3a.dll
2011-03-24 21:24 . 2003-02-21 03:42    353576    ------w-    c:\windows\system32\msvcr71.dll
2011-03-24 21:24 . 2003-03-18 19:14    505128    ------w-    c:\windows\system32\msvcp71.dll
2011-02-22 06:38 . 2011-02-22 06:38    86016    ------w-    c:\windows\system32\frapsvid.dll
2011-02-06 10:40 . 2011-02-06 10:40    93696    ------w-    c:\windows\system32\EP1KSSP.DLL
2011-02-06 10:40 . 2011-02-06 10:40    178176    ------w-    c:\windows\system32\ep1k_certd.exe
2011-02-06 10:40 . 2011-02-06 10:40    12288    ------w-    c:\windows\system32\ep1ksrv.exe
2011-02-06 10:40 . 2011-02-06 10:40    446464    ------w-    c:\windows\system32\EP1CSP32.DAT
2011-02-06 10:40 . 2011-02-06 10:40    24064    ------w-    c:\windows\system32\JEPSAI20.DLL
2011-02-06 10:40 . 2011-02-06 10:40    180224    ------w-    c:\windows\system32\EP1CSP32.DLL
2011-02-06 10:40 . 2011-02-06 10:40    165888    ------w-    c:\windows\system32\EP1PK111.DLL
2011-02-06 10:40 . 2011-02-06 10:40    95232    ------w-    c:\windows\system32\EP1KDL20.DLL
2011-02-06 10:40 . 2011-02-06 10:40    81920    ------w-    c:\windows\system32\EPSMODU.DLL
2011-02-06 10:40 . 2011-02-06 10:40    81920    ------w-    c:\windows\system32\EPASMOD.DLL
2011-02-06 10:40 . 2011-02-06 10:40    69632    ------w-    c:\windows\system32\EPSMODUE.DLL
2011-02-06 10:40 . 2011-02-06 10:40    53248    ------w-    c:\windows\system32\EPASSMDFULL.DLL
2011-02-06 10:40 . 2011-02-06 10:40    45056    ------w-    c:\windows\system32\EPASSMD.DLL
2011-02-06 10:40 . 2011-02-06 10:40    4608    ------w-    c:\windows\system32\ft1kco.dll
2011-02-06 10:40 . 2011-02-06 10:40    22272    ------w-    c:\windows\system32\drivers\eps1k.sys
2011-02-06 10:40 . 2011-02-06 10:40    9856    ------w-    c:\windows\system32\drivers\usbic1k.SYS
2011-02-06 10:40 . 2011-02-06 10:40    8832    ------w-    c:\windows\system32\drivers\IC1KENUM.SYS
2011-02-02 20:40 . 2010-05-11 14:36    472808    ------w-    c:\windows\system32\deployJava1.dll
2011-02-02 18:19 . 2010-08-29 18:34    73728    ------w-    c:\windows\system32\javacpl.cpl
2011-01-08 03:27 . 2010-04-04 14:19    61440    ------w-    c:\windows\system32\OpenCL.dll
2011-01-08 03:27 . 2010-04-04 14:19    2251368    ------w-    c:\windows\system32\nvcuvenc.dll
2011-01-08 03:27 . 2010-04-04 14:19    13004800    ------w-    c:\windows\system32\nvcompiler.dll
2011-01-08 03:27 . 2009-03-27 08:03    9888672    ------w-    c:\windows\system32\drivers\nv4_mini.sys
2011-01-08 03:27 . 2009-03-27 08:03    6397824    ------w-    c:\windows\system32\nv4_disp.dll
2011-01-08 03:27 . 2009-03-27 08:03    4980736    ------w-    c:\windows\system32\nvcuda.dll
2011-01-08 03:27 . 2009-03-27 08:03    2916968    ------w-    c:\windows\system32\nvcuvid.dll
2011-01-08 03:27 . 2009-03-27 08:03    1958400    ------w-    c:\windows\system32\nvapi.dll
2011-01-08 03:27 . 2009-03-27 08:03    14671872    ------w-    c:\windows\system32\nvoglnt.dll
2011-01-07 18:58 . 2011-01-07 18:58    282624    ------w-    c:\windows\system32\nvrsel.dll
2011-01-07 18:58 . 2011-01-07 18:58    274432    ------w-    c:\windows\system32\nvrsesm.dll
2011-01-07 18:58 . 2011-01-07 18:58    253952    ------w-    c:\windows\system32\nvrsth.dll
2011-01-07 18:58 . 2011-01-07 18:58    249856    ------w-    c:\windows\system32\nvrseng.dll
2011-01-07 18:58 . 2011-01-07 18:58    126976    ------w-    c:\windows\system32\nvrszht.dll
2011-01-07 18:58 . 2011-01-07 18:58    331776    ------w-    c:\windows\system32\nvrshe.dll
2011-01-07 18:58 . 2011-01-07 18:58    286720    ------w-    c:\windows\system32\nvrsfr.dll
2011-01-07 18:58 . 2011-01-07 18:58    274432    ------w-    c:\windows\system32\nvrsnl.dll
2011-01-07 18:58 . 2011-01-07 18:58    270336    ------w-    c:\windows\system32\nvrsru.dll
2011-01-07 18:58 . 2011-01-07 18:58    262144    ------w-    c:\windows\system32\nvrshu.dll
2011-01-07 18:58 . 2011-01-07 18:58    258048    ------w-    c:\windows\system32\nvrssl.dll
2011-01-07 18:58 . 2011-01-07 18:58    253952    ------w-    c:\windows\system32\nvrsda.dll
2011-01-07 18:58 . 2011-01-07 18:58    249856    ------w-    c:\windows\system32\nvrsfi.dll
2011-01-07 18:58 . 2011-01-07 18:58    229376    ------w-    c:\windows\system32\nvrszhc.dll
2011-01-07 18:58 . 2011-01-07 18:58    335872    ------w-    c:\windows\system32\nvrsar.dll
2011-01-07 18:58 . 2011-01-07 18:58    282624    ------w-    c:\windows\system32\nvrses.dll
2011-01-07 18:58 . 2011-01-07 18:58    278528    ------w-    c:\windows\system32\nvrsde.dll
2011-01-07 18:58 . 2011-01-07 18:58    270336    ------w-    c:\windows\system32\nvrsptb.dll
2011-01-07 18:58 . 2011-01-07 18:58    266240    ------w-    c:\windows\system32\nvrsko.dll
2011-01-07 18:58 . 2011-01-07 18:58    258048    ------w-    c:\windows\system32\nvrstr.dll
2011-01-07 18:58 . 2011-01-07 18:58    258048    ------w-    c:\windows\system32\nvrssk.dll
2011-01-07 18:58 . 2011-01-07 18:58    253952    ------w-    c:\windows\system32\nvrssv.dll
2011-01-07 18:58 . 2011-01-07 18:58    253952    ------w-    c:\windows\system32\nvrsno.dll
2011-01-07 18:58 . 2011-01-07 18:58    249856    ------w-    c:\windows\system32\nvrscs.dll
2011-01-07 18:58 . 2011-01-07 18:58    282624    ------w-    c:\windows\system32\nvrsit.dll
2011-01-07 18:58 . 2011-01-07 18:58    274432    ------w-    c:\windows\system32\nvrspt.dll
2011-01-07 18:58 . 2011-01-07 18:58    270336    ------w-    c:\windows\system32\nvrsja.dll
2011-01-07 18:58 . 2011-01-07 18:58    258048    ------w-    c:\windows\system32\nvrspl.dll
2011-01-07 18:58 . 2011-01-07 18:58    81920    ------w-    c:\windows\system32\nvwddi.dll
2011-01-07 18:58 . 2011-01-07 18:58    580200    ------w-    c:\windows\system32\easyUpdatusAPIU.dll
2011-01-07 18:58 . 2011-01-07 18:58    277608    ------w-    c:\windows\system32\nvmccs.dll
2011-01-07 18:58 . 2011-01-07 18:58    156776    ------w-    c:\windows\system32\nvsvc32.exe
2011-01-07 18:58 . 2011-01-07 18:58    145000    ------w-    c:\windows\system32\nvcolor.exe
2011-01-07 18:58 . 2011-01-07 18:58    13880424    ------w-    c:\windows\system32\nvcpl.dll
2011-01-07 18:58 . 2011-01-07 18:58    111208    ------w-    c:\windows\system32\nvmctray.dll
2010-02-18 23:28 . 2010-02-18 23:28    774144    ----a-w-    c:\programmi\RngInterstitial.dll
.
.
(((((((((((((((((((((((((((((((((((((   Punti Reg Caricati   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{77F4E711-789B-447F-9614-96759B2F83C6}]
2011-01-13 04:16    64000    ----a-w-    c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\Megamedia\Megakey\MegaIeHelper.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb02.exe" [2001-04-17 192512]
"egui"="c:\programmi\ESET\ESET NOD32 Antivirus\egui.exe" [2009-10-01 2054360]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-09-07 43608]
"36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2010-09-07 1976920]
"SoundMAXPnP"="c:\programmi\Analog Devices\Core\smax4pnp.exe" [2006-06-23 847872]
"Acrobat Assistant 8.0"="c:\programmi\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2011-01-30 821144]
"CanonSolutionMenuEx"="c:\programmi\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-01-07 111208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-07 13880424]
"nwiz"="c:\programmi\NVIDIA Corporation\nView\nwiz.exe" [2010-11-04 1753192]
"SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe" [2010-10-29 249064]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 25088]
.
c:\documents and settings\Administrator\Menu Avvio\Programmi\Esecuzione automatica\
FreePOPs.lnk - c:\programmi\FreePOPs\freepopsd.exe [2008-12-27 49152]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984D045-52CF-49cd-DB77-08F378FEA4DB}"= "c:\programmi\Stardock\ObjectDockPlus2\ODMenu.dll" [2010-03-24 511344]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmi\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-10-28 10:13    64592    ----a-w-    c:\programmi\File comuni\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Menu Avvio^Programmi^Esecuzione automatica^is-6O6IH.lnk]
.
[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Menu Avvio^Programmi^Esecuzione automatica^Logitech . Registrazione prodotti.lnk]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCE Print Dispatcher
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\360Amigo]
2011-03-19 23:17    4743240    ----a-w-    c:\program files\360Amigo\360Amigo.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
2008-10-13 10:16    165144    ----a-w-    c:\programmi\File comuni\Acronis\Schedule2\schedhlp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-07-22 20:10    402432    ----a-w-    c:\programmi\File comuni\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
2010-03-26 22:39    323392    ----a-w-    c:\programmi\DNA\btdna.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ClamWin]
2009-04-14 10:52    86016    ----a-w-    c:\programmi\ClamWin\bin\ClamTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverChecker.exe]
2009-12-31 15:36    13561856    ----a-w-    c:\programmi\Driver Checker\DriverChecker.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvtMgr6]
2010-10-28 23:32    1352272    ----a-w-    c:\programmi\Logitech\SetPointP\SetPoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2008-10-09 17:23    133104    ----atw-    c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 09:44    31072    ----a-w-    c:\programmi\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InnoSetupRegFile.0000000001]
2009-09-02 04:30    687104    ----a-w-    c:\windows\is-QOJPR.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstantAccess]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2010-12-20 16:08    963976    ----a-w-    c:\programmi\Malwarebytes' Anti-Malware\mbam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2010-12-20 16:08    443728    ----a-w-    c:\programmi\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MegakeyUpdater]
2011-01-13 05:38    64000    ----a-w-    c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\Megamedia\Megakey\MegakeyUpdater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50    155648    ------w-    c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
2010-03-26 22:42    2937528    ----a-w-    c:\programmi\Pando Networks\Media Booster\PMB.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PE2CKFNT SE]
1998-07-03 10:51    25088    ------r-    c:\programmi\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegisterDropHandler]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-10-29 13:49    249064    ----a-w-    c:\programmi\File comuni\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 11:37    517096    ----a-w-    c:\programmi\File comuni\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2010-12-10 12:28    247144    ----a-w-    c:\documents and settings\Administrator\Desktop\Programmi\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDRShortCut]
2008-06-06 13:03    222504    ----a-w-    c:\programmi\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip]
2007-02-20 10:07    199752    ----a-w-    c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
2007-12-20 15:05    77824    ------w-    c:\windows\system32\VTTimer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"TuneUp.ProgramStatisticsSvc"=2 (0x2)
"UxTuneUp"=2 (0x2)
"TuneUp.Defrag"=3 (0x3)
"ServiceLayer"=3 (0x3)
"gusvc"=3 (0x3)
"AcrSch2Svc"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Acrobat Speed Launcher"="c:\programmi\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
"QuickTime Task"="c:\programmi\QuickTime\QTTask.exe" -atboottime
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 10.0\Reader\Reader_sl.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices-]
"RegisterDropHandler"=c:\progra~1\TEXTBR~1.0\Bin\REGIST~1.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Orbitdownloader\\orbitdm.exe"=
"c:\\Programmi\\Orbitdownloader\\orbitnet.exe"=
"c:\\Documents and Settings\\Administrator\\temp\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Programmi\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Programmi\\filehippo.com\\UpdateChecker.exe"=
"c:\\Programmi\\mIRC\\mirc.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\DNA\\btdna.exe"=
"c:\\Documents and Settings\\Administrator\\Desktop\\Programmi\\FirefoxPortable\\App\\Firefox\\firefox.exe"=
"c:\\Programmi\\FreePOPs\\freepopsd.exe"=
"c:\\Programmi\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Documents and Settings\\Administrator\\temp\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\xampp\\apache\\bin\\httpd.exe"=
"c:\\xampp\\mysql\\bin\\mysqld.exe"=
"c:\\Programmi\\eMule\\eMule.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programmi\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Programmi\\Steam\\Steam.exe"=
"c:\\Programmi\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\system32\\ftp.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Programmi\\DsNET Corp\\aTube Catcher 2.0\\yct.exe"=
"c:\\Programmi\\Java\\jre6\\launch4j-tmp\\JDownloader.exe"=
"c:\\Programmi\\Pinnacle\\Studio 15\\Programs\\RM.exe"=
"c:\\Programmi\\Pinnacle\\Studio 15\\Programs\\Studio.exe"=
"c:\\Programmi\\Pinnacle\\Studio 15\\Programs\\umi.exe"=
"c:\\Programmi\\SiSoftware\\SiSoftware Sandra Professional Home 2011.SP1a\\RpcAgentSrv.exe"=
"c:\\Programmi\\SiSoftware\\SiSoftware Sandra Professional Home 2011.SP1a\\WNt500x86\\RpcSandraSrv.exe"=
"c:\\Programmi\\Electronic Arts\\Crytek\\Crysis 2\\bin32\\Crysis2.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26731:TCP"= 26731:TCP:*:Disabled:SolidNetworkManager
"26731:UDP"= 26731:UDP:*:Disabled:SolidNetworkManager
"5009:TCP"= 5009:TCP:SolidNetworkManager
"5009:UDP"= 5009:UDP:SolidNetworkManager
"56827:TCP"= 56827:TCP:Pando Media Booster
"56827:UDP"= 56827:UDP:Pando Media Booster
"1066:TCP"= 1066:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R1 as6eio;as6eio;c:\windows\System32\drivers\as6eio.sys [x]
R2 DMDefragService;Performance Toolkit Disk Defrag Service;c:\programmi\PC Tools Utilities\Tools\Defrag\DMDefragSrv.exe [2011-02-16 1050592]
R3 DMRepairService;Performance Toolkit Disk Repair Service;c:\programmi\PC Tools Utilities\Tools\Repair\DMRepairSrv.exe [2011-02-16 1034208]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\programmi\File comuni\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
R3 gwiopm;gwiopm;c:\programmi\My Drivers\gwiopm.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-05-03 3604720]
R3 PCTDMDefrag;PCTDMDefrag;c:\windows\system32\drivers\PCTDMDefrag.sys [2011-02-04 108056]
R3 PCTDSMon;PCTDSMon;c:\windows\system32\drivers\PCTDSMon.sys [2011-02-04 127256]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\programmi\SiSoftware\SiSoftware Sandra Professional Home 2011.SP1a\RpcAgentSrv.exe [2009-08-09 93848]
R3 SASENUM;SASENUM;c:\programmi\SUPERAntiSpyware\SASENUM.SYS [2009-05-26 7408]
R3 SwitchBoard;SwitchBoard;c:\programmi\File comuni\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 XDva343;XDva343;c:\windows\system32\XDva343.sys [x]
S0 pxscan;pxscan;c:\windows\System32\drivers\pxscan.sys [2010-01-06 22024]
S0 pxsec;pxsec;c:\windows\System32\drivers\pxsec.sys [2010-01-06 27656]
S0 tdrpman147;Acronis Try&Decide and Restore Points filter (build 147);c:\windows\system32\DRIVERS\tdrpm147.sys [2009-06-12 971232]
S0 ViBus;ViBus;c:\windows\system32\DRIVERS\ViBus.sys [2008-04-03 16896]
S0 ViPrt;VIA SATA IDE Device Driver;c:\windows\system32\DRIVERS\ViPrt.sys [2008-04-03 53248]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-10-01 108792]
S1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys [2009-10-01 96408]
S1 is-6O6IHdrv;is-6O6IHdrv;c:\windows\system32\DRIVERS\05165413.sys [2008-07-08 148496]
S1 SASDIFSV;SASDIFSV;c:\programmi\SUPERAntiSpyware\SASDIFSV.SYS [2009-05-26 9968]
S1 SASKUTIL;SASKUTIL;c:\programmi\SUPERAntiSpyware\SASKUTIL.sys [2009-09-02 74480]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2008-04-14 14336]
S2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2009-12-19 29416]
S2 ekrn;ESET Service;c:\programmi\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-10-01 735960]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\programmi\File comuni\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
S2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\Drivers\LBeepKE.sys [2010-08-24 10448]
S2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [2010-06-11 65856]
S2 ousbehci;OrangeWare USB Enhanced Host Controller Service;c:\windows\system32\Drivers\ousbehci.sys [2005-07-15 45696]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\programmi\File comuni\PC Tools\sMonitor\StartManSvc.exe [2011-02-16 632800]
S2 thdudf;TOSHIBA UDF2.5 Reader File System Driver;c:\windows\system32\DRIVERS\thdudf.sys [2006-11-11 66944]
S2 TomTomHOMEService;TomTomHOMEService;c:\documents and settings\Administrator\Desktop\Programmi\TomTom HOME 2\TomTomHOMEService.exe [2010-12-10 92008]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\programmi\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2010-11-30 1483072]
S3 ft1kEnum;usb Card Device 1000;c:\windows\system32\DRIVERS\ic1kenum.sys [2011-02-06 8832]
S3 ousb2hub;OrangeWare USB 2.0 Root Hub Support;c:\windows\system32\DRIVERS\ousb2hub.sys [2005-07-15 56960]
S3 Reader_1000;USB SmartCard Reader Device 1000 ;c:\windows\system32\DRIVERS\usbic1k.sys [2011-02-06 9856]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\programmi\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-10-07 10064]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys [2008-12-26 17792]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai    REG_MULTI_SZ       Akamai
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
Contenuto della cartella 'Scheduled Tasks'
.
2011-04-02 c:\windows\Tasks\AdobeAAMUpdater-1.0-COMPUTER-A04070-Administrator.job
- c:\programmi\File comuni\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-09-16 14:04]
.
2011-03-30 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
2009-06-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-583907252-842925246-1177238915-500.job
- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2008-10-09 17:23]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://mystart.incredimail.com/
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyServer = http=;ftp=;https=;
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Download by Orbit - c:\programmi\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\programmi\Orbitdownloader\orbitmxt.dll/204
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Aggiungi a PDF esistente - c:\programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Aggiungi destinazione link a PDF esistente - c:\programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append the content of the link to existing PDF file - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Append the content of the selected links to existing PDF file - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
IE: Append to existing PDF file - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Capture Web Page - c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\Megamedia\Megakey\CaptureWebPage.htm
IE: Converti destinazione link in Adobe PDF - c:\programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Converti in Adobe PDF - c:\programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Create PDF file - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF file from the content of the link - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF files from the selected links - c:\programmi\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
IE: Do&wnload selected by Orbit - c:\programmi\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\programmi\Orbitdownloader\orbitmxt.dll/202
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Fetch to Megaupload - c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\Megamedia\Megakey\MegaUpload.htm
IE: Scarica con Mipony - file://c:\programmi\MiPony\Browser\IEContext.htm
LSP: c:\documents and settings\All Users\Dati applicazioni\Megamedia\Megakey\msadm.dll
FF - ProfilePath - c:\documents and settings\Administrator\Dati applicazioni\Mozilla\Firefox\Profiles\ln9e66g5.default\
FF - prefs.js: browser.search.selectedEngine - MyStart Cerca
FF - prefs.js: browser.startup.homepage - hxxp://mystart.incredimail.com/
FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_address_bar_fs_IM2_TEST&search=
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
.
**************************************************************************
.
disk not found C:\
.
please note that you need administrator rights to perform deep scan
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti:
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\S-1-5-21-583907252-842925246-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
.
[HKEY_USERS\S-1-5-21-583907252-842925246-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{87118821-B996-BE12-BBCA-B6BDF39E5A17}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"abpnmffeooajilkcafhegojfckkhekkbkg"=hex:6a,61,6d,6d,6c,66,70,62,6c,70,69,68,
   6f,64,6e,6b,66,62,64,67,00,00
"pafncffijobobldilcdhknhghadjfdoo"=hex:6a,61,6d,6d,6c,66,70,62,6c,70,69,68,6f,
   64,6e,6b,66,62,64,67,00,00
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{07A774A0-6047-11D1-BA20-006097D2898E}]
@DACL=(02 0000)
@="Logagent Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AEE3E4A8-EF01-4024-A0F1-809D9B096E14}]
@DACL=(02 0000)
@="Windows Media Player Encoder Helper Class"
.
[HKEY_LOCAL_MACHINE\software\ESET\ESET Security\CurrentVersion\Info]
@Denied: (2) (LocalSystem)
"AppDataDir"="c:\\Documents and Settings\\All Users\\Dati applicazioni\\ESET\\ESET NOD32 Antivirus\\"
"DataDir"="ESET\\ESET NOD32 Antivirus\\"
"EditionName"=" "
"InstallDir"="c:\\Programmi\\ESET\\ESET NOD32 Antivirus\\"
"LanguageId"=dword:00000410
"PackageTag"=dword:6090e758
"ProductBase"=dword:00000000
"ProductCode"="{AC0A97B5-991D-4761-B4E9-B6F9811B6A38}"
"ProductName"="ESET NOD32 Antivirus"
"ProductType"="eav"
"ProductVersion"="4.0.468.1"
"UniqueId"="0003DDCE4B12D900"
"ScannerBuild"=dword:0000167c
"ScannerVersionId"=dword:0000117a
"ScannerVersion"="Open window for status."
"FixId"=dword:00000007
"ei2"=hex(b):90,5e,74,b8,3a,7a,6a,b0
"ei1"=hex(b):00,1a,92,bb,92,be,00,00
"ei3"=hex(b):fb,8c,7c,4d,00,00,00,00
"ei4"=dword:00000002
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG12.00.00.01PROFESSIONAL"="4FB598A81C297AD6EE0812567CA44E64AC17A8865E4A138F4F09603F6B6CFA61DF5E03CDFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808BA7FD869164D6794A2D97226D213B555BA7FD869164D6794533C1902A7B859338BB89CC266D665783264BF73002CFC4F0A9A6B5141C99AD61EFA18840C0C1B89425006EB64724B2CADCC87BE95C3711F211F5B02DB7D75F01CC31542A02291C9A0B71D295044162310F6B75AB0EC37D08C421DA5D757F6D67340AA88A16A11965E6B95FCC416024540473C9AEF73162F05F7FA86753B8EDA4F131A360E86D2E83855C97B2469B1CCAB19286AB353B7DD48A6DC84B6C20FA3DDCE47BFA94D7109EDD7354E117129CCC2B92F48A03BAB4F182AD294623BB02A527CB9AEF9C7ED95C148FA33F41453A57A6A2EC59F1163CD3A510FBA01A70FBCE3179C1D4CB72D04FB6EDC7BF96EFC11CAE2228A5F6D35F478DE6915613C287B4B0F41BDAE8C78186988C50C92CFD71A314B2C4FD01D5C35208ADC5295E260DEC8C79A53F36E7A6F5747C2DCF0BBF721ADC29363A79FF555827D07B3F4397FAE1E1B403633B645769C4F837D8E6958D8C55C40A85E2A85EBF658AB131890B0091353EE5348F44BF00EBADD8D26C355CA029CC095B1A4F068D42F325ADD6E825FF0B1872A52EB66F40815CAC3B96BB0D0ED7DC7B3A2AC8288FB062589E78D697987688B50B31152EEEA6067E80DB3101C9BECAB23F69169E24B5A32321D593B6E28A1A36C948F301C1A9172D827247CAE1E4E64143759B6DEAB1B2EFD277435ADAA789DBBDEC4048FFC91D386557764E28F76124EAFBAE2BB84290FA7743576F86A7C678E43C536307FBC1376269E97628BAF742B73A44687C3DDEF7DB7A302E5C332944833D613B911655DC2EF3C4DADB338F298D6B421A8DB030E6265FDBEDD9B925E6367F34BB825CF8218C8271C19AC42979A72C113D7C2D84F4FB835789ED687A069DACA7292B4B4F8B78EEC844C9DF28EC524D1A521F011B84E31EFDEB961F2D9FBCBBD027CB9415876E04BE5C234E4AB458D25C06664D2F6808D070516A9A7AFCFBD635501B317DEBEA33607CA22A6E35792A835DA20B95696D78863ECA1EEE8ACF787AD00A74BEB8CFDD5908B993951CC5C83B308A6D4CA59D7B453CBBF83F1EE85A6302B9D668572DE8510795614B18E598D534B05A66BA29B02951400165A85B574E28A1FE45594F2D37561922067153A518C55C6267364F51B4EFB60C956F69BD734F7BDB8A5ADB18598640F3BF7EEF212C02AFEBF421FFDDA820F63B8BD5A0EEA74228B4769095190327512370DBE3EC231A2C1D0D86B0CD4202710EC0D5CA97C568C22E7B5894DA2DE5B63DBF5BA980D056B29ACDFF4BF4E74F970E6E2BC4B8D748C1CE8C124"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'winlogon.exe'(2044)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\sfc_os.dll
c:\programmi\file comuni\logishrd\bluetooth\LBTWlgn.dll
c:\windows\system32\COMRes.dll
c:\windows\system32\cscui.dll
.
- - - - - - - > 'lsass.exe'(608)
c:\windows\system32\setupapi.dll
c:\windows\system32\scecli.dll
.
Ora fine scansione: 2011-04-02  19:24:55
ComboFix-quarantined-files.txt  2011-04-02 17:24
.
Pre-Run: 49'053'437'952 byte disponibili
Post-Run: 49'460'518'912 byte disponibili
.
- - End Of File - - E47796905802D4C7C54EA5D383F44A0F

Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.