Condividi:        

Problema Cpu al 100%

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

Problema Cpu al 100%

Postdi ErFabius » 07/09/09 11:33

Salve a tutti mi presento sono Fabio. Cercherò di essere breve e conciso e spiegare il mio problema :lol: . Da qualche mese quando accendo il computer, uso un programma, guardo un film sul mio pc Acer 5520 il computer utilizza le sue risorse al 100% cioè usa la cpu al 100%. Pensando di essere furbo allora ho provato a far salire di proposito il livello di utilizzo della cpu aprendo task manager e così controllando quale sia il processo, o i processi che bloccano in questo modo il mio pc...ma niente! sono rimasto sorpreso ma nessun processo occupa così tanto spazio.....I miei amici mi hanno tutti consigliato di formattare, cosa che voglio lasciare come ultima chance, intanto ho provato senza risultati a cercare virus con vari programmi infatti stanotte ho trovato 8 virus con Adavanced System Protector che avast e spybot non trovavano :cry: . Stamattina ho riavviato il pc ma il problema persiste ancora :evil: . Allora sempre senza arrendermi sono arrivato qua...A chiedervi un consiglio, sperando che qualcuno mi possa aiutare

grazie a tutti e scusate anticipamente per l'ignoranza!
ErFabius
Newbie
 
Post: 9
Iscritto il: 07/09/09 11:15

Sponsor
 

Re: Problema Cpu al 100%

Postdi shel » 07/09/09 16:46

ciao
scarica scarica http://www.trendsecure.com/portal/en-US ... kthis.php#

lancia il programma cliccando l’eseguibile e avvia la scansione, scegliendo la voce "Do a system scan and save a logfile

nel download salvalo in Programmi o documenti e posta il report che rilascia"
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56

Re: Problema Cpu al 100%

Postdi ErFabius » 07/09/09 22:21

Ecco il report che ho anche analizzato nell' apposito sito ma sembra che tutto vada bene....che ne dite? Formattiamo?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23.18.31, on 07/09/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18294)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\Users\Fabio\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Systweak\Advanced System Protector\ASP.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Sitecom\Common\RaUI.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Fabio\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Fabio\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Fabio\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Fabio\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Users\Fabio\AppData\Local\Temp\Rar$EX00.914\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://it.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://it.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://it.intl.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://it.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Yahoo! Toolbar con blocco Pop-Up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ALaunch] C:\Acer\ALaunch\AlaunchClient.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Advanced System Protector] "C:\Program Files\Systweak\Advanced System Protector\ASP.exe" /autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Users\Fabio\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Sitecom Wireless Utility.lnk = C:\Program Files\Sitecom\Common\RaUI.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan ... stubie.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 11790 bytes
ErFabius
Newbie
 
Post: 9
Iscritto il: 07/09/09 11:15

Re: Problema Cpu al 100%

Postdi nikita75 » 07/09/09 23:04

Ciao

Potresti avere Spyware o ancora peggio BADWARE !!
Usa MALWAREBYTES e avvia una scansione completa !!

Hai deframmentato il pc ? Usa Smart defraggler !

Che valori hai di File di paging quando la CPU arriva al 100% ??.
Trovi tutti i link sul forum o con google !!
Che OS hai ? Quanta ram hai installato ?

Buona Notte !!

Non formattare niente !!! ....sarebbe troppo facile e il problem a si potrebbe ripresentare !!....e la soluzione rimarra' per sempre un mistero ;) ;) ;) :lol: :undecided:
"La teoria è quando si sa tutto e niente funziona. La pratica è quando tutto funziona e nessuno sa il perché. Noi abbiamo messo insieme la teoria e la pratica: non c'è niente che funzioni e nessuno sa il perché" Albert Einstein
Immagine
Avatar utente
nikita75
Utente Senior
 
Post: 5401
Iscritto il: 31/07/09 13:36
Località: Alberobello (Bari )

Re: Problema Cpu al 100%

Postdi ErFabius » 07/09/09 23:52

Allora il livello dei file di paging è 1939 M / 3835 M ma quando non è al 100% per fare un esempio scende moltissimo arrivando a 1753 M / 3835 M. Lì Hard disk è partizionato in due parti in una ho windows nell altra i documenti. La ram installata è di 2 gb DDR2 il processore AMD Athlon 64x2 dual core. Ora scarico il programmino...comunque deframmento una volta alla settimana....a presto e grazie per il momento buoananotte a domani!
ErFabius
Newbie
 
Post: 9
Iscritto il: 07/09/09 11:15

Re: Problema Cpu al 100%

Postdi ErFabius » 08/09/09 10:55

Salve a tutti e buongiorno ho scannerizzato il pc con il programma che mi avete consigliato ma non ho trovato nulla.....mmm.....altre soluzioni?
ErFabius
Newbie
 
Post: 9
Iscritto il: 07/09/09 11:15

Re: Problema Cpu al 100%

Postdi shel » 08/09/09 12:14

ciao

prova ad eseguire queste operazioni e controlla se il pc recupera

innanzitutto fai un po' di pulizia

Scarica ed installa CCleaner: clicca qui per il download
http://www.ccleaner.com
Una volta installato configuralo in questo modo:
lancia il programma, nel menu di sinistra portati alla voce Opzioni e nella finestra successiva clicca su:
Impostazioni, e spunta la voce Cancellazione sicura (lenta)
poi clicca su:
Avanzate, togli la spunta alla voce Cancella solo file più vecchi di 48 ore
alla voce Pulizia, nella sezione Avanzate spunta le voci Vecchi dati Prefetch e Disinstallatori aggiornamenti di WinUpdate
nel menu a sinistra, clicca sulla voce Pulizia
clicca su tasto Avvia pulizia per eseguire la scansione
finita la scansione, sempre nel menu a sinistra, clicca sulla voce Registro e spunta tutte le voci comprese nella sezione meno la voce estensioni file non usate
clicca sul tasto Trova problemi ed avvia una scansione
al termine della scansione clicca sulla voce Ripara selezionati e prosegui con la riparazione (questo ultimo passaggio ripetilo più volte, fino a quando non verranno rilevati più problemi da correggere)

Fai una deframmentazione del disco, scarica il programma da qui

http://www.programmifree.com/categorie/defrag.htm


Elimina i programmi inutili all'avvio di windows, usa questo programmino veramente efficace

http://www.revouninstaller.com/revo_uni ... nload.html


Scarica Combofix
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
(non installare la recovery console)
Salvalo sul desktop.
Doppio click su combofix.exe (comparirà una videata.)
Digita 1 premi Invio e segui le indicazioni.
Al termine, verrà creato un file log chiamato C:\ComboFix.txt. Postalo qui.
Durante l'operazione di scansione è importante non usare il PC e attendere pazientemente la fine delle operazioni.

non usare il pc durante la scansione, nemmeno il mouse!
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56

Re: Problema Cpu al 100%

Postdi ErFabius » 10/09/09 10:47

Salve a tutti....Dall'altro giorno sto lavorando al computer con tutti i programmi che mi avete consigliato. Invece stanotte ho messo ad eseguire lo scanning con ComboFix. Vi riporto qui il file della scansione e subito dopo riavvio il pc per vedere se qualcosa và meglio!


ComboFix 09-09-09.04 - Fabio 10/09/2009 0.12.42.1.2 - NTFSx86
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.39.1040.18.1790.917 [GMT 2:00]
Eseguito da: d:\documenti\Downloads\ComboFix.exe
AV: avast! antivirus 4.8.1229 [VPS 090909-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: avast! antivirus 4.8.1229 [VPS 090909-0] *disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-1469764311-564015898-746275495-1001
c:\$recycle.bin\S-1-5-21-1469764311-564015898-746275495-500
c:\programdata\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye Webcam Video Class Camera
c:\programdata\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye Webcam Video Class Camera \Uninstall.lnk
c:\windows\Installer\31513.msi

.
((((((((((((((((((((((((( Files Creati Da 2009-08-09 al 2009-09-09 )))))))))))))))))))))))))))))))))))
.

2009-09-09 22:34 . 2009-09-09 22:35 -------- d-----w- c:\users\Fabio\AppData\Local\temp
2009-09-09 22:34 . 2009-09-09 22:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-09-08 21:41 . 2009-09-08 21:41 -------- d-----w- c:\program files\Defraggler
2009-09-08 21:33 . 2009-09-08 21:33 -------- d-----w- c:\program files\VS Revo Group
2009-09-08 21:24 . 2009-09-08 21:24 -------- d-----w- c:\program files\CCleaner
2009-09-08 19:38 . 2009-08-14 17:07 897608 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-09-08 19:38 . 2009-08-14 16:29 104960 ----a-w- c:\windows\system32\netiohlp.dll
2009-09-08 19:38 . 2009-08-14 14:16 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-09-08 19:38 . 2009-08-14 14:16 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-09-08 19:38 . 2009-08-14 14:16 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-09-08 19:38 . 2009-08-14 14:16 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-09-08 19:38 . 2009-08-14 14:16 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-09-08 19:38 . 2009-08-14 14:16 10240 ----a-w- c:\windows\system32\finger.exe
2009-09-08 19:38 . 2009-08-14 14:16 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-09-08 19:38 . 2009-08-14 16:29 17920 ----a-w- c:\windows\system32\netevent.dll
2009-09-08 19:12 . 2009-07-11 19:32 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2009-09-08 19:12 . 2009-07-11 19:29 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2009-09-08 19:12 . 2009-07-11 19:32 513024 ----a-w- c:\windows\system32\wlansvc.dll
2009-09-08 19:12 . 2009-07-11 19:32 302592 ----a-w- c:\windows\system32\wlansec.dll
2009-09-08 19:01 . 2009-06-10 12:11 2868224 ----a-w- c:\windows\system32\mf.dll
2009-09-07 22:53 . 2009-09-07 22:53 -------- d-----w- c:\users\Fabio\AppData\Roaming\Malwarebytes
2009-09-07 22:53 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-07 22:53 . 2009-09-07 22:53 -------- d-----w- c:\programdata\Malwarebytes
2009-09-07 22:52 . 2009-09-07 22:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-07 22:52 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-06 21:13 . 2009-09-07 22:40 -------- d-----w- c:\users\Fabio\AppData\Roaming\Systweak
2009-09-06 21:13 . 2009-09-07 22:40 -------- d-----w- c:\programdata\Systweak
2009-09-06 21:13 . 2009-09-06 21:13 -------- d-----w- c:\program files\Systweak
2009-09-06 14:30 . 2009-09-07 22:39 -------- d-----w- c:\program files\Panda Security
2009-09-06 10:14 . 2009-09-08 21:53 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-09-06 10:14 . 2009-09-06 10:42 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-09-03 09:55 . 2009-08-28 12:39 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-09-03 09:55 . 2009-08-28 10:15 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-27 09:55 . 2009-08-27 09:58 -------- d-----w- c:\users\Fabio\AppData\Roaming\Template
2009-08-26 22:04 . 2009-06-22 10:22 2048 ----a-w- c:\windows\system32\tzres.dll
2009-08-21 11:44 . 2009-08-21 11:44 -------- d-----w- c:\users\Fabio\AppData\Roaming\PC Suite
2009-08-21 11:44 . 2009-08-21 11:44 -------- d-----w- c:\users\Fabio\AppData\Roaming\Samsung
2009-08-20 20:55 . 2009-06-15 15:22 213504 ----a-w- c:\windows\system32\msv1_0.dll
2009-08-20 20:55 . 2009-06-15 15:21 499712 ----a-w- c:\windows\system32\kerberos.dll
2009-08-20 20:55 . 2009-06-15 15:24 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-08-20 20:55 . 2009-06-15 15:23 1256448 ----a-w- c:\windows\system32\lsasrv.dll
2009-08-20 20:55 . 2009-06-15 15:24 270848 ----a-w- c:\windows\system32\schannel.dll
2009-08-20 20:55 . 2009-06-15 18:20 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-08-20 20:55 . 2009-06-15 15:24 72704 ----a-w- c:\windows\system32\secur32.dll
2009-08-20 20:55 . 2009-06-15 12:57 9728 ----a-w- c:\windows\system32\lsass.exe
2009-08-18 14:50 . 2009-08-27 09:59 -------- d-----w- c:\users\Fabio\AppData\Roaming\teamspeak2
2009-08-18 14:49 . 2009-08-18 14:49 -------- d-----w- c:\users\Fabio\AppData\Roaming\Remobo
2009-08-18 14:45 . 2009-08-18 14:45 -------- d-----w- c:\program files\Remobo
2009-08-18 14:44 . 2009-08-18 14:45 -------- d-----w- c:\program files\Teamspeak2_RC2
2009-08-12 09:56 . 2009-07-17 14:35 71680 ----a-w- c:\windows\system32\atl.dll
2009-08-12 09:55 . 2009-07-14 13:00 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-08-12 09:55 . 2009-07-14 12:58 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-08-12 09:55 . 2009-07-14 12:59 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-08-12 09:55 . 2009-07-14 10:59 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-08-12 09:55 . 2009-06-10 12:12 160256 ----a-w- c:\windows\system32\wkssvc.dll
2009-08-12 09:55 . 2009-06-04 12:34 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-08-12 09:55 . 2009-06-10 12:07 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-08-11 11:45 . 2009-08-11 11:45 -------- d-----w- c:\program files\MarkAny
2009-08-11 11:31 . 2009-08-11 11:31 -------- d-----w- c:\programdata\PC Suite
2009-08-11 11:31 . 2007-05-02 14:31 90624 ----a-w- c:\windows\system32\nmwcdcls.dll
2009-08-11 11:30 . 2009-08-11 11:30 -------- d-----w- c:\program files\DIFX
2009-08-11 11:30 . 2007-09-17 13:53 21632 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2009-08-11 11:30 . 2009-08-11 11:30 -------- dc----w- c:\windows\system32\DRVSTORE
2009-08-11 11:29 . 2009-03-20 08:01 90112 ----a-w- c:\windows\system32\drivers\ss_bbus.sys
2009-08-11 11:29 . 2009-03-20 08:01 14976 ----a-w- c:\windows\system32\drivers\ss_bmdfl.sys
2009-08-11 11:29 . 2009-03-20 08:01 121856 ----a-w- c:\windows\system32\drivers\ss_bmdm.sys
2009-08-11 11:29 . 2009-03-20 08:01 12160 ----a-w- c:\windows\system32\drivers\ss_bwhnt.sys
2009-08-11 11:29 . 2009-03-20 08:01 12160 ----a-w- c:\windows\system32\drivers\ss_bwh.sys
2009-08-11 11:29 . 2009-03-20 08:01 12160 ----a-w- c:\windows\system32\drivers\ss_bcmnt.sys
2009-08-11 11:29 . 2009-03-20 08:01 12160 ----a-w- c:\windows\system32\drivers\ss_bcm.sys
2009-08-11 11:27 . 2009-08-11 11:30 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers
2009-08-11 11:27 . 2009-03-31 07:39 36608 ----a-w- c:\windows\system32\FsUsbExDisk.Sys
2009-08-11 11:27 . 2009-03-31 07:39 233472 ----a-w- c:\windows\system32\FsUsbExService.Exe
2009-08-11 11:27 . 2009-03-31 07:39 110592 ----a-w- c:\windows\system32\FsUsbExDevice.Dll
2009-08-11 11:26 . 2009-08-11 11:45 -------- d-----w- c:\program files\PC Connectivity Solution
2009-08-11 11:25 . 2009-08-11 11:44 -------- d-----w- c:\program files\Samsung

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-09 22:09 . 2008-03-04 20:22 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-09-09 22:09 . 2008-03-04 20:22 -------- d-----w- c:\programdata\Symantec
2009-09-09 20:57 . 2009-05-03 13:07 56367 ----a-w- c:\programdata\nvModes.dat
2009-09-09 20:37 . 2008-07-30 14:45 -------- d-----w- c:\users\Fabio\AppData\Roaming\OpenOffice.org2
2009-09-09 20:36 . 2008-07-15 11:45 88176 ----a-w- c:\users\Fabio\AppData\Local\GDIPFONTCACHEV1.DAT
2009-09-09 13:12 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-09-07 09:42 . 2008-11-30 18:22 6944 ----a-w- c:\users\Fabio\AppData\Local\d3d9caps.dat
2009-09-07 05:35 . 2008-07-15 14:29 -------- d-----w- c:\program files\QuickTime
2009-09-06 09:30 . 2009-04-09 19:53 -------- d-----w- c:\users\Fabio\AppData\Roaming\uTorrent
2009-09-04 09:14 . 2006-11-06 01:45 662846 ----a-w- c:\windows\system32\perfh010.dat
2009-09-04 09:14 . 2006-11-06 01:45 120326 ----a-w- c:\windows\system32\perfc010.dat
2009-08-30 13:13 . 2008-07-30 14:36 -------- d-----w- c:\program files\Java
2009-08-27 09:56 . 2009-08-27 09:53 4 ----a-w- c:\users\Fabio\AppData\Roaming\wklnhst.dat
2009-08-18 14:28 . 2006-11-02 12:35 -------- d-----w- c:\program files\Microsoft Games
2009-08-11 11:55 . 2008-03-04 17:43 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-25 03:23 . 2009-05-05 19:12 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-07-22 13:51 . 2008-07-30 14:47 1 ----a-w- c:\users\Fabio\AppData\Roaming\OpenOffice.org2\user\uno_packages\cache\stamp.sys
2009-07-21 08:47 . 2009-07-21 08:47 -------- d-----w- c:\program files\Apple Software Update
2009-07-19 09:48 . 2009-07-19 09:48 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-07-18 16:06 . 2009-07-29 08:22 827904 ----a-w- c:\windows\system32\wininet.dll
2009-07-18 16:01 . 2009-07-29 08:22 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-07-18 09:46 . 2009-07-29 08:22 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-06-15 15:24 . 2009-07-15 06:41 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-06-15 15:20 . 2009-07-15 06:41 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-06-15 15:20 . 2009-07-15 06:41 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-06-15 12:52 . 2009-07-15 06:41 289792 ----a-w- c:\windows\system32\atmfd.dll
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"Google Update"="c:\users\Fabio\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-04-28 133104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-04-25 457216]
"eAudio"="c:\acer\Empowering Technology\eAudio\eAudio.exe" [2007-08-31 1286144]
"PCMService"="c:\program files\Acer\Acer Arcade\PCMService.exe" [2007-04-26 151552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-03-08 40048]
"PLFSetL"="c:\windows\PLFSetL.exe" [2007-07-05 94208]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-10-17 768520]
"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-07-21 159744]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-08-01 151552]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-06-02 267048]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-03 13556256]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-03 92704]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-07-06 4669440]

c:\users\Fabio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 2.4.lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-1-21 393216]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2008-3-4 535336]
Sitecom Wireless Utility.lnk - c:\program files\Sitecom\Common\RaUI.exe [2009-4-9 1097728]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sasnative32

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk
backup=c:\windows\pss\Bluetooth Manager.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=c:\windows\pss\Kodak EasyShare software.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{E002DEB8-BE8C-49C5-A522-0F1D3D9958C7}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{403B6A65-8E0C-4E80-A20E-F374CC73A008}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{6126868B-18AA-4926-AFB2-B61770FD9A71}"= c:\program files\Acer\Acer Arcade\PowerCinema.exe:CyberLink PowerCinema
"{F23712FA-3729-41A0-B61F-72C43042612C}"= c:\program files\Acer\Acer Arcade\PCMService.exe:CyberLink PowerCinema Resident Program
"{D196E44F-6304-4BF1-AFF0-49ABF9E34D94}"= c:\program files\Acer\Acer Arcade\Kernel\DMP\CLBrowserEngine.exe:Cyberlink Media Server Browser Engine
"{A62450A8-B439-435D-8E63-617E0148A67A}"= c:\program files\Acer\Acer Arcade\Kernel\DMS\CLMSService.exe:CyberLink Media Server
"{CA7B4316-71F4-4A0C-98B1-2EB176193E08}"= c:\program files\Acer\HomeMedia\HomeMedia.exe:HomeMedia
"{4361FE81-8A17-4ABE-B5BF-7FBBE09D6EF1}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{E2FEF788-1F81-4E67-93E5-92E60CDFF788}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{92F5BA52-1896-46A1-AFBF-BE18A8752312}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{B5FFB8F9-FD55-4D40-B658-0BB2B8B2B54C}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{5D03858C-D1B3-4192-BFAC-A767F046E5AE}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{66148D43-B6EE-49A6-B635-785CD321D5D3}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{468A697B-F95D-41DD-8967-B52FBDF1947C}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"TCP Query User{57C3B340-E797-4F78-8FFD-73B591167709}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent
"UDP Query User{24AB99AB-B5DF-44B5-86F8-7546B755F6B0}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent
"TCP Query User{F39F84B4-A8C7-4FB2-AB37-81C1E76E0FC3}c:\\program files\\windows sidebar\\sidebar.exe"= UDP:c:\program files\windows sidebar\sidebar.exe:Windows Sidebar
"UDP Query User{DC2B5107-A4C1-4D71-9187-1E57870A658F}c:\\program files\\windows sidebar\\sidebar.exe"= TCP:c:\program files\windows sidebar\sidebar.exe:Windows Sidebar
"TCP Query User{85BE3B41-C6C3-4B6B-BEC8-52552A48273A}c:\\unrealtournament\\system\\unrealtournament.exe"= UDP:c:\unrealtournament\system\unrealtournament.exe:UnrealTournament
"UDP Query User{BDA9B0CA-2E41-493E-97F3-0223837B6719}c:\\unrealtournament\\system\\unrealtournament.exe"= TCP:c:\unrealtournament\system\unrealtournament.exe:UnrealTournament
"TCP Query User{507875D2-ED3C-4EF5-B0EB-7810C8C72C23}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{C3FF3178-FB50-4321-A3A0-5C4331D788C8}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{C23A80AD-5374-4A26-9CF2-449C8A1FAA77}c:\\unrealtournament\\system\\unrealtournament.exe"= UDP:c:\unrealtournament\system\unrealtournament.exe:UnrealTournament
"UDP Query User{7F19EA85-70DC-47DB-A87A-55EA3508A3BB}c:\\unrealtournament\\system\\unrealtournament.exe"= TCP:c:\unrealtournament\system\unrealtournament.exe:UnrealTournament
"{1EEF5C80-E5B0-4F2E-A5A1-C0D6400E987D}"= UDP:c:\program files\Samsung\Samsung New PC Studio\npsasvr.exe:KTF MUSIC AoD Server
"{169869EA-3AC7-46BA-BEDE-065F1C308A54}"= TCP:c:\program files\Samsung\Samsung New PC Studio\npsasvr.exe:KTF MUSIC AoD Server
"{5FF3D81A-7B7F-4930-B2E0-2D5BE66D06C2}"= UDP:c:\program files\Samsung\Samsung New PC Studio\npsvsvr.exe:KTF MUSIC VoD Server
"{636BD1AA-414C-48BC-A39D-61D1CE4D9893}"= TCP:c:\program files\Samsung\Samsung New PC Studio\npsvsvr.exe:KTF MUSIC VoD Server
"TCP Query User{1FA838C2-9D88-4FC9-933C-A4489E00531A}c:\\program files\\remobo\\plugins\\remobotorrent\\remobo_client.exe"= UDP:c:\program files\remobo\plugins\remobotorrent\remobo_client.exe:remobo_client
"UDP Query User{658BA6C2-8F57-4EC7-9E8B-4F3340367EEA}c:\\program files\\remobo\\plugins\\remobotorrent\\remobo_client.exe"= TCP:c:\program files\remobo\plugins\remobotorrent\remobo_client.exe:remobo_client
"TCP Query User{A31FD3B0-FA86-46E1-A5F2-84308F6D44D7}c:\\program files\\remobo\\plugins\\remobotorrent\\remobo_tracker.exe"= UDP:c:\program files\remobo\plugins\remobotorrent\remobo_tracker.exe:remobo_tracker
"UDP Query User{AF44EB4C-D079-466E-BFA3-2C6AB7B1A7A0}c:\\program files\\remobo\\plugins\\remobotorrent\\remobo_tracker.exe"= TCP:c:\program files\remobo\plugins\remobotorrent\remobo_tracker.exe:remobo_tracker
"TCP Query User{033C8BDD-1954-4D3F-AE32-C3D1AB41F0E8}c:\\program files\\microsoft games\\age of empires ii\\age2_x1\\age2_x1.exe"= UDP:c:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe:Age of Empires II Expansion
"UDP Query User{3705B6DB-0BAE-44BB-8CB6-43AE9877F9B9}c:\\program files\\microsoft games\\age of empires ii\\age2_x1\\age2_x1.exe"= TCP:c:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe:Age of Empires II Expansion
"TCP Query User{66437465-F3CD-47CF-8033-36FC2907A091}c:\\program files\\remobo\\remobo.exe"= UDP:c:\program files\remobo\remobo.exe:Remobo
"UDP Query User{8814C37E-CC8E-4D14-91F8-E2AC5C939E78}c:\\program files\\remobo\\remobo.exe"= TCP:c:\program files\remobo\remobo.exe:Remobo
"TCP Query User{D759F576-763D-4BB1-A908-C99E8B06C969}c:\\windows\\system32\\dplaysvr.exe"= UDP:c:\windows\system32\dplaysvr.exe:Helper Microsoft DirectPlay
"UDP Query User{FC3A4FBA-82DE-474D-A66E-E4B7EB6D1E2C}c:\\windows\\system32\\dplaysvr.exe"= TCP:c:\windows\system32\dplaysvr.exe:Helper Microsoft DirectPlay
"TCP Query User{D6B6EA92-5DA4-4DF5-B314-2948855BB01D}c:\\program files\\microsoft games\\age of empires ii\\age2_x1\\age2_x1.exe"= UDP:c:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe:Age of Empires II Expansion
"UDP Query User{90DBAB9D-AACE-4816-97F8-8E24FF0EF770}c:\\program files\\microsoft games\\age of empires ii\\age2_x1\\age2_x1.exe"= TCP:c:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe:Age of Empires II Expansion
"TCP Query User{B4CEA27A-2696-4682-8912-4E2392AF6A5F}c:\\windows\\system32\\dplaysvr.exe"= UDP:c:\windows\system32\dplaysvr.exe:Helper Microsoft DirectPlay
"UDP Query User{F4E89E38-BA04-41DC-A8C1-79925F89D5CB}c:\\windows\\system32\\dplaysvr.exe"= TCP:c:\windows\system32\dplaysvr.exe:Helper Microsoft DirectPlay

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [27/09/2008 20.04.33 78416]
R2 ALaunchService;ALaunch Service;c:\acer\ALaunch\ALaunchSvc.exe [04/03/2008 22.31.33 51200]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [27/09/2008 20.04.33 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [27/09/2008 20.04.11 51280]
R2 FsUsbExService;FsUsbExService;c:\windows\System32\FsUsbExService.Exe [11/08/2009 13.27.13 233472]
R3 enecir;ENE CIR Receiver;c:\windows\System32\drivers\enecir.sys [05/03/2008 3.13.06 32256]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\System32\FsUsbExDisk.Sys [11/08/2009 13.27.13 36608]
R3 hipeer20;Remobo Instant Private Network;c:\windows\System32\drivers\remobo32.sys [22/04/2009 16.21.52 26112]
S3 DVC;USB DVC Svc;c:\windows\System32\drivers\DVC.sys [29/10/2008 19.56.23 38604]
S3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\System32\drivers\netr28u.sys [09/04/2009 16.53.45 599040]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\System32\drivers\ss_bbus.sys [11/08/2009 13.29.42 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\System32\drivers\ss_bmdfl.sys [11/08/2009 13.29.42 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\System32\drivers\ss_bmdm.sys [11/08/2009 13.29.42 121856]

--- Altri Servizi/Drivers In Memoria ---

*NewlyCreated* - FSUSBEXDISK
*Deregistered* - NAVENG
*Deregistered* - NAVEX15
*Deregistered* - SRTSPX

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
.
Contenuto della cartella 'Scheduled Tasks'

2009-09-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1469764311-564015898-746275495-1000Core.job
- c:\users\Fabio\AppData\Local\Google\Update\GoogleUpdate.exe [2009-04-28 11:04]

2009-09-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1469764311-564015898-746275495-1000UA.job
- c:\users\Fabio\AppData\Local\Google\Update\GoogleUpdate.exe [2009-04-28 11:04]

2009-09-08 c:\windows\Tasks\User_Feed_Synchronization-{FA4E6EEC-465D-4E65-9209-BEB887F124BB}.job
- c:\windows\system32\msfeedssync.exe [2008-09-29 07:33]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://it.intl.acer.yahoo.com
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://it.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

HKCU-Run-Acer Tour Reminder - (no file)
HKLM-Run-Acer Tour - (no file)
HKLM-Run-eRecoveryService - (no file)
HKLM-Run-NPSStartup - (no file)
HKLM-RunOnce-isDeleteMe - c:\users\Fabio\AppData\Local\Temp\isDel.bat



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-10 00:34
Windows 6.0.6001 Service Pack 1 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Ora fine scansione: 2009-09-09 0.38.37
ComboFix-quarantined-files.txt 2009-09-09 22:38

Pre-Run: 17.827.696.640 byte disponibili
Post-Run: 17.903.181.824 byte disponibili

301 --- E O F --- 2009-09-09 13:07
ErFabius
Newbie
 
Post: 9
Iscritto il: 07/09/09 11:15

Re: Problema Cpu al 100%

Postdi ErFabius » 10/09/09 11:06

E il problema purtroppo persiste ancora.....Ho appena acceso il computer messo delle canzoni con Windows media player e il pc è andato in tilt....Volevo sapere, ma ComboFix esegue solo una scansione oppure agisce anche? In tal caso ora....Come agire :cry: ?
ErFabius
Newbie
 
Post: 9
Iscritto il: 07/09/09 11:15

Re: Problema Cpu al 100%

Postdi shel » 10/09/09 12:24

ciao

il problema che hai si presenta solo quando apri windows media player?

il problema potrebbe essere wmpnetwk.exe


vai nel Pannello di controllo / Strumenti di amministrazione / Servizi.
Trova : Servizio di condivisione in rete di Windows Media Player . Tasto dx. Proprietà : arresta il sistema e poi disabilitalo.

Riavvia il PC e verifica che sul Task Manager non compaia più.
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56

Re: Problema Cpu al 100%

Postdi ErFabius » 10/09/09 13:19

No il problema si verifica sempre quando gioco con il pc, quando guardo un video, quando sono su un normale sito....Ho appena deciso di formattare il pc....per questo ho alcune domande: nel computer ho installato Vista e vorrei passare ad xp. Vista non mi ha mai convinto dal primo momento in cui ho acquistato il pc sia per la ram che occupa sia per il "troppo controllo " che pone sul pc. Sono in possesso del cd originale di xp e volevo chiedere se basta solo questo e in tal caso come muovermi. Ho letto che sarebbe necessario fare un disco di ripristino, per fare questo necessito di qualche programma oppure c'è un programma su windows Vista che mi permette di farlo?
ErFabius
Newbie
 
Post: 9
Iscritto il: 07/09/09 11:15

Re: Problema Cpu al 100%

Postdi shel » 10/09/09 15:33

ma hai eseguito quello che ti ho scritto nel post precedente?
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56

Re: Problema Cpu al 100%

Postdi ErFabius » 10/09/09 23:47

certo che ho fatto cio che mi hai consigliato ma non è funzionato :o
ErFabius
Newbie
 
Post: 9
Iscritto il: 07/09/09 11:15

Re: Problema Cpu al 100%

Postdi ErFabius » 12/09/09 10:37

Mi potete spiegare allora bene come fare per la formattazione?
ErFabius
Newbie
 
Post: 9
Iscritto il: 07/09/09 11:15


Torna a Sicurezza e Privacy


Topic correlati a "Problema Cpu al 100%":

Problema con il mouse
Autore: crisge73
Forum: Discussioni
Risposte: 9
Problema Tiktok
Autore: Fra_rey
Forum: Discussioni
Risposte: 1

Chi c’è in linea

Visitano il forum: Nessuno e 32 ospiti