Condividi:        

problema grosso col pc

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

Re: problema grosso col pc

Postdi FDAC » 30/07/10 13:30

Prova in Modalità provvisoria -F8 pigiato ripetutamente all'avvio del PC, quando compare il logo del produttore-, a fare andare Combofix.
Dovrebbe funzionare.
Posta qui il log, gli esperti poi daranno il loro parere.
Comunque hai delle infezioni che si possono rimuovere anche con l'accoppiata HJT e MBAM :O)
Intanto prova con combo
MSN/Email: supercesco94@hotmail.it
Skype: francesco240194
Sito Web: http://windowspertutti.altervista.org
FDAC
Utente Senior
 
Post: 235
Iscritto il: 30/07/10 08:39
Località: Trento

Sponsor
 

Re: problema grosso col pc

Postdi zsalvo » 30/07/10 14:30

FDAC ha scritto:Prova in Modalità provvisoria -F8 pigiato ripetutamente all'avvio del PC, quando compare il logo del produttore-, a fare andare Combofix.
Dovrebbe funzionare.
Posta qui il log, gli esperti poi daranno il loro parere.
Comunque hai delle infezioni che si possono rimuovere anche con l'accoppiata HJT e MBAM :O)
Intanto prova con combo



Allora fatto in modalità provvisoria ed ha funzionato, vi posto il log:

Codice: Seleziona tutto
ComboFix 10-07-29.02 - Administrator 30/07/2010  14.59.25.1.1 - x86 MINIMAL
Eseguito da: c:\documents and settings\Utente\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

(((((((((((((((((((((((((((((((((((((   Altre eliminazioni   )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Dati applicazioni\PMbUjJAJ.exe
c:\documents and settings\All Users\Documenti\Settings
c:\documents and settings\Utente\Dati applicazioni\inst.exe
c:\documents and settings\Utente\Dati applicazioni\Microsoft\~DFK29b445.tmp
c:\programmi\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
c:\windows\system32\AutoRun.inf
c:\windows\system32\csrcs.exe
c:\windows\system32\sshnas21.dll
c:\windows\system32\Thumbs.db
c:\windows\Tasks\At1.job
c:\windows\Tasks\At101.job
c:\windows\Tasks\At108.job

[code] <pre>
c:\programmi\Veoh Networks\VeohWebPlayer\veohwebplayer .exe ---^> c:\programmi\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
</pre> [/code]
.
.
(((((((((((((((((((((((((((((((((((((((   Driver/Servizi   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SSHNAS
-------\Service_SSHNAS


(((((((((((((((((((((((((   Files Creati Da 2010-06-28 al 2010-07-30  )))))))))))))))))))))))))))))))))))
.

2010-07-30 09:33 . 2010-07-30 09:35   --------   d-----w-   c:\documents and settings\Utente\Dati applicazioni\UseNeXT
2010-07-30 09:33 . 2010-07-30 09:33   --------   d-----w-   c:\programmi\UseNeXT
2010-07-30 09:33 . 2010-07-30 09:33   398336   ----a-w-   c:\windows\system32\CF25087.exe
2010-07-30 09:26 . 2010-07-30 09:26   398336   ----a-w-   c:\windows\system32\CF23748.exe
2010-07-30 09:22 . 2010-07-30 09:22   398336   ----a-w-   c:\windows\system32\CF22951.exe
2010-07-29 19:07 . 2010-07-29 19:07   --------   d-----w-   c:\programmi\Rockstar Games
2010-07-29 10:59 . 2010-07-29 11:12   --------   d-----w-   c:\documents and settings\NetworkService\Impostazioni locali\Dati applicazioni\Softonic_Italia
2010-07-29 10:59 . 2010-07-29 10:59   --------   d-----w-   c:\documents and settings\NetworkService\Impostazioni locali\Dati applicazioni\Conduit
2010-07-29 10:59 . 2010-07-29 19:00   --------   d-----w-   c:\documents and settings\Utente\Impostazioni locali\Dati applicazioni\Softonic_Italia
2010-07-29 10:59 . 2010-07-29 10:59   --------   d-----w-   c:\programmi\Softonic_Italia
2010-07-29 10:59 . 2009-11-13 10:04   52224   ----a-w-   c:\documents and settings\Utente\Dati applicazioni\Mozilla\Firefox\Profiles\69dkeww3.default\extensions\{4edd5c14-2d22-4d7a-9748-c975a7fd933b}\components\FFExternalAlert.dll
2010-07-29 10:59 . 2009-11-13 10:04   114688   ----a-w-   c:\documents and settings\Utente\Dati applicazioni\Mozilla\Firefox\Profiles\69dkeww3.default\extensions\{4edd5c14-2d22-4d7a-9748-c975a7fd933b}\components\npmozax.dll
2010-07-29 10:57 . 2010-07-29 11:01   --------   d-----w-   c:\programmi\CDex
2010-07-27 10:30 . 2010-04-29 13:39   38224   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-27 10:30 . 2010-07-27 16:41   --------   d-----w-   c:\programmi\Malwarebytes' Anti-Malware
2010-07-27 10:30 . 2010-04-29 13:39   20952   ----a-w-   c:\windows\system32\drivers\mbam.sys
2010-07-25 12:02 . 2010-07-25 12:02   --------   d-s---w-   c:\documents and settings\LocalService\UserData
2010-07-25 12:00 . 2010-07-25 12:00   --------   d-----r-   c:\documents and settings\LocalService\Preferiti
2010-07-24 13:34 . 2010-07-24 13:34   --------   d-----w-   c:\programmi\FreeTime
2010-07-20 12:49 . 2010-07-20 12:49   --------   d-----w-   c:\documents and settings\All Users\Dati applicazioni\DVD Shrink
2010-07-17 11:44 . 2010-07-17 11:44   --------   d-----r-   c:\documents and settings\NetworkService\Preferiti
2010-07-11 11:35 . 2010-07-11 11:35   56765   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-07-11 11:35 . 2010-07-11 11:35   57715   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\Player\Uninstaller.exe
2010-07-11 11:34 . 2010-07-11 11:34   54153   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\DFXPlugin\Uninstaller.exe
2010-07-10 17:54 . 2010-07-10 17:54   --------   d-----w-   c:\programmi\Megaupload
2010-07-04 14:08 . 2010-07-15 12:23   --------   d-----w-   c:\documents and settings\Utente\Dati applicazioni\OfferBox

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-30 12:51 . 2010-02-03 14:04   --------   d-----w-   c:\documents and settings\All Users\Dati applicazioni\avg9
2010-07-29 19:07 . 2009-11-20 08:53   --------   d--h--w-   c:\programmi\InstallShield Installation Information
2010-07-29 12:14 . 2009-11-21 12:57   --------   d-----w-   c:\programmi\Metin2_Italiano
2010-07-27 14:34 . 2010-02-09 21:41   --------   d-----w-   c:\programmi\File comuni\Symantec Shared
2010-07-27 10:22 . 2010-07-17 11:41   112   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\5it12s5a.dat
2010-07-21 10:46 . 2009-11-29 11:21   --------   d-----w-   c:\programmi\QuickTime
2010-07-20 12:11 . 2010-05-19 11:47   --------   d-----w-   c:\documents and settings\All Users\Dati applicazioni\DivX
2010-07-20 12:10 . 2009-11-20 08:31   --------   d-----w-   c:\programmi\DivX
2010-07-17 11:36 . 2005-10-31 20:15   36868   ----a-w-   c:\windows\system32\VTtrayp.exe
2010-07-17 11:36 . 2005-03-07 19:33   36868   ----a-w-   c:\windows\system32\VTTimer.exe
2010-07-17 09:13 . 2010-02-03 14:05   243024   ----a-w-   c:\windows\system32\drivers\avgtdix.sys
2010-07-17 09:13 . 2010-03-15 11:35   12536   ----a-w-   c:\windows\system32\avgrsstx.dll
2010-07-17 09:12 . 2010-02-03 14:05   216400   ----a-w-   c:\windows\system32\drivers\avgldx86.sys
2010-07-11 11:44 . 2010-05-30 13:01   57344   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-07-11 11:25 . 2010-05-30 13:00   1062184   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\Setup\Resource.dll
2010-07-11 11:25 . 2010-05-30 13:00   895256   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\Setup\DivXSetup.exe
2010-07-07 13:18 . 2010-01-18 13:54   --------   d-----w-   c:\documents and settings\All Users\Dati applicazioni\ACASystems
2010-06-27 11:49 . 2010-06-27 11:49   --------   d-----w-   c:\documents and settings\All Users\Dati applicazioni\McAfee
2010-06-24 08:35 . 2010-05-22 16:23   --------   d-----w-   c:\documents and settings\Utente\Dati applicazioni\U3
2010-06-21 13:04 . 2010-06-21 13:04   93016   ----a-w-   c:\documents and settings\Utente\Dati applicazioni\OfferBox\offerboxffx@offerbox.com\components\OfferBoxXpCom.dll
2010-06-15 19:33 . 2010-06-15 19:33   664   ----a-w-   c:\windows\system32\d3d9caps.dat
2010-06-12 19:44 . 2010-02-03 14:04   --------   d-----w-   c:\documents and settings\All Users\Dati applicazioni\AVG Security Toolbar
2010-06-05 14:36 . 2010-06-05 14:36   56997   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\WebPlayer\Uninstaller.exe
2010-06-05 14:35 . 2010-06-05 14:35   53600   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\Update\Uninstaller.exe
2010-06-05 14:35 . 2010-06-05 14:35   54128   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\Converter\Uninstaller.exe
2010-06-05 14:35 . 2010-06-05 14:35   54644   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\TranscodeEngine\Uninstaller.exe
2010-06-05 14:35 . 2010-06-05 14:35   54101   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\MPEG2Plugin\Uninstaller.exe
2010-06-03 08:42 . 2010-02-03 14:05   29584   ----a-w-   c:\windows\system32\drivers\avgmfx86.sys
2010-05-31 14:05 . 2010-05-31 14:05   152576   ----a-w-   c:\documents and settings\Utente\Dati applicazioni\Sun\Java\jre1.6.0_15\lzma.dll
2010-05-31 13:55 . 2010-05-31 13:54   79488   ----a-w-   c:\documents and settings\Utente\Dati applicazioni\Sun\Java\jre1.6.0_17\gtapi.dll
2010-05-31 13:50 . 2010-01-12 19:20   152576   ----a-w-   c:\documents and settings\Utente\Dati applicazioni\Sun\Java\jre1.6.0_17\lzma.dll
2010-05-31 13:33 . 2009-11-20 22:23   --------   d-----w-   c:\documents and settings\Utente\Dati applicazioni\DivX
2010-05-30 12:59 . 2010-05-30 12:59   84040   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\TransferWizard\Uninstaller.exe
2010-05-30 12:59 . 2010-05-30 12:59   57054   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\DSDesktopComponents\Uninstaller.exe
2010-05-30 12:59 . 2010-05-30 12:59   54166   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\DSAVCDecoder\Uninstaller.exe
2010-05-30 12:59 . 2010-05-30 12:59   57532   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\DSASPDecoder\Uninstaller.exe
2010-05-30 12:59 . 2010-05-30 12:59   56458   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\DivXDecoderShortcut\Uninstaller.exe
2010-05-30 12:59 . 2010-05-30 12:59   54174   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\DSAACDecoder\Uninstaller.exe
2010-05-30 12:58 . 2010-05-30 12:58   57409   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\ControlPanel\Uninstaller.exe
2010-05-30 12:58 . 2010-05-30 12:58   52963   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-05-30 12:57 . 2010-05-30 12:57   54073   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\Qt4.5\Uninstaller.exe
2010-05-30 12:57 . 2010-05-30 12:57   56969   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\ASPEncoder\Uninstaller.exe
2010-05-27 14:53 . 2010-05-27 14:53   56   ---ha-w-   c:\windows\system32\ezsidmv.dat
2010-05-06 20:42 . 2010-05-06 15:35   4706   ----a-w-   c:\windows\system32\PerfStringBackup.TMP
2010-05-06 20:42 . 2001-08-31 15:00   81114   ----a-w-   c:\windows\system32\perfc010.dat
2010-05-06 20:42 . 2001-08-31 15:00   483312   ----a-w-   c:\windows\system32\perfh010.dat
2010-05-05 19:24 . 2010-05-05 19:24   691696   ----a-w-   c:\windows\system32\drivers\sptd.sys
.
[code]<pre>
c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl .exe
c:\programmi\AVG\AVG9\avgtray .exe
c:\programmi\CyberLink\PowerDVD8\PDVD8Serv .exe
c:\programmi\CyberLink\PowerDVD8\Language\Language .exe
c:\programmi\DivX\DivX Update\DivXUpdate .exe
c:\programmi\File comuni\Ahead\Lib\NeroCheck .exe
c:\programmi\File comuni\Ahead\Lib\NMBgMonitor .exe
c:\programmi\File comuni\ScanSoft Shared\SSBkgdUpdate\SSBkgdupdate .exe
c:\programmi\Microsoft Office\Office12\GrooveMonitor .exe
c:\programmi\QuickTime\qttask  .exe
c:\programmi\ScanSoft\OmniPageSE4.0\OpwareSE4 .exe
c:\windows\system32\VTTimer .exe
c:\windows\system32\VTtrayp .exe
</pre>[/code]

(((((((((((((((((((((((((((((((((((((   Punti Reg Caricati   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{4edd5c14-2d22-4d7a-9748-c975a7fd933b}"= "c:\programmi\Softonic_Italia\tbSoft.dll" [2009-11-09 2331672]

[HKEY_CLASSES_ROOT\clsid\{4edd5c14-2d22-4d7a-9748-c975a7fd933b}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4edd5c14-2d22-4d7a-9748-c975a7fd933b}]
2009-11-09 16:38   2331672   ----a-w-   c:\programmi\Softonic_Italia\tbSoft.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{4edd5c14-2d22-4d7a-9748-c975a7fd933b}"= "c:\programmi\Softonic_Italia\tbSoft.dll" [2009-11-09 2331672]

[HKEY_CLASSES_ROOT\clsid\{4edd5c14-2d22-4d7a-9748-c975a7fd933b}]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableStatusMessages"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
c:\programmi\QuickTime\qttask  .exe -atboottime [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeohPlugin]
2010-04-28 18:15   2633976   ----a-w-   c:\programmi\Veoh Networks\VeohWebPlayer\veohwebplayer.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [03/02/2010 16.05.10 216400]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [03/02/2010 16.05.17 243024]
R2 avg9wd;AVG Free WatchDog;c:\programmi\AVG\AVG9\avgwdsvc.exe [17/07/2010 11.13.24 308136]
S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [24/11/2009 23.14.29 135664]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [05/05/2010 21.24.42 691696]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\Shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2eb7c4ec-7e22-11df-8582-0019db866a6a}]
\sHElL\AutoRun\command - G:\RkNVgY.exE
\sHElL\oPEn\CommaND - G:\rknvgY.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{381d2465-65bd-11df-84d1-0019db866a6a}]
\Shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{61df843c-ff98-11de-8274-0019db866a6a}]
\sHell\AutoRun\command - G:\KHZTKl.exE
\sHell\oPEn\comMAnd - G:\kHztKL.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b818ea44-e251-11de-81d1-0019db866a6a}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{be84c9e8-3828-11df-83b3-0019db866a6a}]
\Shell\AutoRun\command - RECYCLER\recycld.exe e
\Shell\open\command - RECYCLER\recycld.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e7c9f3be-3a67-11df-83be-0019db866a6a}]
\ShelL\AutoRun\command - F:\kIHXsn.ExE
\ShelL\OpEN\CoMMANd - F:\kihXSn.EXE
.
Contenuto della cartella 'Scheduled Tasks'

2010-06-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2007-01-10 14:42]

2010-07-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-11-24 21:14]

2010-07-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-11-24 21:14]

2010-07-27 c:\windows\Tasks\Norton Security Scan for Utente.job
- c:\programmi\Norton Security Scan\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-05-19 07:48]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1701838
FF - ProfilePath -

---- FIREFOX POLICIES ----
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type",                  5);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size",  4096);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - c:\programmi\AVG\AVG9\Toolbar\IEToolbar.dll
WebBrowser-{D6902984-559D-4D30-83BA-6315D7C84CD1} - (no file)
AddRemove-7MESl-hXOW - c:\windows\system32\7MESl-hXOW.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-30 15:07
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\wdfmgr.exe
c:\programmi\AVG\AVG9\avgchsvx.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Ora fine scansione: 2010-07-30  15:13:14 - Il pc è stato riavviato
ComboFix-quarantined-files.txt  2010-07-30 13:13

Pre-Run: 14.897.242.112 byte disponibili
Post-Run: 14.797.893.632 byte disponibili

- - End Of File - - 491A8C72133E88C8EAF56438905D9973
zsalvo
Utente Junior
 
Post: 89
Iscritto il: 26/07/10 23:35

Re: problema grosso col pc

Postdi Luke57 » 30/07/10 21:33

Ciao, Apri un file di testo sul Desktop
Start > esegui, digita: notepad.exe e poi clicca Ok
Incolla il codice che vedi qui sotto, e salvi il file di testo obbligatoriamente
con il nome CFScript.txt sul desktop.

Codice: Seleziona tutto
Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2eb7c4ec-7e22-11df-8582-0019db866a6a}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{381d2465-65bd-11df-84d1-0019db866a6a}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{61df843c-ff98-11de-8274-0019db866a6a}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b818ea44-e251-11de-81d1-0019db866a6a}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{be84c9e8-3828-11df-83b3-0019db866a6a}]




trascina il file con il puntatore del mouse sull'icona di combofix. Il proghramma avvierà una nuova scansione: al termine di essa posta il nuovo report C:\combofix.txt.
Luke57
Moderatore
 
Post: 6413
Iscritto il: 11/08/05 19:10

Re: problema grosso col pc

Postdi zsalvo » 31/07/10 11:52

Ecco qui il log:

Codice: Seleziona tutto
ComboFix 10-07-29.02 - Administrator 31/07/2010  12.30.58.2.1 - x86 MINIMAL
Microsoft Windows XP Professional  5.1.2600.3.1252.39.1040.18.958.776 [GMT 2:00]
Eseguito da: c:\documents and settings\Utente\Desktop\ComboFix.exe
Opzioni usate :: c:\documents and settings\Utente\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

(((((((((((((((((((((((((   Files Creati Da 2010-06-28 al 2010-07-31  )))))))))))))))))))))))))))))))))))
.

2010-07-30 14:56 . 2010-07-30 14:56   --------   d-----w-   c:\programmi\Ask.com
2010-07-30 09:33 . 2010-07-30 09:35   --------   d-----w-   c:\documents and settings\Utente\Dati applicazioni\UseNeXT
2010-07-30 09:33 . 2010-07-30 09:33   --------   d-----w-   c:\programmi\UseNeXT
2010-07-30 09:33 . 2010-07-30 09:33   398336   ----a-w-   c:\windows\system32\CF25087.exe
2010-07-30 09:26 . 2010-07-30 09:26   398336   ----a-w-   c:\windows\system32\CF23748.exe
2010-07-30 09:22 . 2010-07-30 09:22   398336   ----a-w-   c:\windows\system32\CF22951.exe
2010-07-29 19:07 . 2010-07-29 19:07   --------   d-----w-   c:\programmi\Rockstar Games
2010-07-29 10:59 . 2010-07-29 11:12   --------   d-----w-   c:\documents and settings\NetworkService\Impostazioni locali\Dati applicazioni\Softonic_Italia
2010-07-29 10:59 . 2010-07-29 10:59   --------   d-----w-   c:\documents and settings\NetworkService\Impostazioni locali\Dati applicazioni\Conduit
2010-07-29 10:59 . 2010-07-29 19:00   --------   d-----w-   c:\documents and settings\Utente\Impostazioni locali\Dati applicazioni\Softonic_Italia
2010-07-29 10:59 . 2010-07-29 10:59   --------   d-----w-   c:\programmi\Softonic_Italia
2010-07-29 10:59 . 2009-11-13 10:04   52224   ----a-w-   c:\documents and settings\Utente\Dati applicazioni\Mozilla\Firefox\Profiles\69dkeww3.default\extensions\{4edd5c14-2d22-4d7a-9748-c975a7fd933b}\components\FFExternalAlert.dll
2010-07-29 10:59 . 2009-11-13 10:04   114688   ----a-w-   c:\documents and settings\Utente\Dati applicazioni\Mozilla\Firefox\Profiles\69dkeww3.default\extensions\{4edd5c14-2d22-4d7a-9748-c975a7fd933b}\components\npmozax.dll
2010-07-29 10:57 . 2010-07-29 11:01   --------   d-----w-   c:\programmi\CDex
2010-07-27 10:30 . 2010-04-29 13:39   38224   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-27 10:30 . 2010-07-27 16:41   --------   d-----w-   c:\programmi\Malwarebytes' Anti-Malware
2010-07-27 10:30 . 2010-04-29 13:39   20952   ----a-w-   c:\windows\system32\drivers\mbam.sys
2010-07-25 12:02 . 2010-07-25 12:02   --------   d-s---w-   c:\documents and settings\LocalService\UserData
2010-07-25 12:00 . 2010-07-25 12:00   --------   d-----r-   c:\documents and settings\LocalService\Preferiti
2010-07-24 13:34 . 2010-07-24 13:34   --------   d-----w-   c:\programmi\FreeTime
2010-07-20 12:49 . 2010-07-20 12:49   --------   d-----w-   c:\documents and settings\All Users\Dati applicazioni\DVD Shrink
2010-07-17 11:44 . 2010-07-17 11:44   --------   d-----r-   c:\documents and settings\NetworkService\Preferiti
2010-07-11 11:35 . 2010-07-11 11:35   56765   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-07-11 11:35 . 2010-07-11 11:35   57715   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\Player\Uninstaller.exe
2010-07-11 11:34 . 2010-07-11 11:34   54153   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\DFXPlugin\Uninstaller.exe
2010-07-10 17:54 . 2010-07-10 17:54   --------   d-----w-   c:\programmi\Megaupload
2010-07-04 14:08 . 2010-07-15 12:23   --------   d-----w-   c:\documents and settings\Utente\Dati applicazioni\OfferBox

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-30 14:00 . 2010-05-05 19:24   --------   d-----w-   c:\programmi\DAEMON Tools Lite
2010-07-30 13:18 . 2010-02-03 14:04   --------   d-----w-   c:\documents and settings\All Users\Dati applicazioni\avg9
2010-07-29 19:07 . 2009-11-20 08:53   --------   d--h--w-   c:\programmi\InstallShield Installation Information
2010-07-29 12:14 . 2009-11-21 12:57   --------   d-----w-   c:\programmi\Metin2_Italiano
2010-07-27 14:34 . 2010-02-09 21:41   --------   d-----w-   c:\programmi\File comuni\Symantec Shared
2010-07-27 10:22 . 2010-07-17 11:41   112   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\5it12s5a.dat
2010-07-21 10:46 . 2009-11-29 11:21   --------   d-----w-   c:\programmi\QuickTime
2010-07-20 12:11 . 2010-05-19 11:47   --------   d-----w-   c:\documents and settings\All Users\Dati applicazioni\DivX
2010-07-20 12:10 . 2009-11-20 08:31   --------   d-----w-   c:\programmi\DivX
2010-07-17 11:36 . 2005-10-31 20:15   36868   ----a-w-   c:\windows\system32\VTtrayp.exe
2010-07-17 11:36 . 2005-03-07 19:33   36868   ----a-w-   c:\windows\system32\VTTimer.exe
2010-07-17 09:13 . 2010-02-03 14:05   243024   ----a-w-   c:\windows\system32\drivers\avgtdix.sys
2010-07-17 09:13 . 2010-03-15 11:35   12536   ----a-w-   c:\windows\system32\avgrsstx.dll
2010-07-17 09:12 . 2010-02-03 14:05   216400   ----a-w-   c:\windows\system32\drivers\avgldx86.sys
2010-07-11 11:44 . 2010-05-30 13:01   57344   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-07-11 11:25 . 2010-05-30 13:00   1062184   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\Setup\Resource.dll
2010-07-11 11:25 . 2010-05-30 13:00   895256   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\Setup\DivXSetup.exe
2010-07-07 13:18 . 2010-01-18 13:54   --------   d-----w-   c:\documents and settings\All Users\Dati applicazioni\ACASystems
2010-06-27 11:49 . 2010-06-27 11:49   --------   d-----w-   c:\documents and settings\All Users\Dati applicazioni\McAfee
2010-06-24 08:35 . 2010-05-22 16:23   --------   d-----w-   c:\documents and settings\Utente\Dati applicazioni\U3
2010-06-21 13:04 . 2010-06-21 13:04   93016   ----a-w-   c:\documents and settings\Utente\Dati applicazioni\OfferBox\offerboxffx@offerbox.com\components\OfferBoxXpCom.dll
2010-06-15 19:33 . 2010-06-15 19:33   664   ----a-w-   c:\windows\system32\d3d9caps.dat
2010-06-12 19:44 . 2010-02-03 14:04   --------   d-----w-   c:\documents and settings\All Users\Dati applicazioni\AVG Security Toolbar
2010-06-05 14:36 . 2010-06-05 14:36   56997   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\WebPlayer\Uninstaller.exe
2010-06-05 14:35 . 2010-06-05 14:35   53600   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\Update\Uninstaller.exe
2010-06-05 14:35 . 2010-06-05 14:35   54128   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\Converter\Uninstaller.exe
2010-06-05 14:35 . 2010-06-05 14:35   54644   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\TranscodeEngine\Uninstaller.exe
2010-06-05 14:35 . 2010-06-05 14:35   54101   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\MPEG2Plugin\Uninstaller.exe
2010-06-03 08:42 . 2010-02-03 14:05   29584   ----a-w-   c:\windows\system32\drivers\avgmfx86.sys
2010-05-31 14:05 . 2010-05-31 14:05   152576   ----a-w-   c:\documents and settings\Utente\Dati applicazioni\Sun\Java\jre1.6.0_15\lzma.dll
2010-05-31 13:55 . 2010-05-31 13:54   79488   ----a-w-   c:\documents and settings\Utente\Dati applicazioni\Sun\Java\jre1.6.0_17\gtapi.dll
2010-05-31 13:50 . 2010-01-12 19:20   152576   ----a-w-   c:\documents and settings\Utente\Dati applicazioni\Sun\Java\jre1.6.0_17\lzma.dll
2010-05-30 12:59 . 2010-05-30 12:59   84040   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\TransferWizard\Uninstaller.exe
2010-05-30 12:59 . 2010-05-30 12:59   57054   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\DSDesktopComponents\Uninstaller.exe
2010-05-30 12:59 . 2010-05-30 12:59   54166   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\DSAVCDecoder\Uninstaller.exe
2010-05-30 12:59 . 2010-05-30 12:59   57532   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\DSASPDecoder\Uninstaller.exe
2010-05-30 12:59 . 2010-05-30 12:59   56458   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\DivXDecoderShortcut\Uninstaller.exe
2010-05-30 12:59 . 2010-05-30 12:59   54174   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\DSAACDecoder\Uninstaller.exe
2010-05-30 12:58 . 2010-05-30 12:58   57409   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\ControlPanel\Uninstaller.exe
2010-05-30 12:58 . 2010-05-30 12:58   52963   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-05-30 12:57 . 2010-05-30 12:57   54073   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\Qt4.5\Uninstaller.exe
2010-05-30 12:57 . 2010-05-30 12:57   56969   ----a-w-   c:\documents and settings\All Users\Dati applicazioni\DivX\ASPEncoder\Uninstaller.exe
2010-05-27 14:53 . 2010-05-27 14:53   56   ---ha-w-   c:\windows\system32\ezsidmv.dat
2010-05-06 20:42 . 2010-05-06 15:35   4706   ----a-w-   c:\windows\system32\PerfStringBackup.TMP
2010-05-06 20:42 . 2001-08-31 15:00   81114   ----a-w-   c:\windows\system32\perfc010.dat
2010-05-06 20:42 . 2001-08-31 15:00   483312   ----a-w-   c:\windows\system32\perfh010.dat
2010-05-05 19:24 . 2010-05-05 19:24   691696   ----a-w-   c:\windows\system32\drivers\sptd.sys
.
[code]<pre>
c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl .exe
c:\programmi\AVG\AVG9\avgtray .exe
c:\programmi\CyberLink\PowerDVD8\PDVD8Serv .exe
c:\programmi\CyberLink\PowerDVD8\Language\Language .exe
c:\programmi\DivX\DivX Update\DivXUpdate .exe
c:\programmi\File comuni\Ahead\Lib\NeroCheck .exe
c:\programmi\File comuni\Ahead\Lib\NMBgMonitor .exe
c:\programmi\File comuni\ScanSoft Shared\SSBkgdUpdate\SSBkgdupdate .exe
c:\programmi\Microsoft Office\Office12\GrooveMonitor .exe
c:\programmi\QuickTime\qttask  .exe
c:\programmi\ScanSoft\OmniPageSE4.0\OpwareSE4 .exe
c:\windows\system32\VTTimer .exe
c:\windows\system32\VTtrayp .exe
</pre>[/code]

(((((((((((((((((((((((((((((   SnapShot@2010-07-30_13.07.22   )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-07-30 14:56 . 2010-07-30 14:56   102400              c:\windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ARPPRODUCTICON.exe
+ 2010-07-30 14:56 . 2010-07-30 14:56   1847808              c:\windows\Installer\647a20.msi
.
(((((((((((((((((((((((((((((((((((((   Punti Reg Caricati   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4edd5c14-2d22-4d7a-9748-c975a7fd933b}]
2009-11-09 16:38   2331672   ----a-w-   c:\programmi\Softonic_Italia\tbSoft.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-02-04 14:50   1197448   ----a-w-   c:\programmi\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{4edd5c14-2d22-4d7a-9748-c975a7fd933b}"= "c:\programmi\Softonic_Italia\tbSoft.dll" [2009-11-09 2331672]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\programmi\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]

[HKEY_CLASSES_ROOT\clsid\{4edd5c14-2d22-4d7a-9748-c975a7fd933b}]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NeroHomeFirstStart"="c:\programmi\File comuni\Ahead\Lib\NMFirstStart.exe" [2007-03-12 16944]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableStatusMessages"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
c:\programmi\QuickTime\qttask  .exe -atboottime [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeohPlugin]
2010-04-28 18:15   2633976   ----a-w-   c:\programmi\Veoh Networks\VeohWebPlayer\veohwebplayer.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=

S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [03/02/2010 16.05.10 216400]
S1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [03/02/2010 16.05.17 243024]
S2 avg9wd;AVG Free WatchDog;c:\programmi\AVG\AVG9\avgwdsvc.exe [17/07/2010 11.13.24 308136]
S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [24/11/2009 23.14.29 135664]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [05/05/2010 21.24.42 691696]
.
Contenuto della cartella 'Scheduled Tasks'

2010-06-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2007-01-10 14:42]

2010-07-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-11-24 21:14]

2010-07-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-11-24 21:14]

2010-07-27 c:\windows\Tasks\Norton Security Scan for Utente.job
- c:\programmi\Norton Security Scan\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-05-19 07:48]

2010-07-31 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\programmi\Ask.com\UpdateTask.exe [2010-02-04 14:50]
.
.
------- Scansione supplementare -------
.
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
FF - ProfilePath -

---- FIREFOX POLICIES ----
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type",                  5);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size",  4096);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-31 12:37
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
Ora fine scansione: 2010-07-31  12:40:48
ComboFix-quarantined-files.txt  2010-07-31 10:40
ComboFix2.txt  2010-07-30 13:13

Pre-Run: 14.681.116.672 byte disponibili
Post-Run: 14.683.672.576 byte disponibili

- - End Of File - - 5CDB311859A45DA5F0813EB71CEBDABD


Io sinceramente non ci capisco niente XD.
zsalvo
Utente Junior
 
Post: 89
Iscritto il: 26/07/10 23:35

Re: problema grosso col pc

Postdi Luke57 » 02/08/10 18:15

Adesso pare a posto, hai sempre problemi?
Luke57
Moderatore
 
Post: 6413
Iscritto il: 11/08/05 19:10

Re: problema grosso col pc

Postdi zsalvo » 02/08/10 19:59

Luke57 ha scritto:Adesso pare a posto, hai sempre problemi?



nono, però mi serve un antivirus, quello che avevo prima (avg) l'ho disistallato, avresti qualche antivirus gratuito da consigliarmi?
zsalvo
Utente Junior
 
Post: 89
Iscritto il: 26/07/10 23:35

Re: problema grosso col pc

Postdi gahan » 02/08/10 21:13

Ciao,

come antivirus gratuito posso consigliarti Avira Antivir, a mio avviso il migliore tra quelli free.
words like violence, break the silence
Avatar utente
gahan
Moderatore
 
Post: 1397
Iscritto il: 23/01/08 16:09

Re: problema grosso col pc

Postdi zsalvo » 03/08/10 09:18

ok grazie per l'informazione
zsalvo
Utente Junior
 
Post: 89
Iscritto il: 26/07/10 23:35

Re: problema grosso col pc

Postdi zsalvo » 03/08/10 09:40

scusa se disturbo ancora, comunque l'antivirus è in inglese c'e un modo per metterlo in italiano?
zsalvo
Utente Junior
 
Post: 89
Iscritto il: 26/07/10 23:35

Re: problema grosso col pc

Postdi gahan » 03/08/10 09:51

Ciao zsalvo,

ecco il link per scaricare Avira in italiano

http://dlce.antivir.com/package/wks_avi ... nal_it.exe
words like violence, break the silence
Avatar utente
gahan
Moderatore
 
Post: 1397
Iscritto il: 23/01/08 16:09

Re: problema grosso col pc

Postdi zsalvo » 03/08/10 11:11

adesso lo scarico grazie mille.
volevo chiedervi un'ultima cosa, sapete se c'e qualche modo per aumentare la velocità del pc (specialmente di internet) ?
zsalvo
Utente Junior
 
Post: 89
Iscritto il: 26/07/10 23:35

Re: problema grosso col pc

Postdi gahan » 03/08/10 12:07

La velocità di internet dipende prevalentemente dalla connessione che ti è stata fornita.
Ma anche da altri fattori quali:
il modem ADSL/Router
traffico in rete
ecc..

Inoltre è bene effettuare sempre una pulizia completa con un ottimo software di manutenzione, ad esempio CCleaner, per eliminare file temporanei e cookies, che rallentano la navigazione sul web.
words like violence, break the silence
Avatar utente
gahan
Moderatore
 
Post: 1397
Iscritto il: 23/01/08 16:09

Re: problema grosso col pc

Postdi zsalvo » 03/08/10 13:01

gahan ha scritto:La velocità di internet dipende prevalentemente dalla connessione che ti è stata fornita.
Ma anche da altri fattori quali:
il modem ADSL/Router
traffico in rete
ecc..

Inoltre è bene effettuare sempre una pulizia completa con un ottimo software di manutenzione, ad esempio CCleaner, per eliminare file temporanei e cookies, che rallentano la navigazione sul web.



ok grazie per le risposte e per l'aiuto, mi avete fatto risparmiare un bel po di soldini XD
zsalvo
Utente Junior
 
Post: 89
Iscritto il: 26/07/10 23:35

Re: problema grosso col pc

Postdi waltergoal » 27/08/12 21:55

Ciao ragazzi,
io ho un problema analogo con Search Finder.
Potete darmi una mano con il log di Hijackthis? Non so proprio cosa eliminare.

Ecco il log:
C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Users\Public\Documents\AppData\PoApp\PService.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
C:\Users\Walter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Walter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Walter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Walter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Walter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Walter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: SearchToolbar.ShowToolbarBHO - {86a3cdaa-9b25-480e-b73f-c2d359b87966} - mscoree.dll (file missing)
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: SearchToolbar - {691ca8ec-7205-4aa9-bdd6-15493d16f835} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Dolby PCEE4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [PosService] C:\Users\Public\Documents\AppData\PoApp\PLauncher.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Walter\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Walter\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Visualizza o nasconde HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{451E281D-3F3A-4F3E-9960-FC7016FF40B4}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{B6A48E19-DD51-4BDF-98D0-07A663EB1C2B}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{C8FF0CF3-7389-479C-B828-4F07DA0DA887}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{C9E55D7A-25CA-4B79-AA51-1904BCBB2ADD}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{FD4FB55D-2B5D-49C5-A591-B8AB51BE7674}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{451E281D-3F3A-4F3E-9960-FC7016FF40B4}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{451E281D-3F3A-4F3E-9960-FC7016FF40B4}: NameServer = 176.31.229.24,176.31.229.25
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: ExpressCache - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Sleep memory optimizer (FFSOpzSvc) - Acer Incorporated - C:\Program Files\Sleep Memory Optimizer\FFSService.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\Windows\SysWOW64\irstrtsv.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Pos Service (PowerOffer Service) - PowerOfferService - C:\Users\Walter\AppData\Local\PosService\Pos.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Serv Updater (ServUpdater) - ServiceUpd - C:\Users\Walter\AppData\Local\ServUpdater\ServiceUpd.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Software Upd (SoftwareUpd) - SoftwareUpdService - C:\Users\Walter\AppData\Local\SoftwareUpdater\SoftwareUpdService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.5 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Acer Theft Shield Service (USecuAppSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Theft Shield\USecuAppSvc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe
waltergoal
Newbie
 
Post: 1
Iscritto il: 27/08/12 21:50

Re: problema grosso col pc

Postdi Luke57 » 27/08/12 22:30

Ciao, disistalla da installazioni applicazioni il programma seguente:
Poweroffer

visualizza file e cartelle nascosti:
http://windows.microsoft.com/it-IT/wind ... dden-files
cerca e cancella le seguenti cartelle:
C:\Users\Walter\AppData\Local\PosService
C:\Users\Walter\AppData\Local\ServUpdater
C:\Users\Public\Documents\AppData\PoApp
Luke57
Moderatore
 
Post: 6413
Iscritto il: 11/08/05 19:10

Precedente

Torna a Sicurezza e Privacy


Topic correlati a "problema grosso col pc":

Problema con il mouse
Autore: crisge73
Forum: Discussioni
Risposte: 9
Problema Tiktok
Autore: Fra_rey
Forum: Discussioni
Risposte: 1

Chi c’è in linea

Visitano il forum: Nessuno e 6 ospiti