Pc lentissimo, internet, programmi giochi..

[parananza]

Salve a tutti, ho un problema che mi afflige, con un computer acquistato un mesetto fà, percio' nuovo.
Il mio sistema operativo è Win 7, Il procio è un I5 da 2.5 giga, la ram 4gb ddr3 e la scheda video Nvidia Ge force gt540m cuda 2gb.
Ecco, veniamo al dunque, quando navigo, si blocca di continuo, se provo a far partire un gioco, ci mette il triplo del tempo a partire, e quando si carica, va tutto a scatti, quando guardo in gestione attività, mi dice che l'utilizzo della cpu, è tra l'uno e il 3%, quindi neppure questo è il problema, quando carico le pagine con firefox, notavo in basso a sinistra, dove dice "in attesa del sito..." che apparivano altre pagine, oltre a quella che io cercavo, inoltre caricava alla fine, solamente quella che ccercavo io, le altre apparivano, ma poi non venivano, materialmente caricate, mi pare che una era doubleclick, qualcosa, e un altra windows system etc... Comunque il browser si impalava di coontinuo.
Ora ho fatto una scansione con eset Nod 32, che non ha dato nessun risultato, ho fatto il log con hijackthis, che postero' di seguito, ho provato con combofix, con Spyware search & destroier, che mi ha rilevato 5 files, una toobar, e 2 che non ho idea di cosa siano, poi con Advanced Spyware remover, ho rimosso 3 coockies, e un paio di altri fies, e ora il browser sembra essere un po' piu' veloce di prima, l'unico problema rimane il pc in generale che è lentissimo.
Ringrazio anticipatamente, e spero in una risposta.
LOG DI HIJACKTHIS
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:31:21, on 23/05/2011
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16766)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Program Files (x86)\WinZip\WZQKPICK.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Users\Public\Documents\PowerOffer\POService.exe
F:\Total Health\AutoPlay.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
F:\Total Health\_utilz\net\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PowerOffer - {3543619C-D563-43f7-95EA-4DA7E1CC396A} - C:\Users\Public\Documents\PowerOffer\PowerOfferBHO.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files (x86)\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O13 - Gopher Prefix:
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\System32\srvany.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10338 bytes

(((((((((((((((((((((((((((((LOG DI COMBOFIX))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

ComboFix 11-05-23.02 - utente 23/05/2011 22:54:11.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.39.1040.18.3767.2599 [GMT 2:00]
Eseguito da: f:\programmi\Files Aperti\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\programdata\FullRemove.exe
c:\users\utente\AppData\Roaming\OfferBox
c:\users\utente\AppData\Roaming\OfferBox\config.xml
c:\windows\SysWow64\instsrv.exe
.
.
((((((((((((((((((((((((( Files Creati Da 2011-04-23 al 2011-05-23 )))))))))))))))))))))))))))))))))))
.
.
2011-05-23 21:03 . 2011-05-23 21:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-22 14:15 . 2011-05-22 14:15 -------- d-----w- c:\users\utente\AppData\Local\Ahead
2011-05-22 14:12 . 2011-05-22 14:15 -------- d-----w- c:\users\utente\AppData\Roaming\Ahead
2011-05-22 14:11 . 2011-05-22 14:11 -------- d-----w- c:\programdata\Nero
2011-05-22 14:11 . 2011-05-22 14:15 -------- d-----w- c:\program files (x86)\Common Files\Ahead
2011-05-22 14:11 . 2011-05-22 14:11 -------- d-----w- c:\program files (x86)\Nero
2011-05-20 07:23 . 2011-05-09 22:00 8718160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BA8B4E66-2723-4865-883B-663FD41E3907}\mpengine.dll
2011-05-19 22:34 . 2011-05-19 22:34 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2011-05-19 22:34 . 2011-05-19 22:34 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2011-05-19 22:34 . 2011-05-19 22:34 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2011-05-19 22:34 . 2011-05-19 22:34 -------- d-----w- c:\program files (x86)\OpenAL
2011-05-19 22:15 . 2011-05-19 22:15 -------- d-----w- c:\users\utente\AppData\Local\119614890736297204
2011-05-19 22:15 . 2011-05-19 22:15 -------- d-----w- c:\users\utente\AppData\Local\119611678100759796
2011-05-19 21:46 . 2011-05-19 21:46 -------- d-----w- c:\users\utente\AppData\Local\119614890734134516
2011-05-19 21:46 . 2011-05-19 21:46 -------- d-----w- c:\users\utente\AppData\Local\119611678098597108
2011-05-19 21:43 . 2011-05-19 21:43 -------- d-----w- c:\users\utente\AppData\Local\119614890734724340
2011-05-19 21:43 . 2011-05-19 21:43 -------- d-----w- c:\users\utente\AppData\Local\119611678099186932
2011-05-19 21:07 . 2011-05-19 21:07 -------- d-----w- c:\users\utente\AppData\Local\119614890736166132
2011-05-19 21:07 . 2011-05-19 21:07 -------- d-----w- c:\users\utente\AppData\Local\119611678100628724
2011-05-19 21:05 . 2011-05-19 21:05 -------- d-----w- c:\users\utente\AppData\Local\119614890734593268
2011-05-19 21:05 . 2011-05-19 21:05 -------- d-----w- c:\users\utente\AppData\Local\119611678099055860
2011-05-17 00:07 . 2011-05-17 00:07 -------- d-----w- c:\program files (x86)\Ubisoft
2011-05-16 09:26 . 2011-05-16 09:26 -------- d-----w- c:\program files (x86)\IrfanView
2011-05-14 11:58 . 2011-05-14 11:58 -------- d-----w- c:\program files (x86)\Capcom
2011-05-13 05:24 . 2011-04-09 06:45 5509504 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-13 05:24 . 2011-04-09 06:13 3957632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-05-13 05:24 . 2011-04-09 06:13 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-05-13 04:22 . 2011-05-13 04:23 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2011-05-13 04:10 . 2003-04-18 17:06 8192 ----a-w- c:\windows\SysWow64\srvany.exe
2011-05-13 04:07 . 2011-05-13 04:07 -------- d-----w- c:\windows\PCHEALTH
2011-05-13 04:05 . 2011-05-13 04:05 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2011-05-13 04:04 . 2011-05-13 04:04 -------- d-----r- C:\MSOCache
2011-05-12 23:40 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-05-12 23:40 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2011-05-12 23:40 . 2011-02-19 06:37 1135104 ----a-w- c:\windows\system32\FntCache.dll
2011-05-12 23:40 . 2011-02-19 05:32 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-05-12 23:40 . 2011-02-19 06:37 1540608 ----a-w- c:\windows\system32\DWrite.dll
2011-05-12 23:40 . 2011-02-19 06:36 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-05-12 23:40 . 2011-02-19 05:32 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-05-11 16:14 . 2011-05-11 16:14 -------- d-----w- c:\windows\6833245EDD86479A882A8360D62C8194.TMP
2011-05-11 15:56 . 2011-05-11 15:56 -------- d-----w- c:\program files (x86)\Eidos
2011-05-10 04:05 . 2011-05-10 04:05 -------- d-----w- c:\users\utente\AppData\Local\THQ
2011-05-10 03:59 . 2009-01-08 00:58 12017070 ----a-r- c:\program files (x86)\SR2_pc.exe
2011-05-10 03:55 . 2011-05-10 03:55 676464 ----a-w- c:\program files (x86)\DFEngine.dll
2011-05-10 03:48 . 2011-05-10 03:48 171008 ----a-w- c:\program files (x86)\binkw32.dll
2011-05-10 03:47 . 2011-05-10 03:47 -------- d-----w- c:\program files (x86)\videos
2011-05-10 03:47 . 2011-05-10 03:47 -------- d-----w- c:\program files (x86)\shaders
2011-05-10 03:47 . 2011-05-10 03:47 -------- d-----w- c:\program files (x86)\Microsoft.VC80.CRT
2011-05-10 03:47 . 2011-05-10 03:47 -------- d-----w- c:\program files (x86)\DirectX
2011-05-10 03:47 . 2011-05-10 03:47 -------- d-----w- c:\program files (x86)\data
2011-05-10 01:39 . 2011-05-10 01:39 -------- d-----w- c:\programdata\CyberLink
2011-05-09 23:29 . 2011-05-09 23:29 2434856 ----a-w- c:\windows\SysWow64\pbsvc_bc2.exe
2011-05-09 19:36 . 2011-05-09 19:36 -------- d-----w- c:\windows\SysWow64\wbem\Logs
2011-05-09 19:34 . 2011-05-18 13:07 -------- d-----w- c:\users\utente\AppData\Local\Ubisoft Game Launcher
2011-05-09 18:22 . 2011-05-09 18:22 -------- d-----w- c:\users\utente\AppData\Roaming\Ubisoft
2011-05-09 02:47 . 2011-05-11 16:16 -------- d-----w- c:\users\utente\AppData\Roaming\eSobi
2011-05-09 00:14 . 2011-05-09 00:14 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2011-05-08 22:38 . 2011-05-08 22:38 -------- d-----w- c:\users\utente\AppData\Local\CrashRpt
2011-05-08 22:28 . 2011-05-19 23:41 -------- d-----w- c:\users\utente\AppData\Roaming\Camfrog
2011-05-07 22:03 . 2011-05-09 00:50 -------- d-----w- c:\windows\SysWow64\NV
2011-05-07 22:03 . 2011-05-09 00:50 -------- d-----w- c:\windows\system32\NV
2011-05-07 22:02 . 2011-05-16 17:46 -------- d-----w- c:\users\UpdatusUser
2011-05-07 22:00 . 2011-05-07 22:02 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2011-05-07 20:48 . 2011-05-09 18:22 -------- d-----w- c:\programdata\Ubisoft
2011-05-07 20:45 . 2011-05-09 23:29 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-05-07 20:45 . 2011-05-07 20:45 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-05-07 20:45 . 2011-05-07 20:45 -------- d-----w- c:\users\utente\AppData\Roaming\PunkBuster
2011-05-05 15:21 . 2011-05-15 04:39 -------- d-----w- c:\users\utente\AppData\Local\FalloutNV
2011-05-05 12:55 . 2011-05-05 12:55 -------- d-----w- c:\users\utente\AppData\Local\Electronic Arts
2011-05-05 12:52 . 2011-05-05 12:52 2762 ----a-w- c:\windows\SysWow64\ealregsnapshot1.reg
2011-05-05 12:52 . 2011-05-05 12:52 -------- d-----w- c:\users\utente\AppData\Local\Downloaded Installations
2011-05-05 01:04 . 2011-05-05 01:04 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2011-05-05 01:04 . 2011-05-05 01:04 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2011-05-05 00:49 . 2011-05-05 00:49 1409 ----a-w- c:\windows\QTFont.for
2011-05-05 00:45 . 2011-05-10 03:57 -------- d-----w- c:\users\utente\AppData\Local\Rockstar Games
2011-05-04 12:30 . 2011-05-04 12:30 -------- d-----w- c:\users\utente\AppData\Local\Activision
2011-05-03 23:59 . 2011-05-03 23:59 -------- d--h--r- c:\users\utente\AppData\Roaming\SecuROM
2011-05-03 21:39 . 2011-05-03 21:39 -------- d-----w- c:\users\utente\AppData\Roaming\PowerUp Software
2011-05-03 21:35 . 2011-05-03 21:35 -------- d-----w- c:\programdata\PowerUp Software
2011-05-03 20:58 . 2011-05-04 15:27 -------- d-----w- c:\users\utente\AppData\Roaming\Bioshock2
2011-05-03 00:57 . 2011-05-03 00:57 -------- d-----w- c:\users\utente\AppData\Local\Diagnostics
2011-05-02 12:57 . 2011-05-02 12:57 -------- d-----w- c:\users\utente\AppData\Local\storage
2011-05-02 11:39 . 2011-05-02 11:39 -------- d-----w- c:\users\utente\AppData\Roaming\bizarre creations
2011-05-02 11:28 . 2011-05-02 11:28 -------- d-----w- c:\program files (x86)\Activision
2011-05-01 11:00 . 2011-05-01 11:00 -------- d-----w- c:\programdata\ASign
2011-05-01 02:53 . 2011-05-19 22:34 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2011-05-01 02:53 . 2011-05-01 02:53 -------- d-----w- c:\program files\BRS
2011-05-01 02:53 . 2010-07-28 17:10 1380352 ----a-w- c:\windows\SysWow64\rapture3d_oal.dll
2011-05-01 02:53 . 2010-03-01 18:51 17686528 ----a-w- c:\windows\SysWow64\mkl_blueripple.dll
2011-05-01 01:37 . 2011-05-01 01:37 -------- d-----w- c:\users\utente\AppData\Roaming\2K Sports
2011-05-01 01:36 . 2011-05-01 01:36 -------- d--h--w- c:\windows\msdownld.tmp
2011-04-30 20:20 . 2011-04-30 20:20 -------- d-----w- c:\users\utente\AppData\Local\ESET
2011-04-30 20:16 . 2011-04-30 20:16 -------- d-----w- c:\users\utente\AppData\Roaming\NVIDIA
2011-04-30 19:46 . 2007-03-12 14:42 4494184 ----a-w- c:\windows\system32\d3dx9_33.dll
2011-04-30 19:46 . 2007-03-12 14:42 3495784 ----a-w- c:\windows\SysWow64\d3dx9_33.dll
2011-04-30 19:46 . 2007-01-24 13:27 393576 ----a-w- c:\windows\system32\xactengine2_6.dll
2011-04-30 19:46 . 2007-01-24 13:27 255848 ----a-w- c:\windows\SysWow64\xactengine2_6.dll
2011-04-30 19:46 . 2007-03-05 10:42 15128 ----a-w- c:\windows\SysWow64\x3daudio1_1.dll
2011-04-30 19:46 . 2007-03-05 10:42 17688 ----a-w- c:\windows\system32\x3daudio1_1.dll
2011-04-30 12:24 . 2011-05-02 22:04 -------- d-----w- c:\programdata\KONAMI
2011-04-29 18:05 . 2011-04-29 18:05 -------- d-----w- c:\program files\Microsoft Xbox 360 Accessories
2011-04-29 15:26 . 2011-04-29 15:26 399736 ----a-w- c:\program files\uTorrent.exe
2011-04-29 15:25 . 2011-05-23 09:15 -------- d-----w- c:\users\utente\AppData\Roaming\uTorrent
2011-04-29 13:14 . 2007-04-05 07:37 41184 ----a-w- c:\programdata\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR v3.80 Keygen CORE.exe
2011-04-29 00:16 . 2011-04-29 00:16 -------- d-----w- c:\users\utente\AppData\Local\Microsoft Help
2011-04-29 00:16 . 2011-05-13 04:23 -------- d-----w- c:\programdata\Microsoft Help
2011-04-28 14:11 . 2011-04-28 14:11 -------- d-----w- c:\programdata\IObit
2011-04-28 14:11 . 2011-05-16 17:46 -------- d-----w- c:\program files\Game Booster
2011-04-28 13:55 . 2011-04-28 13:57 -------- d-----w- c:\program files\ESET
2011-04-28 01:01 . 2011-05-23 07:53 -------- d-----w- c:\users\utente\Tracing
2011-04-28 00:57 . 2011-04-28 00:57 -------- d-----w- c:\users\utente\AppData\Local\CAPCOM
2011-04-27 22:31 . 2009-03-09 13:27 5425496 ----a-w- c:\windows\system32\D3DX9_41.dll
2011-04-27 22:31 . 2009-03-09 13:27 520544 ----a-w- c:\windows\system32\d3dx10_41.dll
2011-04-27 22:31 . 2009-03-09 13:27 453456 ----a-w- c:\windows\SysWow64\d3dx10_41.dll
2011-04-27 22:31 . 2009-03-09 13:27 4178264 ----a-w- c:\windows\SysWow64\D3DX9_41.dll
2011-04-27 22:31 . 2009-03-09 13:27 2430312 ----a-w- c:\windows\system32\D3DCompiler_41.dll
2011-04-27 22:31 . 2009-03-09 13:27 1846632 ----a-w- c:\windows\SysWow64\D3DCompiler_41.dll
2011-04-27 22:31 . 2009-03-16 12:18 521560 ----a-w- c:\windows\system32\XAudio2_4.dll
2011-04-27 22:31 . 2009-03-16 12:18 517448 ----a-w- c:\windows\SysWow64\XAudio2_4.dll
2011-04-27 22:31 . 2009-03-16 12:18 235352 ----a-w- c:\windows\SysWow64\xactengine3_4.dll
2011-04-27 22:31 . 2009-03-16 12:18 174936 ----a-w- c:\windows\system32\xactengine3_4.dll
2011-04-27 22:31 . 2007-04-04 16:54 107368 ----a-w- c:\windows\system32\xinput1_3.dll
2011-04-27 22:30 . 2008-03-05 13:56 3786760 ----a-w- c:\windows\SysWow64\D3DX9_37.dll
2011-04-27 22:30 . 2008-03-05 13:56 1420824 ----a-w- c:\windows\SysWow64\D3DCompiler_37.dll
2011-04-27 22:30 . 2008-02-05 21:07 462864 ----a-w- c:\windows\SysWow64\d3dx10_37.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-07 21:19 . 2011-04-07 21:19 849092 ----a-w- c:\windows\system32\nvcoproc.bin
2011-04-07 21:19 . 2011-04-07 21:19 797800 ----a-w- c:\windows\system32\nv3dappshext.dll
2011-04-07 21:19 . 2011-04-07 21:19 61032 ----a-w- c:\windows\system32\nvshext.dll
2011-04-07 21:19 . 2011-04-07 21:19 53864 ----a-w- c:\windows\system32\nv3dappshextr.dll
2011-04-07 21:19 . 2011-04-07 21:19 318056 ----a-w- c:\windows\system32\nvhotkey.dll
2011-04-07 21:19 . 2011-04-07 21:19 2582120 ----a-w- c:\windows\system32\nvsvcr.dll
2011-04-07 21:19 . 2011-04-07 21:19 117864 ----a-w- c:\windows\system32\nvmctray.dll
2011-04-07 21:19 . 2011-04-07 21:19 1012328 ----a-w- c:\windows\system32\nvvsvc.exe
2011-04-07 21:19 . 2011-04-07 21:19 797288 ----a-w- c:\windows\system32\easyUpdatusAPIU64.dll
2011-04-07 21:19 . 2011-04-07 21:19 6338152 ----a-w- c:\windows\system32\nvcpl.dll
2011-04-07 21:18 . 2011-04-07 21:18 3041384 ----a-w- c:\windows\system32\nvsvc64.dll
2011-03-11 06:19 . 2011-04-23 18:30 1395712 ----a-w- c:\windows\system32\mfc42.dll
2011-03-11 06:19 . 2011-04-23 18:30 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-11 05:40 . 2011-04-23 18:30 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-03-11 05:40 . 2011-04-23 18:30 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-03-08 06:14 . 2011-04-23 18:28 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-08 05:38 . 2011-04-23 18:28 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-03-04 06:17 . 2011-04-27 20:48 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:17 . 2011-04-27 20:48 347648 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 06:17 . 2011-04-23 18:28 182272 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-03-03 06:14 . 2011-04-23 18:28 30208 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-03-03 05:27 . 2011-04-23 18:28 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2011-03-03 03:58 . 2011-04-23 18:30 3133440 ----a-w- c:\windows\system32\win32k.sys
2011-02-24 06:30 . 2011-04-23 18:30 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-24 06:29 . 2011-04-23 18:30 1197056 ----a-w- c:\windows\system32\wininet.dll
2011-02-24 06:24 . 2011-04-23 18:30 57856 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-24 05:32 . 2011-04-23 18:30 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-02-24 05:32 . 2011-04-23 18:30 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2011-02-24 05:30 . 2011-04-23 18:30 44544 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-02-24 05:05 . 2011-04-23 18:30 482816 ----a-w- c:\windows\system32\html.iec
2011-02-24 04:24 . 2011-04-23 18:30 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-02-24 04:23 . 2011-04-23 18:30 386048 ----a-w- c:\windows\SysWow64\html.iec
2011-02-24 03:50 . 2011-04-23 18:30 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-02-23 05:16 . 2011-04-23 18:30 461312 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-23 05:16 . 2011-04-23 18:30 401920 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-02-23 05:15 . 2011-04-23 18:30 161792 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-02-23 05:15 . 2011-04-23 18:27 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-23 05:15 . 2011-04-23 18:27 286720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-02-23 05:15 . 2011-04-23 18:27 126464 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-02-23 05:15 . 2011-04-23 18:27 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 02:40 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-05-27 337264]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-03-11 201584]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-03-11 407920]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-06-28 265984]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
WinZip Quick Pick.lnk - c:\program files (x86)\WinZip\WZQKPICK.EXE [2011-4-26 118784]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-05-27 305520]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-01-14 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 868896]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-28 255744]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Audio schermo Intel(R);c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
.
.
Contenuto della cartella 'Scheduled Tasks'
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 02:42 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-05-27 349552]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-23 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-23 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-23 415256]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-06-11 861216]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-14 2918656]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-10-01 825184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Scansione supplementare -------
.
uStart Page = hxxp://google.it/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://acer.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&sporta in Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
FF - ProfilePath - c:\users\utente\AppData\Roaming\Mozilla\Firefox\Profiles\wcmjcmde.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-PoService - (no file)
Toolbar-Locked - (no file)
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-Camfrog 6.0 - c:\program files (x86)\Camfrog\Camfrog Video Chat\uninstall.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_bc2.exe
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\S-1-5-21-3548562891-742439777-3493024692-1001\Software\SecuROM\License information*]
"datasecu"=hex:3d,16,f0,60,92,af,56,3b,6a,4a,66,9f,f7,dc,d4,73,6a,4e,02,2f,26,
ca,c6,d0,32,7c,ea,24,40,8d,2d,5f,74,31,1a,32,80,f2,df,15,e2,1c,48,a5,71,2c,\
"rkeysecu"=hex:ba,0d,22,27,fd,b9,f9,4f,be,0f,70,c0,26,e0,23,75
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Ora fine scansione: 2011-05-23 23:04:40
ComboFix-quarantined-files.txt 2011-05-23 21:04
.
Pre-Run: 418.164.920.320 byte disponibili
Post-Run: 418.707.255.296 byte disponibili
.
- - End Of File - - C67DBDBB9472634BFBE1C14F5E2F407C

[hydra]

Questo l'hai letto?
In ogni caso se hai problemi di virus o cose simili software windows non è la sezione giusta. Sposto.

[Riverside]

Premesso che il fai da te, raramente paga, approfondiamo la cosa (dal log di Hijackthis emergono alcuni problemi).

Disinstalla Combofix: scarica, sul desktop, OTC by OldTimer: clicca qui per il download
● doppio clic sulla icona per eseguirlo
● clicca su CleanUP
● clicca su Yes e nuovamente su Yes
● riavvia il sistema, e tutti gli eventuali log salvati sul desktop

Disinstalla Hijackthis (è una versione superata) e scarica ed installa la versione più recente: clicca qui per il download

Una volta installato Hijackthis, esegui uno scan, salva il log ed allegalo.

Per allegare il log (questo e tutti gli altri che verranno richiesti), utilizza questo servizio di upload: clicca qui per wikisend
e, pubblica il Forumlink che verrà rilasciato dopo il caricamento del file.

[parananza]

Salve, dunque, utilizzando quel programma, le cose sono nettamente peggiorate, al riavvio di sistema, windows, non partiva più, dunque, è apparsa una schermata, che ha ripristinato i files per l'avvio di windows, ok, windows è ripartito, ma ancora piu' lento di ieri, ora fatica ad aprire qualsiasi programma, e continua a caricare all'infinito, spia di caricamento accesa e fissa.
Ora, sono su internet in modalità provvisoria, ho provato pure a masterizzare i dvd per poter al limite eseguire una formattazione, ma haime, anche questa procedura ha avuto pessimo esito, risultato: Ho buttato via 3 dvd..
Ora hijackthis, in modalità provvisoria non lo posso installare, pero' posso postare l'hijackthis del programma advanced spyware remover, che postero' qui di seguito.
Mi scuso per aver sbagliato sessione, ma non ho potuto bene eggere tutto, regolamento, etc, proprio perchè ho questo problema che mi rallenta il computer.

[parananza]

Report.log
Questo è il log di hijackthis

[Riverside]

Salve, dunque, utilizzando quel programma, le cose sono nettamente peggiorate, al riavvio di sistema, windows, non partiva più, dunque, è apparsa una schermata, che ha ripristinato i files per l'avvio di windows, ok, windows è ripartito, ma ancora piu' lento di ieri, ora fatica ad aprire qualsiasi programma, e continua a caricare all'infinito, spia di caricamento accesa e fissa.

Riuscire a provocare maggiori danni di quelli già presenti sono le conseguenze del fai da te.

Il computer è un fisso o un portatile?.

In ogni caso (visto che non hai neppure creato, a suo tempo, i DVD di ripristino), al riavvio premi il tasto F11: dovrebbe farti accedere alla Console di recovery del sistema (è una utility fornita dal produttore).

Se ti fa accedere alla Console, segui la procedura per ripristinare il sistema alle condizioni di fabbrica, senza backup dei dati (praticamente, il computer verrà riportato alle stesse condizioni in cui era quando lo hai acquistato).

Una volta eseguito il ripristino, per prima cosa crea i DVD di ripristino e dopo averli creati, dovrai riscaricare tutti gli aggiornamenti di sistema disponibili da Winodws Update e, ovviamente, reinstallare tutti gli eventuali programmi che avevi installato.

P.S. 1: visto che hai la possibilità di accedere al sistema in modalità provvisoria, prima di eseguire il ripristino salvati tutti i dati che servono (musica, video, documenti).

P.S. 2: se la console non parte da F11, al riavvio premi il tasto F8 (la funzione per accedere in modalità provvisoria): nella schermata che ti verrà proposta, dovresti trovare, alla prima voce, una cosa come "Ripristino" o "Ripristina sistema": lancia la console da li.

[parananza]

Allora formatto, sigh, sto salvando tutto quello di cui necessito, ma a questa velocità, per 20 giga, ci mette 15 ore!!!
Che noia! Sbagliando si impara, dai..Comunque grazie a tutti, dopo che avro' formattato, vi diro' come funziona! Ciao!

[parananza]

Eccomi ancora qui, sono riuscito, con non poche difficoltà, a rimediare una copia di win 7, a formattare c: e a reinstallare il s.o. .
Ecco il problema è che nonostante tutte queste cose,il pc continua ad avere la spia hdd perennemente accesa, a lavorare malissimo, e con la tendenza ad inchiodarsi con i file.exe.
Cosa devo fare? Butto via l'hdd e ne acquisto un altro?
La cosa strana, è che a volte ha degli esploit, durante i quali funziona tutto benissimo, il problema è che sono, rari e brevi.
Ho notato che ho una partizione disco chiamata System Reserved, se la apro, questa partizione è vuota, e mi è pure impossibile eliminarla, perchè dice di avere un processo in esecuzione..
Come cancello questa partizione, ho paura che il virus sia li dentro.
Inoltre l'antivirus non rileva minacce alcune.
Cosa Consigliate?

[winbet]

Hai provato a vedere se l'hard disk è danneggiato?...

[parananza]

Si, ho provato con hd tune, ho fatto una scansione ed ha trovato solo 3 cluster rossi, percio' non penso sia quello il problema, la temperatura è un po' elevata, sui 40°, pero' è normale dato che lavora continuamente.
con un altro programma, pero' ho notato il fatto che vengono create e cancellate cartelle e files in continuazione in questa directory: C:\Users\Tommy\AppData\Roaming\Mozilla\Firefox\Pro files\7tlzec1x.default
Inoltre molte icone programmi spariscono dal desktop e gli exe pure, cioè ho il pc praticamente vergine, e alcuni programmi, proprio scompaiono letteralmente, cioè la cartella c'e', ma manca l'exe.
Addirittura tutti gli addons di firefox, sono scomparsi, e pure aero, va e non và.

[parananza]

Ho notato, or ora, utilizzando Currports, di avere tra le 40 e le 50 porte tcp aperte, alcune connesse, altre no, la maggior parte dice siano utilizzate da windows, mentre una quindicina, sono di dubbia provenienza, tutte quelle associate a firefox, riportano l'host www.007guard.com ora sto scansionando con sasser worm fix tool, inoltre sto scaricando un Zone alarm firewall, il problema è che tutto il carico non è relativo alla cpu, ma tutto sull'hdd, quindi dovrebbe esserci qualche connessione strana, che lo tiene costantemente impegnato, attaccandomi, o trasferendo files...