www.MegaLab.it

da **loomis94** » sab nov 26, 2011 5:20 pm

ciao, ho rilevato dei problemi inerinti il funzionamento del mio pc. i problemi riscontrati sono i seguenti:
- utilizzo spropositato della cpu anche quanto non sto utilizzando il pc;
- temperature interne della macchina molto elevate;
- arresto improvviso del pc mentre provo a giocare con un qualsiasi videogioco con una grafica avanzata(forse a causa della temperatura estrema che raggiunge il pc in questi casi);
- ho già provato a formattare quando ha iniziato con questi problemi e il risultato è che adesso si è aggiunto l arresto in game.
- speedfan mi segnala una temperatura di ca 80 gradi con un utilizzo quasi nullo;
- combofix, mdr.exe li ho provati e non danno nulla;
-

ComboFix 11-11-26.02 - thomas 26/11/2011 16:20:32.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.39.1040.18.4063.2413 [GMT 1:00]
Eseguito da: d:\thomas\setup\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Creato nuovo punto di ripristino
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\thomas\AppData\Local\Temp\sfamcc00001.dll
c:\users\thomas\AppData\Local\Temp\sfareca00001.dll
C:\WinLogon
c:\winlogon\F7D49D3FBA4A42F
.
.
((((((((((((((((((((((((( Files Creati Da 2011-10-26 al 2011-11-26 )))))))))))))))))))))))))))))))))))
.
.
2011-11-26 15:25 . 2011-11-26 15:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-26 15:00 . 2011-11-26 15:00 -------- d-----w- c:\program files (x86)\SpeedFan
2011-11-25 17:44 . 2011-11-25 17:44 -------- d-----w- c:\program files (x86)\FreeTime
2011-11-25 14:29 . 2011-11-25 14:29 -------- d-----w- c:\programdata\ATI
2011-11-25 14:27 . 2011-11-25 14:27 -------- d-----w- c:\program files (x86)\ATI Technologies
2011-11-25 14:27 . 2011-11-25 14:29 -------- d-----w- c:\program files\ATI Technologies
2011-11-25 14:26 . 2011-11-25 14:26 -------- d-----w- c:\program files\ATI
2011-11-25 14:18 . 2009-06-24 21:59 160768 ----a-w- c:\windows\system32\AESTAC64.dll
2011-11-25 14:18 . 2009-05-20 21:57 436224 ----a-w- c:\windows\system32\AESTEC64.dll
2011-11-25 14:17 . 2011-11-25 14:26 -------- d-----w- C:\SWsetup
2011-11-25 14:07 . 2011-11-25 14:07 -------- d-----w- c:\programdata\Easy Driver Pro
2011-11-24 21:31 . 2011-11-24 21:31 -------- d-----w- c:\program files (x86)\Microsoft Chart Controls
2011-11-24 21:31 . 2010-06-02 03:55 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2011-11-24 21:31 . 2010-06-02 03:55 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_5.dll
2011-11-24 21:31 . 2010-06-02 03:55 527192 ----a-w- c:\windows\SysWow64\XAudio2_7.dll
2011-11-24 21:31 . 2010-06-02 03:55 518488 ----a-w- c:\windows\system32\XAudio2_7.dll
2011-11-24 21:31 . 2010-05-26 10:41 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2011-11-24 21:31 . 2010-05-26 10:41 2106216 ----a-w- c:\windows\SysWow64\D3DCompiler_43.dll
2011-11-24 21:31 . 2010-05-26 10:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll
2011-11-24 21:31 . 2010-05-26 10:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll
2011-11-24 21:31 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll
2011-11-24 21:31 . 2010-05-26 10:41 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll
2011-11-24 21:31 . 2010-02-04 09:01 24920 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2011-11-24 21:30 . 2011-11-24 21:30 -------- d-----w- C:\UDK
2011-11-22 17:58 . 2011-11-24 20:01 -------- d-----w- c:\program files (x86)\JDownloader
2011-11-22 16:09 . 2011-11-22 16:10 -------- d-----w- c:\program files (x86)\Notepad++
2011-11-20 20:27 . 2011-11-24 16:36 -------- d-----w- c:\windows\system32\appmgmt
2011-11-20 20:16 . 2011-11-21 14:06 -------- d-----w- c:\program files (x86)\Common Files\Steam
2011-11-20 20:16 . 2011-11-26 15:28 -------- d-----w- c:\program files (x86)\Steam
2011-11-15 16:24 . 2011-11-15 16:24 -------- d-----w- c:\program files (x86)\OpenOffice.org 3
2011-11-15 16:24 . 2011-11-15 16:24 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-11-15 16:24 . 2011-11-15 16:24 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-11-15 16:24 . 2011-11-15 16:24 -------- d-----w- c:\program files (x86)\Java
2011-11-12 15:13 . 2011-11-12 15:13 -------- d-----w- c:\programdata\Nexon
2011-11-12 14:36 . 2011-11-12 14:37 -------- d-----w- C:\Dev-Cpp
2011-11-12 14:05 . 2011-11-25 17:31 -------- d-----w- C:\Download
2011-11-12 14:01 . 2011-11-12 14:01 446464 ----a-w- c:\windows\NEXON_EU_DownloaderUpdater.exe
2011-11-12 14:01 . 2011-11-12 14:01 235 ----a-w- c:\windows\SysWow64\nxEuUninstall.bat
2011-11-11 20:27 . 2011-11-11 20:27 -------- d-----w- c:\programdata\VS
2011-11-11 20:19 . 2011-11-11 20:19 -------- d-----w- c:\program files\Microsoft Synchronization Services
2011-11-11 20:19 . 2011-11-11 20:19 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2011-11-11 20:19 . 2011-11-11 20:19 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2011-11-11 20:19 . 2011-11-11 20:19 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-11-11 20:18 . 2011-11-11 20:50 113664 ----a-w- c:\programdata\Microsoft\VCExpress\10.0\1040\ResourceCache.dll
2011-11-11 06:11 . 2009-07-14 01:41 101376 ----a-w- c:\windows\system32\Spool\prtprocs\x64\HPZPPWN7.DLL
2011-11-10 21:29 . 2011-11-10 21:29 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-11-08 23:18 . 2008-07-12 07:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2011-11-08 23:17 . 2011-11-08 23:17 -------- d-----w- c:\program files (x86)\Microsoft Expression
2011-11-08 23:17 . 2011-11-08 23:17 -------- d-----w- c:\program files (x86)\WPF Toolkit
2011-11-08 23:10 . 2010-02-04 09:01 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_4.dll
2011-11-08 23:10 . 2010-02-04 09:01 528216 ----a-w- c:\windows\SysWow64\XAudio2_6.dll
2011-11-08 23:10 . 2010-02-04 09:01 238936 ----a-w- c:\windows\SysWow64\xactengine3_6.dll
2011-11-08 23:10 . 2010-02-04 09:01 22360 ----a-w- c:\windows\SysWow64\X3DAudio1_7.dll
2011-11-08 23:10 . 2009-03-09 14:27 4178264 ----a-w- c:\windows\SysWow64\D3DX9_41.dll
2011-11-08 23:07 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll
2011-11-08 23:05 . 2011-11-08 23:05 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2011-11-08 23:04 . 2011-11-08 23:04 -------- d-----w- c:\program files (x86)\Microsoft XNA
2011-11-08 23:02 . 2011-11-08 23:02 194464 ----a-w- c:\programdata\Microsoft\VPDExpress\10.0\1040\ResourceCache.dll
2011-11-08 22:58 . 2011-11-08 22:59 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2011-11-08 22:51 . 2011-11-20 21:13 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 10.0
2011-11-08 22:48 . 2011-11-08 22:48 -------- d-----w- c:\program files (x86)\Microsoft XDE
2011-11-08 22:48 . 2009-09-04 16:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2011-11-08 22:48 . 2009-09-04 16:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-11-08 22:47 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\SysWow64\D3DCompiler_42.dll
2011-11-08 22:47 . 2009-09-04 16:29 2582888 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2011-11-08 22:47 . 2011-11-08 22:47 -------- d-----w- c:\windows\symbols
2011-11-08 22:47 . 2011-11-11 20:27 -------- d-----w- c:\program files (x86)\Microsoft SDKs
2011-11-08 22:47 . 2011-11-08 22:47 -------- d-----w- c:\program files\Microsoft Visual Studio 10.0
2011-11-08 22:47 . 2011-11-08 22:47 -------- d-----w- c:\program files\Microsoft Help Viewer
2011-11-08 22:39 . 2011-11-08 22:39 -------- d-----w- c:\windows\PCHEALTH
2011-11-08 21:42 . 2011-11-24 16:37 -------- d-----w- C:\Python27
2011-11-08 21:10 . 2011-11-08 21:10 -------- d-----r- c:\program files (x86)\Skype
2011-11-08 21:10 . 2011-11-08 21:10 -------- d-----w- c:\programdata\Skype
2011-11-06 17:51 . 2007-07-19 23:57 411496 ----a-w- c:\windows\system32\xactengine2_9.dll
2011-11-06 17:35 . 2007-04-04 17:53 81768 ----a-w- c:\windows\SysWow64\xinput1_3.dll
2011-11-06 17:35 . 2007-03-15 15:57 443752 ----a-w- c:\windows\SysWow64\d3dx10_33.dll
2011-11-06 17:35 . 2007-03-12 15:42 1123696 ----a-w- c:\windows\SysWow64\D3DCompiler_33.dll
2011-11-06 17:35 . 2007-03-12 15:42 3495784 ----a-w- c:\windows\SysWow64\d3dx9_33.dll
2011-11-06 17:34 . 2011-11-06 17:34 -------- d-----w- c:\windows\SysWow64\xlive
2011-11-06 17:33 . 2011-11-06 17:33 -------- d-----w- c:\program files (x86)\Common Files\InstallShield
2011-11-06 17:29 . 2011-11-06 17:29 270912 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-11-06 17:28 . 2011-11-06 17:29 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2011-11-06 17:28 . 2011-11-06 17:28 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-11-06 17:11 . 2011-11-06 17:11 -------- d-----w- c:\windows\system32\Macromed
2011-11-06 17:09 . 2011-11-06 17:09 -------- d-----w- c:\programdata\McAfee
2011-11-06 16:55 . 2011-11-25 14:17 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2011-11-06 16:53 . 2011-11-06 16:53 -------- d-----w- c:\program files (x86)\SharpDevelop
2011-11-06 16:35 . 2011-11-06 16:50 1113 ----a-w- C:\bin64
2011-11-06 16:35 . 2011-11-06 16:50 1113 ----a-w- C:\bin32
2011-11-06 16:34 . 2010-09-22 23:06 81920 ----a-w- c:\windows\SysWow64\GkSui20.EXE
2011-11-06 16:09 . 2011-11-08 23:00 -------- d-----w- c:\program files (x86)\Microsoft.NET
2011-11-06 16:06 . 2009-11-25 11:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2011-11-06 16:06 . 2009-11-25 11:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2011-11-06 16:06 . 2009-11-25 11:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2011-11-06 16:06 . 2009-11-25 11:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2011-11-06 16:06 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2011-11-06 16:06 . 2009-11-25 11:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-11-06 16:06 . 2009-11-25 11:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2011-11-06 16:06 . 2009-11-25 11:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2011-11-06 16:06 . 2009-11-25 11:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2011-11-06 16:06 . 2009-11-25 11:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2011-11-06 15:59 . 2011-11-06 16:00 -------- d-----w- c:\programdata\IMinent
2011-11-06 15:59 . 2011-11-06 15:59 -------- d-----w- c:\program files (x86)\Windows Live
2011-11-06 15:59 . 2011-11-06 17:13 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-06 15:59 . 2011-11-06 15:59 -------- d-----w- c:\windows\SysWow64\Macromed
2011-11-06 15:57 . 2011-10-11 14:00 27760 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2011-11-06 15:57 . 2011-10-11 14:00 97312 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-11-06 15:57 . 2011-10-11 14:00 130760 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-11-06 15:57 . 2011-11-06 15:57 -------- d-----w- c:\programdata\Avira
2011-11-06 15:57 . 2011-11-06 15:57 -------- d-----w- c:\program files (x86)\Avira
2011-11-06 15:26 . 2011-11-25 15:35 -------- d-sh--w- c:\windows\Installer
2011-11-06 15:16 . 2011-10-18 01:27 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{272FDDEB-0BA3-4AEA-90C9-07571D1882FD}\mpengine.dll
2011-11-06 15:16 . 2011-05-24 18:14 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-11-06 12:05 . 2011-11-20 20:16 -------- d-----w- c:\users\thomas
2011-11-05 23:16 . 2011-11-05 23:16 0 ----a-w- c:\windows\ativpsrm.bin
2011-11-05 23:11 . 2011-11-06 12:04 -------- d-----w- c:\windows\Panther
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-15 16:04 . 2011-09-15 16:04 8024 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\10.0\SDKFilesVer.dll
2011-09-15 16:04 . 2011-09-15 16:04 8024 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\10.0\addons\NonSDKAddonVer.dll
2011-09-15 16:04 . 2011-09-15 16:04 8024 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\10.0\1040\NonSDKAddonLangVer.dll
2011-09-15 16:04 . 2011-09-15 16:04 8024 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\10.0\1033\NonSDKAddonLangVer.dll
2011-09-15 16:04 . 2011-09-15 16:04 8016 ----a-w- c:\programdata\Microsoft\Phone Tools\CoreCon\10.0\addons\WPSDKVer.dll
2011-08-29 21:12 . 2011-08-29 21:12 295272 ----a-w- c:\windows\system32\drivers\VMM.sys
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-10-13 17351304]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2011-11-20 1242448]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-10-11 258512]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-02 98304]
.
c:\users\thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [2009-03-01 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-10-11 86224]
S3 RTL8167;Driver Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-07-21 450048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Scansione supplementare -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.iminent.com/?appId=CF3525 ... EC91AEDDCA
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
FF - ProfilePath - c:\users\thomas\AppData\Roaming\Mozilla\Firefox\Profiles\0m7khnt1.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
URLSearchHooks-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
BHO-{58124A0B-DC32-4180-9BFF-E0E21AE34026} - c:\program files (x86)\IMinent Toolbar\tbcore3.dll
BHO-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
Toolbar-{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - c:\program files (x86)\IMinent Toolbar\tbcore3.dll
Wow6432Node-HKCU-Run-PlayNC Launcher - (no file)
Wow6432Node-HKCU-Run-KPeerNexonEU - c:\nexon\NEXON_EU_Downloader\nxEULauncher.exe
Wow6432Node-HKLM-Run-IMBooster - c:\program files (x86)\Iminent\IMBooster\imbooster.exe
WebBrowser-{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)
AddRemove-MondoAion Launcher - c:\windows\system32\GKSUI20.EXE
AddRemove-{AC2C1BDB-1E91-4F94-B99C-E716FE2E9C75}_is1 - c:\mingw\unins000.exe
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.bin
c:\program files (x86)\Common Files\Steam\SteamService.exe
.
**************************************************************************
.
Ora fine scansione: 2011-11-26 16:33:01 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2011-11-26 15:33
.
Pre-Run: 8.352.108.544 byte disponibili
Post-Run: 9.322.569.728 byte disponibili
.
- - End Of File - - ED6E5BE887DDE0061E320F632D438CC0

questo è il log di combofix;
- questo invece quello di mbr:

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7600

device: opened successfully
user: error reading MBR
error: Read Handle non valido.
kernel: error reading MBR

.
cosa suggerite per risolvere il problema?cosa potrebbe essere?rispondete in molti e vi ringrazio in anticipo per l aiuto.

da **crazy.cat** » sab nov 26, 2011 5:27 pm

loomis94 ha scritto:- temperature interne della macchina molto elevate;
- arresto improvviso del pc mentre provo a giocare con un qualsiasi videogioco con una grafica avanzata(forse a causa della temperatura estrema che raggiunge il pc in questi casi);

Direi di cominciare ad aprire il pc, pulirlo e controllare che le ventole girino bene.
(prima che succeda di peggio...)

da **sondlive07** » sab nov 26, 2011 5:39 pm

secondo questo articolo http://www.MegaLab.it/6360/guida-alla-rimozione-dei-bootkit il log di mbr.exe dovrebbe essere cosi :

Device: opened successfully
User: MBR read successfully
Kernel: MBR read successfully
User & kernel MBR OK

ti consiglio la lettura [^]

da **loomis94** » sab nov 26, 2011 6:16 pm

crazy.cat ha scritto:
loomis94 ha scritto:- temperature interne della macchina molto elevate;
- arresto improvviso del pc mentre provo a giocare con un qualsiasi videogioco con una grafica avanzata(forse a causa della temperatura estrema che raggiunge il pc in questi casi);

Direi di cominciare ad aprire il pc, pulirlo e controllare che le ventole girino bene.
(prima che succeda di peggio...)

le ventole mi pare che funzionano visto che fa molto rumore il pc...ed esce aria dalle prese...però forse posso provare lo stesso a dare un occhiata ^^

da **loomis94** » sab nov 26, 2011 6:51 pm

per fare un esempio....la temperatura base dopo 2 ore di completa inattività del pc la temperatura è 50 30 30(cpu core0 core1)...dopo 10 minuti di unreal turnament 3 la temperatura è 85 78 77 o.O
sono veramente dispiaciuto di questa cosa perché sono fan dei videogiochi e non poter giocare...grrrr...

da **Uomo_Senza_Sonno** » sab nov 26, 2011 8:40 pm

Fai un controllo con il tool indicato nell'articolo già segnalato (bootkit remover), e controlla lo status del MBR; lo Stealth Rootkit Detector non legge nei sistemi x64, ma questo si.

In più, un'accurata pulizia (magari periodica) di tutte le componenti hardware sicuramente non fa altro che bene [^]

www.MegaLab.it

rootkit?

rootkit?

Re: rootkit?

Re: rootkit?

Re: rootkit?

Re: rootkit?

Re: rootkit?

Chi c’è in linea