era da parecchio mi pare che non postavo in questa sezione... per fortuna ho prestato il notebook a mio cugino che mi ha prontamente permesso di rimediare...
Andiamo al dunque: è da ieri che il portatile è diventato in generale un po' più lento (anche se non molto) e soprattutto pare avere seri problemi con i file multimediali. Basta semplicemente tentare di aprire un video per impallare totalmente il sistema (Vista Home Premium) al punto che non risponde nemmeno al Ctrl+Alt+Canc e l'unica cosa da fare è staccare la batteria visto che non funziona nemmeno il tasto di spegnimento
Il problema è indipendente dal player usato (WMP, Media Player Classic, ecc...) e si presenta sempre... ho provato a fare un po' di pulizia con CCleaner e scansioni con Antivir e Spybot S&D ma il risultato è stato deludente... ecco i log
Antivir
AntiVir/Win32-Console Version 7.6.0.59, (Jan 29 2008, 18:11:09)
Copyright(c) 2007 Avira GmbH
Report created on 01/13/2009 12:20:57
Command line: -allhard -alltypes -s -z -r1 -rs -rfC:\Users\AMMINI~1\AppData\Local\Temp\minivir.log
-heuristic:2 -defext -del -qua-copy C:\quarantena
AVPack-Version: 7.6.1.12
VDF version: 7.1.1.100 - FUP(0), created 01/12/2009
AVCLS license: 1103153519 for xxx xxx
Drives:
C: Harddisk
D: Harddisk
E: CDROM
checking the master boot record of drive 80h
ERROR (131): cannot read record
checking the boot record of drive C:
checking the boot record of drive D:
checking drive/path (list): C:\
C:\hiberfil.sys
Date: 13.01.2009 Time: 11:15:52 Size: 3212042240
ERROR: could not open file for read access
file was not scanned at all!
C:\pagefile.sys
Date: 13.01.2009 Time: 11:15:52 Size: 3525967872
ERROR: could not open file for read access
file was not scanned at all!
C:\Users\Amministratore\NTUSER.DAT
Date: 13.01.2009 Time: 11:20:30 Size: 4718592
ERROR: could not open file for read access
file was not scanned at all!
C:\Users\Amministratore\AppData\Local\Microsoft\Windows\UsrClass.dat
Date: 13.01.2009 Time: 11:20:20 Size: 2359296
ERROR: could not open file for read access
file was not scanned at all!
C:\Windows\bthservsdp.dat
Date: 11.01.2009 Time: 23:25:26 Size: 12
ERROR: could not open file for read access
file was not scanned at all!
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
Date: 13.01.2009 Time: 11:18:14 Size: 262144
ERROR: could not open file for read access
file was not scanned at all!
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
Date: 13.01.2009 Time: 11:16:02 Size: 2048
ERROR: could not open file for read access
file was not scanned at all!
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
Date: 13.01.2009 Time: 11:16:02 Size: 2048
ERROR: could not open file for read access
file was not scanned at all!
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
Date: 13.01.2009 Time: 11:18:10 Size: 262144
ERROR: could not open file for read access
file was not scanned at all!
checking drive/path (list): D:\
----- scan results -----
directories: 16073
files: 138530
alerts: 0
suspicious: 0
scan time: 00:19:39
--------------------------
Thank you for using AntiVir
Copyright(c) 2007 Avira GmbH
Report created on 01/13/2009 12:20:57
Command line: -allhard -alltypes -s -z -r1 -rs -rfC:\Users\AMMINI~1\AppData\Local\Temp\minivir.log
-heuristic:2 -defext -del -qua-copy C:\quarantena
AVPack-Version: 7.6.1.12
VDF version: 7.1.1.100 - FUP(0), created 01/12/2009
AVCLS license: 1103153519 for xxx xxx
Drives:
C: Harddisk
D: Harddisk
E: CDROM
checking the master boot record of drive 80h
ERROR (131): cannot read record
checking the boot record of drive C:
checking the boot record of drive D:
checking drive/path (list): C:\
C:\hiberfil.sys
Date: 13.01.2009 Time: 11:15:52 Size: 3212042240
ERROR: could not open file for read access
file was not scanned at all!
C:\pagefile.sys
Date: 13.01.2009 Time: 11:15:52 Size: 3525967872
ERROR: could not open file for read access
file was not scanned at all!
C:\Users\Amministratore\NTUSER.DAT
Date: 13.01.2009 Time: 11:20:30 Size: 4718592
ERROR: could not open file for read access
file was not scanned at all!
C:\Users\Amministratore\AppData\Local\Microsoft\Windows\UsrClass.dat
Date: 13.01.2009 Time: 11:20:20 Size: 2359296
ERROR: could not open file for read access
file was not scanned at all!
C:\Windows\bthservsdp.dat
Date: 11.01.2009 Time: 23:25:26 Size: 12
ERROR: could not open file for read access
file was not scanned at all!
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
Date: 13.01.2009 Time: 11:18:14 Size: 262144
ERROR: could not open file for read access
file was not scanned at all!
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
Date: 13.01.2009 Time: 11:16:02 Size: 2048
ERROR: could not open file for read access
file was not scanned at all!
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
Date: 13.01.2009 Time: 11:16:02 Size: 2048
ERROR: could not open file for read access
file was not scanned at all!
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
Date: 13.01.2009 Time: 11:18:10 Size: 262144
ERROR: could not open file for read access
file was not scanned at all!
checking drive/path (list): D:\
----- scan results -----
directories: 16073
files: 138530
alerts: 0
suspicious: 0
scan time: 00:19:39
--------------------------
Thank you for using AntiVir
MBR
Stealth MBR rootkit detector 0.2.4 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
HijackThis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14.53.33, on 13/01/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16757)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
D:\Programmi\Grafica\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
D:\Programmi\Utility\RocketDock\RocketDock.exe
D:\Programmi\Internet\Browser\Opera\Opera 9.6\opera.exe
C:\Windows\explorer.exe
D:\Programmi\Sicurezza\HiJackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SICURE~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
O4 - HKLM\..\Run: [Corel File Shell Monitor] D:\Programmi\Grafica\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
O4 - HKLM\..\Run: [Babylon Client] D:\Programmi\Babylon\Babylon.exe -AutoStart
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Translate with &Babylon - res://D:\Programmi\Babylon\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SICURE~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SICURE~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
--
End of file - 5758 bytes
Scan saved at 14.53.33, on 13/01/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16757)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
D:\Programmi\Grafica\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
D:\Programmi\Utility\RocketDock\RocketDock.exe
D:\Programmi\Internet\Browser\Opera\Opera 9.6\opera.exe
C:\Windows\explorer.exe
D:\Programmi\Sicurezza\HiJackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SICURE~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
O4 - HKLM\..\Run: [Corel File Shell Monitor] D:\Programmi\Grafica\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
O4 - HKLM\..\Run: [Babylon Client] D:\Programmi\Babylon\Babylon.exe -AutoStart
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Translate with &Babylon - res://D:\Programmi\Babylon\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SICURE~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SICURE~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
--
End of file - 5758 bytes
Cosa c'è che non va?