Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

Vari problemi con windows seven

Problemi con i sistemi operativi di casa Microsoft? Questa è la sezione che fa per te!

Vari problemi con windows seven

Messaggioda r4iv3n » ven mag 07, 2010 5:10 pm

Salve a tutti, vi scrivo perché ho dei problemi con il mio sistema operativo a cui non riesco a trovare una soluzione:

1- è da 2-3 settimane che il computer va lento, sembra quasi ovattato;
2- non so il perché ma ogni tanto non mi visualizza più nessun flusso streaming (youtube, megavideo etc.) e non va nemmeno jdownloader, il problema persiste finchè non riavvio il computer per poi sparire;
3- il computer parla, casualmente dalle casse viene riprodotto un suono, è una vocina che parla e dice qualcosa di simile a: "Oh my god, John Wayne" (non scherzo..mi sta dando ai nervi) questo avviene da un 3-4 settimane;

linko anche il post di Hijackthis, magari può essere utile

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:55:26, on 07/05/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\Ctxfihlp.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
C:\Program Files\Creative\Shared Files\CTSched.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Uniblue\PowerSuite\powersuite.exe
C:\Windows\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe
C:\Program Files\Java\jre6\bin\javaw.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Opera\opera.exe
C:\Users\Administrator\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [PSUNMain] "C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar
O4 - HKCU\..\Run: [CreativeTaskScheduler] "C:\Program Files\Creative\Shared Files\CTSched.exe" /logon
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\RunOnce: [PowerSuite] "C:\Program Files\Uniblue\PowerSuite\launcher.exe" delay 20000 -m
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO DI RETE')
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: Aggiungi ad Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: &Tastiera Virtuale - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: C&ontrollo URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: NanoServiceMain - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

--
End of file - 8500 bytes


Grazie mille [:)]
Avatar utente
r4iv3n
Neo Iscritto
Neo Iscritto
 
Messaggi: 6
Iscritto il: ven mag 07, 2010 4:47 pm

Re: Vari problemi con windows seven

Messaggioda sondlive07 » ven mag 07, 2010 5:48 pm

r4iv3n ha scritto:3- il computer parla, casualmente dalle casse viene riprodotto un suono, è una vocina che parla e dice qualcosa di simile a: "Oh my god, John Wayne" (non scherzo..mi sta dando ai nervi) questo avviene da un 3-4 settimane;


si sta lamentando con te, in altre parole ti sta dicendo : la finisci di fare min......ate !!!! [:D]
sto scherzando non te la prendere

pero vedo (spero di sbagliarmi) dal log di hijackthis che sono presenti voci che non ci devono essere
panda, kaspersky, mcafee
quanti antivirus hai ?????
Se fossi uno scultore ti scolpirei... Se fossi un cantautore ti canterei... Se fossi un pittore ti dipingerei... Ma sono solo un trombettista! [:)]
Avatar utente
sondlive07
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 2446
Iscritto il: mar feb 02, 2010 8:52 pm
Località: casa mia

Re: Vari problemi con windows seven

Messaggioda r4iv3n » ven mag 07, 2010 6:33 pm

:Ae: il mio PC mi vuole bene ç_ç hihihihihi

Allora gli antivirus sono Kaspersky Internet Security (antivirus+firewall), Panda Cloud antivirus (che sta messo a pennello accanto ad un antivirus normale) e McAfee sarebbe il Mcafee security scanner (che controlla solo se hai instalato i giusti software per proteggere il tuo pc) questo non lo volevo ma per fare di fretta quando ho installato Adobe flash player ho installato anche questo, ho provato a rimuoverlo ma delle traccie sono rimaste e nn riesco ad eliminarle, mi da sempre accesso negato.

Se servono altre info chiedete pure :)
Avatar utente
r4iv3n
Neo Iscritto
Neo Iscritto
 
Messaggi: 6
Iscritto il: ven mag 07, 2010 4:47 pm


Re: Vari problemi con windows seven

Messaggioda sondlive07 » ven mag 07, 2010 6:38 pm

che io sappia basta uno di antivirus
faresti bene a toglierli quelli 'in più' usando i 'tool' di rimozione specifici
Se fossi uno scultore ti scolpirei... Se fossi un cantautore ti canterei... Se fossi un pittore ti dipingerei... Ma sono solo un trombettista! [:)]
Avatar utente
sondlive07
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 2446
Iscritto il: mar feb 02, 2010 8:52 pm
Località: casa mia

Re: Vari problemi con windows seven

Messaggioda r4iv3n » ven mag 07, 2010 7:10 pm

2 antivirus "normali" andrebbero addirittura in conflitto tra di loro, ma qui parliamo di antivirus classico e uno con tecnologia cloud, si tratta di antivirus che lavorano con algoritmi e tecnologie diverse, utili insieme proprio perché permettono di complementarsi.

Per quanto riguarda McAfee, il tool specifico è una guida pdf che dice di rimuoverlo tramite lo strumento di rimozione proprio di windows, ma che cm detto mi da problemi.

tralasciando la questione antivirus, nessuno ha qualche idea per risolvere i miei problemi??

PS - Proprio per togliere dubbi, Panda è stato installato ieri, di sicuro non è lui a causarmi problemi.
Avatar utente
r4iv3n
Neo Iscritto
Neo Iscritto
 
Messaggi: 6
Iscritto il: ven mag 07, 2010 4:47 pm

Re: Vari problemi con windows seven

Messaggioda ste_95 » ven mag 07, 2010 7:27 pm

Fai comunque un giro di ComboFix.

Scarica ComboFix , salvandolo sul desktop con un nome di fantasia, ed esegui la scansione seguendo queste istruzioni (giù in fondo). Al termine della scansione verrà creato il file di report C:\combofix.txt, copia qui il suo contenuto inserendolo tra i tag LOG, in questo modo:
Codice: Seleziona tutto
[LOG]qui va inserito il log[/LOG]
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Re: Vari problemi con windows seven

Messaggioda sondlive07 » ven mag 07, 2010 7:45 pm

r4iv3n ha scritto:Per quanto riguarda McAfee, il tool specifico è una guida pdf che dice di rimuoverlo tramite lo strumento di rimozione proprio di windows, ma che come detto mi da problemi.


ma che guida pdf , quando dal panello di controllo hai disinstallato mcafee, dopo riavvia
poi scarica questo [url]http://download.mcafee.com/products/licensed/cust_support_patches/MCPR.exe
[/url]
salvalo sul desktop (che sarebbe il tool di rimozione) (esegui come amm) dopo riavvia (in questo modo hai tolto mcafee
Se fossi uno scultore ti scolpirei... Se fossi un cantautore ti canterei... Se fossi un pittore ti dipingerei... Ma sono solo un trombettista! [:)]
Avatar utente
sondlive07
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 2446
Iscritto il: mar feb 02, 2010 8:52 pm
Località: casa mia

Re: Vari problemi con windows seven

Messaggioda sondlive07 » ven mag 07, 2010 7:52 pm

Windows Vista o 7

1. Fare clic su Start, Cerca, digitare Programmi e funzionalità e fare clic su Vai.
2. Fare doppio clic su Programmi e funzionalità.
3. Selezionare il prodotto McAfee SecurityCenter.
4. Fare clic su Disinstalla e seguire le istruzioni.

Passaggio 2 - Scaricare ed eseguire MCPR.exe

1. Scaricare lo strumento di rimozione facendo clic sul seguente collegamento:

http://download.mcafee.com/products/lic ... s/MCPR.exe


2. Fare clic su Salva e salvare il file in una cartella del computer.
3. Aprire la cartella dove è stato salvato il file.
4. Accertarsi che tutte le finestre di McAfee siano chiuse.
5. Fare doppio clic su MCPR.exe per eseguire lo strumento di rimozione.

Nota: gli utenti di Windows Vista devono fare clic con il pulsante destro del mouse su MCPR.exe e selezionare Esegui come amministratore.


6. Riavviare il computer dopo aver ricevuto il messaggio CleanUp Successful (Pulizia riuscita).

Il prodotto McAfee non sarà completamente rimosso fino al riavvio del sistema.
ecco cosa dice mcafee
p.s anche se non ti dice cleanup successful (ma una schermata che ti chiede il riavvio per completare l'operazione) tu clicca su ok e riavvia
----------------------------
vai su questa pagina http://service.mcafee.com/FAQDocument.aspx?id=TS100507&lc=1040&pf=1
chiudi la finestra che ti dice stampa e poi puoi scaricare il tool
Se fossi uno scultore ti scolpirei... Se fossi un cantautore ti canterei... Se fossi un pittore ti dipingerei... Ma sono solo un trombettista! [:)]
Avatar utente
sondlive07
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 2446
Iscritto il: mar feb 02, 2010 8:52 pm
Località: casa mia

Re: Vari problemi con windows seven

Messaggioda r4iv3n » ven mag 07, 2010 8:58 pm

ste_95 ho scaricato combofix, ma durante la scompattazione degli archivi, Panda ha rilevato e rimosso 2 virus:

Evento Ulteriori dettagli Data/Ora Stato
File sospetto rilevato Posizione: C:\32788R22FWJFW\License\iexplore.exe 07/05/2010 21:42:29 Neutralizzato
File sospetto rilevato Posizione: C:\32788R22FWJFW\pev.exe 07/05/2010 21:42:29 Neutralizzato

Disattivo Panda e lo reinstallo o nn mi fido?

sondlive07 per McAfee c sto lavorando, appena ho finito faccio sapere
Avatar utente
r4iv3n
Neo Iscritto
Neo Iscritto
 
Messaggi: 6
Iscritto il: ven mag 07, 2010 4:47 pm

Re: Vari problemi con windows seven

Messaggioda ste_95 » ven mag 07, 2010 9:06 pm

Disattiva Panda e riprova ComboFix.
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Re: Vari problemi con windows seven

Messaggioda r4iv3n » ven mag 07, 2010 10:23 pm

ok allora, ComboFix non riusciva a terminare il processo in modalità normale, allora l'ho lanciato in modalità provvisoria e nn ho avuto problemi, spero vada bene lo stesso

ComboFix 10-05-07.01 - Administrator 07/05/2010 22:43:11.1.2 - x86 MINIMAL
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.39.1040.18.2047.1437 [GMT 2:00]
Eseguito da: c:\users\Administrator\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

D:\123.txt

.
((((((((((((((((((((((((( Files Creati Da 2010-04-07 al 2010-05-07 )))))))))))))))))))))))))))))))))))
.

2010-05-07 20:49 . 2010-05-07 20:49 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2010-05-07 20:49 . 2010-05-07 20:49 -------- d-----w- c:\users\r4iv3n\AppData\Local\temp
2010-05-07 20:49 . 2010-05-07 20:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-05-07 20:40 . 2010-05-07 20:40 3352 ------w- C:\bootsqm.dat
2010-05-07 11:08 . 2010-05-07 11:08 -------- d-----w- c:\programdata\Uniblue
2010-05-07 10:38 . 2010-05-07 11:08 -------- d-----w- c:\users\Administrator\AppData\Roaming\Uniblue
2010-05-07 10:37 . 2010-05-07 10:38 -------- d-----w- c:\program files\Uniblue
2010-05-06 20:06 . 2010-05-06 20:06 -------- d-----w- c:\users\Administrator\AppData\Roaming\Panda Security
2010-05-06 19:51 . 2010-05-06 19:51 264 ----a-w- c:\windows\system32\PSUNCpl.dat
2010-05-06 19:47 . 2010-05-06 19:47 -------- d-----w- c:\programdata\Panda Security
2010-05-06 18:57 . 2010-05-06 19:40 -------- dc----w- c:\windows\system32\DRVSTORE
2010-05-06 18:57 . 2010-05-06 19:38 -------- d-----w- c:\program files\Immunet Protect
2010-05-06 15:48 . 2009-06-30 07:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2010-05-06 15:47 . 2010-05-06 19:47 -------- d-----w- c:\program files\Panda Security
2010-05-05 17:55 . 2009-01-15 23:04 38400 ----a-w- c:\programdata\EPSON\EPSON SX110 Series\Language\0410.E_HBE0B7.DLL
2010-05-02 18:00 . 2010-05-02 18:00 -------- d-----w- c:\users\Administrator\AppData\Local\storage
2010-05-02 18:00 . 2010-05-02 18:00 -------- d-----w- c:\programdata\Ubisoft
2010-05-02 17:52 . 2007-01-24 13:27 255848 ----a-w- c:\windows\system32\xactengine2_6.dll
2010-05-02 17:51 . 2005-05-26 13:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2010-05-02 17:34 . 2010-05-02 17:55 -------- d-----w- c:\program files\Ubisoft
2010-04-30 14:29 . 2010-05-02 12:24 -------- d-----w- c:\program files\MegaLink
2010-04-30 11:11 . 2010-05-07 10:29 -------- d-----w- c:\program files\JDownloader
2010-04-30 11:10 . 2010-04-30 11:10 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-04-30 11:09 . 2010-04-30 11:09 -------- d-----w- c:\program files\Java
2010-04-28 09:01 . 2009-12-11 07:44 133720 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2010-04-28 09:01 . 2009-12-11 07:38 1037312 ----a-w- c:\windows\system32\lsasrv.dll
2010-04-22 20:04 . 2010-04-22 20:04 10134 ----a-r- c:\users\Administrator\AppData\Roaming\Microsoft\Installer\{43EB7D36-32F9-CE19-6F1D-B59BDBA942AE}\ARPPRODUCTICON.exe
2010-04-21 18:03 . 2010-04-21 18:03 10134 ----a-r- c:\users\Administrator\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
2010-04-21 18:03 . 2010-04-21 18:03 -------- d-----w- c:\program files\Microsoft WSE
2010-04-21 18:02 . 2006-09-28 14:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2010-04-21 17:53 . 2010-04-21 17:53 -------- d-----w- c:\program files\Electronic Arts
2010-04-18 17:29 . 2010-04-18 17:29 -------- d-----w- c:\users\Administrator\AppData\Roaming\EPSON
2010-04-17 07:42 . 2010-04-17 07:42 57344 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-04-17 07:41 . 2010-04-17 07:41 56766 ----a-w- c:\programdata\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-04-17 07:41 . 2010-04-17 07:41 57409 ----a-w- c:\programdata\DivX\ControlPanel\Uninstaller.exe
2010-04-17 07:19 . 2010-04-17 07:19 144696 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.exe
2010-04-14 22:24 . 2010-02-27 12:07 3899280 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-04-14 22:24 . 2010-02-27 12:07 3954568 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-04-14 22:24 . 2010-03-08 21:33 427520 ----a-w- c:\windows\system32\vbscript.dll
2010-04-14 22:24 . 2010-02-27 07:32 221696 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-04-14 22:24 . 2010-02-27 07:32 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-04-14 22:24 . 2010-02-27 07:32 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-04-14 22:17 . 2010-04-14 22:18 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-04-14 14:40 . 2010-01-09 06:52 132608 ----a-w- c:\windows\system32\cabview.dll
2010-04-14 14:40 . 2009-12-29 06:55 172032 ----a-w- c:\windows\system32\wintrust.dll
2010-04-13 22:48 . 2010-04-29 16:34 -------- d-----w- c:\program files\Veoh Networks
2010-04-12 23:10 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-04-12 21:49 . 2010-04-12 21:49 0 ----a-w- c:\windows\nsreg.dat
2010-04-12 21:49 . 2010-04-12 21:49 -------- d-----w- c:\users\Administrator\AppData\Local\Mozilla

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-07 20:46 . 2009-07-14 08:21 692090 ----a-w- c:\windows\system32\perfh010.dat
2010-05-07 20:46 . 2009-07-14 08:21 125396 ----a-w- c:\windows\system32\perfc010.dat
2010-05-07 20:26 . 2010-02-17 09:04 -------- d-----w- c:\programdata\Kaspersky Lab
2010-05-05 10:25 . 2010-02-17 09:04 97549 ----a-w- c:\windows\system32\drivers\klick.dat
2010-05-05 10:25 . 2010-02-17 09:04 113933 ----a-w- c:\windows\system32\drivers\klin.dat
2010-05-04 19:33 . 2010-02-17 11:06 -------- d-----w- c:\program files\Opera
2010-05-04 10:43 . 2010-02-17 09:52 -------- d-----w- c:\users\Administrator\AppData\Roaming\vlc
2010-05-02 17:55 . 2010-02-17 09:57 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-05-02 17:39 . 2010-03-09 19:16 -------- d-----w- c:\users\Administrator\AppData\Roaming\Skype
2010-04-28 17:57 . 2010-02-17 16:15 -------- d-----w- c:\program files\Messenger Plus! Live
2010-04-17 07:42 . 2010-04-05 20:23 -------- d-----w- c:\programdata\DivX
2010-04-17 07:41 . 2010-04-05 20:24 -------- d-----w- c:\program files\DivX
2010-04-17 07:19 . 2010-04-05 20:29 754984 ----a-w- c:\programdata\DivX\Setup\Resource.dll
2010-04-17 07:19 . 2010-04-05 20:29 1180952 ----a-w- c:\programdata\DivX\Setup\DivXSetup.exe
2010-04-15 17:43 . 2010-02-17 09:56 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-04-14 23:05 . 2010-02-17 13:49 -------- d-----w- c:\programdata\Microsoft Help
2010-04-12 15:38 . 2010-04-05 14:46 -------- d-----w- c:\program files\McAfee Security Scan
2010-04-10 12:30 . 2010-02-17 11:12 -------- d-----w- c:\program files\World of Warcraft
2010-04-05 20:28 . 2010-04-05 20:28 56978 ----a-w- c:\programdata\DivX\WebPlayer\Uninstaller.exe
2010-04-05 20:28 . 2010-04-05 20:28 53600 ----a-w- c:\programdata\DivX\Update\Uninstaller.exe
2010-04-05 20:27 . 2010-04-05 20:27 52963 ----a-w- c:\programdata\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-04-05 20:27 . 2010-04-05 20:27 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-04-05 20:27 . 2010-04-05 20:27 54073 ----a-w- c:\programdata\DivX\Qt4.5\Uninstaller.exe
2010-04-05 14:46 . 2010-04-05 14:46 -------- d-----w- c:\programdata\McAfee
2010-04-05 14:46 . 2010-04-05 14:46 -------- d-----w- c:\programdata\McAfee Security Scan
2010-04-03 17:15 . 2010-04-03 17:15 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2010-03-21 21:22 . 2010-03-21 21:02 -------- d-----w- c:\program files\Google
2010-03-20 18:05 . 2010-03-20 18:05 -------- d-----w- c:\users\Administrator\AppData\Roaming\Nero
2010-03-20 17:57 . 2010-03-20 17:41 -------- d-----w- c:\program files\Common Files\Nero
2010-03-20 17:56 . 2010-03-14 18:30 -------- d-----w- c:\program files\Nero
2010-03-20 17:46 . 2010-03-20 17:41 -------- d-----w- c:\programdata\Nero
2010-03-19 23:02 . 2010-03-19 23:02 -------- d-----w- c:\users\Administrator\AppData\Roaming\Creative
2010-03-19 22:57 . 2010-02-17 09:52 -------- d-----w- c:\program files\Creative
2010-03-19 22:52 . 2010-03-19 22:50 -------- d--h--w- c:\program files\Creative Installation Information
2010-03-19 22:51 . 2010-02-17 10:45 -------- d-----w- c:\programdata\Creative
2010-03-19 22:50 . 2010-03-19 22:50 -------- d-----w- c:\program files\Common Files\Creative
2010-03-19 22:40 . 2010-03-19 22:34 30210700 ----a-w- c:\programdata\Creative\Software Update\cache\Creative Sound Blaster X-Fi Smart Recorder (Windows Vista) 2.40.20__\SMARTREC_PCAPP_LB_2_40_20.exe
2010-03-19 22:34 . 2010-03-19 22:31 12907880 ----a-w- c:\programdata\Creative\Software Update\cache\Creative WaveStudio 7.12.00__\WAVESTD_PCAPP_LB_7_12_00.exe
2010-03-19 22:31 . 2010-03-19 22:25 37634288 ----a-w- c:\programdata\Creative\Software Update\cache\Creative MediaSource 5 Player_Organizer 5.26.02__\CMS5_PCAPP_LB_5_26_02.exe
2010-03-16 13:48 . 2010-03-15 20:16 -------- d-----w- c:\users\Administrator\AppData\Roaming\dvdcss
2010-03-15 18:46 . 2010-03-15 18:46 -------- d-----w- c:\program files\MSXML 4.0
2010-03-14 18:45 . 2010-02-17 16:28 -------- d-----w- c:\program files\epson
2010-03-14 18:00 . 2010-02-17 09:56 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-03-14 14:41 . 2010-03-14 14:39 -------- d-----w- c:\users\Administrator\AppData\Roaming\TS3Client
2010-03-14 14:38 . 2010-03-14 14:38 -------- d-----w- c:\program files\TeamSpeak 3 Client
2010-03-13 21:25 . 2010-03-13 21:25 -------- d-----w- c:\programdata\eMule
2010-03-13 21:25 . 2010-03-13 21:25 -------- d-----w- c:\program files\eMule
2010-03-13 12:56 . 2010-03-13 12:56 -------- d-----w- c:\users\Administrator\AppData\Roaming\teamspeak2
2010-03-13 12:56 . 2010-03-13 12:55 -------- d-----w- c:\program files\Teamspeak2_RC2
2010-03-09 19:16 . 2010-03-09 19:16 -------- d-----r- c:\program files\Skype
2010-03-09 19:16 . 2010-03-09 19:16 -------- d-----w- c:\programdata\Skype
2010-03-03 04:22 . 2010-03-03 04:22 5340160 ----a-w- c:\windows\system32\drivers\atipmdag.sys
2010-03-03 04:22 . 2010-03-03 04:22 5340160 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2010-03-03 04:16 . 2010-03-03 04:16 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-03-03 04:16 . 2009-12-11 20:35 446464 ----a-w- c:\windows\system32\aticfx32.dll
2010-03-03 04:13 . 2010-03-03 04:13 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-03-03 04:12 . 2010-03-03 04:12 372736 ----a-w- c:\windows\system32\atieclxx.exe
2010-03-03 04:11 . 2010-03-03 04:11 172032 ----a-w- c:\windows\system32\atiesrxx.exe
2010-03-03 04:10 . 2010-03-03 04:10 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2010-03-03 04:10 . 2010-03-03 04:10 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2010-03-03 04:09 . 2010-03-03 04:09 274432 ----a-w- c:\windows\system32\Oemdspif.dll
2010-03-03 04:09 . 2010-03-03 04:09 11776 ----a-w- c:\windows\system32\atimuixx.dll
2010-03-03 04:09 . 2010-03-03 04:09 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-03-03 04:06 . 2009-12-11 20:39 3131392 ----a-w- c:\windows\system32\atidxx32.dll
2010-03-03 03:46 . 2010-03-03 03:46 3703808 ----a-w- c:\windows\system32\atiumdag.dll
2010-03-03 03:45 . 2010-03-03 03:45 14226944 ----a-w- c:\windows\system32\atioglxx.dll
2010-03-03 03:24 . 2010-03-03 03:24 2993152 ----a-w- c:\windows\system32\atiumdva.dll
2010-03-03 03:23 . 2009-12-11 20:11 50176 ----a-w- c:\windows\system32\coinst.dll
2010-03-03 03:20 . 2010-03-03 03:20 53248 ----a-w- c:\windows\system32\aticalrt.dll
2010-03-03 03:20 . 2010-03-03 03:20 53248 ----a-w- c:\windows\system32\aticalcl.dll
2010-03-03 03:18 . 2010-03-03 03:18 3657728 ----a-w- c:\windows\system32\aticaldd.dll
2010-03-03 03:08 . 2010-03-03 03:08 52224 ----a-w- c:\windows\system32\atimpc32.dll
2010-03-03 03:08 . 2010-03-03 03:08 52224 ----a-w- c:\windows\system32\amdpcom32.dll
2010-03-03 03:08 . 2010-03-03 03:08 237568 ----a-w- c:\windows\system32\atiadlxx.dll
2010-03-03 03:07 . 2010-03-03 03:07 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2010-03-03 03:07 . 2010-03-03 03:07 15360 ----a-w- c:\windows\system32\atigktxx.dll
2010-03-03 03:07 . 2010-03-03 03:07 152064 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2010-03-03 03:06 . 2009-12-11 19:50 27648 ----a-w- c:\windows\system32\atiuxpag.dll
2010-03-03 03:06 . 2010-03-03 03:06 20480 ----a-w- c:\windows\system32\atiu9pag.dll
2010-03-03 03:05 . 2010-03-03 03:05 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-02-25 19:55 . 2010-02-25 19:55 201875 ----a-w- c:\windows\system32\atiicdxx.dat
2010-02-24 08:16 . 2010-02-17 09:01 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-23 16:15 . 2010-02-23 16:15 1105 ----a-w- c:\windows\system32\atipblag.dat
2010-02-23 07:56 . 2010-03-31 06:46 977920 ----a-w- c:\windows\system32\wininet.dll
2010-02-19 19:13 . 2010-02-19 19:08 102400 ----a-w- c:\programdata\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
2010-02-18 09:07 . 2010-02-17 08:57 108824 ----a-w- c:\users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-17 10:58 . 2010-02-17 10:58 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-02-17 10:45 . 2010-02-17 10:45 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2010-02-17 10:45 . 2010-02-17 10:45 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2010-02-17 09:30 . 2010-02-17 09:30 0 ----a-w- c:\windows\ativpsrm.bin
2010-02-17 09:18 . 2010-02-17 09:18 932368 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\profiles-1-6.dll
2010-02-17 09:18 . 2010-02-17 09:18 678416 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\content_interpreter-1-1.dll
2010-02-17 09:18 . 2010-02-17 09:18 604688 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\gsg-3-9.dll
2010-02-17 09:18 . 2010-02-17 09:18 1096208 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\filtration-4-6.dll
2010-02-17 09:18 . 2010-02-17 09:18 522768 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\database-1-5.dll
2010-02-17 09:18 . 2010-02-17 09:18 604140 --sha-w- c:\windows\system32\drivers\ISwift3.dat
2010-02-17 09:14 . 2010-02-17 09:14 80400 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.459\mzvkbd3.dll
2010-02-17 09:14 . 2010-02-17 09:14 80400 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.459\mzvkbd.dll
2010-02-17 09:14 . 2010-02-17 09:14 264720 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.459\klwtbbho.dll
2010-02-17 09:13 . 2010-02-17 09:13 109072 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\mzvkbd3.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

------- Sigcheck -------

[-] 2010-02-17 . 7BD7F45FF37FA0669CD32CA0EF46E22C . 811520 . . [6.1.7600.16385] . . c:\windows\System32\user32.dll
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Malware Icon]
@="{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}"
[HKEY_CLASSES_ROOT\CLSID\{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}]
2009-11-02 07:00 312576 ----a-w- c:\program files\Panda Security\Panda Cloud Antivirus\PSUNShell.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Pending Delete Icon]
@="{0847B599-9191-4A27-BD61-DE11598D3B1B}"
[HKEY_CLASSES_ROOT\CLSID\{0847B599-9191-4A27-BD61-DE11598D3B1B}]
2009-11-02 07:00 312576 ----a-w- c:\program files\Panda Security\Panda Cloud Antivirus\PSUNShell.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Suspect Icon]
@="{9AE343CB-BA45-4618-AF6A-0230EE6FC793}"
[HKEY_CLASSES_ROOT\CLSID\{9AE343CB-BA45-4618-AF6A-0230EE6FC793}]
2009-11-02 07:00 312576 ----a-w- c:\program files\Panda Security\Panda Cloud Antivirus\PSUNShell.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CreativeTaskScheduler"="c:\program files\Creative\Shared Files\CTSched.exe" [2006-11-17 53341]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-05-04 3883856]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-03-21 39408]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"PowerSuite"="c:\program files\Uniblue\PowerSuite\launcher.exe" [2010-03-23 46368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTxfiHlp"="CTXFIHLP.EXE" [2009-06-03 25600]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-03-05 1135912]
"PSUNMain"="c:\program files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" [2009-10-30 361728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~1\KASPER~1\KASPER~1\kloehk.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-12-15 33808]
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-06-30 28552]
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-02-17 691696]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2009-05-15 21008]
R1 PSINKNC;PSINKNC;c:\windows\system32\DRIVERS\psinknc.sys [2009-10-13 114184]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-03-03 172032]
R2 gupdate;Servizio di Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-21 135664]
R2 NanoServiceMain;NanoServiceMain;c:\program files\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2009-10-30 136448]
R2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys [2009-10-30 146440]
R2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys [2009-10-13 97800]
R2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys [2009-10-13 101384]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-03-03 5340160]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-03-03 152064]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-02-17 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-02-17 79360]
R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [2009-06-04 171032]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [2009-06-04 171032]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [2009-06-04 1324056]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [2009-06-04 1324056]
R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [2009-06-04 72728]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [2009-06-04 72728]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-05-16 19472]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]

.
Contenuto della cartella 'Scheduled Tasks'

2010-05-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-21 21:22]

2010-05-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-21 21:22]

2010-05-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1670938713-2245851142-4190984409-500Core.job
- c:\users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-27 11:15]

2010-05-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1670938713-2245851142-4190984409-500UA.job
- c:\users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-27 11:15]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
IE: Aggiungi ad Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
FF - ProfilePath - c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\ymkn2r8b.default\
FF - component: c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\programdata\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\users\Administrator\AppData\Local\Google\Update\1.2.183.23\npGoogleOneClick8.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

HKLM-RunOnce-<NO NAME> - (no file)
Notify-AtiExtEvent - (no file)


.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b7,eb,db,c7,8f,4d,66,4f,a3,72,60,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b7,eb,db,c7,8f,4d,66,4f,a3,72,60,\

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3G2"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3GP"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3G2"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3GP"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADT\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.avi"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cda\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.CDA"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\photoviewer.dll"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="IE.AssocFile.HTM"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (Administrator)
"Progid"="IE.AssocFile.HTM"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="PhotoViewer.FileAssoc.Jpeg"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2t\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="IE.AssocFile.MHT"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="IE.AssocFile.MHT"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mkv"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP3"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpe\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (Administrator)
"Progid"="PhotoViewer.FileAssoc.Png"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tts\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.TTS"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.url\UserChoice]
@Denied: (2) (Administrator)
"Progid"="IE.AssocFile.URL"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAX"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMD"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wms\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMS"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmz\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMZ"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WPL"

[HKEY_USERS\S-1-5-21-1670938713-2245851142-4190984409-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WVX"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Ora fine scansione: 2010-05-07 22:52:50
ComboFix-quarantined-files.txt 2010-05-07 20:52

Pre-Run: 62.204.334.080 byte disponibili
Post-Run: 62.197.895.168 byte disponibili

- - End Of File - - 9748E7FF64C0ACBAA50CD818E1767202


Per quanto riguarda McAfee ho eseguito tutto alla lettera, ma purtroppo l'applicazione nn è riuscita ad andare oltre il mio lavoro, la cartella che non riesco ad eliminare è ancora lì _-_
Avatar utente
r4iv3n
Neo Iscritto
Neo Iscritto
 
Messaggi: 6
Iscritto il: ven mag 07, 2010 4:47 pm

Re: Vari problemi con windows seven

Messaggioda ste_95 » sab mag 08, 2010 7:21 am

Nel log di ComboFix non pare apparire nessuna anomalia. Il mio consiglio è quello di ripercorrere a ritroso queste due settimane e cercare di capire dopo cosa i problemi hanno iniziato a manifestarsi. [;)]
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Re: Vari problemi con windows seven

Messaggioda r4iv3n » sab mag 08, 2010 10:58 am

ok grazie, vedrò di trovare qualche soluzione, alla peggio formatto, ciau :)
Avatar utente
r4iv3n
Neo Iscritto
Neo Iscritto
 
Messaggi: 6
Iscritto il: ven mag 07, 2010 4:47 pm


Torna a Sistema Operativo

Chi c’è in linea

Visitano il forum: Nessuno e 8 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising