www.MegaLab.it

[wilcoy]

provo a postare qui, in quanto nella sezione sicurezza ho trovato alcune soluzioni, ma adesso penso che la sezione giusta sia questa. ho provato a cercare che errori registra il serv. di visualizzazione eventi....diversi errori ripatuti nel service control manager del sistema e nel perfnet e powerOffer Service delle applicazioni.
Gmer non trova nulla.
HijackThis è stato già analizzato e ripulito.

[crazy.cat]

powerOffer Service delle applicazioni..

Da disinstallare, programma inutile e rompiscatole.

[wilcoy]

grazie crazy, ma come si fa? cioè dove lo trovo il programma per disintallarlo?. inoltre ne ho provate ancora altre. ho scaricato regclean.pro, ma tuttora che scrivo ho la cpu utilizzata dal 55 all'80% e di programmi aperti ho solo mozilla e utorrent che è in scarico...come è possibile?!?!? aiutooo. la cosa peggiore è che mi si impalla sulla esecuzione di file mid. con vabasco e io di solito ci suono dietro.....quindi ho i nervi a fior di pelle......

[wilcoy]

ho provato a disinstallare vanbasco, e poi a far eseguire un file mid da mediaplayer....stessa storia, i pezzi si impallano come un disco rotto

[The Doctor]

Se non sbaglio ComboFix lo rimuove

[wilcoy]

comincio a pensare veramente di non capirci più granchè , dunque nella sezione sicurezza ho avuto un bell'aiuto e alla fine, dopo aver seguito tutte le indicazioni il controllo delle vari log di hijackthis confermavano che era tutto a posto. a livello di registro di sistema ho reinserito le librerie dal disco di xp professional tramite comando snf/scannow.....ad ora continua ad essere impallato!!!! posto il log di combofix

ComboFix 12-04-10.01 - ermanno 10/04/2012 20.26.52.8.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.3071.2675 [GMT 2:00]
Eseguito da: c:\documents and settings\ermanno\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((( Files Creati Da 2012-03-10 al 2012-04-10 )))))))))))))))))))))))))))))))))))
.
.
2012-04-10 17:51 . 2012-04-10 18:06 -------- d-----w- c:\documents and settings\ermanno\Dati applicazioni\vlc
2012-04-09 19:24 . 2008-04-14 01:13 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2012-04-09 19:24 . 2001-08-30 21:08 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2012-04-09 19:24 . 2008-04-14 01:13 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2012-04-09 19:24 . 2001-08-30 21:08 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2012-04-09 19:24 . 2001-08-30 21:08 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2012-04-09 19:24 . 2001-08-30 21:08 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2012-04-09 19:24 . 2001-08-17 18:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2012-04-09 19:24 . 2004-08-03 19:29 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys
2012-04-09 19:24 . 2004-08-03 19:29 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys
2012-04-09 19:24 . 2008-04-14 01:13 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll
2012-04-09 19:23 . 2008-04-13 17:36 8832 -c--a-w- c:\windows\system32\dllcache\wmiacpi.sys
2012-04-09 19:23 . 2004-08-03 19:31 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys
2012-04-09 19:23 . 2001-08-30 18:46 35402 -c--a-w- c:\windows\system32\dllcache\wlandrv2.sys
2012-04-09 19:21 . 2008-04-13 17:40 5376 -c--a-w- c:\windows\system32\dllcache\viaide.sys
2012-04-09 19:20 . 2001-08-30 21:08 525568 -c--a-w- c:\windows\system32\dllcache\tridxp.dll
2012-04-09 19:19 . 2001-08-17 20:07 32640 -c--a-w- c:\windows\system32\dllcache\symc8xx.sys
2012-04-09 19:18 . 2001-08-17 18:51 58368 -c--a-w- c:\windows\system32\dllcache\smiminib.sys
2012-04-09 19:17 . 2001-08-30 20:30 161792 -c--a-w- c:\windows\system32\dllcache\sgsmusb.sys
2012-04-09 19:16 . 2008-04-14 01:13 29696 -c--a-w- c:\windows\system32\dllcache\rw450ext.dll
2012-04-09 19:16 . 2008-04-14 01:13 28160 -c--a-w- c:\windows\system32\dllcache\rw430ext.dll
2012-04-09 19:16 . 2004-08-03 19:31 20992 -c--a-w- c:\windows\system32\dllcache\rtl8139.sys
2012-04-09 19:16 . 2001-08-17 18:19 30720 -c--a-w- c:\windows\system32\dllcache\rthwcls.sys
2012-04-09 19:16 . 2001-08-17 18:12 19017 -c--a-w- c:\windows\system32\dllcache\rtl8029.sys
2012-04-09 19:16 . 2001-08-30 21:07 10752 -c--a-w- c:\windows\system32\dllcache\rsmgrstr.dll
2012-04-09 19:16 . 2001-08-17 18:19 3840 -c--a-w- c:\windows\system32\dllcache\rpfun.sys
2012-04-09 19:16 . 2008-04-14 00:50 79360 -c--a-w- c:\windows\system32\dllcache\rocket.sys
2012-04-09 19:16 . 2001-08-17 18:12 37563 -c--a-w- c:\windows\system32\dllcache\rlnet5.sys
2012-04-09 19:16 . 2001-08-30 21:07 86097 -c--a-w- c:\windows\system32\dllcache\reslog32.dll
2012-04-09 19:14 . 2001-08-17 20:07 19840 -c--a-w- c:\windows\system32\dllcache\philtune.sys
2012-04-09 19:13 . 2001-08-17 18:50 198144 -c--a-w- c:\windows\system32\dllcache\nv3.sys
2012-04-09 19:13 . 2001-08-30 21:07 123776 -c--a-w- c:\windows\system32\dllcache\nv3.dll
2012-04-09 19:13 . 2001-08-17 18:49 51552 -c--a-w- c:\windows\system32\dllcache\ntgrip.sys
2012-04-09 19:13 . 2001-08-30 19:30 9472 -c--a-w- c:\windows\system32\dllcache\ntapm.sys
2012-04-09 19:13 . 2001-08-17 19:53 7552 -c--a-w- c:\windows\system32\dllcache\nsmmc.sys
2012-04-09 19:13 . 2008-04-13 17:54 28672 -c--a-w- c:\windows\system32\dllcache\nscirda.sys
2012-04-09 19:13 . 2001-08-17 18:20 87040 -c--a-w- c:\windows\system32\dllcache\nm6wdm.sys
2012-04-09 19:13 . 2001-08-17 18:20 126080 -c--a-w- c:\windows\system32\dllcache\nm5a2wdm.sys
2012-04-09 19:13 . 2001-08-17 18:12 32840 -c--a-w- c:\windows\system32\dllcache\ngrpci.sys
2012-04-09 19:13 . 2004-08-19 12:33 132695 -c--a-w- c:\windows\system32\dllcache\netwlan5.sys
2012-04-09 19:11 . 2001-08-17 19:48 12416 -c--a-w- c:\windows\system32\dllcache\msriffwv.sys
2012-04-09 19:11 . 2001-08-17 20:00 2944 -c--a-w- c:\windows\system32\dllcache\msmpu401.sys
2012-04-09 19:11 . 2008-04-13 17:54 22016 -c--a-w- c:\windows\system32\dllcache\msircomm.sys
2012-04-09 19:11 . 2001-08-17 20:02 35200 -c--a-w- c:\windows\system32\dllcache\msgame.sys
2012-04-09 19:11 . 2001-08-17 19:48 6016 -c--a-w- c:\windows\system32\dllcache\msfsio.sys
2012-04-09 19:10 . 2001-08-17 19:52 17280 -c--a-w- c:\windows\system32\dllcache\mraid35x.sys
2012-04-09 19:10 . 2001-08-30 18:41 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2012-04-09 19:10 . 2001-08-17 19:57 16128 -c--a-w- c:\windows\system32\dllcache\modemcsa.sys
2012-04-09 19:10 . 2001-08-17 19:52 6528 -c--a-w- c:\windows\system32\dllcache\miniqic.sys
2012-04-09 19:10 . 2001-08-30 18:34 320384 -c--a-w- c:\windows\system32\dllcache\mgaum.sys
2012-04-09 19:10 . 2001-08-30 21:07 235648 -c--a-w- c:\windows\system32\dllcache\mgaud.dll
2012-04-09 19:08 . 2001-08-17 19:49 26624 -c--a-w- c:\windows\system32\dllcache\irstusb.sys
2012-04-09 19:08 . 2008-04-14 01:13 29696 -c--a-w- c:\windows\system32\dllcache\irmon.dll
2012-04-09 19:08 . 2001-08-17 19:51 18688 -c--a-w- c:\windows\system32\dllcache\irsir.sys
2012-04-09 19:08 . 2001-08-17 19:49 23552 -c--a-w- c:\windows\system32\dllcache\irmk7.sys
2012-04-09 19:08 . 2008-04-14 01:14 152576 -c--a-w- c:\windows\system32\dllcache\irftp.exe
2012-04-09 19:08 . 2008-04-13 17:54 88192 -c--a-w- c:\windows\system32\dllcache\irda.sys
2012-04-09 19:08 . 2001-08-17 18:12 45632 -c--a-w- c:\windows\system32\dllcache\ip5515.sys
2012-04-09 19:08 . 2001-08-30 21:07 90200 -c--a-w- c:\windows\system32\dllcache\io8ports.dll
2012-04-09 19:08 . 2001-08-17 19:50 38784 -c--a-w- c:\windows\system32\dllcache\io8.sys
2012-04-09 19:08 . 2008-04-14 00:52 5504 -c--a-w- c:\windows\system32\dllcache\intelide.sys
2012-04-09 19:08 . 2001-08-30 17:43 13568 -c--a-w- c:\windows\system32\dllcache\inport.sys
2012-04-09 19:08 . 2001-08-17 19:52 16000 -c--a-w- c:\windows\system32\dllcache\ini910u.sys
2012-04-09 19:06 . 2001-08-17 18:11 28700 -c--a-w- c:\windows\system32\dllcache\ibmexmp.sys
2012-04-09 19:06 . 2004-08-03 19:29 161020 -c--a-w- c:\windows\system32\dllcache\i81xnt5.sys
2012-04-09 19:06 . 2008-04-14 01:13 702845 -c--a-w- c:\windows\system32\dllcache\i81xdnt5.dll
2012-04-09 19:06 . 2001-08-30 21:07 353184 -c--a-w- c:\windows\system32\dllcache\i740dnt5.dll
2012-04-09 19:06 . 2001-08-17 18:49 58592 -c--a-w- c:\windows\system32\dllcache\i740nt5.sys
2012-04-09 19:06 . 2008-04-13 17:41 18560 -c--a-w- c:\windows\system32\dllcache\i2omp.sys
2012-04-09 19:06 . 2008-04-13 17:41 8576 -c--a-w- c:\windows\system32\dllcache\i2omgmt.sys
2012-04-09 19:04 . 2001-08-30 20:06 322432 -c--a-w- c:\windows\system32\dllcache\g400m.sys
2012-04-09 19:03 . 2001-08-30 21:07 46080 -c--a-w- c:\windows\system32\dllcache\esunib.dll
2012-04-09 19:02 . 2001-08-17 18:20 334208 -c--a-w- c:\windows\system32\dllcache\ds1wdm.sys
2012-04-09 19:01 . 2001-08-30 21:07 421917 -c--a-w- c:\windows\system32\dllcache\dgconfig.dll
2012-04-09 19:00 . 2008-04-13 17:36 10240 -c--a-w- c:\windows\system32\dllcache\compbatt.sys
2012-04-09 19:00 . 2001-08-17 18:11 39936 -c--a-w- c:\windows\system32\dllcache\cnxt1803.sys
2012-04-09 19:00 . 2001-08-30 21:07 44032 -c--a-w- c:\windows\system32\dllcache\cnusd.dll
2012-04-09 19:00 . 2001-08-30 18:37 6656 -c--a-w- c:\windows\system32\dllcache\cmdide.sys
2012-04-09 19:00 . 2001-08-30 18:37 20992 -c--a-w- c:\windows\system32\dllcache\cmbp0wdm.sys
2012-04-09 19:00 . 2008-04-13 17:36 13952 -c--a-w- c:\windows\system32\dllcache\cmbatt.sys
2012-04-09 19:00 . 2001-08-30 21:07 170880 -c--a-w- c:\windows\system32\dllcache\cl546x.dll
2012-04-09 19:00 . 2001-08-17 19:57 248064 -c--a-w- c:\windows\system32\dllcache\cl546xm.sys
2012-04-09 19:00 . 2001-08-30 21:07 111232 -c--a-w- c:\windows\system32\dllcache\cl5465.dll
2012-04-09 19:00 . 2001-08-30 21:07 91264 -c--a-w- c:\windows\system32\dllcache\cirrus.dll
2012-04-09 19:00 . 2001-08-17 19:57 45696 -c--a-w- c:\windows\system32\dllcache\cirrus.sys
2012-04-09 19:00 . 2001-08-30 18:33 272640 -c--a-w- c:\windows\system32\dllcache\cinemclc.sys
2012-04-09 19:00 . 2001-08-30 18:33 980034 -c--a-w- c:\windows\system32\dllcache\cicap.sys
2012-04-09 18:58 . 2001-08-30 21:07 41472 -c--a-w- c:\windows\system32\dllcache\brmfusb.dll
2012-04-09 18:57 . 2001-08-17 18:49 23552 -c--a-w- c:\windows\system32\dllcache\atixbar.sys
2012-04-09 18:56 . 2001-08-30 17:58 77824 -c--a-w- c:\windows\system32\dllcache\ati.sys
2012-04-09 18:55 . 2001-08-17 19:52 12800 -c--a-w- c:\windows\system32\dllcache\aha154x.sys
2012-04-09 18:54 . 2001-08-17 19:28 762780 -c--a-w- c:\windows\system32\dllcache\3cwmcru.sys
2012-04-09 18:54 . 2001-08-17 20:06 11264 -c--a-w- c:\windows\system32\dllcache\1394vdbg.sys
2012-04-09 18:54 . 2008-04-13 17:46 53376 -c--a-w- c:\windows\system32\dllcache\1394bus.sys
2012-04-09 18:53 . 2001-08-30 21:07 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll
2012-04-06 15:25 . 2012-04-06 15:25 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-04 18:36 . 2012-04-06 17:45 2448 ----a-w- c:\windows\system32\ASOROSet.bin
2012-04-04 18:12 . 2012-04-04 18:54 -------- d-----w- c:\programmi\RegClean Pro
2012-04-04 17:22 . 2012-04-04 18:54 -------- d-----w- c:\documents and settings\ermanno\Dati applicazioni\Systweak
2012-03-24 14:14 . 2012-04-10 18:22 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\AVAST Software
2012-03-24 14:14 . 2012-03-24 14:14 -------- d-----w- c:\programmi\AVAST Software
2012-03-23 18:43 . 2012-03-23 18:43 592824 ----a-w- c:\programmi\Mozilla Firefox\gkmedias.dll
2012-03-23 18:43 . 2012-03-23 18:43 44472 ----a-w- c:\programmi\Mozilla Firefox\mozglue.dll
2012-03-13 19:04 . 2012-03-13 19:04 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Office Genuine Advantage
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-06 15:25 . 2011-07-10 17:24 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-07 19:48 . 2012-03-07 19:48 388096 ----a-r- c:\documents and settings\ermanno\Dati applicazioni\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-02-03 09:57 . 2001-08-31 10:00 1860096 ----a-w- c:\windows\system32\win32k.sys
2012-01-11 19:06 . 2012-02-17 16:30 3072 ------w- c:\windows\system32\iacenc.dll
2012-03-23 18:43 . 2011-09-28 18:34 97208 ----a-w- c:\programmi\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-04-10_17.15.02 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-04-10 18:23 . 2012-04-10 18:23 16384 c:\windows\temp\Perflib_Perfdata_1ec.dat
- 2001-08-31 10:00 . 2012-04-10 15:59 79720 c:\windows\system32\perfc010.dat
+ 2001-08-31 10:00 . 2012-04-10 18:27 79720 c:\windows\system32\perfc010.dat
- 2001-08-31 10:00 . 2012-04-10 15:59 67740 c:\windows\system32\perfc009.dat
+ 2001-08-31 10:00 . 2012-04-10 18:27 67740 c:\windows\system32\perfc009.dat
+ 2001-08-31 10:00 . 2012-04-10 18:27 479236 c:\windows\system32\perfh010.dat
- 2001-08-31 10:00 . 2012-04-10 15:59 479236 c:\windows\system32\perfh010.dat
- 2001-08-31 10:00 . 2012-04-10 15:59 432784 c:\windows\system32\perfh009.dat
+ 2001-08-31 10:00 . 2012-04-10 18:27 432784 c:\windows\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RDReminder"="c:\programmi\RegClean Pro\RegCleanPro.exe" [2012-04-04 7430528]
.
c:\documents and settings\ermanno\Menu Avvio\Programmi\Esecuzione automatica\
avast! Free Antivirus.lnk - c:\programmi\AVAST Software\Avast\AvastUI.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-16 21:11 3872080 ----a-w- c:\programmi\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RDReminder]
2012-04-04 18:55 7430528 ----a-w- c:\programmi\RegClean Pro\RegCleanPro.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-10-13 08:27 17351304 ----a-r- c:\programmi\Skype\Phone\Skype.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"c:\\Programmi\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Programmi\\CyberLink\\PCM4Everio\\PCM4Everio.exe"=
"c:\\Programmi\\CyberLink\\PCM4Everio\\EverioService.exe"=
"c:\\Programmi\\Java\\jre6\\bin\\java.exe"=
"c:\\Programmi\\tvuplayer\\TVUPlayer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\File comuni\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [24/01/2011 18.56.10 721904]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [13/06/2011 18.15.00 218688]
R2 ABBYY.Licensing.PDFTransformer.Classic.3.0;ABBYY PDF Transformer 3.0 - Servizio Gestione licenze;c:\programmi\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [01/04/2011 19.41.53 759048]
R2 FastPara;FastPara;c:\windows\system32\drivers\fastpara.sys [20/06/2009 10.07.57 37836]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [12/11/2008 15.54.00 37376]
S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [13/05/2010 20.34.27 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [06/04/2012 17.25.12 253600]
S3 gupdatem;Servizio Google Update (gupdatem);c:\programmi\Google\Update\GoogleUpdate.exe [13/05/2010 20.34.27 136176]
.
Contenuto della cartella 'Scheduled Tasks'
.
2012-04-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 15:25]
.
2012-04-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-05-13 18:34]
.
2012-04-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-05-13 18:34]
.
2012-04-04 c:\windows\Tasks\RegClean Pro_DEFAULT.job
- c:\programmi\RegClean Pro\RegCleanPro.exe [2012-04-04 18:55]
.
2012-04-04 c:\windows\Tasks\RegClean Pro_UPDATES.job
- c:\programmi\RegClean Pro\RegCleanPro.exe [2012-04-04 18:55]
.
.
------- Scansione supplementare -------
.
uInternet Settings,ProxyOverride = local
IE: Download with GetRight Pro - c:\programmi\GetRight\GRdownload.htm
IE: Open with GetRight Pro Browser - c:\programmi\GetRight\GRbrowse.htm
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{595433C9-C811-4A65-B402-A90A4F8A3EDD}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{C031CAC5-AF25-447B-B0F5-CEF07FB3BB7D}: NameServer = 176.31.229.24,176.31.229.25
FF - ProfilePath - c:\documents and settings\ermanno\Dati applicazioni\Mozilla\Firefox\Profiles\08rmp1cy.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://www.corriere.it/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&o ... &gfns=1&q=
FF - prefs.js: network.proxy.type - 2
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-10 20:33
Windows 5.1.2600 Service Pack 3 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\S-1-5-21-1993962763-1644491937-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7D5EDFD4-8941-9576-07A0-8C69AD5594DE}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"oaljpgobffnmdllhodabnnbjflobcn"=hex:64,61,6b,68,6d,6e,6b,6c,00,85
"oapmpibffbojigikcmomoahglmmiee"=hex:69,61,6e,68,6f,65,67,62,68,6a,67,6e,6e,69,
61,67,69,63,00,ff
"nafmbipoaamnidgkpfadocedfaak"=hex:69,61,6e,68,6f,65,67,62,68,6a,67,6e,6e,69,
61,67,69,63,00,ff
.
[HKEY_USERS\S-1-5-21-1993962763-1644491937-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FFE3DD19-A219-A690-46E3-A3D9ACC98426}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"iaanlijlcohhkmaacg"=hex:6b,61,63,6b,63,64,6c,67,66,61,6c,6c,68,67,6b,6e,62,65,
69,6e,6b,6f,00,00
"hagofofjgkhdgcek"=hex:6b,61,63,6b,63,64,6c,67,66,61,6c,6c,68,67,6b,6e,62,65,
69,6e,6b,6f,00,00
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'winlogon.exe'(748)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(2304)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Ora fine scansione: 2012-04-10 20:36:21
ComboFix-quarantined-files.txt 2012-04-10 18:36
ComboFix2.txt 2012-04-10 17:17
ComboFix3.txt 2012-03-13 18:53
ComboFix4.txt 2012-03-13 17:32
ComboFix5.txt 2012-04-10 18:25
.
Pre-Run: 98.425.356.288 byte disponibili
Post-Run: 98.403.438.592 byte disponibili
.
- - End Of File - - B49C0851063111E5C256DD922E29F1D4

[wilcoy]

aggiungo una foto dell'utilizzo della cpu da parte dei vari programmi non appena acceso il pc, potete dirmi se a voi sembra regolare oppure no?

[wilcoy]

aggiungo una foto dell'utilizzo della cpu da parte dei vari programmi non appena acceso il pc, potete dirmi se a voi sembra regolare oppure no?

scusate ma non sono riuscito....

[wilcoy]

RISOLTO!!

ho semplicemente effettuato un ripristino ad una configurazione di sistema a qualche tempo fa quando tutto andava regolarmente...ha funzionato. grazie a tutti per l'aiuto.
Ciao