« precedente successivo »
Pagine: [1] 2 3 ... 5   Vai giù

Autore Topic: mi si è rallentato tantissimo il PC. che fare?  (Letto 2807 volte)

0 Utenti e 1 Visitatore stanno visualizzando questo topic.

Offline paolopaolo

  • Newbie
  • Post: 58
  • Karma: +0/-0
mi si è rallentato tantissimo il PC. che fare?
« il: Agosto 02, 2011, 01:16:28 pm »
Ciao a tutti,
ieri sera ho deciso di togliere babylon e ask toolbar dal mio pc, ho seguito i vari consigli sui forum, e usando revo uninstaller e un'altro programma che non ricordo (l'ho cancellato), li ho tolti con mia grande soddisfazione.. al riavvio però scopro che il computer è lentissimo, ci mette una vita ad aprire i programmi..allora provo a reinstallare babylon perchè magari nei file che ho cancellato c'è qualcosa che fa parte del sistema.. ma non sono riuscito a ripristinarli anche usando i programmi adatti (di cui non ricordo piu il nome perchè li ho sempre cancellati). Ora sto cercando di fare un backup per formattare tutto e buonanotte, ma anche li ho dei problemi. Sto usando comodo per backuppare su dvd, ma quando finisce il primo dvd, il programma mi dice di metterne un'altro, con l'unico problema che non mi fa uscire dallo sportellino quello finito...col backup di windows7 ero arrivato alla fine del primo dvd ma quando mancavano 8kb al completamento si è bloccato. Dovevo aspettare? Qualcuno può darmi consigli per vedere se è possibile evitare di formattare o se proprio devo se c'è un metodo efficace e relativamente rapido per fare backup? grazie...
Connesso

GERONIMO**

  • Visitatore
Re: mi si è rallentato tantissimo il PC. che fare?
« Risposta #1 il: Agosto 02, 2011, 01:30:57 pm »
ciao
scarica HiJackThis da qui
http://www.trendmicro.com/ftp/products/hijackthis/HiJackThis.msi
salvalo sul Desktop
installa HiJackThis
se hai vista o w7
Esegui HijackThis tasto destro - Esegui come Amministratore per aprirlo
clicca sul pulsante Do a system scan and save a logfile
 alla fine ti apparirà un log in formato documento di testo salvalo sul desktop e allegalo qui
sul forum

non installarti piu'  babylon e ask toolbar
che sono portatori di spyware
« Ultima modifica: Agosto 02, 2011, 02:07:01 pm da GERONIMO** »
Connesso

Offline paolopaolo

  • Newbie
  • Post: 58
  • Karma: +0/-0
Re: mi si è rallentato tantissimo il PC. che fare?
« Risposta #2 il: Agosto 02, 2011, 02:06:16 pm »
Grazie della risposta,
ho fatto ma mi chiede di fare una procedura che non capisco. intanto cliccando col tasto destro non mi chiede di eseguire come amministratore. quindi cliccando col sinistro apro e faccio la scansione ma mi dice di digitare notepad c:\windows\system32\drivers\etc\hosts e di cancellare le stringhe relative a hijackthis ma nel file che si apre non ci sono..
Connesso

GERONIMO**

  • Visitatore
Re: mi si è rallentato tantissimo il PC. che fare?
« Risposta #3 il: Agosto 02, 2011, 02:08:37 pm »
su quella voce accetta clicca si
e per riparare il file hosts
probabilmente infetto
e riesegui HiJackThis  come scritto

fai questa operazione
vai in C:\Windows\System32\drivers\etc
apri il file hosts con il notepad e controlla , deve essere uguale a questo
se non e cosi' il file hosts e infetto

 # Copyright (c) 1993-2006 Microsoft Corp.
 #
 # This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
 #
 # This file contains the mappings of IP addresses to host names. Each
 # entry should be kept on an individual line. The IP address should
 # be placed in the first column followed by the corresponding host name.
 # The IP address and the host name should be separated by at least one
 # space.
 #
 # Additionally, comments (such as these) may be inserted on individual
 # lines or following the machine name denoted by a '#' symbol.
 #
 # For example:
 #
 # 102.54.94.97 rhino.acme.com # source server
 # 38.25.63.10 x.acme.com # x client host

 127.0.0.1 localhost

« Ultima modifica: Settembre 07, 2011, 06:17:31 pm da GERONIMO** »
Connesso

Offline paolopaolo

  • Newbie
  • Post: 58
  • Karma: +0/-0
Re: mi si è rallentato tantissimo il PC. che fare?
« Risposta #4 il: Agosto 02, 2011, 02:14:25 pm »
Ok fatto...

Codice: [Seleziona]
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:13:11, on 02/08/2011
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16800)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
C:\Program Files (x86)\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files (x86)\Acer\OrbiCam10\OrbiCam.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Users\Utente\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Utente\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Utente\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Utente\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Utente\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Utente\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Utente\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Utente\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Cobian Backup 10\cbInterface.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Winamp Toolbar Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: (no name) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - (no file)
R3 - URLSearchHook: (no name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - (no file)
R3 - URLSearchHook: (no name) -  - (no file)
R3 - URLSearchHook: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files (x86)\myBabylon_English\tbmyBa.dll (file missing)
R3 - URLSearchHook: (no name) - {2c965f3f-8efd-4bfc-a2c5-1672845fdbbf} - (no file)
R3 - URLSearchHook: uTorrentBar_IT Toolbar - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\tbuTor.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: uTorrentBar_IT Toolbar - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\tbuTor.dll (file missing)
O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
O3 - Toolbar: uTorrentBar_IT Toolbar - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\tbuTor.dll (file missing)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKLM\..\Run: [Babylon Client] C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe -AutoStart
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files (x86)\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [AcerOrbicamRibbon] "C:\Program Files (x86)\Acer\OrbiCam10\OrbiCam.exe" /hide
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Cobian Backup 10 Interface] "C:\Program Files (x86)\Cobian Backup 10\cbInterface.exe" -service
O4 - HKCU\..\Run: [Google Update] "C:\Users\Utente\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO DI RETE')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service:  Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Cobian Backup 10 Volume Shadow Copy service (cbVSCService) - CobianSoft, Luis Cobian - C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe
O23 - Service: Comodo Online Storage Service (COSService.exe) - Unknown owner - C:\Program Files\COMODO\COMODO BackUp\COSService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMSAccess - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Oxygen Audio Device Monitor (OxygenAudioDevMon) - M-Audio - C:\Program Files (x86)\M-Audio\Oxygen\AudioDevMon.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Macrium Reflect Image Mounting Service (ReflectService) - Unknown owner - C:\Program Files\Macrium\Reflect\ReflectService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Comodo BackUp Service (SynchronizationService.exe) - Unknown owner - C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio64.exe (file missing)

--
End of file - 13975 bytes
« Ultima modifica: Agosto 03, 2011, 09:30:00 am da PeterFly »
Connesso

GERONIMO**

  • Visitatore
Re: mi si è rallentato tantissimo il PC. che fare?
« Risposta #5 il: Agosto 02, 2011, 02:21:14 pm »
hai dei virus sul pc

Rilancia HijackThis:  tasto destro - Esegui come Amministratore per aprirlo e: clicca sul pulsante Do a system scan only
Chiudi tutti i programmi aperti (browser compreso).
 Metti la spunta alle voci che vedi sotto
 clicca su Fixchecked
Se vengono rilasciati messaggi clicca su Si

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com

R3 - URLSearchHook: (no name) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - (no file)

R3 - URLSearchHook: (no name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - (no file)

R3 - URLSearchHook: (no name) - - (no file)

R3 - URLSearchHook: (no name) - {2c965f3f-8efd-4bfc-a2c5-1672845fdbbf} - (no file)

R3 - URLSearchHook: uTorrentBar_IT Toolbar - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\tbuTor.dll (file missing)

O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll

O2 - BHO: uTorrentBar_IT Toolbar - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\tbuTor.dll (file missing)

O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)

O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll

O3 - Toolbar: uTorrentBar_IT Toolbar - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\tbuTor.dll (file missing)

O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)

O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)

Scarica  
 Malwarebytes' Anti-Malware
 http://www.malwarebytes.org/
 salvalo sul desktop

Installa,Malwarebytes' Anti-Malware salvato sul Desktop,
 in fase di installazione, lascia la spunta alle voci Aggiorna Malwarebytes' Anti-Malware e Avvia Malwarebytes' Anti-Malware. (è importante)
 Adesso
disconnettiti da internet-spegni il modem/router . (è importante)
 poi vai sulla voce Scansione ed Esegui la scansione completa del sistema selezionando tutte le unità, attendi la fine della scansione
 se vengono rilevate infezioni e fai clic su OK => Mostra i Risultati.
 Assicurarti che tutto sia selezionato e
 clicca su Rimuovi gli elementi selezionati
 se Malwarebytes' chiede di riavviare il pc riavvia
 altrimenti riavvialo tu manualmente
salva il Report della scansione sul Desktop
 e Postalo qui sul forum

« Ultima modifica: Settembre 26, 2011, 01:59:49 pm da GERONIMO** »
Connesso

Offline paolopaolo

  • Newbie
  • Post: 58
  • Karma: +0/-0
Re: mi si è rallentato tantissimo il PC. che fare?
« Risposta #6 il: Agosto 02, 2011, 04:04:47 pm »
Ecco fatto. In effetti qualche virus ce l'avevo, tutti di un keylogger...però facendo tutto quanto, scansione ed eliminazione files infetti al riavvio il pc mi pare ancora più lento di prima. In più mi ha disattivato windows defender ed il mio povero avira e pare non voglia riattivarli..

Codice: [Seleziona]
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Versione database: 4778

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

02/08/2011 15:45:44
mbam-log-2011-08-02 (15-45-44).txt

Tipo di scansione: Scansione completa (C:\|)
Elementi esaminati: 287572
Tempo trascorso: 1 ore, 16 minuti, 8 secondi

Processi infetti in memoria: 0
Moduli di memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Voci infette nei dati di registro: 0
Cartelle infette: 7
File infetti: 80

Processi infetti in memoria:
(Non sono stati rilevati elementi nocivi)

Moduli di memoria infetti:
(Non sono stati rilevati elementi nocivi)

Chiavi di registro infette:
(Non sono stati rilevati elementi nocivi)

Valori di registro infetti:
(Non sono stati rilevati elementi nocivi)

Voci infette nei dati di registro:
(Non sono stati rilevati elementi nocivi)

Cartelle infette:
C:\Windows\System32\MPK (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\English (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\German (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\Spanish (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Images (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Lang (Refog.Keylogger) -> No action taken.

File infetti:
C:\Windows\System32\MPK\icon_1.ico (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\lnkmst.exe (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Mpk.dll (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\sqlite3.dll (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\unins000.dat (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\unins000.exe (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\unins000.msg (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\English\alarms.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\English\clipboard.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\English\computer.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\English\delivery.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\English\file.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\English\filters.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\English\imhelp.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\English\internet.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\English\invisible.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\English\keyboard.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\English\logging.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\English\log_size.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\English\need_update_net.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\English\password.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\English\programs.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\English\screenshot.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\English\settings_node.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\English\update.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\English\users_node.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\German\alarms.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\German\clipboard.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\German\computer.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\German\delivery.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\German\file.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\German\filters.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\German\imhelp.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\German\internet.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\German\invisible.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\German\keyboard.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\German\logging.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\German\log_size.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\German\need_update_net.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\German\password.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\German\programs.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\German\screenshot.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\German\settings_node.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\German\users_node.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\Spanish\alarms.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\Spanish\clipboard.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\Spanish\computer.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\Spanish\delivery.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\Spanish\filters.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\Spanish\internet.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\Spanish\invisible.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\Spanish\keyboard.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\Spanish\logging.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\Spanish\log_size.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\Spanish\password.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\Spanish\programs.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\Spanish\screenshot.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\Spanish\settings_node.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Help\Spanish\users_node.htm (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Images\vista_hide.bmp (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Images\xp_hide.bmp (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Lang\Brazilian.frc (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Lang\Brazilian.lng (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Lang\English.frc (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Lang\French.frc (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Lang\French.lng (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Lang\German.frc (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Lang\German.lng (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Lang\Italian.frc (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Lang\Italian.lng (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Lang\Japanese.frc (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Lang\Japanese.lng (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Lang\Polish.lng (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Lang\Portuguese.frc (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Lang\Portuguese.lng (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Lang\Romanian.frc (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Lang\Romanian.lng (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Lang\Russian.frc (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Lang\Spanish.frc (Refog.Keylogger) -> No action taken.
C:\Windows\System32\MPK\Lang\Spanish.lng (Refog.Keylogger) -> No action taken.
« Ultima modifica: Agosto 03, 2011, 09:30:23 am da PeterFly »
Connesso

GERONIMO**

  • Visitatore
Re: mi si è rallentato tantissimo il PC. che fare?
« Risposta #7 il: Agosto 02, 2011, 04:10:14 pm »
e si ci sono infezioni per questo e lento il pc
disattiva defender
se hai avira defender va disattivato
vanno in conflitto

dobbiamo fare un'altra scansione
questa e veloce
segui alla lettera

Scarica ComboFix:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
scaricalo con  ( Internet Explorer) no con chrome
posizionalo sul Desktop obbligatoriamente
disattiva l'Antivirus in uso (è importante)
disattiva il Firewall (è importante)
chiudi tutti i programmi aperti (è importante)
chiudi la connessione. (è importante)

lancia ComboFix tasto destro-Esegui come Amministratore
segui le istruzioni di combofix
verrà richiesta l'installazione della Console di ripristino :clicca su NO
senza eseguire nessuna altra operazione sul pc, lascia che  ComboFix completi la scansione non usare ne anche il mouse
altrimenti si Blocca il Pc
se vengono rilasciati dei  messaggi  Riguardo all' Antivirus e il Firewall
prosegui ignorando i messaggi
Quando ComboFix avrà concluso la scansione:
il sistema verrà riavviato automaticamente: in caso contrario, riavvialo tu
vai in Disco Locale C:, cerca il file di testo dal nome ComboFix.txt ed allegalo
« Ultima modifica: Agosto 02, 2011, 04:24:15 pm da GERONIMO** »
Connesso

Offline paolopaolo

  • Newbie
  • Post: 58
  • Karma: +0/-0
Re: mi si è rallentato tantissimo il PC. che fare?
« Risposta #8 il: Agosto 02, 2011, 04:56:01 pm »
ecco qua...
Codice: [Seleziona]
ComboFix 11-08-02.02 - Utente 02/08/2011  16:26:56.1.2 - x64
Microsoft Windows 7 Ultimate   6.1.7600.0.1252.39.1040.18.1022.372 [GMT 2:00]
Eseguito da: c:\users\Utente\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((   Altre eliminazioni   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Images
c:\users\Utente\AppData\Roaming\Kontakt 4.0.3 UPDATE PC.exe
c:\users\Utente\AppData\Roaming\Microsoft\Windows\Cookies\isindex.dat
c:\users\Utente\AppData\Roaming\Microsoft\Windows\Recent\Get your Password!.url
c:\users\Utente\AppData\Roaming\Rewire.dll
c:\users\Utente\AppData\Roaming\REX Shared Library.dll
.
.
(((((((((((((((((((((((((   Files Creati Da 2011-07-02 al 2011-08-02  )))))))))))))))))))))))))))))))))))
.
.
2011-08-02 14:37 . 2011-08-02 14:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-02 11:47 . 2011-08-02 11:47 388096 ----a-r- c:\users\Utente\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-08-02 11:47 . 2011-08-02 11:47 -------- d-----w- c:\program files (x86)\Trend Micro
2011-08-02 11:47 . 2011-08-02 11:47 -------- d-----w- c:\program files (x86)\Cobian Backup 10
2011-08-01 20:27 . 2011-08-01 20:27 -------- d-----w- c:\users\Utente\Backups
2011-08-01 20:25 . 2011-08-01 20:25 -------- d-----w- c:\programdata\Macrium
2011-08-01 16:12 . 2011-08-01 16:12 -------- d-----w- c:\program files\Macrium
2011-08-01 16:11 . 2011-08-01 16:11 -------- d-----w- c:\program files\COMODO
2011-08-01 11:49 . 2011-08-01 11:49 -------- d-----w- c:\windows\system32\SPReview
2011-08-01 11:47 . 2011-08-01 11:48 -------- d-----w- c:\windows\system32\EventProviders
2011-08-01 10:55 . 2011-08-01 10:55 -------- d-----w- c:\users\Utente\AppData\Roaming\OfficeRecovery
2011-08-01 09:43 . 2011-07-13 04:53 8578896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8604048A-8DE0-4754-927D-B3E4BAC515FD}\mpengine.dll
2011-07-28 16:41 . 2011-07-28 16:41 -------- d-----w- c:\users\Utente\AppData\Local\VS Revo Group
2011-07-28 16:40 . 2009-12-30 09:21 31800 ----a-w- c:\windows\system32\drivers\revoflt.sys
2011-07-28 16:40 . 2011-07-28 16:40 -------- d-----w- c:\program files\VS Revo Group
2011-07-27 20:26 . 2001-03-13 13:49 140288 ----a-w- c:\windows\SysWow64\COMDLG32.OCX
2011-07-27 20:26 . 2000-05-21 23:00 608448 ----a-w- c:\windows\SysWow64\ComCtl32.ocx
2011-07-27 20:26 . 1998-06-23 23:00 198456 ----a-w- c:\windows\SysWow64\MCI32.OCX
2011-07-27 20:26 . 1998-06-23 23:00 115016 ----a-w- c:\windows\SysWow64\MSINET.OCX
2011-07-20 19:11 . 2004-03-29 13:45 551936 ----a-w- c:\windows\th_inst2.exe
2011-07-20 19:11 . 2003-01-28 13:09 647168 ----a-w- c:\windows\SysWow64\sonicismdsp.dll
2011-07-20 19:11 . 2011-07-20 19:11 -------- d-----w- c:\program files (x86)\Sonicism Digital Audio Solutions
2011-07-19 22:34 . 1997-02-01 16:10 11910 ----a-w- c:\windows\SysWow64\Genmidi.dll
2011-07-19 22:34 . 1997-02-01 16:10 11910 ----a-w- c:\windows\Genmidi.dll
2011-07-15 10:53 . 2011-07-15 10:55 -------- d-----w- c:\users\Utente\AppData\Roaming\Systweak
2011-07-15 10:53 . 2011-07-07 11:26 18816 ----a-w- c:\windows\system32\roboot64.exe
2011-07-09 23:44 . 2011-07-09 23:44 -------- dc----w- c:\programdata\{1D27CD5F-93BB-4968-A5F1-E87D998A9554}
2011-07-09 23:40 . 2006-10-31 12:10 61440 ----a-w- c:\windows\SysWow64\NI_DFD_1_5.dll
2011-07-09 23:40 . 2006-10-31 12:10 393216 ----a-w- c:\windows\SysWow64\NI_IRC_1_2.dll
2011-07-09 23:40 . 2007-01-24 10:56 1990656 ----a-w- c:\windows\SysWow64\kconvert.dll
2011-07-09 23:40 . 2011-07-09 23:40 -------- d-----w- c:\users\Utente\AppData\Roaming\MusicLab
2011-07-09 23:40 . 2011-07-19 22:34 -------- d-----w- c:\program files (x86)\Native Instruments
2011-07-09 23:32 . 2011-08-02 11:26 -------- d-----w- c:\program files (x86)\MusicLab
2011-07-09 17:57 . 2011-07-09 17:57 -------- d-----w- c:\users\Utente\VSTPlugIns
2011-07-09 12:08 . 2011-07-09 12:08 -------- d-----w- C:\default
2011-07-09 03:53 . 2006-05-11 10:30 393216 ----a-w- c:\windows\SysWow64\NI_IRC_1_0_3.dll
2011-07-09 03:53 . 2006-05-11 10:30 61440 ----a-w- c:\windows\SysWow64\NI_DFD_1_4.dll
2011-07-04 07:07 . 2011-07-04 07:07 -------- d-----w- c:\program files\Common Files\VST3
2011-07-04 07:07 . 2011-07-04 07:07 -------- d-----w- c:\program files\VSTPlugIns
2011-07-04 07:07 . 2011-07-04 07:07 -------- d-----w- c:\program files (x86)\iZotope
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-01 11:07 . 2011-07-01 11:07 13464 ----a-w- c:\windows\system32\drivers\PSVolAcc.sys
2011-07-01 11:07 . 2011-07-01 11:07 40600 ----a-w- c:\windows\system32\drivers\psmounter.sys
2011-06-22 00:20 . 2011-06-22 00:20 0 ---ha-w- c:\users\Utente\AppData\Local\BITF8F6.tmp
2011-06-12 23:51 . 2011-06-12 23:51 4608 ----a-w- c:\windows\SysWow64\w95inf32.dll
2011-06-12 23:51 . 2011-06-12 23:51 2272 ----a-w- c:\windows\SysWow64\w95inf16.dll
2011-06-12 03:19 . 2011-06-12 03:19 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-06-09 02:51 . 2011-06-09 01:31 16 ----a-w- c:\users\Utente\AppData\Roaming\msregsvv.dll
2011-06-09 00:35 . 2011-06-09 00:35 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2011-06-02 08:07 . 2011-06-02 08:07 80864 ----a-w- c:\windows\system32\drivers\bdisk.sys
2011-06-02 08:06 . 2011-06-02 08:06 143688 ----a-w- c:\windows\system32\drivers\cbufs.sys
2011-06-02 08:06 . 2011-06-02 08:06 493352 ----a-w- c:\windows\system32\drivers\CBVD.sys
2011-06-02 08:06 . 2011-06-02 08:06 632384 ----a-w- c:\windows\system32\drivers\vdbus.sys
2011-06-02 08:06 . 2011-06-02 08:06 497984 ----a-w- c:\windows\system32\drivers\cbreparse.sys
2011-06-02 05:56 . 2011-07-14 14:25 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-05-28 03:25 . 2011-06-15 22:00 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-05-28 03:00 . 2011-06-15 22:00 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-05-24 17:14 . 2010-09-22 13:19 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-05-24 11:21 . 2011-06-28 23:11 404992 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-05-24 10:34 . 2011-06-28 23:11 64512 ----a-w- c:\windows\SysWow64\devobj.dll
2011-05-24 10:34 . 2011-06-28 23:11 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2011-05-24 10:34 . 2011-06-28 23:11 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2011-05-24 10:32 . 2011-06-28 23:11 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
.
.
(((((((((((((((((((((((((((((((((((((   Punti Reg Caricati   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files (x86)\Winamp Toolbar\winamptb.dll" [2011-03-11 1373512]
.
[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WinampTb.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WinampTb.AOLTBSearch]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"MobileConnect"="c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe" [2009-09-18 2412032]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"LogitechCommunicationsManager"="c:\program files (x86)\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2006-10-31 304664]
"AcerOrbicamRibbon"="c:\program files (x86)\Acer\OrbiCam10\OrbiCam.exe" [2006-11-28 754712]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\Update\realsched.exe" [2011-03-10 273544]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-03-07 421160]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-03-22 74752]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Cobian Backup 10 Interface"="c:\program files (x86)\Cobian Backup 10\cbInterface.exe" [2010-09-23 3154432]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Servizio di Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-27 136176]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 gupdatem;Servizio Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-27 136176]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [x]
R3 OXYGEN;Service for M-Audio Oxygen;c:\windows\system32\DRIVERS\MAudioOxygen.sys [x]
R3 reparse;reparse;c:\windows\system32\DRIVERS\cbreparse.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x]
R3 SMSCIRDA;SMSC Infrared Device Driver;c:\windows\system32\DRIVERS\SMSCir64.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 bdisk;COMODO Disk Raw Access Filter;c:\windows\system32\drivers\bdisk.sys [x]
S0 CBUfs;CBUfs;c:\windows\system32\drivers\CBUFS.sys [x]
S0 cbvd;Comodo Encrypted Virtual Disk;c:\windows\system32\DRIVERS\cbvd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S2 cbVSCService;Cobian Backup 10 Volume Shadow Copy service;c:\program files (x86)\Cobian Backup 10\cbVSCService.exe [2010-09-23 67584]
S2 COSService.exe;Comodo Online Storage Service;c:\program files\COMODO\COMODO BackUp\COSService.exe [2011-06-02 670000]
S2 OxygenAudioDevMon;Oxygen Audio Device Monitor;c:\program files (x86)\M-Audio\Oxygen\AudioDevMon.exe [2010-03-04 1632776]
S2 ReflectService;Macrium Reflect Image Mounting Service;c:\program files\Macrium\Reflect\ReflectService.exe [2011-07-01 301720]
S2 SynchronizationService.exe;Comodo BackUp Service;c:\program files\COMODO\COMODO BackUp\SynchronizationService.exe [2011-06-02 1557808]
S2 VMCService;Vodafone Mobile Connect Service;c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-09-18 9216]
S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys [x]
S3 lv321v64;Logitech USB PC Camera (VC0321);c:\windows\system32\DRIVERS\lv321v64.sys [x]
S3 netw5v64;Driver scheda Intel(R) Wireless WiFi Link serie 5000 per Windows Vista a 64 bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
S3 vdbus;Virtual Disk Bus Enumerator;c:\windows\system32\DRIVERS\vdbus.sys [x]
.
.
« Ultima modifica: Agosto 03, 2011, 09:30:37 am da PeterFly »
Connesso

Offline paolopaolo

  • Newbie
  • Post: 58
  • Karma: +0/-0
Re: mi si è rallentato tantissimo il PC. che fare?
« Risposta #9 il: Agosto 02, 2011, 04:57:08 pm »
Codice: [Seleziona]
Contenuto della cartella 'Scheduled Tasks'
.
2011-08-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-27 21:42]
.
2011-08-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-27 21:42]
.
2011-08-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-860061007-3847776748-2613304469-1000Core.job
- c:\users\Utente\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-28 21:42]
.
2011-08-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-860061007-3847776748-2613304469-1000UA.job
- c:\users\Utente\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-28 21:42]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\COSDriveOverlayIcon]
@="{5FDACB62-6B7B-4116-9403-C5E0D3852A57}"
[HKEY_CLASSES_ROOT\CLSID\{5FDACB62-6B7B-4116-9403-C5E0D3852A57}]
2011-06-02 08:04 673072 ----a-w- c:\program files\COMODO\COMODO BackUp\ShellExtension_3.0.171317.133.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-06 15960096]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-06 82464]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Scansione supplementare -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&sporta in Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: Translate this web page with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
TCP: DhcpNameServer = 10.0.1.1
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
URLSearchHooks-{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - c:\program files (x86)\myBabylon_English\tbmyBa.dll
URLSearchHooks-{2c965f3f-8efd-4bfc-a2c5-1672845fdbbf} - (no file)
Wow6432Node-HKCU-Run-msnmsgr - c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe
Wow6432Node-HKLM-Run-Babylon Client - c:\program files (x86)\Babylon\Babylon-Pro\Babylon.exe
WebBrowser-{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{51A86BB3-6602-4C85-92A5-130EE4864F13} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
WebBrowser-{2C965F3F-8EFD-4BFC-A2C5-1672845FDBBF} - (no file)
WebBrowser-{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1} - (no file)
AddRemove-Reason_is1 - c:\program files (x86)\Propellerhead\Reason\Uninstall Reason\unins000.exe
AddRemove-uTorrentBar_IT Toolbar - c:\progra~2\UTORRE~1\UNWISE.EXE
AddRemove-Vir2 Instruments Acoustic Legends HD - c:\progra~2\VIR2IN~1\ACOUST~1\UNWISE.EXE
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}\bm_installer.exe
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Environment*]
"Licence0"="04F0D21-79D8-7A25-D702-433F"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Ora fine scansione: 2011-08-02  16:42:26
ComboFix-quarantined-files.txt  2011-08-02 14:42
.
Pre-Run: 49.511.247.872 byte disponibili
Post-Run: 49.291.964.416 byte disponibili
.
- - End Of File - - D9C2974AA97DA13CCCF8E3CD78DF452B
« Ultima modifica: Agosto 03, 2011, 09:31:43 am da PeterFly »
Connesso

GERONIMO**

  • Visitatore
Re: mi si è rallentato tantissimo il PC. che fare?
« Risposta #10 il: Agosto 02, 2011, 05:14:35 pm »
Fai un click destro in un punto vuoto del Desktop
crea un Nuovo documento di testo
Ci copi e incolli il codice che vedi sotto, e lo salvi con il nome CFScript.txt
e trascinalo sull'icona di ComboFix.
partirà la scansione attendi la fine senza toccare niente
se chiede il riavvio del pc riavvia
Posta il log aggiornato di combofix

KillAll::

File::
c:\users\Utente\AppData\Local\BITF8F6.tmp
c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
c:\program files (x86)\Babylon\Babylon-Pro\Babylon.exe

Folder::
C:\Windows\System32\MPK
c:\program files (x86)\Babylon\Babylon-Pro\Utils
c:\program files (x86)\Babylon\Babylon-Pro
« Ultima modifica: Agosto 02, 2011, 05:21:27 pm da GERONIMO** »
Connesso

Offline paolopaolo

  • Newbie
  • Post: 58
  • Karma: +0/-0
Re: mi si è rallentato tantissimo il PC. che fare?
« Risposta #11 il: Agosto 02, 2011, 05:51:35 pm »
Codice: [Seleziona]
ComboFix 11-08-02.02 - Utente 02/08/2011  17:26:28.2.2 - x64
Microsoft Windows 7 Ultimate   6.1.7600.0.1252.39.1040.18.1022.430 [GMT 2:00]
Eseguito da: c:\users\Utente\Desktop\ComboFix.exe
Opzioni usate :: c:\users\Utente\Desktop\CFScript.txt.txt
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files (x86)\Babylon\Babylon-Pro\Babylon.exe"
"c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm"
"c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm"
"c:\users\Utente\AppData\Local\BITF8F6.tmp"
.
.
(((((((((((((((((((((((((((((((((((((   Altre eliminazioni   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Utente\AppData\Local\BITF8F6.tmp
.
.
(((((((((((((((((((((((((   Files Creati Da 2011-07-02 al 2011-08-02  )))))))))))))))))))))))))))))))))))
.
.
2011-08-02 11:47 . 2011-08-02 11:47 388096 ----a-r- c:\users\Utente\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-08-02 11:47 . 2011-08-02 11:47 -------- d-----w- c:\program files (x86)\Trend Micro
2011-08-02 11:47 . 2011-08-02 11:47 -------- d-----w- c:\program files (x86)\Cobian Backup 10
2011-08-01 20:27 . 2011-08-01 20:27 -------- d-----w- c:\users\Utente\Backups
2011-08-01 20:25 . 2011-08-01 20:25 -------- d-----w- c:\programdata\Macrium
2011-08-01 16:12 . 2011-08-01 16:12 -------- d-----w- c:\program files\Macrium
2011-08-01 16:11 . 2011-08-01 16:11 -------- d-----w- c:\program files\COMODO
2011-08-01 11:49 . 2011-08-01 11:49 -------- d-----w- c:\windows\system32\SPReview
2011-08-01 11:47 . 2011-08-01 11:48 -------- d-----w- c:\windows\system32\EventProviders
2011-08-01 10:55 . 2011-08-01 10:55 -------- d-----w- c:\users\Utente\AppData\Roaming\OfficeRecovery
2011-08-01 09:43 . 2011-07-13 04:53 8578896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8604048A-8DE0-4754-927D-B3E4BAC515FD}\mpengine.dll
2011-07-28 16:41 . 2011-07-28 16:41 -------- d-----w- c:\users\Utente\AppData\Local\VS Revo Group
2011-07-28 16:40 . 2009-12-30 09:21 31800 ----a-w- c:\windows\system32\drivers\revoflt.sys
2011-07-28 16:40 . 2011-07-28 16:40 -------- d-----w- c:\program files\VS Revo Group
2011-07-27 20:26 . 2001-03-13 13:49 140288 ----a-w- c:\windows\SysWow64\COMDLG32.OCX
2011-07-27 20:26 . 2000-05-21 23:00 608448 ----a-w- c:\windows\SysWow64\ComCtl32.ocx
2011-07-27 20:26 . 1998-06-23 23:00 198456 ----a-w- c:\windows\SysWow64\MCI32.OCX
2011-07-27 20:26 . 1998-06-23 23:00 115016 ----a-w- c:\windows\SysWow64\MSINET.OCX
2011-07-20 19:11 . 2004-03-29 13:45 551936 ----a-w- c:\windows\th_inst2.exe
2011-07-20 19:11 . 2003-01-28 13:09 647168 ----a-w- c:\windows\SysWow64\sonicismdsp.dll
2011-07-20 19:11 . 2011-07-20 19:11 -------- d-----w- c:\program files (x86)\Sonicism Digital Audio Solutions
2011-07-19 22:34 . 1997-02-01 16:10 11910 ----a-w- c:\windows\SysWow64\Genmidi.dll
2011-07-19 22:34 . 1997-02-01 16:10 11910 ----a-w- c:\windows\Genmidi.dll
2011-07-15 10:53 . 2011-07-15 10:55 -------- d-----w- c:\users\Utente\AppData\Roaming\Systweak
2011-07-15 10:53 . 2011-07-07 11:26 18816 ----a-w- c:\windows\system32\roboot64.exe
2011-07-09 23:44 . 2011-07-09 23:44 -------- dc----w- c:\programdata\{1D27CD5F-93BB-4968-A5F1-E87D998A9554}
2011-07-09 23:40 . 2006-10-31 12:10 61440 ----a-w- c:\windows\SysWow64\NI_DFD_1_5.dll
2011-07-09 23:40 . 2006-10-31 12:10 393216 ----a-w- c:\windows\SysWow64\NI_IRC_1_2.dll
2011-07-09 23:40 . 2007-01-24 10:56 1990656 ----a-w- c:\windows\SysWow64\kconvert.dll
2011-07-09 23:40 . 2011-07-09 23:40 -------- d-----w- c:\users\Utente\AppData\Roaming\MusicLab
2011-07-09 23:40 . 2011-07-19 22:34 -------- d-----w- c:\program files (x86)\Native Instruments
2011-07-09 23:32 . 2011-08-02 11:26 -------- d-----w- c:\program files (x86)\MusicLab
2011-07-09 17:57 . 2011-07-09 17:57 -------- d-----w- c:\users\Utente\VSTPlugIns
2011-07-09 12:08 . 2011-07-09 12:08 -------- d-----w- C:\default
2011-07-09 03:53 . 2006-05-11 10:30 393216 ----a-w- c:\windows\SysWow64\NI_IRC_1_0_3.dll
2011-07-09 03:53 . 2006-05-11 10:30 61440 ----a-w- c:\windows\SysWow64\NI_DFD_1_4.dll
2011-07-04 07:07 . 2011-07-04 07:07 -------- d-----w- c:\program files\Common Files\VST3
2011-07-04 07:07 . 2011-07-04 07:07 -------- d-----w- c:\program files\VSTPlugIns
2011-07-04 07:07 . 2011-07-04 07:07 -------- d-----w- c:\program files (x86)\iZotope
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-01 11:07 . 2011-07-01 11:07 13464 ----a-w- c:\windows\system32\drivers\PSVolAcc.sys
2011-07-01 11:07 . 2011-07-01 11:07 40600 ----a-w- c:\windows\system32\drivers\psmounter.sys
2011-06-12 23:51 . 2011-06-12 23:51 4608 ----a-w- c:\windows\SysWow64\w95inf32.dll
2011-06-12 23:51 . 2011-06-12 23:51 2272 ----a-w- c:\windows\SysWow64\w95inf16.dll
2011-06-12 03:19 . 2011-06-12 03:19 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-06-09 02:51 . 2011-06-09 01:31 16 ----a-w- c:\users\Utente\AppData\Roaming\msregsvv.dll
2011-06-09 00:35 . 2011-06-09 00:35 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2011-06-02 08:07 . 2011-06-02 08:07 80864 ----a-w- c:\windows\system32\drivers\bdisk.sys
2011-06-02 08:06 . 2011-06-02 08:06 143688 ----a-w- c:\windows\system32\drivers\cbufs.sys
2011-06-02 08:06 . 2011-06-02 08:06 493352 ----a-w- c:\windows\system32\drivers\CBVD.sys
2011-06-02 08:06 . 2011-06-02 08:06 632384 ----a-w- c:\windows\system32\drivers\vdbus.sys
2011-06-02 08:06 . 2011-06-02 08:06 497984 ----a-w- c:\windows\system32\drivers\cbreparse.sys
2011-06-02 05:56 . 2011-07-14 14:25 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-05-28 03:25 . 2011-06-15 22:00 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-05-28 03:00 . 2011-06-15 22:00 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-05-24 17:14 . 2010-09-22 13:19 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-05-24 11:21 . 2011-06-28 23:11 404992 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-05-24 10:34 . 2011-06-28 23:11 64512 ----a-w- c:\windows\SysWow64\devobj.dll
2011-05-24 10:34 . 2011-06-28 23:11 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2011-05-24 10:34 . 2011-06-28 23:11 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2011-05-24 10:32 . 2011-06-28 23:11 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
.
.
(((((((((((((((((((((((((((((   SnapShot@2011-08-02_14.37.19   )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-09-22 13:54 . 2011-08-02 15:40 45396              c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-08-02 15:40 39398              c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-09-24 13:00 . 2011-08-02 15:41 16384              c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-09-24 13:00 . 2011-08-02 13:58 16384              c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-09-24 13:00 . 2011-08-02 13:58 32768              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-09-24 13:00 . 2011-08-02 15:41 32768              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-09-24 13:00 . 2011-08-02 15:41 16384              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-09-24 13:00 . 2011-08-02 13:58 16384              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-09-24 13:00 . 2011-08-02 15:39 16384              c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-09-24 13:00 . 2011-08-02 14:22 16384              c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-09-24 13:00 . 2011-08-02 14:22 16384              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-09-24 13:00 . 2011-08-02 15:39 16384              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-09-28 01:11 . 2011-08-02 05:13 5330              c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2010-09-28 01:11 . 2011-08-02 15:37 5330              c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2010-09-22 13:01 . 2011-08-02 15:40 9984              c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-860061007-3847776748-2613304469-1000_UserData.bin
+ 2011-08-02 15:38 . 2011-08-02 15:38 2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-08-02 13:49 . 2011-08-02 13:49 2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-08-02 13:49 . 2011-08-02 13:49 2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-08-02 15:38 . 2011-08-02 15:38 2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 02:34 . 2011-08-02 14:13 10485760              c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34 . 2011-08-02 15:05 10485760              c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
.
(((((((((((((((((((((((((((((((((((((   Punti Reg Caricati   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files (x86)\Winamp Toolbar\winamptb.dll" [2011-03-11 1373512]
.
[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WinampTb.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WinampTb.AOLTBSearch]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"MobileConnect"="c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe" [2009-09-18 2412032]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"LogitechCommunicationsManager"="c:\program files (x86)\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2006-10-31 304664]
"AcerOrbicamRibbon"="c:\program files (x86)\Acer\OrbiCam10\OrbiCam.exe" [2006-11-28 754712]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\Update\realsched.exe" [2011-03-10 273544]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-03-07 421160]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-03-22 74752]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Cobian Backup 10 Interface"="c:\program files (x86)\Cobian Backup 10\cbInterface.exe" [2010-09-23 3154432]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Servizio di Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-27 136176]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 gupdatem;Servizio Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-27 136176]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [x]
R3 OXYGEN;Service for M-Audio Oxygen;c:\windows\system32\DRIVERS\MAudioOxygen.sys [x]
R3 reparse;reparse;c:\windows\system32\DRIVERS\cbreparse.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x]
R3 SMSCIRDA;SMSC Infrared Device Driver;c:\windows\system32\DRIVERS\SMSCir64.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 bdisk;COMODO Disk Raw Access Filter;c:\windows\system32\drivers\bdisk.sys [x]
S0 CBUfs;CBUfs;c:\windows\system32\drivers\CBUFS.sys [x]
S0 cbvd;Comodo Encrypted Virtual Disk;c:\windows\system32\DRIVERS\cbvd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S2 cbVSCService;Cobian Backup 10 Volume Shadow Copy service;c:\program files (x86)\Cobian Backup 10\cbVSCService.exe [2010-09-23 67584]
S2 COSService.exe;Comodo Online Storage Service;c:\program files\COMODO\COMODO BackUp\COSService.exe [2011-06-02 670000]
S2 OxygenAudioDevMon;Oxygen Audio Device Monitor;c:\program files (x86)\M-Audio\Oxygen\AudioDevMon.exe [2010-03-04 1632776]
S2 ReflectService;Macrium Reflect Image Mounting Service;c:\program files\Macrium\Reflect\ReflectService.exe [2011-07-01 301720]
S2 SynchronizationService.exe;Comodo BackUp Service;c:\program files\COMODO\COMODO BackUp\SynchronizationService.exe [2011-06-02 1557808]
S2 VMCService;Vodafone Mobile Connect Service;c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-09-18 9216]
S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys [x]
S3 lv321v64;Logitech USB PC Camera (VC0321);c:\windows\system32\DRIVERS\lv321v64.sys [x]
S3 netw5v64;Driver scheda Intel(R) Wireless WiFi Link serie 5000 per Windows Vista a 64 bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
S3 vdbus;Virtual Disk Bus Enumerator;c:\windows\system32\DRIVERS\vdbus.sys [x]
« Ultima modifica: Agosto 03, 2011, 09:32:01 am da PeterFly »
Connesso

Offline paolopaolo

  • Newbie
  • Post: 58
  • Karma: +0/-0
Re: mi si è rallentato tantissimo il PC. che fare?
« Risposta #12 il: Agosto 02, 2011, 05:55:18 pm »
Codice: [Seleziona]
Contenuto della cartella 'Scheduled Tasks'
.
2011-08-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-27 21:42]
.
2011-08-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-27 21:42]
.
2011-08-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-860061007-3847776748-2613304469-1000Core.job
- c:\users\Utente\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-28 21:42]
.
2011-08-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-860061007-3847776748-2613304469-1000UA.job
- c:\users\Utente\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-28 21:42]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\COSDriveOverlayIcon]
@="{5FDACB62-6B7B-4116-9403-C5E0D3852A57}"
[HKEY_CLASSES_ROOT\CLSID\{5FDACB62-6B7B-4116-9403-C5E0D3852A57}]
2011-06-02 08:04 673072 ----a-w- c:\program files\COMODO\COMODO BackUp\ShellExtension_3.0.171317.133.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-06 15960096]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-06 82464]
.
------- Scansione supplementare -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&sporta in Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: Translate this web page with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
TCP: DhcpNameServer = 10.0.1.1
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
WebBrowser-{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{51A86BB3-6602-4C85-92A5-130EE4864F13} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
WebBrowser-{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1} - (no file)
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Environment*]
"Licence0"="04F0D21-79D8-7A25-D702-433F"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\sched.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\CDBurnerXP\NMSAccessU.exe
c:\program files (x86)\Common Files\Logitech\LComMgr\LVComSX.exe
.
**************************************************************************
.
Ora fine scansione: 2011-08-02  17:48:21 - Il pc è stato riavviato
ComboFix-quarantined-files.txt  2011-08-02 15:48
.
Pre-Run: 49.622.749.184 byte disponibili
Post-Run: 49.562.099.712 byte disponibili
.
- - End Of File - - 94F2868888695EE5682410FA0C471295
« Ultima modifica: Agosto 03, 2011, 09:32:16 am da PeterFly »
Connesso

GERONIMO**

  • Visitatore
Re: mi si è rallentato tantissimo il PC. che fare?
« Risposta #13 il: Agosto 02, 2011, 06:02:20 pm »
va meglio il pc?
ho visto che avira si e riattivato
Connesso

Offline paolopaolo

  • Newbie
  • Post: 58
  • Karma: +0/-0
Re: mi si è rallentato tantissimo il PC. che fare?
« Risposta #14 il: Agosto 02, 2011, 06:03:52 pm »
no è uguale a prima...avira l'ho riattivato io dopo aver fatto tutto.. ho fatto male?
Connesso
Pagine: [1] 2 3 ... 5   Vai su
« precedente successivo »