RISOLTO Check-UP

[Mr. Tony]

ciao raga, apro questo post per capire se il mio pc è in ordine opp no!! (sicuramente la seconda)

in primis parto con il dire che ogni volta che accendo il pc mi esce sto mess:


e secondo vi metto il report di HJThis così mi dite cosa fixare:

Spoiler

Logfile of Trend Micro HijackThis v2.0.4Scan saved at 12:16:11, on mar-29-maggio-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal


Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files\My Lockbox\mylbx.exe
C:\Program Files\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe
C:\Windows\vsnp2uvc.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\Pixart\Pac7302\Monitor.exe
C:\Windows\system32\UI0Detect.exe
C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Kaspersky Lab\Kaspersky PURE 2.0\klwtblfs.exe
C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tony\Desktop\HiJackThis.exe
C:\Windows\system32\rundll32.exe
C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Hotmail.fr, Messenger, Skype, Actualité, Sport, People, Femmes - MSN France
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Tony\AppData\Roaming\Complitly\Complitly.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky PURE 2.0\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky PURE 2.0\klwtbbho.dll
O4 - HKLM\..\Run: [mylbx] C:\Program Files\My Lockbox\mylbx.exe /a
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe"
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\Windows\Pixart\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O8 - Extra context menu item: Aggiungi ad Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky PURE 2.0\ie_banner_deny.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: I&nvia a OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Tastiera Virtuale - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky PURE 2.0\ievkbd.dll
O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: C&ontrollo URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky PURE 2.0\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7E09FD18-BF10-4618-926B-0AB520070277}: NameServer = 62.13.173.92 62.13.173.93
O17 - HKLM\System\CCS\Services\Tcpip\..\{B0F59D7B-D47E-41D1-A04B-89188E0762B4}: NameServer = 62.13.173.92 62.13.173.93
O17 - HKLM\System\CCS\Services\Tcpip\..\{CBDABF97-3351-4002-96EA-A13723B54B92}: NameServer = 62.13.173.92 62.13.173.93
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Servizio Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe
O23 - Service: Chiavetta Internet E173. OUC (Chiavetta Internet E173. RunOuc) - Unknown owner - C:\Program Files\Chiavetta Internet E173\UpdateDog\ouc.exe
O23 - Service: Servizio di controllo CryptoStorage (CSObjectsSrv) - Infowatch - C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HWDeviceService.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe


--
End of file - 8855 bytes

 

[Federico83]

per la prima sembra che c'è qualche periferica usb che ti sta segnalando qualcosa tipo stampante o altro che cerca di aprire la popup toglila dall'esecuzione automatica il problema dovrebbe sparire al prossimo riavvio.
il log mi sembra abbastanza pulito nulla di particolare è stato rilevato

 

[Mr. Tony]

Veramente da MsConfig l'aveva disabilitato, ma continua ad uscire!!

le uniche periferiche sono la scheda wireless - mouse - tastiera - WebCam e basta!!

Edit: anche perché se visualizzo il mess, il tema da aero diventa 98 e mi esce un mess con scritto:
"failed FsUsbexService no Existing FsUsbExDevice"

 

[Federico83]

cosa dice sotto mostra il messaggio? lo hai tolto anche dai servizi?

 

[Mr. Tony]

mi esce un mess con scritto:
"failed FsUsbexService no Existing FsUsbExDevice"

cmq si l'ho tolto pure dai servizi!!

 

[Federico83]

giusto per sicurezza dai una passata profonda di malwarebytes.

edit ha samsung pc studio installato?

 

[Mr. Tony]

si è installato perché?? l'ho installato 1week fà!!

malware non c'è l'ho più perché pure2.0 me lo classifica come virus e non me lo fà girare!!

 

[Federico83]

Fsusbexservice.exe process | What is Fsusbexservice.exe file? è lui il colpevole toglilo

 

[Mr. Tony]

ma pensa te!! dunque lo disinstallo con revo e poi lo fixo con HJthis??

 

[Federico83]

togli con revo e fai una pulizia approfondita dovrebbe bastare

 

[Mr. Tony]

Cmq grazie mille per la tua disponibilità!! ;)

 

[Federico83]

de nada figurati