Cpu a gogo dopo aver disinstallato office manualmente

Reticolare77

Nuovo Utente
15
0
RAM
4 gb
Buona sera
5 giorni fa (maledico il giorno) ho provato a installare office 2010 ma era una versione farlocca e quindi non mi si installava o mi si installava parzialmente..ho provato per ore a disinstallarlo anche perché mi rallentava tutto ma non riuscivo a eliminare il programma definitivamente..allora ho trovato su un forum un percorso manuale che andava a toccare le HKEY del regedit...l'ho disintallato e ho rimesso office 2007..ho fatto una scansione con avast che mi ha trovato una decina di virus che ha eliminato..da qualche giorno la cpu è al massimo e anche le normali attività sul pc rallentano e si blocca per qualche minuto..ho provato con HijackThis v2.0.4



ora io non so più che fare..il mio pc è un hp con 4 gb di ram AMD Athlon X2 Dual Core QL-65 2.10 GH...e prima del fattaccio riuscivo ad aprire più programmi contemporaneamente..adesso anche per inviare una mail devo aspettare che si sblocchi...qualcuno può aiutarmi? potete farmi delle ipotesi? grazie anticipatamente
 

Reticolare77

Nuovo Utente
15
0
RAM
4 gb
  • Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    C:\Program Files\IDT\WDM\sttray.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
    C:\Program Files\Mozilla Thunderbird\thunderbird.exe
    C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\WerFault.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN
 

Reticolare77

Nuovo Utente
15
0
RAM
4 gb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.ex e" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VER SIO~2.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.ex e" -launchedbylogin
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Cinzia\AppData\Local\Google\Update\Googl eUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [UniblueRegistryBooster] "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000
O4 - HKCU\..\Policies\Explorer\Run: [Logman] C:\Windows\System32\drivers\logman.exe /waitservice
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO DI RETE')
O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Startup: Ritaglio schermata e avvio di OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (file missing)
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stw rt.inf_e2247046\aestsrv.exe
O23 - Service: Apache2.2 - Unknown owner - C:\Users\Cinzia\Desktop\xampplite-win32-1.7.3\xampplite\apache\bin\httpd.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Microsoft SharePoint Workspace Audit Service - Unknown owner - C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (file missing)
O23 - Service: MySQL - Unknown owner - C:\Users\Cinzia\Desktop\xampplite-win32-1.7.3\xampplite\mysql\bin\mysqld.exe (file missing)
O23 - Service: ONDA Autorun CDROM Monitor - Unknown owner - C:\Windows\system32\SupportAppXL\onda_mon.exe (file missing)
O23 - Service: Office Software Protection Platform (osppsvc) - Unknown owner - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stw rt.inf_e2247046\STacSV.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

spero che qualcuno mi aiuti..grazie
 

FDAC

Utente Attivo
1,335
194
Ciao.

Scarica, preferibilmente con Internet Explorer, ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Posiziona ComboFix sul Desktop ed esegui queste operazioni preliminari:
disconnettiti da Internet
● sconnetti, fisicamente, il modem/router dal Computer

E' assolutamente necessario, se attivo:
disattivare l'Antivirus in uso, dall'icona presente sulla Traybar (accanto all'orologio di Windows)
disattivare il Firewall eventualmente installato, dall'icona presente sulla Traybar (accanto all'orologio di Windows)

Eseguiti i passaggi indicati sopra:
● lancia ComboFix: per lanciare ComboFix su Windows Vista e Windows Seven, clicca con il tasto destro del mouse sull'icona di ComboFix e, dal menù contestuale, scegli la voce Esegui come Amministratore
● segui le istruzioni che verranno rilasciate per eseguire la scansione
● verrà richiesta l'installazione della Console di ripristino di emergenza: non la installare
senza eseguire nessuna altra operazione, lascia che il tool completi il suo lavoro

Note - durante la scansione:
● verranno creati alcuni file sul Desktop e poi eliminati
● spariranno, per un attimo, tutte le icone presenti sul Desktop
● potrebbe venire rilasciato un messaggio in relazione all'Antivirus in uso: prosegui ignorando il messaggio
● il firewall, se attivo, potrebbe rilasciare un avviso circa la rimozione di alcuni driver: consenti
● potrebbe apparire sul Desktop l'icona di Internet Explorer, qualora già non fosse presente

Quando ComboFix avrà concluso l'operazione di scansione:
● il sistema verrà riavviato automaticamente: in caso contrario, riavvialo tu
● ricollega, fisicamente, il modem/router al Computer
connettiti a Internet
● vai in Disco Locale C:, cerca il file di testo dal nome ComboFix.txt ed allegalo
 

Reticolare77

Nuovo Utente
15
0
RAM
4 gb
in effetti Combofix ha ripulito il pc ma se spengo il wireless del pc, disattivo tutti i programmi e rimango col desktop senza muovere il puntatore mi dà la clessidra e il cpu si impenna fino al 90%...non capisco che ***** c'ha sto pc..prima non era così...altri consigli ragazzi? pleaseeeeee
 

FDAC

Utente Attivo
1,335
194
Se avesso letto bene, a quest'ora avresti postato il log di ComboFix (e, probabilmente, risolto i tuoi problemi).

:)
 

Reticolare77

Nuovo Utente
15
0
RAM
4 gb
ha ragione FDA..

Foglio1
Pagina 1
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
2011-03-03 10:40 . 2011-03-03 10:40
2011-03-03 10:38 . 2010-12-20 17:09
2011-03-03 10:38 . 2011-03-03 10:38
2011-03-03 10:38 . 2011-03-03 10:39
2011-03-03 10:38 . 2010-12-20 17:08
2011-03-02 08:36 . 2011-02-23 08:35
2011-03-01 12:33 . 2011-03-01 12:33
2011-03-01 12:33 . 2011-03-01 12:33
2011-03-01 00:25 . 2011-03-01 00:25
2011-02-28 22:59 . 2011-03-03 11:57
2011-02-28 22:58 . 2009-08-04 08:02
2011-02-28 00:35 . 2010-02-12 10:32
2011-02-28 00:28 . 2010-02-20 23:06
2011-02-28 00:28 . 2010-02-20 20:53
2011-02-28 00:28 . 2010-02-20 23:05
2011-02-28 00:21 . 2009-10-09 21:56
2011-02-28 00:21 . 2009-10-09 21:56
2011-02-28 00:21 . 2009-10-09 21:56
2011-02-28 00:21 . 2009-10-09 21:56
2011-02-28 00:21 . 2009-10-09 21:56
2011-02-28 00:21 . 2009-10-09 21:56
ComboFix 11-03-03.01 - Cinzia 03/03/2011 22.29.07.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.39.1040.18.3069.1944 [GMT 1:00]
Eseguito da: c:\users\Cinzia\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
c:\program files\OfferBox
c:\program files\OfferBox\OfferBoxChromeExtension.crx
c:\program files\OfferBox\offerboxffx@offerbox.com\chrome\content\overlay.xul
c:\program files\OfferBox\offerboxffx@offerbox.com\components\OfferBoxXpCom.xpt
c:\program files\OfferBox\offerboxffx@offerbox.com\install.rdf
c:\program files\OfferBox\res\language.xml
c:\program files\OfferBox\res\loader.gif
c:\programdata\NETg
c:\programdata\NETg\netg.ini
c:\users\Cinzia\AppData\Roaming\OfferBox
c:\users\Cinzia\AppData\Roaming\OfferBox\config.dat
c:\users\Cinzia\AppData\Roaming\OfferBox\config.xml
c:\windows\XSxS
La copia infetta di c:\windows\system32\Drivers\atapi.sys è stata trovata e disinfettata
ipristinata copia da - c:\combofix\HarddiskVolumeShadowCopy9_!Windows!System32!drivers!atapi.sys
((((((((((((((((((((((((( Files Creati Da 2011-02-03 al 2011-03-03 )))))))))))))))))))))))))))))))))))Foglio1
Pagina 2
2011-02-27 18:30 . 2010-01-25 12:00
2011-02-27 18:30 . 2010-01-25 12:00
2011-02-27 18:30 . 2010-01-25 08:21
2011-02-27 18:30 . 2010-01-25 12:00
2011-02-27 18:30 . 2010-01-25 12:00
2011-02-27 18:30 . 2010-01-25 08:21
2011-02-27 18:30 . 2010-01-25 08:21
2011-02-27 18:30 . 2010-01-25 08:21
2011-02-27 18:30 . 2010-01-25 11:58
2011-02-27 18:30 . 2010-06-11 16:15
2011-02-27 18:29 . 2010-10-18 13:37
2011-02-27 18:29 . 2010-11-04 18:55
2011-02-27 18:29 . 2010-11-04 18:56
2011-02-27 18:29 . 2010-11-04 18:55
2011-02-27 18:29 . 2010-11-04 18:55
2011-02-27 18:29 . 2010-11-04 16:34
2011-02-27 18:29 . 2010-10-28 13:20
2011-02-27 18:28 . 2011-01-08 08:47
2011-02-27 18:28 . 2011-01-08 06:28
2011-02-27 18:28 . 2010-06-16 15:30
2011-02-27 18:26 . 2010-01-13 17:34
2011-02-27 18:26 . 2010-06-16 16:04
2011-02-27 18:26 . 2009-12-08 17:26
2011-02-27 18:26 . 2010-05-27 20:08
2011-02-27 18:13 . 2010-08-31 15:44
2011-02-27 18:13 . 2010-05-04 19:13
2011-02-27 18:11 . 2009-12-04 18:30
2011-02-27 18:11 . 2009-12-04 18:29
2011-02-27 18:11 . 2009-12-04 18:28
2011-02-27 18:11 . 2009-12-04 18:28
2011-02-27 18:11 . 2009-12-04 18:28
2011-02-27 18:11 . 2009-12-04 18:28
2011-02-27 18:11 . 2009-12-04 18:28
2011-02-27 18:11 . 2009-12-04 18:28
2011-02-27 18:11 . 2009-12-04 18:27
2011-02-27 18:04 . 2009-11-08 09:55
2011-02-27 18:04 . 2009-11-08 09:55
2011-02-27 18:04 . 2009-11-08 09:55
2011-02-27 18:04 . 2009-11-08 09:55
2011-02-27 18:04 . 2009-11-08 09:55
2011-02-27 00:20 . 2010-09-13 13:56
2011-02-27 00:20 . 2010-09-13 13:56
2011-02-27 00:20 . 2010-09-06 13:45
2011-02-27 00:20 . 2010-09-06 16:20
2011-02-27 00:20 . 2010-09-06 13:45
2011-02-27 00:20 . 2010-09-06 13:45
2011-02-27 00:20 . 2010-09-06 16:19
2011-02-27 00:18 . 2010-04-16 16:46
2011-02-27 00:18 . 2010-10-12 13:41
2011-02-27 00:18 . 2010-10-12 13:41
2011-02-27 00:18 . 2010-10-12 15:53
2011-02-27 00:18 . 2010-08-10 15:53
2011-02-27 00:17 . 2010-12-28 15:55Foglio1
Pagina 3
2011-02-27 00:17 . 2010-12-28 15:53
2011-02-27 00:17 . 2010-12-28 15:53
2011-02-27 00:17 . 2010-12-28 15:53
2011-02-27 00:17 . 2010-12-28 15:53
2011-02-27 00:17 . 2010-12-28 15:53
2011-02-27 00:17 . 2010-12-31 13:57
2011-02-27 00:15 . 2011-01-20 16:07
2011-02-27 00:15 . 2011-01-20 16:04
2011-02-27 00:15 . 2011-01-20 16:07
2011-02-27 00:15 . 2011-01-20 16:06
2011-02-27 00:15 . 2010-02-23 11:10
2011-02-27 00:15 . 2010-02-23 11:10
2011-02-27 00:15 . 2010-02-23 11:10
2011-02-27 00:15 . 2010-03-05 14:01
2011-02-27 00:15 . 2010-04-05 17:01
2011-02-27 00:15 . 2010-06-28 17:00
2011-02-27 00:15 . 2010-06-28 14:54
2011-02-27 00:14 . 2010-08-17 14:11
2011-02-27 00:14 . 2010-10-19 04:27
2011-02-27 00:14 . 2010-08-26 16:37
2011-02-27 00:14 . 2010-12-14 14:49
2011-02-27 00:14 . 2010-06-17 18:08
2011-02-27 00:14 . 2010-06-17 16:16
2011-02-27 00:14 . 2010-08-26 16:34
2011-02-27 00:14 . 2010-08-26 16:33
2011-02-27 00:14 . 2010-08-26 14:23
2011-02-27 00:12 . 2010-08-20 16:05
2011-02-27 00:12 . 2010-01-21 15:05
2011-02-27 00:12 . 2009-04-11 06:27
2011-02-27 00:07 . 2009-12-23 11:33
2011-02-26 03:02 . 2011-02-27 18:14
2011-02-26 02:00 . 2011-02-26 02:00
2011-02-26 01:59 . 2011-02-26 02:12
2011-02-25 01:49 . 2011-02-27 17:46
2011-02-25 01:48 . 2011-02-27 17:46
2011-02-25 01:48 . 2011-02-27 17:46
2011-02-25 01:48 . 2011-02-27 17:46
2011-02-25 01:29 . 2011-02-27 17:44
2011-02-25 00:58 . 2011-02-25 02:26
2011-02-15 21:53 . 2008-04-07 04:38
2011-02-15 21:53 . 2008-04-07 04:38
2011-02-13 02:51 . 2011-02-23 08:17
2011-02-05 14:25 . 2011-02-05 14:25
2011-02-05 14:24 . 2011-02-05 14:26
2011-02-02 20:54 . 2011-02-02 21:01
2011-02-02 00:12 . 2011-02-02 00:12
.
.
2011-02-02 16:11 . 2009-11-06 07:41
2011-01-30 01:16 . 2010-12-07 15:50
2011-01-13 08:47 . 2010-09-20 09:48
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))Foglio1
Pagina 4
2011-01-13 08:47 . 2009-09-07 01:10
2011-01-13 08:41 . 2009-09-07 01:10
2011-01-13 08:40 . 2009-09-07 01:10
2011-01-13 08:37 . 2009-09-07 01:10
2011-01-13 08:37 . 2009-09-07 01:10
2011-01-13 08:37 . 2009-09-07 01:10
.
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
@="Driver"
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Google Update="c:\users\Cinzia\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-12-29 135664]
Skype="c:\program files\Skype\Phone\Skype.exe" [2011-01-26 15026056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
StartCCC="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
SynTPEnh="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-12-04 1410344]
UCam_Menu="c:\program files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2008-11-14 218408]
QlbCtrl.exe="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-10-10 206128]
HP Software Update="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
WirelessAssistant="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-12-08 432432]
Adobe Reader Speed Launcher="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
AdobeCS4ServiceManager="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
Adobe Acrobat Speed Launcher="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
Acrobat Assistant 8.0="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376]
SunJavaUpdateSched="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
avast5="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-01-13 3396624]
AdobeAAMUpdater-1.0="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
SwitchBoard="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
AdobeCS5ServiceManager="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
RtHDVCpl="RtHDVCpl.exe" [2008-01-15 4874240]
Skytel="Skytel.exe" [2007-11-20 1826816]
SysTrayApp="c:\program files\IDT\WDM\sttray.exe" [2009-07-21 458844]
iTunesHelper="c:\program files\iTunes\iTunesHelper.exe" [2011-01-25 421160]
GrooveMonitor="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
QuickTime Task="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
c:\users\Cinzia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-3-29 227712]
Ritaglio schermata e avvio di OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
EnableLUA= 0 (0x0)
EnableUIADesktopToggle= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3370645036-689909312-44440716-1000]Foglio1
Pagina 5
2008-06-09 08:14
 

Reticolare77

Nuovo Utente
15
0
RAM
4 gb
c:\users\Cinzia\AppData\Roaming\Malwarebytes
c:\windows\system32\drivers\mbamswissarmy.sys
c:\programdata\Malwarebytes
c:\program files\Malwarebytes' Anti-Malware
c:\windows\system32\drivers\mbam.sys
c:\programdata\Microsoft\Windows Defender\Definition Updates\{1559AD50-6E4A-4F27-A3A5-63D1960AC6C9}\mpengine.dll
c:\users\Cinzia\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
c:\program files\Trend Micro
c:\users\Cinzia\AppData\Local\PackageAware
c:\users\Cinzia\AppData\Local\Windows Live
c:\windows\system32\webservices.dll
c:\windows\system32\browserchoice.exe
c:\windows\system32\nshhttp.dll
c:\windows\system32\drivers\http.sys
c:\windows\system32\httpapi.dll
c:\windows\system32\winrsmgr.dll
c:\windows\system32\wsmprovhost.exe
c:\windows\system32\winrshost.exe
c:\windows\system32\winrs.exe
c:\windows\system32\wsmplpxy.dll
c:\windows\system32\winrssrv.dllFoglio1
Pagina 16
c:\windows\system32\secproc_isv.dll
c:\windows\system32\secproc.dll
c:\windows\system32\RMActivate_isv.exe
c:\windows\system32\secproc_ssp_isv.dll
c:\windows\system32\secproc_ssp.dll
c:\windows\system32\RMActivate_ssp_isv.exe
c:\windows\system32\RMActivate.exe
c:\windows\system32\RMActivate_ssp.exe
c:\windows\system32\msdrm.dll
c:\windows\system32\msxml3.dll
c:\windows\system32\consent.exe
c:\windows\system32\schedsvc.dll
c:\windows\system32\wmicmiplugin.dll
c:\windows\system32\taskschd.dll
c:\windows\system32\taskcomp.dll
c:\windows\system32\taskeng.exe
c:\windows\system32\tzres.dll
c:\windows\system32\atmlib.dll
c:\windows\system32\atmfd.dll
c:\windows\system32\fontsub.dll
c:\windows\system32\cabview.dll
c:\windows\system32\drivers\tcpip.sys
c:\windows\system32\drivers\tcpipreg.sys
c:\windows\system32\inetcomm.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\msshsq.dll
c:\windows\system32\tsbyuv.dll
c:\windows\system32\quartz.dll
c:\windows\system32\msyuv.dll
c:\windows\system32\msvidc32.dll
c:\windows\system32\msrle32.dll
c:\windows\system32\iyuv_32.dll
c:\windows\system32\msvfw32.dll
c:\windows\system32\mciavi32.dll
c:\windows\system32\avifil32.dll
c:\windows\system32\PresentationHostProxy.dll
c:\windows\system32\netfxperf.dll
c:\windows\system32\mscoree.dll
c:\windows\system32\PresentationHost.exe
c:\windows\system32\dfshim.dll
c:\program files\Windows Media Player\wmplayer.exe
c:\windows\system32\wmploc.DLL
 

Reticolare77

Nuovo Utente
15
0
RAM
4 gb
c:\windows\system32\drivers\srv.sys
c:\windows\system32\srvsvc.dll
c:\windows\system32\drivers\srv2.sys
c:\windows\system32\drivers\srvnet.sys
c:\windows\system32\netevent.dll
c:\windows\system32\usp10.dll
c:\program files\Windows Mail\wab.exe
c:\program files\Windows Mail\wabmig.exe
c:\program files\Windows Mail\wabfind.dll
c:\windows\system32\schannel.dll
c:\windows\system32\odbc32.dllFoglio1
Pagina 17
c:\program files\Common Files\System\ado\msadox.dll
c:\program files\Common Files\System\ado\msado15.dll
c:\program files\Common Files\System\ado\msadomd.dll
c:\program files\Common Files\System\msadc\msadcs.dll
c:\program files\Common Files\System\msadc\msadco.dll
c:\windows\system32\win32k.sys
c:\windows\system32\cdd.dll
c:\windows\system32\mfps.dll
c:\windows\system32\winspool.drv
c:\windows\system32\printfilterpipelineprxy.dll
c:\windows\system32\drivers\mrxsmb10.sys
c:\windows\system32\drivers\mrxsmb20.sys
c:\windows\system32\drivers\mrxsmb.sys
c:\windows\system32\vbscript.dll
c:\windows\system32\asycfilt.dll
c:\windows\system32\ole32.dll
c:\program files\Windows NT\Accessories\wordpad.exe
c:\windows\system32\spoolsv.exe
c:\program files\Internet Explorer\iecompat.dll
c:\windows\system32\t2embed.dll
c:\windows\system32\sdclt.exe
c:\program files\Movie Maker\MOVIEMK.dll
c:\program files\Movie Maker\MOVIEMK.exe
c:\windows\system32\gameux.dll
c:\windows\system32\Apphlpdm.dll
c:\windows\system32\GameUXLegacyGDFs.dll
c:\windows\system32\wmpmde.dll
c:\windows\system32\l3codeca.acm
c:\windows\system32\l3codecp.acm
c:\windows\system32\wintrust.dll
c:\program files\Microsoft CAPICOM 2.1.0.2
c:\program files\icons
c:\program files\Common Files\Photoshop
c:\program files\Microsoft Synchronization Services
c:\program files\Microsoft Sync Framework
c:\program files\Microsoft.NET
c:\program files\Microsoft SQL Server Compact Edition
c:\program files\Microsoft Analysis Services
c:\windows\AutoKMS.exe
c:\windows\system32\AdobePDFUI.dll
c:\windows\system32\AdobePDF.dll
c:\program files\Mozilla Sunbird
c:\program files\iPod
c:\program files\iTunes
c:\users\Cinzia\AppData\Roaming\FontCreator
c:\program files\Xenocode
c:\windows\system32\MpSigStub.exe
c:\windows\DIFxAPI.dll
c:\windows\avastSS.scrFoglio1
Pagina 18
c:\windows\system32\aswBoot.exe
c:\windows\system32\drivers\aswSP.sys
c:\windows\system32\drivers\aswTdi.sys
c:\windows\system32\drivers\aswRdr.sys
c:\windows\system32\drivers\aswMonFlt.sys
c:\windows\system32\drivers\aswFsBlk.sysFoglio1
Pagina 19
c:\program files\Common Files\LightScribe\LSRunOnce.exeFoglio1
Pagina 20Foglio1
Pagina 21
 

FDAC

Utente Attivo
1,335
194
Di problemi insolubili, ce ne sono.

Potresti copiare ed incollare per bene il log di ComboFix? (hai tagliato/incollato/pasticciato il testo...).
 

Reticolare77

Nuovo Utente
15
0
RAM
4 gb
te lo allego visto che son troppi caratteri da incollarti..hai detto insolubili? non essere troppo rassicurante :nunu:
 

FDAC

Utente Attivo
1,335
194
Scarica Kaspersky Virus Removal Tool: Kaspersky Virus Removal Tool 2010
● al termine della installazione verrà mostrata la schermata principale del tool
● verrà creata una cartella sul Desktop dal nome Virus Removal Tool
● seleziona la partizione da scansionare e clicca su Scan per avviare la Scansione
● terminata la scansione, in caso di rilevazione di infezioni, clicca su Neutralize all
● si apriranno dei popup dove potrai scegliere se Cancellare o Disinfettare l'oggetto
● metti la spunta su Apply to all e clicca su Quarantine
● per salvare il Report che verrà rilasciato, clicca sul tasto Reports: salvalo sul Desktop poi allegalo sul forum

Poi, un controllino ai Driver/servizi/MBR:

Scarica Kaspersky TDSS Killer: http://support.kaspersky.com/downloads/utils/tdsskiller.exe
● posiziona il file scaricato sul Desktop
● doppio click su TDSSKiller.exe per avviare l'applicazione e successivamente sul pulsante Start Scan

Giunti a questo punto, inizia la scansione del tuo sistema alla ricerca di software malevolo:
● se viene trovato un file infetto, l'azione di default sarà Cure, clicca quindi su Continua
● se viene trovato un file sospetto, l'azione di default sarà Skip, clicca quindi su Continua

Una volta terminata la scansione, si presenterà una di queste due opzioni:
non è necessario il riavvio del sistema: clicca su Report e salva il contenuto in un file di testo
● è necessario riavviare il sistema: clicca su Riavvia ora
● una volta riavviato il sistema, il report del programma da allegare si trova in C:\ in questa forma:
TDSSKiller.[Version]_[Date]_[Time]_log.txt
 

Reticolare77

Nuovo Utente
15
0
RAM
4 gb
Ciao Fda in entrambi le scansioni non mi ha trovato nulla..devo considerarmi appagato? o devo provare a fare altri controlli? la cpu sembra tornata a livelli normali..se hai altri consigli ti ascolto altrimenti ti ringrazio di cuore per l'aiuto che mi hai dato..sei l'orgoglio del sito :-)
grazie mille
 

Entra

oppure Accedi utilizzando
Discord Ufficiale Entra ora!