Manuali.it
Ciao e Benvenuto/a nel Forum di Manuali.it !
Non sei registrato? Registrati subito cliccando QUI! E utilizza tutte le funzionalita' del sito!
Ci vediamo sul Forum !
Lo Staff di Manuali.it
Oggi è dom ott 21, 2018 7:12 pm

Tutti gli orari sono UTC +2 ore




Apri un nuovo argomento Rispondi all’argomento  [ 2 messaggi ] 
Autore Messaggio
 Oggetto del messaggio: Esito Pulzia Pc
MessaggioInviato: mer giu 27, 2012 12:08 pm 
Non connesso
Novizio
Novizio

Iscritto il: ven giu 22, 2012 3:18 pm
Messaggi: 3
Località: Lodi
Ciao a Tutti, ho eseguito la pulizia del Pc e la "procedura di Velocizzazione",
Eseguito CC cleaner, MalwareBytes, ComboFix e HiJackThis.
L'unica cosa che non mi è riuscita "da manuale"(almeno credo) è il log di HijackThis,cioè il log l'ho salvato,ma non nel modo in cui è descritto nella guida(non ho trovato la cartella HijackThis.zip).
Ecco di seguito i risultati delle varie operazioni.

Log Di Malware
Codice:
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Versione database: v2012.06.22.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Francesco :: FRANCESCO [amministratore]

22/06/2012 10.33.12
mbam-log-2012-06-22 (14-19-51).txt

Tipo di scansione: Scansione completa
Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File system | Euristica/Extra | Euristica/Shuriken | PUP | PUM
Opzioni di scansione disattivate: P2P
Elementi esaminati: 295682
Tempo impiegato: 2 ore, 17 minuti, 58 secondi

Processi rilevati in memoria: 0
(non sono stati rilevati elementi nocivi)

Moduli di memoria rilevati: 0
(non sono stati rilevati elementi nocivi)

Chiavi di registro rilevate: 0
(non sono stati rilevati elementi nocivi)

Valori di registro rilevati: 0
(non sono stati rilevati elementi nocivi)

Voci rilevate nei dati di registro: 2
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Cattivo: (1) Buono: (0) -> Nessuna azione intrapresa.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Cattivo: (1) Buono: (0) -> Nessuna azione intrapresa.

Cartelle rilevate: 0
(non sono stati rilevati elementi nocivi)

File rilevati: 0
(non sono stati rilevati elementi nocivi)

(fine)


Log di ComboFix

Codice:
ComboFix 12-06-21.03 - Francesco 22/06/2012  14.30.57.1.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.39.1040.18.511.172 [GMT 2:00]
Eseguito da: c:\documents and settings\Francesco\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
.
(((((((((((((((((((((((((((((((((((((   Altre eliminazioni   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Francesco\Dati applicazioni\ACD Systems\ACDSee\ImageDB.ddf
c:\documents and settings\Sichel Games\WINDOWS
c:\windows\help\wmplayer.bak
c:\windows\IsUn0410.exe
c:\windows\libmysql.dll
c:\windows\patch.exe
c:\windows\system32\Cache
c:\windows\system32\Cache\09c97ac85ba51084.fb
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\2c53092c95605355.fb
c:\windows\system32\Cache\31a0997e9a5b5eb3.fb
c:\windows\system32\Cache\32490486a2641fda.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\56c060deddbe8301.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\5d924dd2b5df2644.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\8bdaf562d010638d.fb
c:\windows\system32\Cache\a7abbce6c1f22048.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\e0de16f883bea794.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
c:\windows\system32\dllcache\wmpvis.dll
c:\windows\system32\SET209.tmp
c:\windows\system32\setb4.tmp
.
.
(((((((((((((((((((((((((   Files Creati Da 2012-05-22 al 2012-06-22  )))))))))))))))))))))))))))))))))))
.
.
2012-06-22 08:17 . 2012-06-22 08:17   --------   d-----w-   c:\documents and settings\Francesco\Dati applicazioni\Malwarebytes
2012-06-22 08:17 . 2012-06-22 08:17   --------   d-----w-   c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2012-06-22 08:17 . 2012-06-22 08:17   --------   d-----w-   c:\programmi\Malwarebytes' Anti-Malware
2012-06-22 08:17 . 2012-04-04 13:56   22344   ----a-w-   c:\windows\system32\drivers\mbam.sys
2012-06-22 07:39 . 2012-06-22 07:39   --------   d-----w-   c:\programmi\CCleaner
2012-06-21 16:15 . 2012-06-22 06:34   --------   d-----w-   c:\documents and settings\Francesco\Dati applicazioni\Ad-Aware Antivirus
2012-06-21 16:07 . 2012-06-21 16:07   426184   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2012-06-21 16:07 . 2012-06-21 16:07   70344   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-19 06:36 . 2012-06-02 13:19   18968   ----a-w-   c:\windows\system32\wuaueng.dll.mui
2012-06-14 07:14 . 2012-05-11 14:40   521728   -c----w-   c:\windows\system32\dllcache\jsdbgui.dll
2012-06-12 13:38 . 2012-06-12 13:38   --------   d-----w-   c:\documents and settings\Francesco\Impostazioni locali\Dati applicazioni\AVG Secure Search
2012-05-28 12:43 . 2001-08-30 18:41   12160   -c--a-w-   c:\windows\system32\dllcache\mouhid.sys
2012-05-28 12:43 . 2001-08-30 18:41   12160   ----a-w-   c:\windows\system32\drivers\mouhid.sys
2012-05-28 12:43 . 2008-04-13 18:45   10368   -c--a-w-   c:\windows\system32\dllcache\hidusb.sys
2012-05-28 12:43 . 2008-04-13 18:45   10368   ----a-w-   c:\windows\system32\drivers\hidusb.sys
2012-05-26 12:55 . 2012-05-26 12:55   --------   d-----w-   C:\ffec8001fc9334f8b5c5a93beb914ba1
2012-05-25 16:20 . 2012-05-25 16:20   --------   d-----w-   C:\80f2f806b6056011a6
2012-05-25 13:56 . 2012-06-22 07:26   --------   d-----w-   c:\documents and settings\Francesco\Dati applicazioni\vlc
2012-05-25 13:53 . 2012-05-25 13:53   --------   d-----w-   c:\programmi\VideoLAN
2012-05-24 07:35 . 2012-05-24 07:35   --------   d-sh--w-   c:\documents and settings\Default User\IETldCache
2012-05-24 07:34 . 2012-05-26 15:56   --------   d-----w-   c:\windows\system32\XPSViewer
2012-05-24 07:33 . 2012-05-24 07:33   --------   d-----w-   c:\programmi\MSBuild
2012-05-24 07:33 . 2012-05-24 07:33   --------   d-----w-   c:\programmi\Reference Assemblies
2012-05-24 07:32 . 2008-07-06 12:06   89088   ----a-w-   c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2012-05-24 07:30 . 2008-07-06 12:06   89088   -c----w-   c:\windows\system32\dllcache\filterpipelineprintproc.dll
2012-05-24 07:30 . 2008-07-06 12:06   117760   ------w-   c:\windows\system32\prntvpt.dll
2012-05-24 07:30 . 2008-07-06 10:50   597504   -c----w-   c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2012-05-24 07:30 . 2008-07-06 10:50   597504   ------w-   c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2012-05-24 07:30 . 2008-07-06 12:06   575488   -c----w-   c:\windows\system32\dllcache\xpsshhdr.dll
2012-05-24 07:30 . 2008-07-06 12:06   575488   ------w-   c:\windows\system32\xpsshhdr.dll
2012-05-24 07:30 . 2008-07-06 12:06   1676288   -c----w-   c:\windows\system32\dllcache\xpssvcs.dll
2012-05-24 07:30 . 2008-07-06 12:06   1676288   ------w-   c:\windows\system32\xpssvcs.dll
2012-05-24 07:30 . 2012-05-24 07:32   --------   d-----w-   C:\087acf605a2125c7e9
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-02 13:19 . 2004-08-16 10:27   329240   ----a-w-   c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2004-08-16 10:27   219160   ----a-w-   c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2004-08-16 10:27   210968   ----a-w-   c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2005-05-26 02:16   45080   ----a-w-   c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2004-08-16 10:27   35864   ----a-w-   c:\windows\system32\wups.dll
2012-06-02 13:19 . 2004-01-10 16:58   53784   ----a-w-   c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2003-04-08 12:00   97304   ----a-w-   c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2007-06-21 01:53   15896   ----a-w-   c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2007-06-21 01:53   24088   ----a-w-   c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2007-06-21 01:53   15896   ----a-w-   c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2004-08-16 10:27   577048   ----a-w-   c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2004-01-10 16:58   1933848   ----a-w-   c:\windows\system32\wuaueng.dll
2012-06-02 13:18 . 2009-08-05 07:30   214256   ----a-w-   c:\windows\system32\muweb.dll
2012-06-02 13:18 . 2009-08-05 07:30   18672   ----a-w-   c:\windows\system32\mucltui.dll.mui
2012-06-02 13:18 . 2009-08-05 07:29   275696   ----a-w-   c:\windows\system32\mucltui.dll
2012-05-31 13:21 . 2004-03-20 08:06   603136   ----a-w-   c:\windows\system32\crypt32.dll
2012-05-16 15:06 . 2004-08-23 18:35   916992   ----a-w-   c:\windows\system32\wininet.dll
2012-05-15 13:56 . 2003-04-08 12:00   1863168   ----a-w-   c:\windows\system32\win32k.sys
2012-05-11 14:40 . 2003-04-08 12:00   43520   ----a-w-   c:\windows\system32\licmgr10.dll
2012-05-11 14:40 . 2003-04-08 12:00   1469440   ------w-   c:\windows\system32\inetcpl.cpl
2012-05-11 11:38 . 2004-08-19 22:26   385024   ----a-w-   c:\windows\system32\html.iec
2012-05-05 03:14 . 2003-04-08 12:00   2151936   ----a-w-   c:\windows\system32\ntoskrnl.exe
2012-05-05 03:14 . 2002-09-09 13:34   2030080   ----a-w-   c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46 . 2004-01-10 16:58   139656   ----a-w-   c:\windows\system32\drivers\rdpwd.sys
2012-01-09 09:07 . 2012-01-04 16:45   121816   ----a-w-   c:\programmi\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((   Punti Reg Caricati   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\programmi\Ask.com\GenericAskToolbar.dll" [2012-01-03 1514152]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-06-22 08:29   2068536   ----a-w-   c:\programmi\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-01-03 15:31   1514152   ----a-w-   c:\programmi\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\programmi\Ask.com\GenericAskToolbar.dll" [2012-01-03 1514152]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\programmi\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll" [2012-06-22 2068536]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\programmi\Ask.com\GenericAskToolbar.dll" [2012-01-03 1514152]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15   123536   ----a-w-   c:\programmi\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-02-28 315392]
"AVG_TRAY"="c:\programmi\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
"SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe" [2011-06-09 254696]
"ApnUpdater"="c:\programmi\Ask.com\Updater\Updater.exe" [2012-01-03 1391272]
"vProt"="c:\programmi\AVG Secure Search\vprot.exe" [2012-06-22 1104440]
"avast"="c:\programmi\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"="c:\programmi\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Microsoft Office.lnk - c:\programmi\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute   REG_MULTI_SZ      autocheck autochk *\0aswBoot.exe /A:* /L:1033 /heur:80 /RA:ask /pup /archives /IA:0 /KBD:2 /dir:c:\programmi\AVAST
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Programmi\\AVG\\AVG2012\\avgmfapx.exe"=
"c:\\Programmi\\Outlook Express\\msimn.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\SUPDSvc.exe"=
"c:\\Programmi\\AVG\\AVG2012\\avgnsx.exe"=
"c:\\Programmi\\AVG\\AVG2012\\avgdiagex.exe"=
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [22/02/2011 8.13.02 23120]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [29/03/2012 12.40.45 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [28/03/2012 14.49.26 337880]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [05/04/2011 0.59.56 295248]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [28/03/2012 14.49.26 20696]
R2 avgwd;AVG WatchDog;c:\programmi\AVG\AVG2012\avgwdsvc.exe [02/08/2011 7.09.08 192776]
R2 vToolbarUpdater11.1.0;vToolbarUpdater11.1.0;c:\programmi\File comuni\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe [12/06/2012 9.25.02 935480]
S2 gupdate;Servizio Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [29/03/2012 12.41.40 136176]
S3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);c:\windows\system32\drivers\A3AB.sys [11/05/2006 13.11.00 472096]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\programmi\AVG\AVG10\Toolbar\ToolbarBroker.exe [23/05/2011 9.45.01 1025352]
S3 gupdatem;Servizio Google Update (gupdatem);c:\programmi\Google\Update\GoogleUpdate.exe [29/03/2012 12.41.40 136176]
S3 PRISM_USB;D-Link Air Wireless USB Adapter Driver;c:\windows\system32\drivers\PRISMUSB.sys [12/01/2005 12.53.13 666624]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12   REG_MULTI_SZ      Pml Driver HPZ12 Net Driver HPZ12
.
Contenuto della cartella 'Scheduled Tasks'
.
2012-06-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2012-03-29 10:41]
.
2012-06-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2012-03-29 10:41]
.
2012-06-22 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\programmi\Ask.com\UpdateTask.exe [2012-01-03 15:31]
.
2012-06-22 c:\windows\Tasks\User_Feed_Synchronization-{1E470A83-5C2D-4D77-99A7-29DEFE0250E7}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
.
2012-06-22 c:\windows\Tasks\User_Feed_Synchronization-{2DFBE415-ED08-4D07-9EF9-7BD13162F9BE}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
.
2012-06-22 c:\windows\Tasks\User_Feed_Synchronization-{86827DB0-A62B-4DAC-B3BD-C9907125FCA5}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uInternet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: Interfaces\{7529171E-D6AE-47B1-889B-1C6AC2D2CEAC}: NameServer = 151.99.0.100,105.199.0.125
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\programmi\File comuni\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll
FF - ProfilePath - c:\documents and settings\Francesco\Dati applicazioni\Mozilla\Firefox\Profiles\05ya3w5i.default\
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B30ee020c-50f9-473b-b59d-120fc720ecbe%7D&mid=1b167a42bb1a47d1b94fd11936c0eae9-06ce4fc639803a2e3563922518183d8e94088cb9&ds=AVG&v=10.0.0.7&lang=it&pr=fr&d=2011-11-30%2010%3A52%3A25&sap=ku&q=
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
HKLM-Run-Cmaudio - cmicnfg.cpl
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-06-22 14:45
Windows 5.1.2600 Service Pack 3 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MySQL]
"ImagePath"="\"c:\programmi\MySQL\MySQL Server 5.1\bin\mysqld\" --defaults-file=\"c:\programmi\MySQL\MySQL Server 5.1\my.ini\" MySQL"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Reinstall\XP*]
"DisplayName"="?\13?\13"
"DeviceDesc"="?\13?\13"
"ProviderName"=""
"MFG"="???\\"
"ReinstallString"="c:\\WINDOWS\\System32\\ReinstallBackups\\?\13\\DriverFiles\\.INF"
"DeviceInstanceIds"=multi:"inf\\cx_08346.inf\00"
.
Ora fine scansione: 2012-06-22  14:51:09
ComboFix-quarantined-files.txt  2012-06-22 12:51
.
Pre-Run: 45.443.395.584 byte disponibili
Post-Run: 45.628.260.352 byte disponibili
.
- - End Of File - - 6885B1B8BF6751966C861D7D47E5B3E7


Log di HiJackThis

Codice:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12.04.39, on 27/06/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Programmi\AVG\AVG2012\avgwdsvc.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Google\Update\GoogleUpdate.exe
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
C:\Programmi\MySQL\MySQL Server 5.1\bin\mysqld.exe
C:\Programmi\AVG\AVG2012\avgnsx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\File comuni\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmi\AVG\AVG2012\avgtray.exe
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\Programmi\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Documents and Settings\Francesco\Desktop\Antivirus\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programmi\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG2012\avgssie.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Programmi\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Programmi\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://bin.mcafee.com/molbin/shared/mcinsctl/it/4,0,0,83/mcinsctl.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://housecall.trendmicro-europe.com/housecall/Xscan53.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://bin.mcafee.com/molbin/shared/mcgdmgr/it/1,0,0,20/mcgdmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7529171E-D6AE-47B1-889B-1C6AC2D2CEAC}: NameServer = 151.99.0.100,105.199.0.125
O17 - HKLM\System\CS1\Services\Tcpip\..\{7529171E-D6AE-47B1-889B-1C6AC2D2CEAC}: NameServer = 151.99.0.100,105.199.0.125
O17 - HKLM\System\CS2\Services\Tcpip\..\{7529171E-D6AE-47B1-889B-1C6AC2D2CEAC}: NameServer = 151.99.0.100,105.199.0.125
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG2012\avgpp.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Programmi\File comuni\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Unknown owner - C:\Programmi\ANI\ANIWZCS2 Service\ANIWZCSdS.exe (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programmi\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Programmi\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Programmi\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: MySQL - Unknown owner - C:\Programmi\MySQL\MySQL.exe (file missing)
O23 - Service: vToolbarUpdater11.1.0 - Unknown owner - C:\Programmi\File comuni\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe

--
End of file - 7091 bytes


Fatto, il pc risultava già più veloce, solo dopo la pulizia, con la "velocizzazione" è mgliorato ancora un pò, inoltre (per ora) non si è più impallato.
Grazie, e alla prossima.

_________________
"Tu non puoi più amarmi"
"Io cosa?..no Mav.."
"Vedrai"



Condividi: Aggiungi: Esito Pulzia Pc a Technorati Aggiungi: Esito Pulzia Pc a OKNOtizie Aggiungi: Esito Pulzia Pc a Segnalo Aggiungi: Esito Pulzia Pc a Digg Aggiungi: Esito Pulzia Pc a Boomark.it Aggiungi: Esito Pulzia Pc a Furl Aggiungi: Esito Pulzia Pc a de.li.cious Aggiungi: Esito Pulzia Pc a Yahoo Aggiungi: Esito Pulzia Pc a Stumbleupon Aggiungi: Esito Pulzia Pc a Google Aggiungi: Esito Pulzia Pc a BlogLines Aggiungi: Esito Pulzia Pc a SocialDust.com Aggiungi: Esito Pulzia Pc a Live.com Aggiungi: Esito Pulzia Pc a Wikip.it
Top
 Profilo E-mail  
 
 Oggetto del messaggio: Re: Esito Pulzia Pc
MessaggioInviato: mer giu 27, 2012 2:02 pm 
Non connesso
Amministratore
Amministratore
Avatar utente

Iscritto il: mer set 07, 2005 10:24 am
Messaggi: 6632
Il log di Hijackthis va benissimo così.

;)

_________________
Riccardo

-Corsair 550W 80plus
-SEAGATE Barracuda 1TB
-Windows 7 Home Premium 64bit
-G.SKILL DDR3 4GB CL7
-GIGABYTE P55-USB3
-Intel CORE i5 760/2.8HGz
-Inter-Tech CK-35 Observer Rubber Black Coated ATX-Tower
-Gigabyte nVidia 460 1GB DDR5


Immagine



Condividi: Aggiungi: Esito Pulzia Pc a Technorati Aggiungi: Esito Pulzia Pc a OKNOtizie Aggiungi: Esito Pulzia Pc a Segnalo Aggiungi: Esito Pulzia Pc a Digg Aggiungi: Esito Pulzia Pc a Boomark.it Aggiungi: Esito Pulzia Pc a Furl Aggiungi: Esito Pulzia Pc a de.li.cious Aggiungi: Esito Pulzia Pc a Yahoo Aggiungi: Esito Pulzia Pc a Stumbleupon Aggiungi: Esito Pulzia Pc a Google Aggiungi: Esito Pulzia Pc a BlogLines Aggiungi: Esito Pulzia Pc a SocialDust.com Aggiungi: Esito Pulzia Pc a Live.com Aggiungi: Esito Pulzia Pc a Wikip.it
Top
 Profilo E-mail  
 
Visualizza ultimi messaggi:  Ordina per  
Apri un nuovo argomento Rispondi all’argomento  [ 2 messaggi ] 

Tutti gli orari sono UTC +2 ore


Chi c’è in linea

Visitano il forum: Nessuno e 2 ospiti


Non puoi aprire nuovi argomenti
Non puoi rispondere negli argomenti
Non puoi modificare i tuoi messaggi
Non puoi cancellare i tuoi messaggi

Cerca per:
Vai a:  
2000 - 2011 Manuali.it © - P.IVA 00992330670 - Tutti i diritti riservati - Note Legali - Cookie Policy - Condizioni di utilizzo del sito - Privacy - E' vietata qualsiasi riproduzione parziale o completa se non autorizzata - # Powered by Cykel Software
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
Traduzione Italiana phpBB.it
phpBB SEO