• Non sono ammesse registrazioni con indirizzi email temporanei usa e getta

aiuto xp

romy

romy

Digital-Forum Junior Plus
Registrato
14 Dicembre 2005
Messaggi
115
un saluto e auguri a tutti:icon_rolleyes:
da qualche giorno il mio pc si è molto rallentato specialmente all'avvio, e ho notato che nel pannello di controllo ho tutte le icone doppie, triple e anche più
monto xp con sp2 e anti virus kasper... aggiornato
scusate se esprimo un linguaggio da principiante (lo sono)
sarei molto grato di un aiuto
 
Scusa Ercolino, approfitto.
Da un paio di giorni ho (a momenti) un rallentamento terrificante del PC. All'inizio ho pensato di avere problemi con i drivers della scheda video e li ho disinstallati e quindi rimessi, ma il problema e' rimasto.
L'antivirus e l'antiadware non mi segnalano nulla.
Ho XP Sp2.
Ti incollo il log di Hijackthis. Io non ci trovo niente di strano.
Non riesco a far partire la scansione online a http://it.trendmicro-europe.com/housecall/v6.5/?=Verifica+il+mio+PC+adesso

devo dividere il msg in piu' parti

Logfile of HijackThis v1.99.0
Scan saved at 12.56.44, on 05/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
H:\Programmi\SlySoft\AnyDVD\AnyDVD.exe
H:\Programmi\SlySoft\CloneCD\CloneCDTray.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\DAEMON Tools\daemon.exe
C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmi\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmi\OO Software\CleverCache\ooccag.exe
H:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Programmi\iPod\bin\iPodService.exe
H:\Programmi\firefox.exe
C:\Programmi\Yahoo!\Messenger\YahooMessenger.exe
C:\Programmi\Executive Software\Diskeeper\DfrgNTFS.exe
C:\Programmi\Executive Software\Diskeeper\DkIcon.exe
C:\WINDOWS\system32\sol.exe
G:\aaa\HijackThis.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://it.rd.yahoo.com/customize/ie/defaults/sp/msgr7/*http://it.search.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://it.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://it.search.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://it.rd.yahoo.com/customize/ie/defaults/sp/msgr7/*http://it.search.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://it.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://it.search.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Programmi\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Programmi\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - H:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: IE Agent - {CC56A1F3-9B83-45FF-8CB6-D58959492F0F} - (no file)
O3 - Toolbar: TotalSize Bar - {66FBBF2F-A36F-434F-AAB9-590C0BE6EC53} - h:\Programmi\TotalSize\ExplorerBar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - H:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Programmi\Executive Software\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [AnyDVD] H:\Programmi\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [CloneCDTray] "h:\Programmi\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programmi\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Zone Labs Client] C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Programmi\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programmi\Microsoft ActiveSync\WCESCOMM.EXE"
O8 - Extra context menu item: &IFS: Get file size - res://h:\Programmi\TotalSize\IFSIELauncher.dll/201
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Programmi\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Converti destinazione link in Adobe PDF - res://H:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti destinazione link in file PDF esistente - res://H:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti i link selezionati in Adobe PDF - res://H:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Converti i link selezionati in file PDF esistente - res://H:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Converti in Adobe PDF - res://H:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti nel file PDF esistente - res://H:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti selezione in Adobe PDF - res://H:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti selezione in file PDF esistente - res://H:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://H:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Programmi\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Programmi\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Programmi\Yahoo!\Common/ycsms.htm
O9 - Extra button: Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - H:\Programmi\VisualRoute\vrie.dll
O9 - Extra 'Tools' menuitem: VisualRoute Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - H:\Programmi\VisualRoute\vrie.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Crea preferiti portatile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programmi\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programmi\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Crea preferiti portatile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programmi\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Programmi\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://www.lizardtech.com/download/files/win/djvuplugin/it_IT/DjVuControl_it_IT.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programmi\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1129564895263
O17 - HKLM\System\CCS\Services\Tcpip\..\{5CC7237B-2A60-41B1-8EAD-AB8D8E725A9D}: NameServer = 213.205.36.70,213.205.32.70
O20 - AppInit_DLLs: wbsys.dll C:\WINDOWS\system32\wmfhotfix.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Programmi\Executive Software\Diskeeper\DkService.exe
O23 - Service: InstallDriver Table Manager - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe
O23 - Service: Macromedia Licensing Service - Unknown - C:\Programmi\File comuni\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O CleverCache Agent - O&O Software GmbH - C:\Programmi\OO Software\CleverCache\ooccag.exe
O23 - Service: Sandra Data Service - SiSoftware - h:\Programmi\SiSoftware\SiSoftware Sandra Professional 2005.SR3\RpcDataSrv.exe
O23 - Service: Sandra Service - SiSoftware - h:\Programmi\SiSoftware\SiSoftware Sandra Professional 2005.SR3\RpcSandraSrv.exe
O23 - Service: StarWind iSCSI Service - Rocket Division Software - H:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TuneUp WinStyler Theme Service - TuneUp Software GmbH - H:\Programmi\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: TrueVector Internet Monitor - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
 
premendo ctrl-alt-canc quali programmi risultano in esecuzione?
 
Ultima modifica:
Firefox e il solitario. I "processi" sono molto di piu' e non riesco a afre un copia/incolla
 
Non so che processore e Ram hai,però vedo che ci sono molti processi attivi che secondo me sono inutili.

Tipo Diskeeper ,credo che puoi anche disabiltiarlo all'avvio,tanto se ti serve lo usi al momento.


iTunes puoi disattivarlo all'avvio

Cone any dvd ,Alcohol Soft li puoi disattivare ,tanto se ti servono basta che vai in start programmi e li fai partire.

Meno cose in esecuzione inutili ci sono meglio è.


Da start----->esegui digita

msconfig poi vai su avvio automatico e togli il segno di spunta sui programmi che vuoi disabilitare in modo che all'avvio di windows non vengano caricati in memoria

Poi riavvi il pc,vedrai sicuramente miglioramenti .


Anche acrobat lo puoi disattivare all'avvio se non li usi sempre è inutile che rimangano attivi a sottrarti risorse


Sono tutte cose che le puoi fare partire manualmente dai programmi quando ti servono realmente

Disattiva un po' di roba ;)
 
Si, fatto. Grazie.
Pero' tutte quelle cose in avvio le avevo anche prima che cominciasse questo peggioramento delle prestazioni.
Vediamo un po' come va adesso.
Vorrei evitare di formattare. Ma ogni tanto tocca :crybaby2:
 
grazie per la risposta
avevo gia fatto una scansione prima senza trovare niente comunque rifatta poi ho installato ad-aware e scansione dinuovo,
e questo il risultato:

ArchiveData(auto-quarantine- 2006-01-04 23-25-09.bckp)
Referencefile : SE1R47 24.05.2005
======================================================

WHENU
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[0]=Regkey : wusn.1
obj[1]=Regkey : S-1-5-21-2052111302-113007714-1801674531-1003\software\whenu
obj[2]=Regkey : software\whenusave
obj[3]=RegValue : software\whenusave "InstallDir"
obj[4]=RegValue : software\whenusave "pats_url"
obj[5]=RegValue : software\whenusave "pat_chunks_url"
obj[6]=RegValue : software\whenusave "script_url"
obj[7]=RegValue : software\whenusave "update_url"
obj[8]=RegValue : software\whenusave "ver_url"
obj[9]=RegValue : software\whenusave "extra_url"
obj[10]=RegValue : software\whenusave "extraver_url"
obj[11]=RegValue : software\whenusave "ziptomsa_url"
obj[12]=RegValue : software\whenusave "InstallTime"
obj[13]=RegValue : software\whenusave "LastPartner"
obj[14]=RegValue : software\whenusave "TotalPartner"
obj[15]=RegValue : software\whenusave "newuser_rs"
obj[16]=RegValue : software\whenusave "Partner"
obj[17]=RegValue : software\whenusave "PartnerB"
obj[18]=RegValue : software\whenusave "city"
obj[19]=RegValue : software\whenusave "country"
obj[20]=RegValue : software\whenusave "FullDBTime"
obj[21]=RegValue : software\whenusave "HeartbeatTime"
obj[22]=RegValue : software\whenusave "brandskin_url"
obj[23]=RegValue : software\whenusave "brandstrip_rs"
obj[24]=RegValue : software\whenusave "brandstrip_url"
obj[25]=RegValue : software\whenusave "bstat_rs"
obj[26]=RegValue : software\whenusave "himp_url"
obj[27]=RegValue : software\whenusave "iptomsa_url"
obj[28]=RegValue : software\whenusave "maxPopups_rs"
obj[29]=RegValue : software\whenusave "timedDBUpdate_rs"
obj[30]=RegValue : software\whenusave "uninstalltag_rs"
obj[31]=RegValue : software\whenusave "db_stamp_rs"
obj[32]=RegValue : software\whenusave "db_server_update"
obj[33]=RegValue : software\whenusave "db_local_update"
obj[34]=RegValue : software\whenusave "MSA"
obj[35]=RegValue : software\whenusave "TotalPopup"
obj[36]=RegValue : software\whenusave "IPToMsaTime_rs"
obj[37]=RegValue : software\whenusave "country_old_rs"
obj[38]=RegValue : software\whenusave "city_old_rs"
obj[39]=RegValue : software\whenusave "Version"
obj[40]=RegValue : software\whenusave "UpdateTime"
obj[41]=RegValue : software\whenusave "zip"
obj[42]=RegValue : software\whenusave "SystemParam_rs"
obj[43]=RegValue : software\whenusave "acm_rs"
obj[44]=RegValue : software\whenusave "HeartbeatCount"
obj[45]=RegValue : software\whenusave "db_ver_update"
obj[46]=RegValue : software\whenusave "UrlChangeCount"
obj[47]=RegValue : S-1-5-21-2052111302-113007714-1801674531-1003\software\microsoft\windows\currentversion\run "WhenUSave"
obj[54]=Folder : C:\Programmi\Save
obj[55]=Folder : C:\Programmi\WeatherCast
obj[56]=Folder : C:\Documents and Settings\romy\Menu Avvio\Programmi\WeatherCast
obj[57]=Folder : C:\Documents and Settings\romy\Menu Avvio\Programmi\WhenU
obj[58]=File : C:\Programmi\save\ACM.dll
obj[59]=File : C:\Programmi\save\save.db
obj[60]=File : C:\Programmi\save\Save.exe
obj[61]=File : C:\Programmi\save\save.htm
obj[62]=File : C:\Programmi\save\SaveUninst(2)(2).exe
obj[63]=File : C:\Programmi\save\SaveUninst(2).exe
obj[64]=File : C:\Programmi\save\SaveUninst.exe
obj[65]=File : C:\Programmi\save\saveupdate(2).exe
obj[66]=File : C:\Programmi\save\saveupdate.exe
obj[67]=File : C:\Programmi\save\store.db
obj[68]=File : C:\Programmi\weathercast\Uninst(2)(2).exe
obj[69]=File : C:\Programmi\weathercast\Uninst(2).exe
obj[70]=File : C:\Programmi\weathercast\Uninst.exe
obj[71]=File : C:\Documents and Settings\romy\Menu Avvio\Programmi\weathercast\WeatherCast.lnk
obj[72]=File : C:\Documents and Settings\romy\Menu Avvio\Programmi\whenu\Learn More About Save!.url
obj[73]=File : C:\Documents and Settings\romy\Menu Avvio\Programmi\whenu\Learn More About SaveNow.url
obj[74]=File : C:\Documents and Settings\romy\Menu Avvio\Programmi\whenu\Learn More About WhenU Save.url
obj[75]=File : C:\Documents and Settings\romy\Menu Avvio\Programmi\whenu\Learn More About WhenU SaveNow.url
obj[76]=File : C:\Documents and Settings\romy\Menu Avvio\Programmi\whenu\WhenU.com Website.url

TRACKING COOKIE
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[48]=IECache Entry : C:\Documents and Settings\romy\Cookies\romy@ad.pro-advertising[2].txt
obj[49]=IECache Entry : C:\Documents and Settings\romy\Cookies\romy@cgi-bin[1].txt
obj[50]=IECache Entry : C:\Documents and Settings\romy\Cookies\romy@mediaplex[1].txt
obj[51]=IECache Entry : C:\Documents and Settings\romy\Cookies\romy@tradedoubler[2].txt
obj[52]=IECache Entry : C:\Documents and Settings\romy\Cookies\romy@webads[1].txt
obj[53]=IECache Entry : C:\Documents and Settings\romy\Cookies\romy@zedo[1].txt

ma il problema persiste
 
ecco

Logfile of HijackThis v1.99.1
Scan saved at 18.22.02, on 05/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Java\jre1.5.0_05\bin\jusched.exe
C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
C:\PROGRA~1\FILECO~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\Programmi\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe
C:\Programmi\WinZip\WZQKPICK.EXE
C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\PROGRA~1\FILECO~1\PCSuite\Services\SERVIC~1.EXE
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\WinRAR\WinRAR.exe
C:\DOCUME~1\romy\IMPOST~1\Temp\Rar$EX00.469\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\FILECO~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\lib\NMBgMonitor.exe"
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmi\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://C:\Programmi\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Programmi\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Programmi\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Programmi\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Programmi\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Programmi\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/ICSScanner37480.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E8B76E9F-884F-4DE1-AF7A-4E015A10E69F}: NameServer = 85.37.17.7 151.99.125.1
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: kavsvc - Kaspersky Lab - C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
 
Il log è pulito.

Comunque aggiorna ad-aware con l'ultimo ref file di ieri.

Poi disattiva il ripristino di configurazione di Xp,cancella i cookies ed i file temporaney di internet,inoltre cancella tutto il contenuto della cartella c:/windows/temp

Rifai la scansione con ad-ware e tutto quello che trova eliminalo.
 
grazie 1000 ora sembra vada meglio
però sono rimaste nel pannello di controllo tutte le icone doppie (o triple anche più alcune)
l
 
Devi accedere o registrarti per poter rispondere.
Indietro
Alto Basso