Condividi:        

Notebook in catalessi

Risolvi qui i tuoi problemi legati a Windows '95, '98, ME, NT, 2000, XP, 2003, Vista...

Moderatori: m.paolo, antoo69, -> EleKtrA <-

Notebook in catalessi

Postdi miclino » 30/11/12 16:26

Salve a tutti,
da ieri ho notato che il mio notebook Pacard Bell pentium4 (anziano) all'avvio di windows è lentissimo; compaiono subito tutte le icone sul desktop, come se fosse tutto normale, ma cliccando sul collegamento ai programmi, non si aprono, se non dopo 15 minuti circa, durante il quale il pc sembra dormiente. Stranamente le cartelle si aprono normalmente, ma i programmi non partono. Soprattutto non parte internet; addirittura non rileva la rete lan, per almeno 10:15minuti.
Allego la scansione fatta con hijackthis, nella speranza che qualcumi individui il problema.

Grazie per la collaborazione.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16.12.03, on 30/11/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Programmi\Alwil Software\Avast5\AvastSvc.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
D:\WINDOWS\system32\hasplms.exe
D:\Programmi\Java\jre6\bin\jqs.exe
D:\WINDOWS\system32\LMabcoms.exe
D:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\Programmi\TP-LINK\TL-WN321G\COMMON\RegistryWriter.exe
D:\WINDOWS\system32\slserv.exe
D:\WINDOWS\system32\svchost.exe
D:\Programmi\Alwil Software\Avast5\setup\avast.setup
D:\WINDOWS\Explorer.EXE
D:\Programmi\Alwil Software\Avast5\avastUI.exe
D:\Programmi\Real\RealPlayer\update\realsched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Programmi\Microsoft Office\Office10\EXCEL.EXE
D:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ig?hl=it&source=iglk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxytib.vitrociset.it:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Documents and Settings\All Users.WINDOWS\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: DIALux 3.1 ULDBrowserHelper Class - {69AB812A-8CE4-4BF3-B49B-3B60A9F31FB2} - D:\Programmi\DIALux\DLXShellExtension.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast] "D:\Programmi\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TkBellExe] "D:\Programmi\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = magicom.local
O17 - HKLM\Software\..\Telephony: DomainName = magicom.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = magicom.local
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: Domain = magicom.local
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - D:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - D:\Programmi\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: DIAL Communication Service (DialComService) - Unknown owner - D:\Programmi\DIAL GmbH\DIAL Communication Framework\DialComService.exe
O23 - Service: Sentinel Local License Manager (hasplms) - SafeNet Inc. - D:\WINDOWS\system32\hasplms.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: lmab_device - - D:\WINDOWS\system32\LMabcoms.exe
O23 - Service: NBService - Nero AG - D:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - D:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Unknown owner - D:\Programmi\TP-LINK\TL-WN321G\COMMON\RegistryWriter.exe
O23 - Service: SmartLinkService (SLService) - - D:\WINDOWS\SYSTEM32\slserv.exe

--
End of file - 5704 bytes
miclino
Utente Junior
 
Post: 24
Iscritto il: 04/01/08 14:24

Sponsor
 

Re: Notebook in catalessi

Postdi miclino » 02/12/12 19:01

Nessuna risposta?

Ho effettuato la scansione anche con Combofix, ed allego il file report.

Grazie per l'attenzione.

ComboFix 12-12-01.02 - michele 02/12/2012 18.35.40.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.2047.1601 [GMT 1:00]
Eseguito da: d:\documents and settings\michele\Desktop\ComboFix.exe
Opzioni usate :: /unistall
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Files Creati Da 2012-11-02 al 2012-12-02 )))))))))))))))))))))))))))))))))))
.
.
2012-11-30 10:26 . 2011-05-13 11:19 198088 ----a-w- d:\windows\system32\hlvdd.dll
2012-11-30 10:25 . 2012-11-30 10:25 -------- d-----w- d:\programmi\File comuni\Wise Installation Wizard
2012-11-30 09:04 . 2012-11-30 09:04 40776 ----a-w- d:\windows\system32\drivers\mbamswissarmy.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-07 14:40 . 2010-04-30 17:01 1308216 ----a-w- d:\programmi\HiJackThis_v2.exe
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- d:\programmi\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="d:\programmi\Alwil Software\Avast5\avastUI.exe" [2011-11-28 3744552]
"NvCplDaemon"="d:\windows\system32\NvCpl.dll" [2003-12-17 3059712]
"TkBellExe"="d:\programmi\Real\RealPlayer\update\realsched.exe" [2011-03-09 273544]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Programmi\\Brother\\Brmfl08g\\FAXRX.exe"=
"d:\\Programmi\\Java\\jre6\\bin\\javaw.exe"=
"d:\\eMule0.50a\\emule.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Programmi\\Java\\jre6\\bin\\java.exe"=
"d:\\WINDOWS\\system32\\lmabcoms.exe"=
"d:\\Programmi\\Lexmark\\Scanback\\scanwiz.exe"=
"d:\\WINDOWS\\system32\\hasplms.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"54925:UDP"= 54925:UDP:BrotherNetwork Scanner
"3389:TCP"= 3389:TCP:Remote Desktop
"65533:TCP"= 65533:TCP:Services
"52344:TCP"= 52344:TCP:Services
.
R1 aswSnx;aswSnx;d:\windows\system32\drivers\aswSnx.sys [26/06/2011 16.01.28 435032]
R1 aswSP;aswSP;d:\windows\system32\drivers\aswSP.sys [30/04/2010 14.55.24 314456]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [30/04/2010 14.55.24 20568]
R2 eugss;Aladdin SmartKey GSS2 Driver;d:\windows\system32\drivers\eugssxp.sys [16/06/2011 18.39.54 67528]
R2 eusk2par;Aladdin SmartKey Parallel Driver;d:\windows\system32\drivers\eusk2par.sys [16/06/2011 18.39.53 25680]
R2 hasplms;Sentinel Local License Manager;d:\windows\system32\hasplms.exe -run --> d:\windows\system32\hasplms.exe -run [?]
R3 vodafone_K3805-z_dc_enum;Vodafone K3805-z DC Enumerator (ZTE);d:\windows\system32\drivers\vodafone_K3805-z_dc_enum.sys [01/09/2010 14.33.12 80000]
S3 bfturboh;BUFFALO TurboUSB for HD Filter;d:\windows\system32\drivers\bfturboh.sys [22/10/2010 14.14.33 17280]
S3 dgderdrv;dgderdrv;d:\windows\system32\drivers\dgderdrv.sys --> d:\windows\system32\drivers\dgderdrv.sys [?]
S3 DialComService;DIAL Communication Service;d:\programmi\DIAL GmbH\DIAL Communication Framework\DialComService.exe [20/04/2011 22.09.13 1639216]
S3 MBAMSwissArmy;MBAMSwissArmy;d:\windows\system32\drivers\mbamswissarmy.sys [30/11/2012 10.04.22 40776]
S3 qcusbser;Modem Interface USB Device for Legacy Serial Communication;d:\windows\system32\drivers\qcusbser.sys [28/07/2010 17.02.29 103552]
S3 vodafone_K3805-z_cdc_acm;Vodafone K3805-z CDC-ACM driver (ZTE);d:\windows\system32\drivers\vodafone_K3805-z_cdc_acm.sys [01/09/2010 14.33.10 85888]
S3 vodafone_K3805-z_cdc_ecm;vodafone_K3805-z_cdc_ecm;d:\windows\system32\drivers\vodafone_K3805-z_cdc_ecm.sys [01/09/2010 14.33.12 50304]
S3 vodafone_K3805-z_cpo;Vodafone K3805-z Install;d:\windows\system32\drivers\vodafone_K3805-z_cpo.sys [01/09/2010 14.33.12 9728]
S4 Application Updater;Application Updater;d:\programmi\Application Updater\ApplicationUpdater.exe [07/01/2010 23.51.02 380928]
.
Contenuto della cartella 'Scheduled Tasks'
.
2012-12-02 d:\windows\Tasks\Adobe Flash Player Updater.job
- d:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-28 20:11]
.
2012-12-02 d:\windows\Tasks\GlaryInitialize.job
- d:\programmi\Glary Utilities\initialize.exe [2012-09-04 19:59]
.
2012-12-02 d:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1645522239-1409082233-682003330-1003.job
- d:\programmi\Real\RealUpgrade\realupgrade.exe [2011-01-24 13:25]
.
2012-10-31 d:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1645522239-1409082233-682003330-1003.job
- d:\programmi\Real\RealUpgrade\realupgrade.exe [2011-01-24 13:25]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/ig?hl=it&source=iglk
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyServer = proxytib.vitrociset.it:8080
uInternet Settings,ProxyOverride = <local>;dei_build
TCP: DhcpNameServer = 192.168.2.1
DPF: DirectAnimation Java Classes - file://d:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://d:\windows\Java\classes\xmldso.cab
.
.
------- Associazioni dei file -------
.
.scr=AutoCADScriptFile
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-12-02 18:50
Windows 5.1.2600 Service Pack 3 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\S-1-5-21-1645522239-1409082233-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\d*& ]
@Class="Shell"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1645522239-1409082233-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*d*& ]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-1645522239-1409082233-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*d*& \OpenWithList]
@Class="Shell"
"a"="PDFCreator.exe"
"MRUList"="a"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'explorer.exe'(3452)
d:\windows\system32\msi.dll
d:\windows\system32\ieframe.dll
d:\windows\system32\webcheck.dll
d:\windows\system32\WPDShServiceObj.dll
d:\windows\system32\PortableDeviceTypes.dll
d:\windows\system32\PortableDeviceApi.dll
.
Ora fine scansione: 2012-12-02 18:56:15
ComboFix-quarantined-files.txt 2012-12-02 17:56
ComboFix2.txt 2012-12-02 17:28
ComboFix3.txt 2012-07-12 07:19
.
Pre-Run: 3 064 328 192 byte disponibili
Post-Run: 3 042 295 808 byte disponibili
.
- - End Of File - - E1F34E2F570E53041FC00910FD945C3D
miclino
Utente Junior
 
Post: 24
Iscritto il: 04/01/08 14:24


Torna a Sistemi Operativi Windows


Topic correlati a "Notebook in catalessi":


Chi c’è in linea

Visitano il forum: Nessuno e 28 ospiti