Condividi:        

windows 7 ogni tanto si ferma a pensare.....

Risolvi qui i tuoi problemi legati a Windows '95, '98, ME, NT, 2000, XP, 2003, Vista...

Moderatori: m.paolo, antoo69, -> EleKtrA <-

windows 7 ogni tanto si ferma a pensare.....

Postdi giulio46moto » 06/10/11 13:44

Ciao a tutti! sono nuovo su questo forum!
Vi descrivo subito il mio problema.
Ho Windows 7 Home Premium 64 bit installato su un Notebook HP Envy 17" 2090el.
Ogni tanto si blocca tutto e la rotella di caricamento di windows si mette a girare. l'unica cosa che si può fare è muovere il mouse. dopo circa 1 minuto windows si riprende e continua a funzionale.... la cosa accade 2/3 volte al giorno.
ho provato a formattare e reinstallare tutto ma non è cambiato niente...
la cosa non mi succede con un software in particolare....
cosa mi consigliate di fare??

ecco l'elenco dei software installati:
Immagine

hardware:
Immagine

infine le prestazioni di windows:
Immagine

spero vivamente nel vostro aiuto!!!!!!!! :undecided:
giulio46moto
Utente Junior
 
Post: 24
Iscritto il: 06/10/11 12:45

Sponsor
 

Re: windows 7 ogni tanto si ferma a pensare.....

Postdi FrancescoFDAC » 06/10/11 13:47

Ciao quel PC è infetto (AutoCompletePro e non solo).

Scarica Malwarebytes' Anti-Malware - Free Edition: http://www.malwarebytes.org
● doppio click su mbam-setup.exe per avviare il setup
● in fase di installazione, lascia la spunta alle voci b]Aggiorna Malwarebytes' Anti-Malware[/b] e Avvia Malwarebytes' Anti-Malware

Una volta eseguiti i passaggi indicati sopra:
● collega tutte le periferiche esterne che possiedi ( Chiavette USB, HDD Esterni, Lettori MP3... )
● verrà mostrata la schermata principale del tool: al messaggio che appare, clicca sul pulsante No
● clicca sul pulsante Scansione completa, e conferma cliccando il pulsante Scansione
● verrà richiesto quali drive scansionare; selezionali tutti, e clicca nuovamente su Scansione
● attendi pazientemente il termine della scansione
● una volta terminata, clicca sul pulsante OK e Mostra Risultati per visionare il Report
● verrà rilasciato automaticamente un file di testo: salvalo sul Desktop ed allegalo
● assicurati che tutte le voci siano selezionate, e clicca sul pulsante Rimuovi selezionati, in basso a sinistra
● il log può essere visionati cliccando sul tab Log dall'interfaccia principale del programma

Nota - riguardo al programma:
● se MalwareBytes incontrasse delle difficoltà nel rimuovere alcuni file, verranno mostrate delle finestre aggiuntive: clicca sul pulsante OK, e lascia procedere il programma alla disinfezione. Se MalwareBytes chiedesse di riavviare il sistema, fallo immediatamente

Infine;
Scarica ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
● posiziona il file scaricato sul Desktop
disattiva l'Antivirus in uso, dall'icona presente sulla Traybar (accanto all'orologio di Windows)
disattiva il Firewall eventualmente installato, dall'icona presente sulla Traybar (accanto all'orologio di Windows)

Eseguiti i passaggi indicati sopra:
● lancia ComboFix con un doppio click
● segui le istruzioni che verranno rilasciate per eseguire la scansione
● in caso tu abbia Windows XP, verrà richiesta l'installazione della Console di ripristino di emergenza: non la installare
senza eseguire nessuna altra operazione, lascia che il tool completi il suo lavoro

Note - durante la scansione:
● potrebbero comparire alcuni file sul Desktop, e poi eliminati
● spariranno, per un attimo, tutte le icone presenti sul Desktop: nulla di cui preoccuparsi
● potrebbe venire rilasciato un messaggio in relazione all'Antivirus in uso: prosegui ignorando il messaggio
● il firewall potrebbe rilasciare un avviso circa la rimozione di alcuni driver: consenti
● potrebbe apparire sul Desktop l'icona di Internet Explorer

Quando ComboFix avrà concluso l'operazione di scansione:
● il sistema verrà riavviato automaticamente: in caso contrario, riavvialo te
● vai in Disco Locale C:, cerca il file di testo dal nome ComboFix.txt ed allegalo

Nota - riguardo al programma:
● per eseguire correttamente ComboFix su Windows Vista e Windows Seven, clicca con il tasto destro del mouse sull'icona del programma e, dal menù contestuale, scegli la voce Esegui come Amministratore
sUBs, la software house che distribuisce ComboFix, non è responsabile di qualsiasi danno causato da te dopo l'utilizzo del software stesso.
Lo stesso vale per me; questo tool non è un giocattolo e non è destinato all'utilizzo quotidiano. Esso non dovrebbe essere utilizzato a meno che non venga espressamente richiesto da un esperto
ComboFix disabilita l'esecuzione automatica delle unità USB (Chiavette, Hard Disk Esterni, Lettori MP3...) per prevenire future minacce: quando inserisci una Pendrive, sarai costretto ad avviarla dalle Risorse del computer. Una precauzione in più, una possibile minaccia in meno

Al termine allega anche un log di Hijackthis;
Scarica ed installa Hijackthis: http://www.trendmicro.com/ftp/products/ ... ckThis.msi
● lancia Hijackthis
● clicca sul pulsante Do a system scan and save a logfile
● verrà rilasciato automaticamente un file di testo: allegalo
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: windows 7 ogni tanto si ferma a pensare.....

Postdi giulio46moto » 06/10/11 15:12

grazie per la risposta!!! :)
Sto scansionando con Malwarebytes' Anti-Malware.
quando ho fatto tutto ti aggiorno!
giulio46moto
Utente Junior
 
Post: 24
Iscritto il: 06/10/11 12:45

Re: windows 7 ogni tanto si ferma a pensare.....

Postdi giulio46moto » 06/10/11 17:32

eccomi! ho fatto tutto!
di seguito i 3 txt creati:

Malwarebytes' Anti-Malware:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Versione database: 7884

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

06/10/2011 17:52:55
mbam-log-2011-10-06 (17-52-50).txt

Tipo di scansione: Scansione completa (C:\|D:\|E:\|F:\|G:\|H:\|)
Elementi esaminati: 807109
Tempo impiegato: 1 ore, 13 minuti, 43 secondi

Processi infetti in memoria: 0
Moduli di memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Voci infette nei dati di registro: 0
Cartelle infette: 8
File infetti: 24

Processi infetti in memoria:
(Non sono stati rilevati elementi nocivi)

Moduli di memoria infetti:
(Non sono stati rilevati elementi nocivi)

Chiavi di registro infette:
(Non sono stati rilevati elementi nocivi)

Valori di registro infetti:
(Non sono stati rilevati elementi nocivi)

Voci infette nei dati di registro:
(Non sono stati rilevati elementi nocivi)

Cartelle infette:
c:\Windows\System32\0F6226 (Worm.AutoRun) -> No action taken.
c:\Windows\SysWOW64\0F6226 (Worm.AutoRun) -> No action taken.
c:\Windows\System32\5A8DCC (Worm.AutoRun) -> No action taken.
c:\Windows\SysWOW64\5A8DCC (Worm.AutoRun) -> No action taken.
c:\Windows\System32\76682F (Worm.AutoRun) -> No action taken.
c:\Windows\SysWOW64\76682F (Worm.AutoRun) -> No action taken.
c:\Windows\System32\ACF7EF (Worm.AutoRun) -> No action taken.
c:\Windows\SysWOW64\ACF7EF (Worm.AutoRun) -> No action taken.

File infetti:
c:\program files\process lasso\process.lasso.v4.00.17.[x32]-[x64]-patch[espns].exe (PUP.Hacktool.Patcher) -> No action taken.
c:\program files (x86)\common files\eBay\ebaylauncher.exe (Trojan.Clicker) -> No action taken.
e:\giulio\programmi\giochi\dirt.3-skidrow\dirt.3 crack\SKIDROW.dll (Trojan.Downloader.H) -> No action taken.
e:\giulio\programmi\programmi\adobe dreamweaver cs5\crack\adobe_dw_cs5_keygen.exe (Malware.Packer.Gen) -> No action taken.
e:\giulio\programmi\programmi\jitbit.macro recorder v4.1 incl crack\crack\macrolauncher.exe (Backdoor.Agent.PS) -> No action taken.
e:\giulio\programmi\programmi\jitbit.macro recorder v4.1 incl crack\cracked\macrolauncher.exe (Backdoor.Agent.PS) -> No action taken.
e:\giulio\programmi\programmi\microsoft office 2007 ita - portable\microsoft office 2007 ita - portable\_CACHE\10000001100002i\packager.exe (Trojan.IRCBot) -> No action taken.
e:\giulio\programmi\programmi\microsoft office 2007 ita - portable\microsoft office 2007 ita - portable\_CACHE\1000000600002i\verclsid.exe (Trojan.IRCBot) -> No action taken.
e:\giulio\programmi\programmi\microsoft office 2007 ita - portable\microsoft office 2007 ita - portable\_CACHE\1000000b00002i\verclsid.exe (Trojan.IRCBot) -> No action taken.
e:\giulio\programmi\programmi\microsoft office 2007 ita - portable\microsoft office 2007 ita - portable\_CACHE\1000000e00002i\rundll32.exe (Trojan.IRCBot) -> No action taken.
e:\giulio\programmi\programmi\microsoft office 2007 ita - portable\microsoft office 2007 ita - portable\_CACHE\300000002ca00002i\OffDiag.exe (Trojan.IRCBot) -> No action taken.
e:\giulio\programmi\programmi\microsoft office 2007 ita - portable\microsoft office 2007 ita - portable\_CACHE\300000003400002i\dwwin.exe (Trojan.IRCBot) -> No action taken.
e:\giulio\programmi\programmi\microsoft office 2007 ita - portable\microsoft office 2007 ita - portable\_CACHE\300000005700002i\WINWORD.EXE (Trojan.IRCBot) -> No action taken.
e:\giulio\programmi\programmi\microsoft office 2007 ita - portable\microsoft office 2007 ita - portable\_CACHE\30000000d900002i\DW20.EXE (Trojan.IRCBot) -> No action taken.
e:\giulio\programmi\programmi\microsoft office 2007 ita - portable\microsoft office 2007 ita - portable\_CACHE\4000002800002i\navw32.exe (Trojan.IRCBot) -> No action taken.
e:\giulio\programmi\programmi\microsoft office 2007 ita - portable\microsoft office 2007 ita - portable\_CACHE\4000003100002i\navw32.exe (Trojan.IRCBot) -> No action taken.
e:\giulio\programmi\programmi\offline explorer ent 5.9.3228 incl patch + keygen [vokeon]\offline explorer ent 5.9.3228 [vokeon]\Lz0\patch.exe (PUP.Hacktool.Patcher) -> No action taken.
e:\giulio\programmi\programmi\process lasso\process.lasso.v4.00.17.[x32]-[x64]-patch[espns].exe (PUP.Hacktool.Patcher) -> No action taken.
e:\giulio\programmi\programmi\removewat.226 craccare windows 7\removewat.226\removewat.exe (HackTool.Wpakill) -> No action taken.
e:\giulio\programmi\programmi\trojan killer v2.0.7.7 software\Patch\Patch.exe (PUP.Hacktool.Patcher) -> No action taken.
g:\$RECYCLE.BIN\s-1-5-21-1039053318-3056324772-1498491913-1000\$RYPO787\malwarebyte's 1.44 keygen 1.1 final.exe (Hacktool.Keygen) -> No action taken.
h:\system volume information\_restore{2ecc2271-c02f-4701-9b85-b6ae8d9186f8}\RP272\A0131668.exe (Trojan.Downloader) -> No action taken.
c:\Windows\System32\ACF7EF\74BE16.EXE (Worm.AutoRun) -> No action taken.
c:\Windows\SysWOW64\ACF7EF\74BE16.EXE (Worm.AutoRun) -> No action taken.
giulio46moto
Utente Junior
 
Post: 24
Iscritto il: 06/10/11 12:45

Re: windows 7 ogni tanto si ferma a pensare.....

Postdi giulio46moto » 06/10/11 17:33


ComboFix


ComboFix 11-10-06.03 - Giulio 06/10/2011 18:32:14.4.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.39.1040.18.8140.6488 [GMT 2:00]
Eseguito da: c:\users\Giulio\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Creati Da 2011-09-06 al 2011-10-06 )))))))))))))))))))))))))))))))))))
.
.
2011-10-06 16:35 . 2011-10-06 16:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-06 16:19 . 2011-10-06 16:28 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6A7B15C2-20F3-4823-9AF8-B43D11857526}\offreg.dll
2011-10-06 11:43 . 2011-10-06 11:44 -------- d-----w- c:\users\Giulio\AppData\Roaming\ProcessLasso
2011-10-06 11:43 . 2011-10-06 11:48 -------- d-----w- c:\program files\Process Lasso
2011-10-06 11:28 . 2011-10-06 11:28 -------- d-----w- c:\program files (x86)\Microsoft.NET
2011-10-06 07:08 . 2011-10-06 07:08 -------- d-----w- c:\windows\system32\SPReview
2011-10-06 07:05 . 2011-10-06 07:05 -------- d-----w- c:\windows\system32\EventProviders
2011-10-05 10:56 . 2011-10-05 11:04 -------- d-----w- c:\program files (x86)\BySoft FreeRAM
2011-10-05 09:16 . 2011-10-05 09:16 -------- d-----w- c:\windows\system32\wbem\Framework
2011-10-04 13:16 . 2011-09-13 00:26 9049936 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6A7B15C2-20F3-4823-9AF8-B43D11857526}\mpengine.dll
2011-10-02 22:16 . 2011-10-02 22:16 -------- d-----w- c:\program files (x86)\PC Recovery
2011-09-30 21:13 . 2011-09-30 21:13 -------- d-----w- c:\programdata\ProcessLasso
2011-09-25 14:55 . 2011-10-04 19:32 -------- d-----w- c:\users\Giulio\AppData\Roaming\VoipCheapCom
2011-09-25 14:55 . 2011-09-25 14:55 -------- d-----w- c:\program files (x86)\VoipCheapCom.com
2011-09-25 14:02 . 2011-09-25 14:02 -------- d-----w- c:\program files (x86)\WinSCP
2011-09-22 06:32 . 2011-09-22 06:32 -------- d-----w- c:\users\Giulio\AppData\Local\Macroplant
2011-09-22 06:26 . 2011-09-22 06:54 -------- d-----w- c:\users\Giulio\AppData\Roaming\Apple Computer
2011-09-22 06:26 . 2011-09-22 06:26 -------- d-----w- c:\users\Giulio\AppData\Local\Apple Computer
2011-09-22 06:26 . 2009-05-18 11:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-09-22 06:26 . 2008-04-17 10:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll
2011-09-22 06:25 . 2011-09-22 06:25 -------- d-----w- c:\program files (x86)\QuickTime
2011-09-22 06:25 . 2011-09-22 06:25 -------- d-----w- c:\users\Giulio\AppData\Local\Apple
2011-09-22 06:25 . 2011-09-22 06:25 -------- d-----w- c:\program files (x86)\Apple Software Update
2011-09-22 06:25 . 2011-09-22 06:25 -------- d-----w- c:\program files\Common Files\Apple
2011-09-22 06:25 . 2011-09-22 06:25 -------- d-----w- c:\program files\Bonjour
2011-09-22 06:25 . 2011-09-22 06:46 -------- d-----w- c:\programdata\Apple
2011-09-22 06:25 . 2011-09-22 06:26 -------- d-----w- c:\program files (x86)\Common Files\Apple
2011-09-19 21:12 . 2011-09-19 21:12 -------- d-----w- C:\Nuova cartella
2011-09-19 20:23 . 2011-09-19 20:23 -------- d-----w- c:\users\Giulio\AppData\Roaming\LibreOffice
2011-09-19 20:21 . 2011-09-19 20:21 -------- d-----w- c:\program files (x86)\LibreOffice 3.4
2011-09-18 20:43 . 2011-09-08 20:37 785368 ----a-w- c:\program files (x86)\Mozilla Firefox\sqlite3.dll
2011-09-18 20:43 . 2011-09-18 20:43 -------- d-----w- c:\users\Giulio\AppData\Roaming\Babylon
2011-09-18 20:43 . 2011-09-18 20:43 -------- d-----w- c:\users\Giulio\AppData\Local\Babylon
2011-09-18 20:43 . 2011-09-18 20:43 -------- d-----w- c:\programdata\Babylon
2011-09-15 05:19 . 2011-09-16 15:24 -------- d-----w- c:\users\Giulio\AppData\Local\Nemex
2011-09-15 05:19 . 2011-09-15 05:19 -------- d-----w- c:\users\Giulio\AppData\Roaming\Mouse Recorder Pro
2011-09-15 05:19 . 2011-09-15 05:19 -------- d-----w- c:\program files (x86)\Nemex
2011-09-15 05:00 . 2011-09-15 05:00 -------- d-----w- c:\program files (x86)\RobotSoft
2011-09-15 04:16 . 2011-09-16 15:24 -------- d-----w- c:\program files (x86)\ReMouse Mini
2011-09-14 22:42 . 2011-09-16 15:24 -------- d-----w- c:\program files (x86)\ReMouse Micro
2011-09-14 22:24 . 2011-09-16 15:24 -------- d-----w- c:\program files (x86)\Do It Again
2011-09-14 22:23 . 2011-09-14 22:23 -------- d-----w- c:\users\Giulio\AppData\Roaming\Recorder
2011-09-14 22:22 . 2011-09-16 15:24 -------- d-----w- c:\program files (x86)\Recorder
2011-09-14 21:57 . 2011-09-14 21:57 -------- d-----w- c:\users\Giulio\AppData\Roaming\Lunascape
2011-09-14 21:57 . 2011-09-14 21:57 -------- d-----w- c:\program files (x86)\Lunascape
2011-09-14 18:30 . 2011-09-14 18:30 -------- d-----w- c:\users\Giulio\AppData\Local\Opera
2011-09-14 18:30 . 2011-09-16 15:24 -------- d-----w- c:\program files (x86)\Opera
2011-09-13 16:35 . 2011-09-16 15:24 -------- d-----w- c:\program files (x86)\odf-converter-integrator
2011-09-09 11:16 . 2011-09-16 15:24 -------- d-----w- c:\program files (x86)\GhostMouse Free
2011-09-09 08:20 . 2011-09-09 11:26 -------- d-----w- c:\users\Giulio\.spamassassin
2011-09-09 08:20 . 2011-09-09 08:20 -------- d-----w- c:\users\Giulio\.razor
2011-09-09 08:18 . 2011-09-09 11:26 -------- d-----w- c:\program files (x86)\MailingCheck
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-06 07:10 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-10-06 07:10 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-09-27 20:46 . 2011-08-09 10:44 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-08-31 15:00 . 2011-08-10 19:57 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-24 20:07 . 2011-08-24 20:07 35328 ----a-w- c:\windows\SysWow64\cygz.dll
2011-08-24 20:07 . 2011-08-24 20:07 35328 ----a-w- c:\windows\cygz.dll
2011-08-24 20:07 . 2011-08-24 20:07 1126281 ----a-w- c:\windows\SysWow64\cygwin1.dll
2011-08-24 20:07 . 2011-08-24 20:07 1126281 ----a-w- c:\windows\cygwin1.dll
2011-08-11 13:17 . 2010-10-15 14:06 286720 ----a-w- c:\windows\SysWow64\bit4extplg.dll
2011-08-11 13:16 . 2011-08-11 13:16 1028096 ----a-w- c:\windows\SysWow64\bit4ipki.dll
2011-08-11 13:10 . 2011-08-11 13:10 33408 ----a-w- c:\windows\SysWow64\drivers\fsbts.sys
2011-08-11 13:07 . 2011-08-11 13:08 574632 ----a-w- c:\windows\SysWow64\msvcp50.dll
2011-08-09 12:45 . 2011-08-09 12:45 146432 ----a-w- c:\windows\SysWow64\usbdrv.exe
2011-08-09 08:36 . 2011-03-28 16:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-07-22 05:22 . 2011-08-10 21:19 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-22 04:54 . 2011-08-10 21:19 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-07-16 05:41 . 2011-08-10 21:20 362496 ----a-w- c:\windows\system32\wow64win.dll
2011-07-16 05:41 . 2011-08-10 21:20 243200 ----a-w- c:\windows\system32\wow64.dll
2011-07-16 05:41 . 2011-08-10 21:20 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2011-07-16 05:39 . 2011-08-10 21:20 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2011-07-16 05:37 . 2011-08-10 21:20 421888 ----a-w- c:\windows\system32\KernelBase.dll
2011-07-16 05:21 . 2011-08-10 21:20 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-16 05:21 . 2011-08-10 21:20 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 05:21 . 2011-08-10 21:20 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-16 05:21 . 2011-08-10 21:20 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-07-16 05:21 . 2011-08-10 21:20 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 05:21 . 2011-08-10 21:20 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-16 05:21 . 2011-08-10 21:20 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-16 05:21 . 2011-08-10 21:20 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-07-16 05:21 . 2011-08-10 21:20 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-16 05:21 . 2011-08-10 21:20 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-16 05:21 . 2011-08-10 21:20 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-16 05:21 . 2011-08-10 21:20 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-07-16 05:21 . 2011-08-10 21:20 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-07-16 05:21 . 2011-08-10 21:20 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-16 05:21 . 2011-08-10 21:20 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-07-16 05:21 . 2011-08-10 21:20 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-16 05:21 . 2011-08-10 21:20 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-07-16 05:21 . 2011-08-10 21:20 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-07-16 05:21 . 2011-08-10 21:20 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-16 05:21 . 2011-08-10 21:20 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-07-16 05:21 . 2011-08-10 21:20 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-16 05:21 . 2011-08-10 21:20 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-16 05:21 . 2011-08-10 21:20 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-07-16 05:21 . 2011-08-10 21:20 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-07-16 05:21 . 2011-08-10 21:20 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-16 05:21 . 2011-08-10 21:20 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-07-16 05:21 . 2011-08-10 21:20 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-16 05:21 . 2011-08-10 21:20 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-16 04:29 . 2011-08-10 21:20 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2011-07-16 04:26 . 2011-08-10 21:20 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-07-16 04:25 . 2011-08-10 21:20 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2011-07-16 04:24 . 2011-08-10 21:20 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2011-07-16 04:24 . 2011-08-10 21:20 272384 ----a-w- c:\windows\SysWow64\KernelBase.dll
2011-07-16 04:15 . 2011-08-10 21:20 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 21:20 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 21:20 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 21:20 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 21:20 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 21:20 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 21:20 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 21:20 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 21:20 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 21:20 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 21:20 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 21:20 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 21:20 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 21:20 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 21:20 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 21:20 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 21:20 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 21:20 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 21:20 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 21:20 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 21:20 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 21:20 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 21:20 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 21:20 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2011-07-16 02:21 . 2011-08-10 21:20 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2011-07-16 02:21 . 2011-08-10 21:20 2048 ----a-w- c:\windows\SysWow64\user.exe
2011-07-16 02:17 . 2011-08-10 21:20 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:17 . 2011-08-10 21:20 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:17 . 2011-08-10 21:20 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:17 . 2011-08-10 21:20 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2011-07-09 05:26 . 2011-08-24 12:07 2048 ----a-w- c:\windows\system32\tzres.dll
2011-07-09 04:29 . 2011-08-24 12:07 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-07-09 02:46 . 2011-08-10 21:20 288768 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2011-10-06_16.12.44 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-08-09 07:42 . 2011-10-06 16:18 52252 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-10-06 16:28 31650 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2011-10-06 16:02 31650 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-08-09 08:22 . 2011-10-06 16:26 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-08-09 08:22 . 2011-10-06 16:00 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-08-09 08:22 . 2011-10-06 16:26 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-08-09 08:22 . 2011-10-06 16:00 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-08-09 08:22 . 2011-10-06 16:00 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-08-09 08:22 . 2011-10-06 16:26 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-08-09 08:22 . 2011-10-06 16:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-08-09 08:22 . 2011-10-06 16:26 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-08-09 08:22 . 2011-10-06 16:26 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-08-09 08:22 . 2011-10-06 16:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-08-09 07:19 . 2011-10-06 16:28 7170 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-654856182-3360716838-715058417-1000_UserData.bin
+ 2011-10-06 16:16 . 2011-10-06 16:26 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-10-06 16:00 . 2011-10-06 16:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-10-06 16:16 . 2011-10-06 16:26 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-10-06 16:00 . 2011-10-06 16:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-08-17 13:29 . 2011-10-06 16:33 700204 c:\windows\system32\perfh010.dat
- 2009-08-17 13:29 . 2011-10-06 16:05 700204 c:\windows\system32\perfh010.dat
- 2009-07-14 02:36 . 2011-10-06 16:05 617642 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-10-06 16:33 617642 c:\windows\system32\perfh009.dat
- 2009-08-17 13:29 . 2011-10-06 16:05 128638 c:\windows\system32\perfc010.dat
+ 2009-08-17 13:29 . 2011-10-06 16:33 128638 c:\windows\system32\perfc010.dat
+ 2009-07-14 02:36 . 2011-10-06 16:33 107262 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2011-10-06 16:05 107262 c:\windows\system32\perfc009.dat
- 2009-07-14 05:01 . 2011-10-06 15:59 1205122 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-10-06 16:15 1205122 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-08-09 11:40 . 2011-10-06 16:15 4204852 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-654856182-3360716838-715058417-1000-12288.dat
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0_FlingIconOverlay]
@="{02696AD5-FF96-454b-9E00-81DA8B79B678}"
[HKEY_CLASSES_ROOT\CLSID\{02696AD5-FF96-454b-9E00-81DA8B79B678}]
2011-08-11 13:17 94208 ----a-w- c:\program files (x86)\NCH Software\Fling\fldll.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"VoipCheapCom"="c:\program files (x86)\VoipCheapCom.com\VoipCheapCom\VoipCheapCom.exe" [2011-08-12 14054712]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-03-31 336384]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-16 113288]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160]
"bit4id csp store register (M)"="c:\windows\system32\bit4upki-store.dll" [2010-08-10 151552]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 85160]
"Fling"="c:\program files (x86)\NCH Software\Fling\fling.exe" [2011-08-11 540676]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-09-08 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-11-10 421160]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
.
c:\users\Giulio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 usbdevice;usbdevice;c:\windows\system32\launch.exe [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-08-09 1030600]
R3 iscFlash;iscFlash;c:\swsetup\SP51147\iscflashx64.sys [2011-01-19 49216]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 EPGService;EPGService;c:\progra~2\WinTV\EPG Services\System\EPGService.exe [2007-09-05 374272]
R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-07-22 690472]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 cbVSCService;Cobian Backup 10 Volume Shadow Copy service;c:\program files (x86)\Cobian Backup 10\cbVSCService.exe [2010-09-23 67584]
S2 CobianBackup10;Cobian Backup 10;c:\program files (x86)\Cobian Backup 10\cbService.exe [2010-09-23 1125376]
S2 FlingService;Fling File Transfer;c:\program files (x86)\NCH Software\Fling\fling.exe [2011-08-11 540676]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336]
S2 key4hidconvert;key4hidconvert;c:\windows\SysWOW64\k4hidconvert.exe [2010-01-21 90112]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-31 2656280]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 IntcDAud;Audio schermo Intel(R);c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 NETw5s64;Driver scheda Intel(R) Wireless WiFi Link per Windows 7 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
Contenuto della cartella 'Scheduled Tasks'
.
2011-10-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-654856182-3360716838-715058417-1000Core.job
- c:\users\Giulio\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-09 13:23]
.
2011-10-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-654856182-3360716838-715058417-1000UA.job
- c:\users\Giulio\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-09 13:23]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-27 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-27 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-27 418328]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-12-01 524800]
.
------- Scansione supplementare -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.babylon.com/?babsrc=HP_ss ... 3da24923c0
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: + Offline &Explorer: Download the link - file://c:\program files (x86)\Offline Explorer Enterprise\Add_UrlO.htm
IE: + Offline E&xplorer: Download the current page - file://c:\program files (x86)\Offline Explorer Enterprise\Add_AllO.htm
IE: Cerca nel web - c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
IE: Free YouTube Download - c:\users\Giulio\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Giulio\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Invia immagine alla periferica &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Invia pagina alla periferica &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{B2206F6B-4678-4C3F-AFDE-547B189D5189}: NameServer = 85.18.200.200,89.97.140.140
FF - ProfilePath - c:\users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.032"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ani"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.bay"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.bmp"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.bw"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.cr2"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.crw"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.cs1"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.cur"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.dcr"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.dcx"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.dib"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.djv"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.djvu"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.dng"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.emf"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-654856182-3360716838-715058417-1000)
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.eps"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.erf"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.fff"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.fpx"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.gif"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.icl"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.icn"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ico"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.iff"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ilbm"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.int"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.inta"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.iw4"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.j2c"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.j2k"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jfif"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jif"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jp2"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpc"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpe"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpeg"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpg"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpk"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.jpx"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.lbm"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.mos"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.mrw"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.nef"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.orf"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pbm"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pcd"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pct"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pcx"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pef"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pgm"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pic"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pict"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.pix"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.png"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ppm"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.psd"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.psp"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.raf"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ras"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.raw"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.rgb"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.rgba"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.rle"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.rsb"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.sgi"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.sr2"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.srf"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.tga"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.thm"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (S-1-5-21-654856182-3360716838-715058417-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.tif"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.tiff"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ttc"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.ttf"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v9o\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.v9o"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v9p\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.v9p"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v9pf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.v9pf"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (S-1-5-21-654856182-3360716838-715058417-1000)
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.wbm"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.wbmp"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.wmf"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.xbm"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.xif"
.
[HKEY_USERS\S-1-5-21-654856182-3360716838-715058417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 9.0.xpm"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10v_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10v_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Ora fine scansione: 2011-10-06 18:36:22
ComboFix-quarantined-files.txt 2011-10-06 16:36
ComboFix2.txt 2011-10-06 16:14
.
Pre-Run: 36.228.284.416 byte disponibili
Post-Run: 36.182.188.032 byte disponibili
.
- - End Of File - - F60D13D1CB7207B9B9CAF78AFE20F8FB
giulio46moto
Utente Junior
 
Post: 24
Iscritto il: 06/10/11 12:45

Re: windows 7 ogni tanto si ferma a pensare.....

Postdi giulio46moto » 06/10/11 17:34

hijackthis

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:38:29, on 06/10/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\NCH Software\Fling\fling.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_ss ... 3da24923c0
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.autocompletepro.com/?si=10203&bi=400
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files (x86)\AutocompletePro\AutocompletePro.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O2 - BHO: Guida per l'accesso a Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [bit4id csp store register (M)] "C:\Windows\SysWOW64\RUNDLL32.EXE" "C:\Windows\system32\bit4upki-store.dll",RegisterMyPhysicalStore
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Fling] "C:\Program Files (x86)\NCH Software\Fling\fling.exe" -logon
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [VoipCheapCom] "C:\Program Files (x86)\VoipCheapCom.com\VoipCheapCom\VoipCheapCom.exe" -nosplash -minimized
O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\Program Files (x86)\Offline Explorer Enterprise\Add_UrlO.htm
O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\Program Files (x86)\Offline Explorer Enterprise\Add_AllO.htm
O8 - Extra context menu item: Cerca nel web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O8 - Extra context menu item: Free YouTube Download - C:\Users\Giulio\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Giulio\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Invia immagine alla periferica &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Invia pagina alla periferica &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Invia a Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Invia a periferica &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B2206F6B-4678-4C3F-AFDE-547B189D5189}: NameServer = 85.18.200.200,89.97.140.140
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Unknown owner - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Cobian Backup 10 Volume Shadow Copy service (cbVSCService) - CobianSoft, Luis Cobian - C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe
O23 - Service: Cobian Backup 10 (CobianBackup10) - Luis Cobian, CobianSoft - C:\Program Files (x86)\Cobian Backup 10\cbService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Fling File Transfer (FlingService) - Unknown owner - C:\Program Files (x86)\NCH Software\Fling\fling.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: key4hidconvert - TODO: <Company name> - C:\Windows\SysWOW64\k4hidconvert.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: SwitchBoard - Unknown owner - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: usbdevice - Unknown owner - C:\Windows\system32\launch.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11380 bytes
giulio46moto
Utente Junior
 
Post: 24
Iscritto il: 06/10/11 12:45

Re: windows 7 ogni tanto si ferma a pensare.....

Postdi giulio46moto » 06/10/11 17:35

aspetto notizie...
GRAZIE!!! :)
giulio46moto
Utente Junior
 
Post: 24
Iscritto il: 06/10/11 12:45

Re: windows 7 ogni tanto si ferma a pensare.....

Postdi FrancescoFDAC » 06/10/11 17:46

Avvia HiJackThis e:
● clicca sul pulsante Do a system scan only/Scan
metti la spunta accanto ad ogni singola voce indicata sotto
● spuntate le voci, termina tutti i programmi attivi, comprese le pagine Internet
● clicca, in basso a sinistra, sul pulsante Fix checked; potrebbe comparire un'ulteriore finestra durante il fix delle voci: clicca su
Queste sono le voci da fixare:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_ss ... 3da24923c0
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.autocompletepro.com/?si=10203&bi=400
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files (x86)\AutocompletePro\AutocompletePro.dll (file missing)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [bit4id csp store register (M)] "C:\Windows\SysWOW64\RUNDLL32.EXE" "C:\Windows\system32\bit4upki-store.dll",RegisterMyPhysicalStore
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

Nota: per lanciare HiJackThis su Windows Vista e Windows 7, clicca con il tasto destro del mouse sulla icona di HiJackThis (rappresentata da un omino vestito di rosso con una lente di ingrandimento, nota il file eseguibile in grassetto sotto) e, dal menù contestuale, scegli la voce Esegui come Amministratore: conferma la richiesta proposta

Il percorso da seguire per trovare l'eseguibile del programma è: Start/ Computer/ Programmi/ Trend Micro/ HiJackThis/ HiJackThis.exe

Elimina queste cartelle, se presenti;
C:\Program Files (x86)\AutocompletePro
C:\Program Files\AVAST Software
c:\users\Giulio\AppData\Roaming\Babylon
c:\users\Giulio\AppData\Local\Babylon
c:\programdata\Babylon

Poi; hai eliminato le infezioni trovate da malwarebytes?

Infine, disinstalla se non utilizzi (occupano memoria sul PC e RAM preziosa);
ProcessLasso
BySoft FreeRAM


E;
Scarica Kaspersky TDSS Killer: http://support.kaspersky.com/downloads/ ... killer.exe
● posiziona il file scaricato sul Desktop
● doppio click su TDSSKiller.exe per avviare l'applicazione e successivamente sul pulsante Start Scan

Giunti a questo punto, inizia la scansione del sistema alla ricerca di software malevolo:
● se viene trovato un file infetto, l'azione di default sarà Cure, clicca quindi su Continua
● se viene trovato un file sospetto, l'azione di default sarà Skip, clicca quindi su Continua

Una volta terminata la scansione, si presenterà una di queste due opzioni:
non è necessario il riavvio del sistema: clicca su Report e salva il contenuto in un file di testo
● è necessario riavviare il sistema: clicca su Riavvia ora
● una volta riavviato il sistema, il report del programma da allegare si trova in C:\ in questa forma:
TDSSKiller.[Version]_[Date]_[Time]_log.txt
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: windows 7 ogni tanto si ferma a pensare.....

Postdi giulio46moto » 06/10/11 18:55

Allora, ho fatto quello che mi hai detto!
Con HiJackThis ho riparato i file che mi hai detto.
Poi ho eliminato le directory che mi hai elencato e ho anche disinstallato BySoft FreeRAM.
ProcessLasso l'ho installato solo una settimana fa per cui non credo che abbia a che fare con il problema...
Le infezioni trovate con malwarebytes sono state tutte eliminate correttamente!
Grazie ancora!

Questo è il report di Kaspersky, ultimato in soli 3 secondi....
aspetto notizie :)
20:01:02.0340 3496 TDSS rootkit removing tool 2.6.5.0 Oct 5 2011 20:52:46
20:01:02.0500 3496 ============================================================
20:01:02.0500 3496 Current date / time: 2011/10/06 20:01:02.0500
20:01:02.0500 3496 SystemInfo:
20:01:02.0500 3496
20:01:02.0500 3496 OS Version: 6.1.7601 ServicePack: 1.0
20:01:02.0500 3496 Product type: Workstation
20:01:02.0500 3496 ComputerName: GIULIO-PC
20:01:02.0500 3496 UserName: Giulio
20:01:02.0500 3496 Windows directory: C:\Windows
20:01:02.0500 3496 System windows directory: C:\Windows
20:01:02.0500 3496 Running under WOW64
20:01:02.0500 3496 Processor architecture: Intel x64
20:01:02.0500 3496 Number of processors: 8
20:01:02.0500 3496 Page size: 0x1000
20:01:02.0500 3496 Boot type: Normal boot
20:01:02.0500 3496 ============================================================
20:01:02.0600 3496 Initialize success
20:01:07.0190 4200 ============================================================
20:01:07.0190 4200 Scan started
20:01:07.0190 4200 Mode: Manual;
20:01:07.0190 4200 ============================================================
20:01:07.0440 4200 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
20:01:07.0440 4200 1394ohci - ok
20:01:07.0450 4200 Accelerometer (5c368f4b04ed2a923e6afca2d37baff5) C:\Windows\system32\DRIVERS\Accelerometer.sys
20:01:07.0450 4200 Accelerometer - ok
20:01:07.0460 4200 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
20:01:07.0460 4200 ACPI - ok
20:01:07.0470 4200 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
20:01:07.0470 4200 AcpiPmi - ok
20:01:07.0480 4200 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
20:01:07.0490 4200 adp94xx - ok
20:01:07.0500 4200 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
20:01:07.0500 4200 adpahci - ok
20:01:07.0510 4200 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
20:01:07.0510 4200 adpu320 - ok
20:01:07.0530 4200 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
20:01:07.0530 4200 AFD - ok
20:01:07.0540 4200 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
20:01:07.0540 4200 agp440 - ok
20:01:07.0550 4200 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
20:01:07.0550 4200 aliide - ok
20:01:07.0560 4200 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
20:01:07.0560 4200 amdide - ok
20:01:07.0560 4200 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
20:01:07.0560 4200 AmdK8 - ok
20:01:07.0660 4200 amdkmdag (883968d27b39479575dd029d887225e6) C:\Windows\system32\DRIVERS\atikmdag.sys
20:01:07.0700 4200 amdkmdag - ok
20:01:07.0710 4200 amdkmdap (40181300b4ae7014aea9c27f7f1c85ca) C:\Windows\system32\DRIVERS\atikmpag.sys
20:01:07.0710 4200 amdkmdap - ok
20:01:07.0720 4200 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
20:01:07.0720 4200 AmdPPM - ok
20:01:07.0730 4200 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
20:01:07.0730 4200 amdsata - ok
20:01:07.0740 4200 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
20:01:07.0740 4200 amdsbs - ok
20:01:07.0750 4200 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
20:01:07.0750 4200 amdxata - ok
20:01:07.0760 4200 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
20:01:07.0760 4200 AppID - ok
20:01:07.0770 4200 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
20:01:07.0770 4200 arc - ok
20:01:07.0780 4200 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
20:01:07.0780 4200 arcsas - ok
20:01:07.0790 4200 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
20:01:07.0790 4200 AsyncMac - ok
20:01:07.0800 4200 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
20:01:07.0800 4200 atapi - ok
20:01:07.0810 4200 AtiHdmiService (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys
20:01:07.0810 4200 AtiHdmiService - ok
20:01:07.0830 4200 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
20:01:07.0830 4200 b06bdrv - ok
20:01:07.0840 4200 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
20:01:07.0840 4200 b57nd60a - ok
20:01:07.0850 4200 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
20:01:07.0850 4200 Beep - ok
20:01:07.0860 4200 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
20:01:07.0860 4200 blbdrive - ok
20:01:07.0870 4200 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
20:01:07.0870 4200 bowser - ok
20:01:07.0880 4200 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:01:07.0880 4200 BrFiltLo - ok
20:01:07.0890 4200 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:01:07.0890 4200 BrFiltUp - ok
20:01:07.0900 4200 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
20:01:07.0900 4200 Brserid - ok
20:01:07.0910 4200 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
20:01:07.0910 4200 BrSerWdm - ok
20:01:07.0920 4200 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:01:07.0920 4200 BrUsbMdm - ok
20:01:07.0930 4200 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
20:01:07.0930 4200 BrUsbSer - ok
20:01:07.0940 4200 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
20:01:07.0940 4200 BthEnum - ok
20:01:07.0940 4200 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
20:01:07.0940 4200 BTHMODEM - ok
20:01:07.0950 4200 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
20:01:07.0950 4200 BthPan - ok
20:01:07.0970 4200 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
20:01:07.0970 4200 BTHPORT - ok
20:01:07.0980 4200 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
20:01:07.0980 4200 BTHUSB - ok
20:01:07.0990 4200 BTWAMPFL (a0dfb69ade3444c78b17636fcf28e898) C:\Windows\system32\DRIVERS\btwampfl.sys
20:01:07.0990 4200 BTWAMPFL - ok
20:01:08.0000 4200 btwaudio (7cf028ce78696882b327ff13d2dfa534) C:\Windows\system32\drivers\btwaudio.sys
20:01:08.0000 4200 btwaudio - ok
20:01:08.0010 4200 btwavdt (3def2370e414b4e299673558ba171a51) C:\Windows\system32\DRIVERS\btwavdt.sys
20:01:08.0010 4200 btwavdt - ok
20:01:08.0020 4200 btwl2cap (346b4051b3d7ff70e8f027869b8eca6e) C:\Windows\system32\DRIVERS\btwl2cap.sys
20:01:08.0020 4200 btwl2cap - ok
20:01:08.0030 4200 btwrchid (9937e0e4dfc0030560a6dfe9d3a94b39) C:\Windows\system32\DRIVERS\btwrchid.sys
20:01:08.0030 4200 btwrchid - ok
20:01:08.0030 4200 catchme - ok
20:01:08.0040 4200 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
20:01:08.0040 4200 cdfs - ok
20:01:08.0050 4200 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
20:01:08.0050 4200 cdrom - ok
20:01:08.0060 4200 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
20:01:08.0060 4200 circlass - ok
20:01:08.0070 4200 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
20:01:08.0070 4200 CLFS - ok
20:01:08.0090 4200 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
20:01:08.0090 4200 CmBatt - ok
20:01:08.0090 4200 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
20:01:08.0090 4200 cmdide - ok
20:01:08.0110 4200 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
20:01:08.0110 4200 CNG - ok
20:01:08.0120 4200 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
20:01:08.0120 4200 Compbatt - ok
20:01:08.0130 4200 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
20:01:08.0130 4200 CompositeBus - ok
20:01:08.0140 4200 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
20:01:08.0140 4200 crcdisk - ok
20:01:08.0150 4200 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
20:01:08.0150 4200 DfsC - ok
20:01:08.0160 4200 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
20:01:08.0160 4200 discache - ok
20:01:08.0170 4200 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
20:01:08.0170 4200 Disk - ok
20:01:08.0180 4200 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
20:01:08.0180 4200 drmkaud - ok
20:01:08.0200 4200 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
20:01:08.0200 4200 DXGKrnl - ok
20:01:08.0240 4200 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
20:01:08.0250 4200 ebdrv - ok
20:01:08.0270 4200 ElbyCDIO (9a47ac3dfcf81d30922cdaaf1c2d579f) C:\Windows\system32\Drivers\ElbyCDIO.sys
20:01:08.0270 4200 ElbyCDIO - ok
20:01:08.0280 4200 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
20:01:08.0280 4200 elxstor - ok
20:01:08.0290 4200 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
20:01:08.0290 4200 ErrDev - ok
20:01:08.0300 4200 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
20:01:08.0310 4200 exfat - ok
20:01:08.0310 4200 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
20:01:08.0320 4200 fastfat - ok
20:01:08.0320 4200 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
20:01:08.0320 4200 fdc - ok
20:01:08.0330 4200 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
20:01:08.0340 4200 FileInfo - ok
20:01:08.0340 4200 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
20:01:08.0340 4200 Filetrace - ok
20:01:08.0350 4200 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
20:01:08.0360 4200 flpydisk - ok
20:01:08.0370 4200 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
20:01:08.0370 4200 FltMgr - ok
20:01:08.0380 4200 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
20:01:08.0380 4200 FsDepends - ok
20:01:08.0380 4200 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
20:01:08.0390 4200 Fs_Rec - ok
20:01:08.0400 4200 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
20:01:08.0400 4200 fvevol - ok
20:01:08.0400 4200 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
20:01:08.0410 4200 gagp30kx - ok
20:01:08.0410 4200 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:01:08.0410 4200 GEARAspiWDM - ok
20:01:08.0420 4200 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
20:01:08.0420 4200 hcw85cir - ok
20:01:08.0440 4200 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
20:01:08.0440 4200 HdAudAddService - ok
20:01:08.0450 4200 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
20:01:08.0450 4200 HDAudBus - ok
20:01:08.0460 4200 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
20:01:08.0460 4200 HidBatt - ok
20:01:08.0460 4200 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
20:01:08.0460 4200 HidBth - ok
20:01:08.0470 4200 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
20:01:08.0470 4200 HidIr - ok
20:01:08.0480 4200 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
20:01:08.0480 4200 HidUsb - ok
20:01:08.0490 4200 hpdskflt (4e0bec0f78096ffd6d3314b497fc49d3) C:\Windows\system32\DRIVERS\hpdskflt.sys
20:01:08.0490 4200 hpdskflt - ok
20:01:08.0500 4200 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
20:01:08.0500 4200 HpSAMD - ok
20:01:08.0520 4200 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
20:01:08.0520 4200 HTTP - ok
20:01:08.0530 4200 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
20:01:08.0530 4200 hwpolicy - ok
20:01:08.0540 4200 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
20:01:08.0540 4200 i8042prt - ok
20:01:08.0550 4200 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\DRIVERS\iaStor.sys
20:01:08.0550 4200 iaStor - ok
20:01:08.0570 4200 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
20:01:08.0570 4200 iaStorV - ok
20:01:08.0580 4200 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
20:01:08.0580 4200 iirsp - ok
20:01:08.0590 4200 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
20:01:08.0590 4200 IntcDAud - ok
20:01:08.0600 4200 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
20:01:08.0600 4200 intelide - ok
20:01:08.0720 4200 intelkmd (efe5a0af39a8e179624117c521f1e012) C:\Windows\system32\DRIVERS\igdpmd64.sys
20:01:08.0770 4200 intelkmd - ok
20:01:08.0780 4200 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
20:01:08.0780 4200 intelppm - ok
20:01:08.0790 4200 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:01:08.0790 4200 IpFilterDriver - ok
20:01:08.0800 4200 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
20:01:08.0800 4200 IPMIDRV - ok
20:01:08.0810 4200 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
20:01:08.0810 4200 IPNAT - ok
20:01:08.0820 4200 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
20:01:08.0820 4200 IRENUM - ok
20:01:08.0830 4200 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
20:01:08.0830 4200 isapnp - ok
20:01:08.0830 4200 iscFlash (95bfe1b8e21a68bc5a59d37f3330629f) c:\swsetup\SP51147\iscflashx64.sys
20:01:08.0830 4200 iscFlash - ok
20:01:08.0840 4200 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
20:01:08.0840 4200 iScsiPrt - ok
20:01:08.0850 4200 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
20:01:08.0850 4200 kbdclass - ok
20:01:08.0860 4200 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
20:01:08.0860 4200 kbdhid - ok
20:01:08.0870 4200 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
20:01:08.0870 4200 KSecDD - ok
20:01:08.0880 4200 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
20:01:08.0880 4200 KSecPkg - ok
20:01:08.0890 4200 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
20:01:08.0890 4200 ksthunk - ok
20:01:08.0900 4200 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
20:01:08.0900 4200 lltdio - ok
20:01:08.0910 4200 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
20:01:08.0910 4200 LSI_FC - ok
20:01:08.0920 4200 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
20:01:08.0920 4200 LSI_SAS - ok
20:01:08.0930 4200 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:01:08.0930 4200 LSI_SAS2 - ok
20:01:08.0940 4200 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:01:08.0940 4200 LSI_SCSI - ok
20:01:08.0950 4200 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
20:01:08.0950 4200 luafv - ok
20:01:08.0960 4200 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
20:01:08.0960 4200 megasas - ok
20:01:08.0970 4200 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
20:01:08.0970 4200 MegaSR - ok
20:01:08.0980 4200 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
20:01:08.0980 4200 MEIx64 - ok
20:01:08.0990 4200 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
20:01:08.0990 4200 Modem - ok
20:01:08.0990 4200 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
20:01:08.0990 4200 monitor - ok
20:01:09.0000 4200 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
20:01:09.0000 4200 mouclass - ok
20:01:09.0010 4200 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
20:01:09.0010 4200 mouhid - ok
20:01:09.0020 4200 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
20:01:09.0020 4200 mountmgr - ok
20:01:09.0030 4200 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
20:01:09.0030 4200 mpio - ok
20:01:09.0040 4200 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
20:01:09.0040 4200 mpsdrv - ok
20:01:09.0050 4200 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
20:01:09.0050 4200 MRxDAV - ok
20:01:09.0060 4200 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:01:09.0060 4200 mrxsmb - ok
20:01:09.0070 4200 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:01:09.0070 4200 mrxsmb10 - ok
20:01:09.0080 4200 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:01:09.0080 4200 mrxsmb20 - ok
20:01:09.0090 4200 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
20:01:09.0090 4200 msahci - ok
20:01:09.0100 4200 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
20:01:09.0100 4200 msdsm - ok
20:01:09.0110 4200 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
20:01:09.0110 4200 Msfs - ok
20:01:09.0120 4200 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
20:01:09.0120 4200 mshidkmdf - ok
20:01:09.0120 4200 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
20:01:09.0120 4200 msisadrv - ok
20:01:09.0140 4200 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
20:01:09.0140 4200 MSKSSRV - ok
20:01:09.0140 4200 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
20:01:09.0140 4200 MSPCLOCK - ok
20:01:09.0150 4200 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
20:01:09.0150 4200 MSPQM - ok
20:01:09.0160 4200 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
20:01:09.0170 4200 MsRPC - ok
20:01:09.0170 4200 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
20:01:09.0180 4200 mssmbios - ok
20:01:09.0180 4200 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
20:01:09.0180 4200 MSTEE - ok
20:01:09.0190 4200 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
20:01:09.0190 4200 MTConfig - ok
20:01:09.0200 4200 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
20:01:09.0200 4200 Mup - ok
20:01:09.0210 4200 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
20:01:09.0210 4200 NativeWifiP - ok
20:01:09.0230 4200 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
20:01:09.0230 4200 NDIS - ok
20:01:09.0240 4200 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
20:01:09.0240 4200 NdisCap - ok
20:01:09.0250 4200 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
20:01:09.0250 4200 NdisTapi - ok
20:01:09.0260 4200 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
20:01:09.0260 4200 Ndisuio - ok
20:01:09.0270 4200 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
20:01:09.0270 4200 NdisWan - ok
20:01:09.0280 4200 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
20:01:09.0280 4200 NDProxy - ok
20:01:09.0290 4200 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
20:01:09.0290 4200 NetBIOS - ok
20:01:09.0300 4200 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
20:01:09.0300 4200 NetBT - ok
20:01:09.0390 4200 NETw5s64 (39ede676d17f37af4573c2b33ec28aca) C:\Windows\system32\DRIVERS\NETw5s64.sys
20:01:09.0430 4200 NETw5s64 - ok
20:01:09.0440 4200 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
20:01:09.0440 4200 nfrd960 - ok
20:01:09.0450 4200 NPF (c31fa031335eff434b2d94278e74bcce) C:\Windows\system32\drivers\npf.sys
20:01:09.0450 4200 NPF - ok
20:01:09.0450 4200 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
20:01:09.0450 4200 Npfs - ok
20:01:09.0460 4200 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
20:01:09.0460 4200 nsiproxy - ok
20:01:09.0490 4200 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
20:01:09.0500 4200 Ntfs - ok
20:01:09.0500 4200 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
20:01:09.0500 4200 Null - ok
20:01:09.0510 4200 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\Windows\system32\DRIVERS\nusb3hub.sys
20:01:09.0510 4200 nusb3hub - ok
20:01:09.0520 4200 nusb3xhc (d40a13b2c0891e218f9523b376955db6) C:\Windows\system32\DRIVERS\nusb3xhc.sys
20:01:09.0520 4200 nusb3xhc - ok
20:01:09.0530 4200 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
20:01:09.0530 4200 nvraid - ok
20:01:09.0540 4200 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
20:01:09.0540 4200 nvstor - ok
20:01:09.0550 4200 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
20:01:09.0550 4200 nv_agp - ok
20:01:09.0560 4200 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
20:01:09.0560 4200 ohci1394 - ok
20:01:09.0570 4200 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
20:01:09.0570 4200 Parport - ok
20:01:09.0580 4200 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
20:01:09.0580 4200 partmgr - ok
20:01:09.0590 4200 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
20:01:09.0590 4200 pci - ok
20:01:09.0600 4200 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
20:01:09.0600 4200 pciide - ok
20:01:09.0610 4200 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
20:01:09.0610 4200 pcmcia - ok
20:01:09.0620 4200 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
20:01:09.0620 4200 pcw - ok
20:01:09.0630 4200 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
20:01:09.0640 4200 PEAUTH - ok
20:01:09.0660 4200 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
20:01:09.0660 4200 PptpMiniport - ok
20:01:09.0670 4200 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
20:01:09.0670 4200 Processor - ok
20:01:09.0680 4200 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
20:01:09.0680 4200 Psched - ok
20:01:09.0710 4200 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
20:01:09.0710 4200 ql2300 - ok
20:01:09.0720 4200 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
20:01:09.0720 4200 ql40xx - ok
20:01:09.0730 4200 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
20:01:09.0730 4200 QWAVEdrv - ok
20:01:09.0740 4200 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
20:01:09.0740 4200 RasAcd - ok
20:01:09.0750 4200 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:01:09.0750 4200 RasAgileVpn - ok
20:01:09.0760 4200 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:01:09.0760 4200 Rasl2tp - ok
20:01:09.0770 4200 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
20:01:09.0770 4200 RasPppoe - ok
20:01:09.0780 4200 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
20:01:09.0780 4200 RasSstp - ok
20:01:09.0790 4200 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
20:01:09.0790 4200 rdbss - ok
20:01:09.0800 4200 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
20:01:09.0800 4200 rdpbus - ok
20:01:09.0800 4200 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:01:09.0800 4200 RDPCDD - ok
20:01:09.0810 4200 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
20:01:09.0810 4200 RDPENCDD - ok
20:01:09.0820 4200 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
20:01:09.0820 4200 RDPREFMP - ok
20:01:09.0830 4200 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
20:01:09.0830 4200 RDPWD - ok
20:01:09.0840 4200 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
20:01:09.0840 4200 rdyboost - ok
20:01:09.0860 4200 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
20:01:09.0860 4200 RFCOMM - ok
20:01:09.0870 4200 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
20:01:09.0870 4200 rspndr - ok
20:01:09.0880 4200 RSUSBSTOR (763ae0c6d9df4c24b7e2c26036a8188a) C:\Windows\system32\Drivers\RtsUStor.sys
20:01:09.0880 4200 RSUSBSTOR - ok
20:01:09.0900 4200 RTL8167 (a73ed14670220307874ad6bc2f279349) C:\Windows\system32\DRIVERS\Rt64win7.sys
20:01:09.0900 4200 RTL8167 - ok
20:01:09.0910 4200 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
20:01:09.0910 4200 sbp2port - ok
20:01:09.0920 4200 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
20:01:09.0920 4200 scfilter - ok
20:01:09.0930 4200 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
20:01:09.0930 4200 secdrv - ok
20:01:09.0940 4200 Ser2pl (9f6490423ac3271e84a90a0dd9d30a3b) C:\Windows\system32\DRIVERS\ser2pl64.sys
20:01:09.0940 4200 Ser2pl - ok
20:01:09.0950 4200 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
20:01:09.0950 4200 Serenum - ok
20:01:09.0960 4200 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
20:01:09.0960 4200 Serial - ok
20:01:09.0970 4200 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
20:01:09.0970 4200 sermouse - ok
20:01:09.0980 4200 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
20:01:09.0980 4200 sffdisk - ok
20:01:09.0990 4200 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
20:01:09.0990 4200 sffp_mmc - ok
20:01:09.0990 4200 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
20:01:09.0990 4200 sffp_sd - ok
20:01:10.0000 4200 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
20:01:10.0000 4200 sfloppy - ok
20:01:10.0010 4200 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:01:10.0010 4200 SiSRaid2 - ok
20:01:10.0020 4200 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
20:01:10.0020 4200 SiSRaid4 - ok
20:01:10.0030 4200 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
20:01:10.0030 4200 Smb - ok
20:01:10.0040 4200 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
20:01:10.0040 4200 spldr - ok
20:01:10.0060 4200 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
20:01:10.0060 4200 srv - ok
20:01:10.0070 4200 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
20:01:10.0070 4200 srv2 - ok
20:01:10.0080 4200 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
20:01:10.0080 4200 srvnet - ok
20:01:10.0090 4200 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
20:01:10.0090 4200 stexstor - ok
20:01:10.0110 4200 STHDA (0aad250a31a7ee96e0945ab9e1f3baa7) C:\Windows\system32\DRIVERS\stwrt64.sys
20:01:10.0110 4200 STHDA - ok
20:01:10.0120 4200 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
20:01:10.0120 4200 swenum - ok
20:01:10.0150 4200 SynTP (33e6a285daa5134d8ea2247914c86c09) C:\Windows\system32\DRIVERS\SynTP.sys
20:01:10.0150 4200 SynTP - ok
20:01:10.0180 4200 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
20:01:10.0190 4200 Tcpip - ok
20:01:10.0220 4200 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
20:01:10.0230 4200 TCPIP6 - ok
20:01:10.0240 4200 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
20:01:10.0240 4200 tcpipreg - ok
20:01:10.0250 4200 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
20:01:10.0250 4200 TDPIPE - ok
20:01:10.0250 4200 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
20:01:10.0260 4200 TDTCP - ok
20:01:10.0260 4200 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
20:01:10.0260 4200 tdx - ok
20:01:10.0270 4200 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
20:01:10.0270 4200 TermDD - ok
20:01:10.0290 4200 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:01:10.0290 4200 tssecsrv - ok
20:01:10.0300 4200 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
20:01:10.0300 4200 TsUsbFlt - ok
20:01:10.0310 4200 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
20:01:10.0310 4200 tunnel - ok
20:01:10.0310 4200 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
20:01:10.0310 4200 uagp35 - ok
20:01:10.0320 4200 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
20:01:10.0330 4200 udfs - ok
20:01:10.0340 4200 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
20:01:10.0340 4200 uliagpkx - ok
20:01:10.0350 4200 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
20:01:10.0350 4200 umbus - ok
20:01:10.0360 4200 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
20:01:10.0360 4200 UmPass - ok
20:01:10.0370 4200 USB28xxBGA (4c1cbabf1bef8801d1c637650c799f26) C:\Windows\system32\DRIVERS\emBDA64.sys
20:01:10.0380 4200 USB28xxBGA - ok
20:01:10.0390 4200 USB28xxOEM (8a66e038cc070bf95dd9f4259c8d3df2) C:\Windows\system32\DRIVERS\emOEM64.sys
20:01:10.0390 4200 USB28xxOEM - ok
20:01:10.0400 4200 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys
20:01:10.0400 4200 USBAAPL64 - ok
20:01:10.0400 4200 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
20:01:10.0400 4200 usbccgp - ok
20:01:10.0410 4200 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
20:01:10.0410 4200 usbcir - ok
20:01:10.0420 4200 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
20:01:10.0420 4200 usbehci - ok
20:01:10.0430 4200 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
20:01:10.0440 4200 usbhub - ok
20:01:10.0440 4200 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
20:01:10.0450 4200 usbohci - ok
20:01:10.0450 4200 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
20:01:10.0450 4200 usbprint - ok
20:01:10.0460 4200 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
20:01:10.0460 4200 usbscan - ok
20:01:10.0470 4200 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:01:10.0470 4200 USBSTOR - ok
20:01:10.0480 4200 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
20:01:10.0480 4200 usbuhci - ok
20:01:10.0490 4200 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
20:01:10.0490 4200 usbvideo - ok
20:01:10.0500 4200 VClone (84bb306b7863883018d7f3eb0c453bd5) C:\Windows\system32\DRIVERS\VClone.sys
20:01:10.0500 4200 VClone - ok
20:01:10.0510 4200 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
20:01:10.0510 4200 vdrvroot - ok
20:01:10.0520 4200 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
20:01:10.0520 4200 vga - ok
20:01:10.0530 4200 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
20:01:10.0530 4200 VgaSave - ok
20:01:10.0540 4200 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
20:01:10.0540 4200 vhdmp - ok
20:01:10.0550 4200 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
20:01:10.0550 4200 viaide - ok
20:01:10.0560 4200 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
20:01:10.0560 4200 volmgr - ok
20:01:10.0570 4200 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
20:01:10.0570 4200 volmgrx - ok
20:01:10.0580 4200 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
20:01:10.0580 4200 volsnap - ok
20:01:10.0590 4200 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
20:01:10.0590 4200 vsmraid - ok
20:01:10.0600 4200 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
20:01:10.0600 4200 vwifibus - ok
20:01:10.0610 4200 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
20:01:10.0610 4200 vwififlt - ok
20:01:10.0620 4200 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
20:01:10.0620 4200 WacomPen - ok
20:01:10.0630 4200 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:01:10.0630 4200 WANARP - ok
20:01:10.0630 4200 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:01:10.0630 4200 Wanarpv6 - ok
20:01:10.0650 4200 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
20:01:10.0650 4200 Wd - ok
20:01:10.0660 4200 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
20:01:10.0660 4200 Wdf01000 - ok
20:01:10.0680 4200 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
20:01:10.0680 4200 WfpLwf - ok
20:01:10.0690 4200 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
20:01:10.0690 4200 WIMMount - ok
20:01:10.0700 4200 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\drivers\WinUSB.sys
20:01:10.0700 4200 WinUsb - ok
20:01:10.0710 4200 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
20:01:10.0710 4200 WmiAcpi - ok
20:01:10.0730 4200 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
20:01:10.0730 4200 ws2ifsl - ok
20:01:10.0740 4200 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
20:01:10.0740 4200 WudfPf - ok
20:01:10.0750 4200 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\drivers\WUDFRd.sys
20:01:10.0750 4200 WUDFRd - ok
20:01:10.0760 4200 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
20:01:10.0760 4200 \Device\Harddisk0\DR0 - ok
20:01:10.0770 4200 Boot (0x1200) (f2f3f2a0181201837421b2f133c094da) \Device\Harddisk0\DR0\Partition0
20:01:10.0770 4200 \Device\Harddisk0\DR0\Partition0 - ok
20:01:10.0770 4200 Boot (0x1200) (839f151d12ae382b1c52e8ca43b4aadb) \Device\Harddisk0\DR0\Partition1
20:01:10.0770 4200 \Device\Harddisk0\DR0\Partition1 - ok
20:01:10.0770 4200 ============================================================
20:01:10.0770 4200 Scan finished
20:01:10.0770 4200 ============================================================
20:01:10.0770 5228 Detected object count: 0
20:01:10.0770 5228 Actual detected object count: 0
giulio46moto
Utente Junior
 
Post: 24
Iscritto il: 06/10/11 12:45

Re: windows 7 ogni tanto si ferma a pensare.....

Postdi FrancescoFDAC » 07/10/11 12:23

Scarica TFC by OldTimer: http://oldtimer.geekstogo.com/TFC.exe
● posiziona il tool sul Desktop
termina tutti i programmi attivi, comprese le pagine Internet
● avvia il tool con un doppio click
● clicca, in basso a sinistra, sul pulsante Start
scomparirà, per qualche istante, il Desktop: nulla di cui preoccuparsi
● attendi pazientemente il termine delle operazioni
● clicca, in basso a destra, sul pulsante Exit
● una volta terminate le operazioni, chiudi il programma

Scarica OTC by OldTimer: http://oldtimer.geekstogo.com/OTC.exe
● posiziona il tool sul Desktop
● chiudi tutti i programmi attivi
● avvia il tool con un doppio click
● clicca sul pulsante CleanUp!
● il programma chiede di riavviare il sistema: consenti, cliccando su Yes per due volte

Al termine, dovrai aprire il Pannello di Controllo, cliccare su Opzioni cartella, aprire il tab Visualizzazione e mettere la spunta su Nascondi i file protetti di sistema (consigliato) e Nascondi le estensioni per i tipi di file conosciuti.

Il PC come va?
Allega un log aggiornato di Hijackthis.
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: windows 7 ogni tanto si ferma a pensare.....

Postdi giulio46moto » 07/10/11 13:04

ho fatto! oggi non ho fatto tnto con il pc ma non si è ancora bloccato....
ecco il log aggiornato:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:13:10, on 07/10/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\VoipCheapCom.com\VoipCheapCom\VoipCheapCom.exe
C:\Program Files (x86)\NCH Software\Fling\fling.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files (x86)\AutocompletePro\AutocompletePro.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O2 - BHO: Guida per l'accesso a Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Fling] "C:\Program Files (x86)\NCH Software\Fling\fling.exe" -logon
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [VoipCheapCom] "C:\Program Files (x86)\VoipCheapCom.com\VoipCheapCom\VoipCheapCom.exe" -nosplash -minimized
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\Program Files (x86)\Offline Explorer Enterprise\Add_UrlO.htm
O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\Program Files (x86)\Offline Explorer Enterprise\Add_AllO.htm
O8 - Extra context menu item: Cerca nel web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O8 - Extra context menu item: Free YouTube Download - C:\Users\Giulio\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Giulio\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Invia immagine alla periferica &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Invia pagina alla periferica &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Invia a Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Invia a periferica &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B2206F6B-4678-4C3F-AFDE-547B189D5189}: NameServer = 85.18.200.200,89.97.140.140
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Unknown owner - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Cobian Backup 10 Volume Shadow Copy service (cbVSCService) - CobianSoft, Luis Cobian - C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe
O23 - Service: Cobian Backup 10 (CobianBackup10) - Luis Cobian, CobianSoft - C:\Program Files (x86)\Cobian Backup 10\cbService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Fling File Transfer (FlingService) - Unknown owner - C:\Program Files (x86)\NCH Software\Fling\fling.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: key4hidconvert - TODO: <Company name> - C:\Windows\SysWOW64\k4hidconvert.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: SwitchBoard - Unknown owner - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: usbdevice - Unknown owner - C:\Windows\system32\launch.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9548 bytes
giulio46moto
Utente Junior
 
Post: 24
Iscritto il: 06/10/11 12:45

Re: windows 7 ogni tanto si ferma a pensare.....

Postdi giulio46moto » 07/10/11 13:16

come non detto... mi ha appena fatto lo scherzetto :( :evil:
giulio46moto
Utente Junior
 
Post: 24
Iscritto il: 06/10/11 12:45

Re: windows 7 ogni tanto si ferma a pensare.....

Postdi FrancescoFDAC » 07/10/11 13:52

Esegui la procedura descritta, rigorosamente nel suo ordine, al fine di:
guadagnare spazio su disco
ottimizzare le prestazioni del sistema
mantenere il corretto funzionamento di Windows

Ottimizzazione - post rimozione malware

Il mio consiglio è quello di stampare questa procedura, perché tornerà senz'altro utile in futuro, a te ed ai tuoi conoscenti: condividila pure con loro, non ha controindicazioni di alcun genere ed andrebbe eseguita dopo aver rimosso tutte le infezione presenti nel sistema.
Queste operazioni infatti, andrebbero eseguite almeno una volta al mese (per utilizzatori di Computer assidui il tempo è ridotto a due settimane, eccetto per lo Scandisk, punto 13. della procedura).

Tieni presente che la maggior parte delle chiavi di registro corrotte e danneggiate non si possono ripristinare e riparare correttamente, e l'installazione e la disinstallazione continua dei programmi può causare crash di sistema e fastidiose schermate blu.

Una formattazione consente di ottenere dei massimi benefici, in termini di velocità, stabilità e prestazioni: questa procedura si avvicina maggiormente ai risultati ottenuti tramite una formattazione del disco fisso.

2. Disinstalla i programmi inutilizzati, e tutte le Toolbar

Procedura per Windows XP:
● clicca sul pulsante Start
● apri il Pannello di controllo
● clicca su Installazione applicazioni
● seleziona il programma da disinstallare, e clicca sul tasto Cambia/Rimuovi: partirà la procedura di disinstallazione

Procedura per Windows Vista e Windows Seven:
● clicca sul pulsante Start
● apri il Pannello di controllo
● clicca su Programmi, e su Programmi e funzionalità
● seleziona il programma da disinstallare, e clicca sul tasto Cambia/Disinstalla: partirà la procedura di disinstallazione

******************************

3. Disinstalla dal Pannello di controllo, in particolare, le seguenti applicazioni:
Adobe Flash Player
Adobe Reader
Java (tutte le versioni installate)

Scarica ed installa, dai siti proposti, le versioni aggiornate dei programmi appena disinstallati:
Adobe Flash Player: http://get.adobe.com/it/flashplayer
Adobe Reader : http://get.adobe.com/it/reader
Java: http://java.com/it/download/index.jsp

Note - riguardo alla procedura:
non consentire l'installazione di componenti aggiuntivi (Toolbar in particolare): non installarne alcuno, quindi togli la spunta alla relativa voce
● alternativamente ad Abobe Reader, software pesante e soprattutto soggetto a vulnerabilità sfruttabili dai malware presenti nella rete per infettare il sistema, puoi scaricare il veloce e leggerissimo Sumatra PDF Reader, che nulla ha da invidiare al prodotto di casa Adobe: http://blog.kowalczyk.info/software/sum ... eader.html

******************************

4. Disattiva il Ripristino Configurazione di Sistema

Procedura per Windows XP:
● clicca sul pulsante Start
● tasto destro del mouse sull'icona Risorse del computer
● seleziona, dal menù a tendina, la voce Proprietà
● apri la scheda Ripristino configurazione di sistema
● metti la spunta alla voce Disattiva Ripristino configurazione di sistema su tutte le unità
● conferma la modifica, con Applica e OK

Procedura per Windows Vista e Windows Seven:
● clicca sul pulsante Start
● tasto destro del mouse sull'icona Computer
● seleziona, dal menù a tendina, la voce Proprietà
● clicca, nel menù a sinistra, su Protezione sistema; compare un avviso relativo al Controllo Account Utente: clicca su Continua
● deseleziona la casella di controllo visualizzata accanto al Disco Locale C:
● clicca sul pulsante OK
● conferma la modifica apportata, cliccando sul pulsante Applica e OK

******************************

5. Svuota del suo contenuto la cartella Prefetch

Procedura per Windows XP:
● clicca sul pulsante Start
● clicca su Risorse del computer
● apri il Disco locale C:
● individua ed apri la cartella Windows
● individua ed apri la cartella Prefetch
elimina tutte le voci conservate al suo interno: fai attenzione però, a non eliminare la cartella

Procedura per Windows Vista e Windows Seven:
● clicca sul pulsante Start
● clicca su Computer
● apri il Disco locale C:
● individua ed apri la cartella Windows
● individua ed apri la cartella Prefetch
elimina tutte le voci conservate al suo interno, tranne il file Layout.ini: fai attenzione però, a non eliminare la cartella

Nota - riguardo alla procedura:
● la cartella Prefetch contiene i file che il sistema operativo esegue; un'operazione di prefetch consiste nel rendere immediatamente disponibili, nella memoria cache, i file utilizzati più spesso e quelli necessari per il processo di avvio del personal computer.
Il riavvio successivo sarà un po' lento, ma quelli seguenti saranno senza dubbio più veloci

******************************

6. Svuota del suo contenuto la cartella Download

Procedura per Windows XP:
● clicca sul pulsante Start
● clicca su Risorse del computer
● apri il Disco locale C:
● individua ed apri la cartella Windows
● individua ed apri la cartella SoftwareDistribution
● individua ed apri la cartella Download
elimina tutte le voci conservate al suo interno: fai attenzione però, a non eliminare la cartella

Procedura per Windows Vista e Windows Seven:
● clicca sul pulsante Start
● clicca su Computer
● apri il Disco locale C:
● individua ed apri la cartella Windows
● individua ed apri la cartella SoftwareDistribution
● individua ed apri la cartella Download
elimina tutte le voci conservate al suo interno: fai attenzione però, a non eliminare la cartella

Nota - riguardo alla procedura:
● la cartella Download contiene i file di installazione degli aggiornamenti di Windows, che possono essere eliminati senza problemi per recuperare spazio su disco e risolvere fastidiosi problemi di aggiornamenti

******************************

7. Scarica TFC by OldTimer: http://oldtimer.geekstogo.com/TFC.exe
● posiziona il tool sul Desktop
termina tutti i programmi attivi, comprese le pagine Internet
● avvia il tool con un doppio click
● clicca, in basso a sinistra, sul pulsante Start
scomparirà, per qualche istante, il Desktop: nulla di cui preoccuparsi
● attendi pazientemente il termine delle operazioni
● clicca, in basso a destra, sul pulsante Exit
● una volta terminate le operazioni, chiudi il programma

Nota: per eseguire correttamente TFC by OldTimer su Windows Vista e Windows Seven, clicca con il tasto destro del mouse sull'icona del programma e, dal menù contestuale, scegli la voce Esegui come Amministratore: conferma la richiesta proposta

******************************

8. Scarica ed installa CCleaner: http://www.piriform.com/ccleaner/download
Nota - durante l'installazione: non consentire l'installazione di componenti aggiuntivi (Toolbar in particolare): non installarne alcuno, quindi togli la spunta alla relativa voce

Una volta installato ed avviato, esegui queste operazioni:
● nel menù di sinistra, clicca su Opzioni
● nella finestra successiva, clicca su Impostazioni
● spunta la voce Tipo cancellazione: Sicura (lenta) e nel menù a tendina seleziona la voce DOD 5220.22-M (3 passaggi)
● clicca su Avanzate
● togli la spunta alla voce Cancella file in Windows Temp solo se più vecchi di 24 ore e alla voce Chiedi se salvare un backup dei problemi del registro
● clicca, nel menù a sinistra, su Pulizia: nella sezione Avanzate, metti la spunta alle voci Vecchi dati Prefetch, Disinstallatori Aggiornamenti di Windows e File Log IIS
● apri, in alto, il tab Applicazioni: spunta tutte le voci presenti
termina tutti i programmi attivi, comprese le pagine Internet
● clicca, in basso a sinistra, sul bottone Analizza, per cercare i file temporanei
● clicca, in basso a destra, sul bottone Avvia Pulizia, per avviare la pulizia dei file temporanei
● nella finestra che compare, metti la spunta alla voce Non mostrare più questo messaggio, e conferma cliccando sul pulsante OK
● terminata la pulizia, nel menù a sinistra, clicca sulla voce Registro
● clicca sul bottone Trova Problemi, per avviare la ricerca delle voci di registro corrotte e danneggiate
● clicca sul bottone Ripara selezionati... e prosegui con la riparazione: la pulizia del registro ripetila più volte, fino a quando non verranno più rilevati problemi da correggere
● una volta terminate le operazioni, chiudi il programma

******************************

9. Lancia Hijackthis e pulisci gli ADS (esclusivamente su partizioni formattate in NTFS):
● clicca sulla voce Open the Misc Tools section
● clicca su Open ADS Spy..., nel tab System tools
● in alto, togli la spunta alla voce Quick scan (Windows base folder only)
● clicca, in basso, sul pulsante Scan
● attendi pazientemente il termine della scansione
● se venissero rilevati molti ADS, clicca con il tasto destro sulla prima casellina, e scegli la voce Select all
● clicca, in basso, sul pulsante Remove selected: conferma con
● una volta terminate le operazioni, chiudi il programma

Nota - riguardo al programma:
● in caso avessi un sistema operativo a 64 Bit, tralascia la procedura. Fai click qui per scoprire se il tuo sistema operativo è a 32 o 64 Bit: http://support.microsoft.com/kb/827218/it

******************************

10. Scarica OTC by OldTimer: http://oldtimer.geekstogo.com/OTC.exe
● posiziona il tool sul Desktop
● chiudi tutti i programmi attivi
● avvia il tool con un doppio click
● clicca sul pulsante CleanUp!
● il programma chiede di riavviare il sistema: consenti, cliccando su Yes per due volte

Note - riguardo al programma:
OTC by OldTimer va eseguito solamente nel caso tu abbia utilizzato in precedenza particolari programmi che richiedono una particolare procedura di disinstallazione, come ComboFix, FindAWF, GMER, RSIT
● per eseguire correttamente OTC by OldTimer su Windows Vista e Windows Seven, clicca con il tasto destro del mouse sull'icona del programma e, dal menù contestuale, scegli la voce Esegui come Amministratore: conferma la richiesta proposta

******************************

11. Riabilita il Ripristino Configurazione di Sistema, seguendo la procedura inversa al punto 4

******************************

12. Scarica ed installa Defraggler: http://www.piriform.com/defraggler/download

Nota - durante l'installazione:
non consentire l'installazione di componenti aggiuntivi (Toolbar in particolare): non installarne alcuno, quindi togli la spunta alla relativa voce

Una volta installato, esegui queste operazioni:
● avvia il programma con un doppio click
● seleziona con il tasto sinistro del mouse l'unità Disco Locale C:
● clicca, in basso a sinistra, sul bottone Deframmenta
● attendi pazientemente il termine delle operazioni

******************************

13. Controlla l'Hard Disk per eventuali errori

Procedura per Windows XP:
● clicca sul pulsante Start
● clicca su Esegui
● nello spazio bianco, copia ed incolla questa riga:
cmd /c chkdsk c: |find /v "percent" >> "%userprofile%\desktop\checkhd.txt"
● clicca sul pulsante OK
● attendi pazientemente il termine delle operazioni
● una finestra DOS vuota si aprirà sul Desktop, per poi chiudersi automaticamente: nulla di cui preoccuparsi
● allega il file checkhd.txt presente sul Desktop per un controllo

Procedura per Windows Vista e Windows Seven:
● clicca sul pulsante Start
● scegli la voce Tutti i programmi
● clicca su Accessori
● clicca su Esegui
● nello spazio bianco, copia ed incolla questa riga:
cmd /c chkdsk c: |find /v "percent" >> "%userprofile%\desktop\checkhd.txt"
● clicca sul pulsante OK
● attendi pazientemente il termine delle operazioni
● una finestra DOS vuota si aprirà sul Desktop, per poi chiudersi automaticamente: nulla di cui preoccuparsi
● allega il file checkhd.txt presente sul Desktop per un controllo

******************************

Note - al termine della procedura:
riavvia il sistema
allega un nuovo log di HijackThis
● comunica come funziona il sistema, e quali problemi riscontri attualmente

Se non l'hai già fatto;
Scarica ed installa HitmanPro: http://www.surfright.nl/en/downloads
● scegli la versione adatta al tuo Sistema Operativo (32Bit o 64Bit)
● una volta lanciato, nella finestra principale clicca su Impostazioni
● clicca su Licenza ed attiva la licenza
● clicca su scansione di default (consigliato)
● al termine della scansione ti verrà mostrato un riepilogo: nella finestra di riepilogo, in basso a sinistra, avrai modo di salvare il Report generato che dovrai allegare
Ultima modifica di FrancescoFDAC su 07/10/11 14:06, modificato 1 volte in totale.
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: windows 7 ogni tanto si ferma a pensare.....

Postdi giulio46moto » 07/10/11 14:01

quanta roba! :undecided:
una cosa, non ho un hhd ma un ssd per cui la deframmentazione del disco non si può fare, giusto??
giulio46moto
Utente Junior
 
Post: 24
Iscritto il: 06/10/11 12:45

Re: windows 7 ogni tanto si ferma a pensare.....

Postdi FrancescoFDAC » 07/10/11 14:06

No, lascia stare deframmentazione e scandisk se hai un SSD.
Parti dal punto due.. fammi sapere.
Francesco
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: windows 7 ogni tanto si ferma a pensare.....

Postdi giulio46moto » 07/10/11 14:10

ok, grazie! ;)
giulio46moto
Utente Junior
 
Post: 24
Iscritto il: 06/10/11 12:45

Re: windows 7 ogni tanto si ferma a pensare.....

Postdi giulio46moto » 07/10/11 21:34

eccomi, ho fatto tutto ma non è cambiato niente :(
proprio 2 minuti fa si è di nuovo piantato
in parte sono operazioni che svolgo periodicamente.
questo è il file di Hitman:
Codice: Seleziona tutto
<Log computer="GIULIO-PC" scan="Normal" version="3.5.9.130" date="2011-10-07T22:24:31" timeSpentInSecs="250" filesProcessed="74273"><Item type="Suspicious" score="43.0" status="None"><File path="C:\Program Files (x86)\BitTorrent\BitTorrent.exe" hash="3AFB66F9E9A60FEA305ABB648DE8EBED2B9EAD1ED5660EB3997C788D56F19924" /><References><File path="C:\Users\Giulio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk" /><File path="C:\Users\Giulio\Desktop\BitTorrent.lnk" /></References></Item><Item type="Malware" malwareName="Malware" score="110.0" status="Deleted"><Scanners><Scanner id="G Data" name="Gen:Variant.Kazy.39540 (Engine A)" /></Scanners><File path="C:\Program Files (x86)\FoxTabPDFConverter\Uninstall\Uninstall.exe" hash="AFD5C7F86843CD0C7C2119E70AD2E8B28B93F6121ADDF6DDEC818AF49BA67936" /><References><File path="C:\Users\Giulio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FoxTab PDF Converter\Uninstall FoxTab PDF Converter.lnk" /></References></Item><Item type="Suspicious" score="48.0" status="None"><File path="C:\Program Files\Process Lasso\InstallHelper.exe" hash="9FCE27014E580DE5C23AB5F4DC21556A4967629F3D5E0ECFDBFA8E694C61858A" /></Item><Item type="Suspicious" score="48.0" status="None"><File path="C:\Program Files\Process Lasso\processlasso.exe" hash="EB6AAFB3932C58C00C2A367FF9377B0B2926B35559756A10BA3F8C92CDE6AD1B" /><References><File path="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Lasso\Process Lasso (recupera l'icona della barra degli strumenti).lnk" /><File path="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Lasso\Process Lasso.lnk" /></References></Item><Item type="Suspicious" score="54.0" status="None"><File path="C:\Program Files\Process Lasso\TweakScheduler.exe" hash="305379E0061FFB88E1E8726E5868471631AE05FED29B05955C2C71E0C9F9F64D" /><References><File path="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Lasso\Avanzate\Tweak Scheduler.lnk" /></References></Item><Item type="Suspicious" score="54.0" status="None"><File path="C:\Program Files\Process Lasso\vistammsc.exe" hash="44E4F7A02FCBEC14E4E5AE028DF8580314C6A4AD55679DE6401B83147CDBC57F" /><References><File path="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Lasso\Avanzate\Configurazione di Vista Multimedia Scheduler.lnk" /></References></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:112.2o7.net" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:247realmedia.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:ad.adc-serv.net" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:ad.adperium.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:ad.c-web.it" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:ad.modellismo.it" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:ad.yieldmanager.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:ad.zanox.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:ads.aclap.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:ads.cad3d.it" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:ads.chlorobike.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:ads.pubmatic.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:ads.spinblog.it" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:ads.trafficjunky.net" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:ads.zeusclicks.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:adtech.de" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:advertising.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:apmebf.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:atdmt.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:cdate.122.2o7.net" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:content.yieldmanager.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:deutschepostag.112.2o7.net" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:doubleclick.net" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:eas4.emediate.eu" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:eas8.emediate.eu" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:fastclick.net" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:h.atdmt.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:invitemedia.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:mediaplex.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:pornhub.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:revsci.net" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:rts.phn.doublepimp.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:serving-sys.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:smartadserver.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:specificclick.net" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:statcounter.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:statse.webtrendslive.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:track.adform.net" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:tradedoubler.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:tribalfusion.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:uk.sitestat.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:www.googleadservices.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:www.pornhub.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:xiti.com" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:yadro.ru" /></Item><Item type="Repair" score="0.0" status="Deleted"><File path="C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\4ct0pyy1.default\cookies.sqlite:zedo.com" /></Item><Item type="Malware" malwareName="Malware" score="110.0" status="Deleted"><Scanners><Scanner id="G Data" name="Gen:Variant.Kazy.39540 (Engine A)" /></Scanners><File path="C:\Users\Giulio\Desktop\PDFConverterSetup.exe" hash="AFD5C7F86843CD0C7C2119E70AD2E8B28B93F6121ADDF6DDEC818AF49BA67936" /></Item></Log>


questo quello della verifica dell'hard disk:
Codice: Seleziona tutto
Il file system Š di tipo NTFS.

Avvertenza! Parametro F non specificato
CHKDSK eseguito in modalit… sola lettura.

Verifica dei file in corso (fase 1 di 3)...
Verifica file completata.
  395 record di file di grandi dimensioni elaborati.                     

  0 record file non validi elaborati.                                     

  0 record EA elaborati.                                           

  70 record reparse elaborati.                                     

Verifica degli indici in corso (fase 2 di 3)...
Verifica indici completata.
  0 file non indicizzati analizzati.                                   

  0 file non indicizzati ripristinati.                                   

Verifica dei descrittori di sicurezza in corso (fase 3 di 3)...
Verifica descrittori di sicurezza completata.
  40362 file di dati elaborati.                                           

CHKDSK sta verificando il journal USN...
Verifica del journal USN completata.
Verifica del file system effettuata.  Nessun problema rilevato.

 124930047 KB di spazio totale su disco.
  85215868 KB in 215753 file.
    123752 KB in 40363 indici.
         0 KB in settori danneggiati.
    460931 KB in uso dal sistema.
     65536 KB occupati dal file registro.
  39129496 KB disponibili su disco.

      4096 byte in ogni unit… di allocazione.
  31232511 unit… totali di allocazione su disco.
   9782374 unit… di allocazione disponibili su disco.


e infine quello di HijackThis:
Codice: Seleziona tutto
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:36:06, on 07/10/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\VoipCheapCom.com\VoipCheapCom\VoipCheapCom.exe
C:\Program Files (x86)\NCH Software\Fling\fling.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_ss&affID=100474&mntrId=fa23a87f000000000000183da24923c0
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - (no file)
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - (no file)
O2 - BHO: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)
O4 - HKLM\..\Run: [Fling] "C:\Program Files (x86)\NCH Software\Fling\fling.exe" -logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [VoipCheapCom] "C:\Program Files (x86)\VoipCheapCom.com\VoipCheapCom\VoipCheapCom.exe" -nosplash -minimized
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\Program Files (x86)\Offline Explorer Enterprise\Add_UrlO.htm
O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\Program Files (x86)\Offline Explorer Enterprise\Add_AllO.htm
O8 - Extra context menu item: Cerca nel web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O8 - Extra context menu item: Free YouTube Download - C:\Users\Giulio\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Giulio\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Invia immagine alla periferica &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Invia pagina alla periferica &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Invia a Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Invia a periferica &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{B2206F6B-4678-4C3F-AFDE-547B189D5189}: NameServer = 85.18.200.200,89.97.140.140
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Unknown owner - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service:  Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Cobian Backup 10 Volume Shadow Copy service (cbVSCService) - CobianSoft, Luis Cobian - C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe
O23 - Service: Cobian Backup 10 (CobianBackup10) - Luis Cobian, CobianSoft - C:\Program Files (x86)\Cobian Backup 10\cbService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Fling File Transfer (FlingService) - Unknown owner - C:\Program Files (x86)\NCH Software\Fling\fling.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: key4hidconvert - TODO: <Company name> - C:\Windows\SysWOW64\k4hidconvert.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: SwitchBoard - Unknown owner - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: usbdevice - Unknown owner - C:\Windows\system32\launch.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9506 bytes
giulio46moto
Utente Junior
 
Post: 24
Iscritto il: 06/10/11 12:45

Re: windows 7 ogni tanto si ferma a pensare.....

Postdi giulio46moto » 07/10/11 21:36

secondo me si tratta più che altro di una "compatibilità programmi"
oppure possimao fare una verifica del funzionamento delle parti hardware??? :roll:
perchè gira tutto bene e fluido, solo ogni tanto ha questi intoppi improvvisi.... :undecided:
giulio46moto
Utente Junior
 
Post: 24
Iscritto il: 06/10/11 12:45

Re: windows 7 ogni tanto si ferma a pensare.....

Postdi FrancescoFDAC » 08/10/11 14:02

Fixa queste voci con Hijackthis;

O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - (no file)
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - (no file)
O2 - BHO: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)
O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)
O4 - HKLM\..\Run: [Fling] "C:\Program Files (x86)\NCH Software\Fling\fling.exe" -logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

Il problema non è imputabile ad una infezione.. La mia assistenza termina qui.
Aspetta pareri più autorevoli!
Francesco.
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: windows 7 ogni tanto si ferma a pensare.....

Postdi giulio46moto » 08/10/11 15:18

grazie molte lo stesso per il tempo che mi hai dedicato :)
giulio46moto
Utente Junior
 
Post: 24
Iscritto il: 06/10/11 12:45

Prossimo

Torna a Sistemi Operativi Windows


Topic correlati a "windows 7 ogni tanto si ferma a pensare.....":

aiuto windows 10
Autore: mod360
Forum: Software Windows
Risposte: 1
Windows Update
Autore: gele
Forum: Sistemi Operativi Windows
Risposte: 4

Chi c’è in linea

Visitano il forum: Nessuno e 114 ospiti