diabolerik

salve a tutti qualcuno potrebbe dirmi dove posso scaricare una versione crackabile di matlab+simulink ? non trovo niente su rete grazie !

salve a tutti da un paio di giorni il pc di casa viaggia con la cpu al 100% tutta concentrata nel processo explorer.exe... potreste dare una controllatina al log? grazie Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15.17.51, on 20/06/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe C:\Programmi\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Programmi\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Programmi\File comuni\LightScribe\LSSrvc.exe C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe C:\Programmi\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\RTHDCPL.EXE C:\Programmi\Intel\Intel Matrix Storage Manager\Iaanotif.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\eHome\ehmsas.exe C:\Programmi\HP DigitalMedia Archive\DMAScheduler.exe C:\Programmi\HP\HP Software Update\HPWuSchd2.exe C:\Programmi\File comuni\Real\Update_OB\realsched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe C:\Programmi\QuickTime\QTTask.exe C:\Programmi\iTunes\iTunesHelper.exe C:\Programmi\USBToolbox\Res.EXE C:\WINDOWS\system32\ctfmon.exe C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\rundll32.exe C:\Programmi\Pando Networks\Pando\Pando.exe C:\Programmi\Google\Google Updater\GoogleUpdater.exe C:\Programmi\iPod\bin\iPodService.exe C:\WINDOWS\system32\wuauclt.exe C:\HP\KBD\KBD.EXE c:\windows\system\hpsysdrv.exe C:\Programmi\MSN Messenger\usnsvc.exe C:\Programmi\eMule\emule.exe C:\Documents and Settings\HP_Administrator\Desktop\Nuova cartella\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.live.com/results.aspx?mkt=it-it&q= R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://it.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Programmi\Pando Networks\Pando\PandoIEPlugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar4.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar4.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [iAAnotif] C:\Programmi\Intel\Intel Matrix Storage Manager\Iaanotif.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [DMAScheduler] "c:\Programmi\HP DigitalMedia Archive\DMAScheduler.exe" O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [HPBootOp] "C:\Programmi\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [EPSON Stylus D78 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBGE.EXE /FU "C:\WINDOWS\TEMP\E_S173.tmp" /EF "HKLM" O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [uSB Storage Toolbox] C:\Programmi\USBToolbox\Res.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [EPSON Stylus D78 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBGE.EXE /FU "C:\DOCUME~1\HP_ADM~1\IMPOST~1\Temp\E_S12A.tmp" /EF "HKCU" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [NBJ] "C:\Programmi\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [Pando] "C:\Programmi\Pando Networks\Pando\Pando.exe" /Minimized O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE') O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Google Updater.lnk = C:\Programmi\Google\Google Updater\GoogleUpdater.exe O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Guida alla connessione - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Guida alla connessione - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Intel® Quick Resume technology (ELService) - Intel Corporation - C:\Programmi\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Programmi\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programmi\File comuni\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 11977 bytes

rettifica:la cpu viaggia di nuovo tra 80-100% nel task manager non compare nessuna voce rilevante...

ciao scusa il ritardo..non mi parte nessun antivirus nè avast nè combofix nè hijackthis nè gmer...niente...mi compare ogni volta la finestra di errore...la cpu stranamente viaggia a ritmi bassi..

ciao scusatemi se ho aperto un altra discussione e rompo ma non so proprio che fare mi sa che lo farò formattare... comunque nel task manager non compare nessun processo anomalo..quello che succhia più risorse è taskmgr.exe che suppongo sia appunto il task manager (si aggira attorno al 12-13 % mentre il contatore sul desktop segna cpu viaggiante sugli 80-100)

ciao a tutti purtroppo ho un problema sul notebook della mia ragazza...nella sezione "altri problemi legati alla sicurezza" mi hanno risolto un paio di situazioni ma ormai non mi rispondono più in pratica ho tutti gli antivirus disabilitati ho fatto diverse scansioni con altri programmi (tipo kaspersky on line) mi trova sempre qualcosa ma in compenso la cpu continua a viaggiare al massimo e non mi si apre nessun antivir per cui il computer è totalmente esposto...lo stesso dicasi per hijack non me lo fa partire..datemi un consiglio vi prego!!!! cosa potrei fare con sto dannato laptop? ah preciso che il computer viaggia tranquillo non mi da grandi problemi per quanto riguarda l'apertura applicazioni e la navigazione solo la cpu sta sui 100 fissi e la ventola viaggia al massimo

salve a tutti...come da oggetto il notebook spesso si blocca...succede spesso quando ascolto musica e apro finestre internet contemporaneamente...la schermata si blocca la musica magari continua ma a tratti mi fa le pernacchie l'unica soluzione è spegnere il tutto con il tasto d'accensione...se potreste dare una guardata al log vi sarei grato inizio a capire se è un problema di virus o (l'ennesimo) problema hardware Logfile of HijackThis v1.99.1 Scan saved at 16.59.45, on 29/04/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\Intel\Wireless\Bin\EvtEng.exe C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Programmi\Intel\Wireless\Bin\ZcfgSvc.exe C:\WINDOWS\Explorer.EXE C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe C:\Programmi\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\ASWLSVC.exe C:\Programmi\Bonjour\mDNSResponder.exe C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Programmi\Intel\Wireless\Bin\OProtSvc.exe C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe C:\Programmi\ASUS\NB Probe\SPM\spmgr.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe C:\Programmi\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\ATK0100\HControl.exe C:\WINDOWS\SOUNDMAN.EXE C:\Programmi\ASUS\ASUS Live Update\ALU.exe C:\Programmi\ASUS\NB Probe\NBProbe.exe C:\Programmi\Synaptics\SynTP\SynTPLpr.exe C:\Programmi\Synaptics\SynTP\SynTPEnh.exe C:\Programmi\ASUS\Power4 Gear\BatteryLife.exe C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe C:\Programmi\Intel\Wireless\Bin\EOUWiz.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\Programmi\ASUS\WLAN Card Utilities\Center.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe C:\Programmi\iTunes\iTunesHelper.exe C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe C:\Programmi\Asus\Asus ChkMail\ChkMail.exe C:\Programmi\iPod\bin\iPodService.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\Windows Live\Messenger\usnsvc.exe C:\Documents and Settings\asus\Desktop\MUSICA\HijackThis.exe C:\PROGRA~1\Mozilla Firefox\firefox.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti R3 - URLSearchHook: (no name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - C:\Programmi\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Pando Search Assistant BHO - {06663B51-0D73-4f9f-BCC5-4AA941470AFD} - C:\Programmi\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Programmi\Pando Networks\Pando\PandoIEPlugin.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll O2 - BHO: Pando Toolbar BHO - {E3EA4FD1-CADE-4ae5-84F7-086EEE888BE4} - C:\Programmi\PandoBar\bar\1.bin\PANDOBAR.DLL O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmi\Windows Live Toolbar\msntb.dll O3 - Toolbar: Pando Toolbar - {E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4} - C:\Programmi\PandoBar\bar\1.bin\PANDOBAR.DLL O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ASUS Live Update] C:\Programmi\ASUS\ASUS Live Update\ALU.exe O4 - HKLM\..\Run: [NB Probe] C:\Programmi\ASUS\NB Probe\NBProbe.exe O4 - HKLM\..\Run: [synTPLpr] C:\Programmi\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Power_Gear] C:\Programmi\ASUS\Power4 Gear\BatteryLife.exe 1 O4 - HKLM\..\Run: [intelWireless] C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [EOUApp] C:\Programmi\Intel\Wireless\Bin\EOUWiz.exe O4 - HKLM\..\Run: [Control Center] C:\Programmi\ASUS\WLAN Card Utilities\Center.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [ssAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe O4 - HKLM\..\Run: [Zone Labs Client] "C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Pando] "C:\Programmi\Pando Networks\Pando\pando.exe" /Minimized O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: ASUS ChkMail.lnk = C:\Programmi\Asus\Asus ChkMail\ChkMail.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Programmi\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\programmi\bonjour\mdnsnsp.dll O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programmi\Windows Live\Mail\mailcomm.dll O20 - Winlogon Notify: IntelWireless - C:\Programmi\Intel\Wireless\Bin\LgNotify.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\system32\ASWLSVC.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe O23 - Service: EvtEng - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: OwnershipProtocol - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\OProtSvc.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: RegSrvc - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: spmgr - Unknown owner - C:\Programmi\ASUS\NB Probe\SPM\spmgr.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Programmi\File comuni\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

non so perchè ma la cpu è fissa al 100%

ho fatto tutto quello che hai detto.rinstallato avast è partita la scansione in modalità msdos.ha trovato 2 virus e a fine scansione il pc si è spento.l'ho riacceso e l'ho fatto partire con la funzione di riparazione errori di windows. avast non si apre.mi segnala errori diversi di script.non come prima. hijak inceve come prima non si apre e segnala lo stesso errore così come windows defensor appena si apre la finestra del desktop.

////////////////////////////////////////// Avenger Pre-Processor log ////////////////////////////////////////// Platform: Windows NT 6.0 (build 6000) Mon Apr 21 09:53:30 2008 09:53:30: Error: Invalid script. A valid script must begin with a command directive. Aborting execution! ////////////////////////////////////////// ////////////////////////////////////////// Avenger Pre-Processor log ////////////////////////////////////////// Platform: Windows NT 6.0 (build 6000) Mon Apr 21 09:54:00 2008 09:54:00: Error: Invalid script. A valid script must begin with a command directive. Aborting execution! ////////////////////////////////////////// ////////////////////////////////////////// Avenger Pre-Processor log ////////////////////////////////////////// Platform: Windows NT 6.0 (build 6000) Mon Apr 21 09:54:31 2008 09:54:31: Error: Invalid script. A valid script must begin with a command directive. Aborting execution! ////////////////////////////////////////// ////////////////////////////////////////// Avenger Pre-Processor log ////////////////////////////////////////// Platform: Windows NT 6.0 (build 6000) Mon Apr 21 09:54:39 2008 09:54:39: Error: Invalid script. A valid script must begin with a command directive. Aborting execution! ////////////////////////////////////////// ////////////////////////////////////////// Avenger Pre-Processor log ////////////////////////////////////////// Platform: Windows NT 6.0 (build 6000) Mon Apr 21 09:54:44 2008 09:54:44: Error: Invalid script. A valid script must begin with a command directive. Aborting execution! ////////////////////////////////////////// Logfile of The Avenger Version 2.0, © by Swandog46 http://swandog46.geekstogo.com Platform: Windows Vista ******************* Script file opened successfully. Script file read successfully. Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: File "C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe" deleted successfully. Completed script processing. ******************* Finished! Terminate.

ecco il log kaspersy..combofix alla fine è partito usando il link tuo log_kaspersky.html

ComboFix 08-04-18.3 - VALE 2008-04-20 1.18.42.1 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1040.18.953 [GMT 2:00] Eseguito da: C:\Users\VALE\Desktop\ComboFix.exe * Creato nuovo punto di ripristino . ((((((((((((((((((((((((((((((((((((( Altre eliminazioni ))))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Program Files\internetgamebox C:\Program Files\internetgamebox\InternetGameBox.exe C:\Program Files\internetgamebox\language C:\Program Files\internetgamebox\Privacy Policy.url C:\Program Files\internetgamebox\ressources\AttenteOff.html C:\Program Files\internetgamebox\ressources\AttenteOn.html C:\Program Files\internetgamebox\ressources\configv2_en.xml C:\Program Files\internetgamebox\ressources\configv2_es.xml C:\Program Files\internetgamebox\ressources\configv2_fr.xml C:\Program Files\internetgamebox\ressources\favoris\defaultv2.swf C:\Program Files\internetgamebox\skins\skinv2.skn C:\Program Files\internetgamebox\Terms and conditions.url C:\Program Files\internetgamebox\uninst.exe C:\Program Files\internetgamebox\Website.url C:\Windows\system32\ACER.exe C:\Windows\system32\drivers\downld C:\Windows\system32\drivers\downld\112585.exe C:\Windows\system32\drivers\downld\121165.exe C:\Windows\system32\drivers\downld\123240.exe C:\Windows\system32\drivers\downld\145455.exe C:\Windows\system32\drivers\downld\15314602.exe C:\Windows\system32\drivers\downld\15359515.exe C:\Windows\system32\drivers\downld\15503426.exe C:\Windows\system32\drivers\downld\15522239.exe C:\Windows\system32\drivers\downld\1581506.exe C:\Windows\system32\drivers\downld\1611615.exe C:\Windows\system32\drivers\downld\167420.exe C:\Windows\system32\drivers\downld\169838.exe C:\Windows\system32\drivers\downld\1761750.exe C:\Windows\system32\drivers\downld\1782077.exe C:\Windows\system32\drivers\downld\182255.exe C:\Windows\system32\drivers\downld\184829.exe C:\Windows\system32\drivers\downld\1918125.exe C:\Windows\system32\drivers\downld\196498.exe C:\Windows\system32\drivers\downld\198714.exe C:\Windows\system32\drivers\downld\252768.exe C:\Windows\system32\drivers\downld\269850.exe C:\Windows\system32\drivers\downld\294888.exe C:\Windows\system32\drivers\downld\308585.exe C:\Windows\system32\drivers\downld\310972.exe C:\Windows\system32\drivers\downld\324934.exe C:\Windows\system32\drivers\downld\441982.exe C:\Windows\system32\drivers\downld\489874.exe C:\Windows\system32\drivers\downld\510435.exe C:\Windows\system32\drivers\downld\529404.exe C:\Windows\system32\drivers\downld\645797.exe C:\Windows\system32\drivers\downld\678604.exe C:\Windows\system32\drivers\downld\79279.exe C:\Windows\system32\drivers\downld\864323.exe C:\Windows\system32\drivers\downld\882965.exe C:\Windows\system32\drivers\downld\901202.exe C:\Windows\system32\drivers\mdelk.exe . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_SROSA ((((((((((((((((((((((((( Files Creati Da 2008-03-19 al 2008-04-19 ))))))))))))))))))))))))))))))))))) . 2008-04-16 12:50 . 2008-04-16 12:50 <DIR> d-------- C:\Program Files\Microsoft Visual Studio 8 2008-04-13 01:25 . 2008-04-13 01:25 8 --a------ C:\Users\VALE\AppData\Roaming\NMM-MetaData.db 2008-04-10 13:07 . 2008-02-15 01:19 944,184 --a------ C:\Windows\System32\winload.exe 2008-04-10 13:07 . 2008-02-19 07:10 620,088 --a------ C:\Windows\System32\ci.dll 2008-04-10 13:07 . 2008-02-29 08:39 371,712 --a------ C:\Windows\System32\srcore.dll 2008-04-10 13:07 . 2008-02-29 08:38 313,856 --a------ C:\Windows\System32\rstrui.exe 2008-04-10 13:07 . 2008-02-29 08:39 40,960 --a------ C:\Windows\System32\srclient.dll 2008-04-10 13:07 . 2008-02-29 08:51 19,000 --a------ C:\Windows\System32\kd1394.dll 2008-04-10 13:07 . 2008-02-29 08:38 16,384 --a------ C:\Windows\System32\srdelayed.exe 2008-04-10 13:07 . 2008-02-29 08:34 7,168 --a------ C:\Windows\System32\f3ahvoas.dll 2008-04-10 13:07 . 2008-02-29 08:35 6,656 --a------ C:\Windows\System32\kbd106n.dll 2008-04-08 13:18 . 2008-04-08 13:18 <DIR> d-------- C:\Users\VALE\AppData\Roaming\PC Tools 2008-04-08 13:18 . 2008-04-08 13:18 <DIR> d-------- C:\Program Files\Spyware Doctor 2008-04-08 13:18 . 2007-12-10 14:53 81,288 --a------ C:\Windows\System32\drivers\iksyssec.sys 2008-04-08 13:18 . 2007-12-10 14:53 66,952 --a------ C:\Windows\System32\drivers\iksysflt.sys 2008-04-08 13:18 . 2008-02-01 12:55 42,376 --a------ C:\Windows\System32\drivers\ikfilesec.sys 2008-04-08 13:18 . 2007-12-10 14:53 29,576 --a------ C:\Windows\System32\drivers\kcom.sys 2008-04-08 13:12 . 2008-04-08 14:14 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy 2008-04-07 17:56 . 2008-04-07 17:56 <DIR> d-------- C:\Users\All Users\Kaspersky Lab 2008-04-07 17:56 . 2008-04-07 17:56 <DIR> d-------- C:\PROGRA~2\Kaspersky Lab 2008-04-06 17:01 . 2008-04-06 17:32 <DIR> d-------- C:\Program Files\EsetOnlineScanner 2008-04-05 21:02 . 2008-04-07 17:56 <DIR> d-------- C:\Windows\System32\Kaspersky Lab 2008-04-05 20:52 . 2008-04-05 20:52 54,156 --ah----- C:\Windows\QTFont.qfn 2008-04-05 20:52 . 2008-04-05 20:52 1,409 --a------ C:\Windows\QTFont.for 2008-04-05 20:39 . 2008-04-05 20:39 <DIR> d--h----- C:\Windows\PIF . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-04-18 17:33 --------- d-----w C:\PROGRA~2\Microsoft Help 2008-04-18 17:26 12,978 ----a-w C:\Users\VALE\AppData\Roaming\nvModes.dat 2008-04-16 10:55 --------- d-----w C:\Program Files\MSBuild 2008-04-12 23:24 --------- d-----w C:\Users\VALE\AppData\Roaming\Nokia Multimedia Player 2008-04-08 11:00 322,820,683 ----a-w C:\Windows\DUMP5a20.tmp 2008-04-07 14:45 --------- d-----w C:\Program Files\Messenger Plus! Live 2008-04-06 13:52 --------- d-----w C:\Users\VALE\AppData\Roaming\Application Data 2008-03-29 17:32 50,768 ----a-w C:\Windows\system32\drivers\aswMonFlt.sys 2008-03-17 14:03 --------- d-----w C:\Users\VALE\AppData\Roaming\Nokia 2008-03-17 14:01 --------- d-----w C:\Users\VALE\AppData\Roaming\DataLayer 2008-03-17 13:28 --------- d-----w C:\Users\VALE\AppData\Roaming\PC Suite 2008-03-17 13:28 --------- d-----w C:\Program Files\Common Files\PCSuite 2008-03-17 13:28 --------- d-----w C:\Program Files\Common Files\Nokia 2008-03-17 13:28 --------- d-----w C:\PROGRA~2\PC Suite 2008-03-17 13:27 --------- d-----w C:\Program Files\Nokia 2008-03-17 13:22 --------- d-----w C:\PROGRA~2\Downloaded Installations 2008-03-08 02:14 148,992 ----a-w C:\Windows\system32\drivers\ks.sys 2008-02-29 04:16 2,027,008 ----a-w C:\Windows\System32\win32k.sys 2008-02-28 10:51 --------- d-----w C:\Program Files\Windows Live 2008-02-21 04:43 826,368 ----a-w C:\Windows\System32\wininet.dll 2008-02-21 04:43 56,320 ----a-w C:\Windows\System32\iesetup.dll 2008-02-21 04:43 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll 2008-02-21 04:43 296,448 ----a-w C:\Windows\System32\gdi32.dll 2008-02-21 04:43 26,624 ----a-w C:\Windows\System32\ieUnatt.exe 2008-02-19 13:35 --------- d-----w C:\Program Files\Navilog1 2008-02-19 13:09 --------- d-----w C:\Program Files\Windows Live Toolbar 2008-02-19 13:06 --------- d-----w C:\Program Files\Yahoo! 2008-02-19 13:05 --------- d-----w C:\Program Files\VideoLAN 2008-02-17 14:53 737,280 ----a-w C:\Windows\iun6002.exe 2008-02-14 10:54 194,560 ----a-w C:\Windows\System32\WebClnt.dll 2008-02-14 10:50 24,064 ----a-w C:\Windows\System32\netcfg.exe 2008-02-14 10:50 22,016 ----a-w C:\Windows\System32\netiougc.exe 2008-02-14 10:50 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll 2008-02-11 07:39 253,952 ----a-w C:\Windows\System32\OnlineScannerDLLA.dll 2008-02-11 07:39 237,568 ----a-w C:\Windows\System32\OnlineScannerDLLW.dll 2008-02-08 11:53 110,592 ----a-w C:\Windows\System32\OnlineScannerLang.dll 2008-02-05 06:48 77,824 ----a-w C:\Windows\System32\OnlineScannerUninstaller.exe 2008-02-01 10:17 586,752 ----a-w C:\Windows\WLXPGSS.SCR 2006-11-02 12:50 174 --sha-w C:\Program Files\desktop.ini . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Nota* i valori vuoti & legittimi/default non sono visualizzati. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-10 11:12 1232896] "Acer Tour Reminder"="" [] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:34 5724184] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 14:35 125440] "PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-06-19 16:59 1449984] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 14:36 201728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-02 14:34 1004136] "RtHDVCpl"="RtHDVCpl.exe" [2007-05-10 11:10 4468736 C:\Windows\RtHDVCpl.exe] "NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-05-04 06:36 86016] "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-05-04 06:35 8429568] "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-05-04 06:36 81920] "eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2005-04-15 02:06 700416] "eAudio"="C:\Acer\Empowering Technology\eAudio\eAudio.exe" [2007-04-26 17:54 1286144] "Acer Tour"="" [] "PLFSet"="C:\Windows\PLFSet.dll" [2007-03-09 18:51 45056] "LManager"="C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE" [2007-05-04 06:23 502544] "PlayMovie"="C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe" [2007-05-03 11:16 206952] "eRecoveryService"="" [] "Acer Tour Reminder"="C:\Acer\AcerTour\Reminder.exe" [2007-02-15 18:39 151552] "WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 22:48 57344] "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-02-12 15:37 174872] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 19:37 79224] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-10 16:27 385024] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792] "PCSuiteTrayApplication"="C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.exe" [2006-06-15 13:36 229376] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-05-09 07:09 865840] "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47 31016] C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\ Acer VCM.lnk - C:\Program Files\Acer\Acer VCM\AcerVCM.exe [2007-06-27 06:50:39 1208320] BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-03-29 13:11:50 719664] Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2007-05-11 00:42:07 535336] [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1811079826-2008730858-2584875191-1000] "EnableNotificationsRef"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{051651D7-A398-43B4-8CC9-93FCA7C8307B}"= C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe "{A14F2DFF-7923-49EA-8D1F-F6073B23A69A}"= C:\Program Files\Acer Arcade Deluxe\DVDivine\DVDivine.exe:DVDivine "{1AE7DF7E-5C4D-4359-9DE0-F971BBD5E84C}"= C:\Program Files\Acer Arcade Deluxe\VideoMagician\VideoMagician.exe:VideoMagician "{EE4065A3-F24C-4E21-A831-B3B51C82B46E}"= C:\Program Files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:HomeMedia "{0D8F5A01-4A5E-4924-9AD4-D2736E744BE7}"= C:\Program Files\Acer Arcade Deluxe\DV Wizard\DV Wizard.exe:DV Wizard "{2A796E31-AF8E-426D-BEB7-5D10AE2C873D}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{6915E289-588B-48D1-A9B2-D64795CA1D8A}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{E50FFAA4-EB7F-46BC-8492-6929AD1F7F03}"= C:\Program Files\Acer Arcade Deluxe\Play Movie\PlayMovie.exe:Play Movie "{0158C282-774C-42CB-95D0-F6ADBDAEAB77}"= C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe:Play Movie Resident Program "{6E5EBB6D-C1BC-49B9-BCF0-43C8C1D96FE8}"= C:\Program Files\Acer\Acer VCM\VC.exe:Acer VCM "{954579C6-4DA0-498B-AC92-956EB8039F07}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "TCP Query User{4E70A245-F3DC-449E-B34F-65EA4FDFFC4A}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule "UDP Query User{D5DC4A68-8B0E-4764-8C8C-0D85A48579A4}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule "TCP Query User{EEFEE4F6-F99C-4F3A-9285-DF6B201BBE4B}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule "UDP Query User{61C29205-8CEC-4F5F-B119-DCF5322F5241}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule "{8C6EAF69-52B4-443B-88D0-8B68279ECCDE}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System] "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic| R0 PSDFilter;PSDFilter;C:\Windows\system32\DRIVERS\psdfilter.sys [2007-04-12 17:43] R0 PSDNServ;PSDNSERVER;C:\Windows\system32\drivers\PSDNServ.sys [2007-04-12 17:43] R0 psdvdisk;psdvdisk;C:\Windows\system32\drivers\psdvdisk.sys [2007-04-12 17:43] R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-03-29 19:31] R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl [2006-11-02 16:51] R2 ALaunchService;ALaunch Service;C:\Acer\ALaunch\ALaunchSvc.exe [2007-01-26 14:24] R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35] R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-03-29 19:32] R2 eDataSecurity Service;eDSService.exe;"C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe" [2007-04-12 17:43] R2 eSettingsService;eSettings Service;C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-05-10 14:05] R2 MobilityService;MobilityService;C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 12:57] R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys [2007-03-15 02:49] R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-02-08 09:03] R3 winbondcir;Winbond IR Transceiver;C:\Windows\system32\DRIVERS\winbondcir.sys [2007-04-19 09:09] S3 btwaudio;Periferica audio Bluetooth;C:\Windows\system32\drivers\btwaudio.sys [2007-03-29 21:46] S3 btwavdt;Bluetooth AVDT Service;C:\Windows\system32\drivers\btwavdt.sys [2007-02-27 08:20] S3 btwrchid;btwrchid;C:\Windows\system32\DRIVERS\btwrchid.sys [2007-02-27 08:20] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1c957786-b72c-11dc-a7ac-c890a6798db1}] \shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe \shell\Open(&0)\command - Recycled\ctfmon.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7106ebec-033e-11dd-9082-0013e831140d}] \shell\AutoRun\command - E:\nideiect.com \shell\explore\Command - E:\nideiect.com \shell\open\Command - E:\nideiect.com . ************************************************************************** catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-04-20 01:25:11 Windows 6.0.6000 NTFS scansione processi nascosti ... scansione entrate autostart nascoste ... Scansione files nascosti ... Scansione completata con successo Files nascosti: 142 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Windows\System32\audiodg.exe C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Windows\System32\drivers\XAudio.exe C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe C:\Acer\Empowering Technology\ePower\ePowerSvc.exe C:\Windows\System32\wbem\unsecapp.exe C:\Windows\System32\conime.exe C:\Windows\System32\rundll32.exe C:\Program Files\Launch Manager\QtZgAcer.EXE C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe C:\Windows\ehome\ehmsas.exe C:\Users\VALE\AppData\Local\Temp\RtkBtMnt.exe C:\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Acer\Empowering Technology\eRecovery\eRAgent.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Acer\Acer VCM\VC.exe C:\Program Files\Acer\Acer VCM\acp2HID.exe . ************************************************************************** . Ora fine scansione: 2008-04-20 1:27:42 - machine was rebooted ComboFix-quarantined-files.txt 2008-04-19 23:27:32 13 Directory 46,793,609,216 byte disponibili 19 Directory 46,478,241,792 byte disponibili 271 --- E O F --- 2008-04-18 17:33:40

combofix non va...nessun antivirus parte...la faccio la stessa la scansione con kaspersky?

come posso fare?? :sigh:

il computer viaggia tranquillo il problema rimane sempre l'impossibilità nell'usare gli antivirus