Computer nuovo e icona del mouse sempre in caricamento

[tecnicoinformatico82]

Buongiorno ,

un computer nuovo comprato da tre settimane , da un paio di giorni , ogni volta che lo accendo e lo uso mi rimane sempre sul puntatore del mouse la rotellina come se stesse caricando qualcosa.

Ho fatto un log per capire cosa carica questo benedetto computer continuamente

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:08:27, on 30/09/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal

Running processes:
E:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\updrgui.exe
Z:\Generali Server\Programmi Da Installare\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - E:\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - E:\MICROS~1\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: rete.bat - collegamento.lnk = Administrator\Desktop\rete.bat
O4 - Global Startup: ISCTSystray.lnk = C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://E:\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: I&nvia a OneNote - res://E:\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync - Chiamata con un clic - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - E:\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync - Chiamata con un clic - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - E:\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{0A51274D-9DBE-410C-A320-FD7F3F9017BE}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{0A51274D-9DBE-410C-A320-FD7F3F9017BE}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{0A51274D-9DBE-410C-A320-FD7F3F9017BE}: NameServer = 192.168.1.1
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - E:\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Pianificatore (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Cryptainer 10 service (cryptainer10service) - Cypherix Software (India) Pvt. Ltd. - C:\Windows\SysWOW64\crytsrv10.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
O23 - Service: MSI_Trigger_Service - MICRO-STAR INTERNATIONAL CO., LTD. - C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
O23 - Service: Accesso rete (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12116 bytes

Grazie

[crazy.cat]

Non è che si possa capire tutto dal log di hijackthis, non mi dice sicuramente perché si blocca all'avvio, questo dato lo si trova (o lo si può trovare) nel visualizzatore eventi.

[tecnicoinformatico82]

Questo e' un altro computer , non e' quello che si blocca , per questo ho aperto un nuovo post.

Forse sono stato poco chiaro nel mio post

[crazy.cat]

L'avevo capito, ma se si blocca all'avvio qualcosa di utile nel visualizzatore eventi lo si potrebbe sempre trovare....

[tecnicoinformatico82]

Ma non si blocca questo nuovo computer che ti sto dicendo , soltanto che il puntatore del mouse e come se stesse caricando qualcosa , gira sempre il cerchietto di caricamento , ma poi lo posso usare , posso fare tutto.

Alla prossima volta che lo dici chiudo la discussione.
E poi non dirmi che sono cattivo.
By crazy.cat

[crazy.cat]

E allora avrai qualcosa che si carica, magari tenta di collegarsi a internet per fare un aggiornamento.
Se vuoi proprio scoprire di cosa si tratta puoi disattivare un programma alla volta dall'avvio automatico e vedere quando smette. Riavviando poi ogni volta dopo ogni disattivazione.

[tecnicoinformatico82]

https://www.dropbox.com/s/b2gtkoe6oy17g ... t.png?dl=0

questo update32 non mi convince , ve ne sono troppi

[crazy.cat]

Si, sono troppi.
Clicca con il tatso destro del mouse su uno di essi e apri il percorso dove si trovano.
Così almeno capiamo a cosa servono.
Poi vedremo come eliminarli

[tecnicoinformatico82]

Non mi fa entrare nelle proprietà del processo mi da errore , dicendo che la risorsa e' in uso , ma il problema sta anche nel fatto che questo processo si avvia durante l'utilizzo del computer e non nell'avvio , ho visto anche nei servizi ma non trovo nulla , e sto sbariando da ieri pomeriggio ma non ne vengo fuori.

Controllo ancora su internet.

[tecnicoinformatico82]

Secondo me e' un virus

http://www.bleepingcomputer.com/startup ... 20696.html

[crazy.cat]

Usa everything e cerca in quale cartella si trova.
Fai una scansione con Malwarebytes intanto

[tecnicoinformatico82]

Scansione fatta gia' 3 volte ma non trova nulla come e' possibile ???

[tecnicoinformatico82]

Ho passato combofix tutto risolto non si carica piu' quel file update32.exe

ecco il log cosa ne pensate

ComboFix 14-10-02.01 - Administrator 03/10/2014 11:53:07.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.39.1040.18.16328.13756 [GMT 2:00]
Eseguito da: c:\users\Administrator\Downloads\ComboFix.exe
AV: Avira Desktop *Enabled/Outdated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Enabled/Outdated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Creato nuovo punto di ripristino
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\ADMINI~1\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\Administrator\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\windows\TEMP\b83ec5f3-3011-4137-8f91-cda5c8a2db3d\AgileDotNetRT64.dll
c:\windows\TEMP\cc89be54-92cf-468d-9ddc-9f6e512d22ba\AgileDotNetRT64.dll
E:\Autorun.inf
E:\setup.exe
.
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NEWDRIVER
-------\Service_NEWDRIVER
.
.
((((((((((((((((((((((((( Files Creati Da 2014-09-03 al 2014-10-03 )))))))))))))))))))))))))))))))))))
.
.
2014-10-03 08:44 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-10-03 08:43 . 2014-10-03 08:44 -------- d-----w- C:\AdwCleaner
2014-10-01 12:30 . 2014-10-01 12:30 -------- d-----w- c:\users\Administrator\AppData\Local\Intel_Corporation
2014-10-01 10:47 . 2014-09-25 02:08 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-10-01 10:47 . 2014-09-25 01:40 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-29 07:32 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2014-09-29 07:32 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
2014-09-25 11:08 . 2014-09-25 11:07 42040 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2014-09-25 11:07 . 2014-09-25 11:07 -------- d-----w- c:\users\Administrator\AppData\Roaming\Avira
2014-09-25 11:06 . 2014-08-15 12:48 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2014-09-25 11:06 . 2014-08-15 12:48 130584 ----a-w- c:\windows\system32\drivers\avipbb.sys
2014-09-25 11:06 . 2014-08-15 12:48 117712 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-09-25 11:06 . 2014-09-25 11:13 -------- d-----w- c:\program files (x86)\Avira
2014-09-25 11:06 . 2014-09-25 11:08 -------- d-----w- c:\programdata\Avira
2014-09-25 09:33 . 2014-09-25 09:33 -------- d-----w- c:\users\Administrator\dikeDownload
2014-09-25 09:30 . 2014-09-25 10:51 -------- d-----w- c:\windows\system32\appmgmt
2014-09-25 09:30 . 2014-09-25 09:30 -------- d-----w- c:\program files (x86)\InfoCert
2014-09-25 09:29 . 2014-09-25 09:29 -------- d-----w- c:\windows\Downloaded Installations
2014-09-24 06:56 . 2014-09-09 22:11 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-24 06:56 . 2014-09-09 21:47 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-09-11 08:08 . 2014-09-11 08:08 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin5.dll
2014-09-11 08:08 . 2014-09-11 08:08 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin4.dll
2014-09-11 08:08 . 2014-09-11 08:08 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin3.dll
2014-09-11 08:08 . 2014-09-11 08:08 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin2.dll
2014-09-11 08:08 . 2014-09-11 08:08 159744 ----a-w- c:\program files\Internet Explorer\Plugin\npqtplugin.dll
2014-09-11 08:08 . 2014-09-11 08:08 -------- d-----w- c:\program files (x86)\QuickTime
2014-09-11 08:04 . 2014-09-11 08:05 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-11 08:04 . 2014-09-11 08:05 -------- d-----w- c:\program files\iTunes
2014-09-11 08:04 . 2014-09-11 08:05 -------- d-----w- c:\program files (x86)\iTunes
2014-09-11 08:04 . 2014-09-11 08:04 -------- d-----w- c:\program files\iPod
2014-09-10 12:56 . 2014-06-27 02:08 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-09-10 12:56 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-09-10 09:44 . 2014-08-01 11:53 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-09-10 09:44 . 2014-08-01 11:35 793600 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-09-10 09:44 . 2014-06-24 03:29 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2014-09-10 09:44 . 2014-06-24 02:59 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2014-09-10 09:44 . 2014-07-07 02:06 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-09-10 09:44 . 2014-07-07 02:06 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-09-10 09:44 . 2014-07-07 01:40 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-09-10 09:44 . 2014-07-07 01:40 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-09-10 09:44 . 2014-07-07 01:39 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-09-10 09:44 . 2014-09-05 02:10 578048 ----a-w- c:\windows\system32\aepdu.dll
2014-09-10 09:44 . 2014-09-05 02:05 424448 ----a-w- c:\windows\system32\aeinv.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-03 08:46 . 2014-07-03 13:11 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-09-10 12:57 . 2014-07-23 11:30 101694776 ----a-w- c:\windows\system32\MRT.exe
2014-09-10 10:11 . 2014-07-11 10:31 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-10 10:11 . 2014-07-11 10:31 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-08-23 02:07 . 2014-09-01 10:15 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-09-01 10:15 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-23 00:59 . 2014-09-01 10:15 3163648 ----a-w- c:\windows\system32\win32k.sys
2014-07-28 12:52 . 2014-07-28 12:52 6112072 ----a-w- c:\windows\system32\usbaaplrc.dll
2014-07-28 12:52 . 2014-07-28 12:52 54784 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
2014-07-22 22:12 . 2014-07-22 22:12 875680 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-22 19:10 . 2014-07-22 19:10 869536 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2014-07-22 13:14 . 2014-07-22 13:14 137376 ----a-w- c:\windows\system32\vcomp120.dll
2014-07-14 02:02 . 2014-09-01 10:15 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-07-14 01:40 . 2014-09-01 10:15 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2014-07-07 08:55 . 2014-07-07 08:55 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2014-07-07 08:54 . 2014-07-07 08:54 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-07-07 08:54 . 2014-07-07 08:54 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2014-07-07 08:54 . 2014-07-07 08:54 235008 ----a-w- c:\windows\system32\elshyph.dll
2014-07-07 08:54 . 2014-07-07 08:54 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2014-07-07 08:54 . 2014-07-07 08:54 942592 ----a-w- c:\windows\system32\jsIntl.dll
2014-07-07 08:54 . 2014-07-07 08:54 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2014-07-07 08:54 . 2014-07-07 08:54 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-07-07 08:54 . 2014-07-07 08:54 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-07-07 08:54 . 2014-07-07 08:54 81408 ----a-w- c:\windows\system32\icardie.dll
2014-07-07 08:54 . 2014-07-07 08:54 77312 ----a-w- c:\windows\system32\tdc.ocx
2014-07-07 08:54 . 2014-07-07 08:54 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2014-07-07 08:54 . 2014-07-07 08:54 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2014-07-07 08:54 . 2014-07-07 08:54 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2014-07-07 08:54 . 2014-07-07 08:54 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2014-07-07 08:54 . 2014-07-07 08:54 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2014-07-07 08:54 . 2014-07-07 08:54 48640 ----a-w- c:\windows\system32\mshtmler.dll
2014-07-07 08:54 . 2014-07-07 08:54 413696 ----a-w- c:\windows\system32\html.iec
2014-07-07 08:54 . 2014-07-07 08:54 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2014-07-07 08:54 . 2014-07-07 08:54 337408 ----a-w- c:\windows\SysWow64\html.iec
2014-07-07 08:54 . 2014-07-07 08:54 30208 ----a-w- c:\windows\system32\licmgr10.dll
2014-07-07 08:54 . 2014-07-07 08:54 247808 ----a-w- c:\windows\system32\msls31.dll
2014-07-07 08:54 . 2014-07-07 08:54 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2014-07-07 08:54 . 2014-07-07 08:54 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-07-07 08:54 . 2014-07-07 08:54 235520 ----a-w- c:\windows\system32\url.dll
2014-07-07 08:54 . 2014-07-07 08:54 167424 ----a-w- c:\windows\system32\iexpress.exe
2014-07-07 08:54 . 2014-07-07 08:54 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2014-07-07 08:54 . 2014-07-07 08:54 143872 ----a-w- c:\windows\system32\wextract.exe
2014-07-07 08:54 . 2014-07-07 08:54 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2014-07-07 08:54 . 2014-07-07 08:54 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2014-07-07 08:54 . 2014-07-07 08:54 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2014-07-07 08:54 . 2014-07-07 08:54 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2014-07-07 08:54 . 2014-07-07 08:54 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2014-07-07 08:54 . 2014-07-07 08:54 105984 ----a-w- c:\windows\system32\iesysprep.dll
2014-07-07 08:54 . 2014-07-07 08:54 101376 ----a-w- c:\windows\system32\inseng.dll
2014-07-07 08:54 . 2014-07-07 08:54 774144 ----a-w- c:\windows\system32\jscript.dll
2014-07-07 08:54 . 2014-07-07 08:54 62464 ----a-w- c:\windows\system32\pngfilt.dll
2014-07-07 08:54 . 2014-07-07 08:54 48128 ----a-w- c:\windows\system32\imgutil.dll
2014-07-07 08:54 . 2014-07-07 08:54 147968 ----a-w- c:\windows\system32\occache.dll
2014-07-07 08:54 . 2014-07-07 08:54 13824 ----a-w- c:\windows\system32\mshta.exe
2014-07-07 08:54 . 2014-07-07 08:54 135680 ----a-w- c:\windows\system32\iepeers.dll
2014-07-07 08:54 . 2014-07-07 08:54 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-07-07 08:54 . 2014-07-07 08:54 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-07-07 08:54 . 2014-07-07 08:54 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2014-07-07 08:54 . 2014-07-07 08:54 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2014-07-07 08:54 . 2014-07-07 08:54 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-07-07 08:54 . 2014-07-07 08:54 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-07-07 08:54 . 2014-07-07 08:54 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-07-07 08:54 . 2014-07-07 08:54 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-07-07 08:54 . 2014-07-07 08:54 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2014-07-07 08:54 . 2014-07-07 08:54 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-07-07 08:54 . 2014-07-07 08:54 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-07-07 08:54 . 2014-07-07 08:54 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2014-07-07 08:54 . 2014-07-07 08:54 363008 ----a-w- c:\windows\system32\dxgi.dll
2014-07-07 08:54 . 2014-07-07 08:54 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-07-07 08:54 . 2014-07-07 08:54 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-07-07 08:54 . 2014-07-07 08:54 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2014-07-07 08:54 . 2014-07-07 08:54 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2014-07-07 08:54 . 2014-07-07 08:54 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-07-07 08:54 . 2014-07-07 08:54 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-07-07 08:54 . 2014-07-07 08:54 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-07-07 08:54 . 2014-07-07 08:54 296960 ----a-w- c:\windows\system32\d3d10core.dll
2014-07-07 08:54 . 2014-07-07 08:54 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2014-07-07 08:54 . 2014-07-07 08:54 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-07-07 08:54 . 2014-07-07 08:54 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-07-07 08:54 . 2014-07-07 08:54 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2014-07-07 08:54 . 2014-07-07 08:54 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2014-07-07 08:54 . 2014-07-07 08:54 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2014-07-07 08:54 . 2014-07-07 08:54 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2014-07-07 08:54 . 2014-07-07 08:54 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2014-07-07 08:54 . 2014-07-07 08:54 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2014-07-07 08:54 . 2014-07-07 08:54 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2014-07-07 08:54 . 2014-07-07 08:54 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2014-07-07 08:54 . 2014-07-07 08:54 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2014-07-07 08:54 . 2014-07-07 08:54 1238528 ----a-w- c:\windows\system32\d3d10.dll
2014-07-07 08:54 . 2014-07-07 08:54 1175552 ----a-w- c:\windows\system32\FntCache.dll
2014-07-07 08:54 . 2014-07-07 08:54 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2014-07-07 08:54 . 2014-07-07 08:54 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2014-07-07 08:54 . 2014-07-07 08:54 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-07-07 08:54 . 2014-07-07 08:54 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-08-12 07:55 1729232 ----a-w- e:\micros~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-08-12 07:55 1729232 ----a-w- e:\micros~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-08-12 07:55 1729232 ----a-w- e:\micros~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-26 292848]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-08-15 751184]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-08-27 164656]
.
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
rete.bat - collegamento.lnk - c:\users\Administrator\Desktop\rete.bat [2014-7-4 111]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
ISCTSystray.lnk - c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [2013-8-1 5545448]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R1 crytdv10;crytdv10;c:\windows\system32\Drivers\crytdv10.sys;c:\windows\SYSNATIVE\Drivers\crytdv10.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 cryptainer10service;Cryptainer 10 service;c:\windows\SysWOW64\crytsrv10.exe;c:\windows\SysWOW64\crytsrv10.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R2 NovaPdfServer;novaPDF Server;c:\program files\Softland\novaPDF 8\Server\novapdfs.exe;c:\program files\Softland\novaPDF 8\Server\novapdfs.exe [x]
R3 ALSysIO;ALSysIO;c:\users\ADMINI~1\AppData\Local\Temp\ALSysIO64.sys;c:\users\ADMINI~1\AppData\Local\Temp\ALSysIO64.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 ipadtst;ipadtst;c:\program files (x86)\MSI\Super-Charger\ipadtst_64.sys;c:\program files (x86)\MSI\Super-Charger\ipadtst_64.sys [x]
R3 MSICDSetup;MSICDSetup;d:\cdriver64.sys;d:\CDriver64.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;d:\ntiolib_x64.sys;d:\NTIOLib_X64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;Supporto digitalizzazione WSD tramite UMB;c:\windows\system32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
R4 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
R4 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S0 iusb3hcs;Driver dello switch Controller Host Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S2 AntiVirSchedulerService;Avira Pianificatore;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 ISCTAgent;Intel(R) Smart Connect Technology Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe ;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
S2 MBAMScheduler;MBAMScheduler;e:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;e:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;e:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;e:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 MSI_Trigger_Service;MSI_Trigger_Service;c:\program files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe;c:\program files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 INETMON;INETMON;c:\windows\System32\Drivers\INETMON.sys;c:\windows\SYSNATIVE\Drivers\INETMON.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 iusb3hub;Driver hub Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Driver Controller Host estendibile Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Altri Servizi/Drivers In Memoria ---
.
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - WS2IFSL
*Deregistered* - avgntflt
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-25 08:30 1096520 ----a-w- c:\program files (x86)\Google\Chrome\Application\37.0.2062.124\Installer\chrmstp.exe
.
Contenuto della cartella 'Scheduled Tasks'
.
2014-10-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-11 10:11]
.
2014-10-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-07-03 12:44]
.
2014-10-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-07-03 12:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-08-12 07:58 2334416 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-08-12 07:58 2334416 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-08-12 07:58 2334416 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-12-06 7506136]
.
------- Scansione supplementare -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&sporta in Microsoft Excel - e:\micros~1\Office15\EXCEL.EXE/3000
IE: I&nvia a OneNote - e:\micros~1\Office15\ONBttnIE.dll/105
TCP: Interfaces\{0A51274D-9DBE-410C-A320-FD7F3F9017BE}: NameServer = 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\7zxxhn8p.default\
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\S-1-5-21-2959985595-4273878600-510340144-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d7,2f,2a,77,d1,42,fd,41,aa,47,6f,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d7,2f,2a,77,d1,42,fd,41,aa,47,6f,\
.
[HKEY_USERS\S-1-5-21-2959985595-4273878600-510340144-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2959985595-4273878600-510340144-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2959985595-4273878600-510340144-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="IE.AssocFile.MHT"
.
[HKEY_USERS\S-1-5-21-2959985595-4273878600-510340144-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="IE.AssocFile.MHT"
.
[HKEY_USERS\S-1-5-21-2959985595-4273878600-510340144-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.partial\UserChoice]
@Denied: (2) (Administrator)
"Progid"="IE.AssocFile.PARTIAL"
.
[HKEY_USERS\S-1-5-21-2959985595-4273878600-510340144-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pdf\UserChoice]
@Denied: (2) (Administrator)
"Hash"="7pH5KUy+fik="
"Progid"="PDF-XChangeViewer.1"
.
[HKEY_USERS\S-1-5-21-2959985595-4273878600-510340144-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2959985595-4273878600-510340144-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="IE.AssocFile.SVG"
.
[HKEY_USERS\S-1-5-21-2959985595-4273878600-510340144-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.url\UserChoice]
@Denied: (2) (Administrator)
"Progid"="IE.AssocFile.URL"
.
[HKEY_USERS\S-1-5-21-2959985595-4273878600-510340144-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.website\UserChoice]
@Denied: (2) (Administrator)
"Progid"="IE.AssocFile.WEBSITE"
.
[HKEY_USERS\S-1-5-21-2959985595-4273878600-510340144-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2959985595-4273878600-510340144-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
e:\program files (x86)\Malwarebytes Anti-Malware\mbam.exe
c:\program files (x86)\TeamViewer\Version9\TeamViewer.exe
c:\program files (x86)\TeamViewer\Version9\tv_w32.exe
e:\microsoft office\Office15\MsoSync.exe
.
**************************************************************************
.
Ora fine scansione: 2014-10-03 11:58:10 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2014-10-03 09:58
.
Pre-Run: 27.919.302.656 byte disponibili
Post-Run: 29.518.852.096 byte disponibili
.
- - End Of File - - 56D3D9FCF3C28B6F88C4F9625AEDF727
A36C5E4F47E84449FF07ED3517B43A31

[tecnicoinformatico82]

Alla fine dei conti , il processo UPDATE32.EXE era dovuto ad Avira che tentava di aggiornare il database ma non ci riusciva.
A qualcuno e' capitato ???

Grazie

[crazy.cat]

Alla fine dei conti , il processo UPDATE32.EXE era dovuto ad Avira che tentava di aggiornare il database ma non ci riusciva.

C.V.D.

E allora avrai qualcosa che si carica, magari tenta di collegarsi a internet per fare un aggiornamento.

[tecnicoinformatico82]

Giusto.

adesso pero' devo reinstallare avira.
speriamo che non mi fa piu' lo stesso problema