se non e' nel pc tanto meglio, ma se vuoi cercarlo usa il cerca di windows oppure usa
questo programma
poi vai su virus total e controlla se questo file e' da eliminare, molto probabilmente non e' niente di buono
c:\documents and settings\All Users\Dati applicazioni\Google\Google Toolbar\Update\gtb8.tmp.exe
Il file precedente non lo trovo nemmeno con everything forse non è sul pc.
questo lo ho analizzato con virus total ma nessun riscontro pare sia buono ma se credi sia meglio levarlo lo faccio
fammi sapere.
ti posto analisi di virus total
ciao
0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
File name: gtb8.tmp.exe
Submission date: 2010-08-29 17:47:51 (UTC)
Current status: queued queued analysing finished
Result: 0/ 42 (0.0%)
VT Community
not reviewed
Safety score: -
Compact Print results Antivirus Version Last Update Result
AhnLab-V3 2010.08.29.00 2010.08.28 -
AntiVir 8.2.4.46 2010.08.28 -
Antiy-AVL 2.0.3.7 2010.08.26 -
Authentium 5.2.0.5 2010.08.28 -
Avast 4.8.1351.0 2010.08.29 -
Avast5 5.0.594.0 2010.08.29 -
AVG 9.0.0.851 2010.08.29 -
BitDefender 7.2 2010.08.29 -
CAT-QuickHeal 11.00 2010.08.28 -
ClamAV 0.96.2.0-git 2010.08.29 -
Comodo 5901 2010.08.29 -
DrWeb 5.0.2.03300 2010.08.29 -
Emsisoft 5.0.0.37 2010.08.29 -
eSafe 7.0.17.0 2010.08.29 -
eTrust-Vet 36.1.7823 2010.08.27 -
F-Prot 4.6.1.107 2010.08.28 -
F-Secure 9.0.15370.0 2010.08.29 -
Fortinet 4.1.143.0 2010.08.29 -
GData 21 2010.08.29 -
Ikarus T3.1.1.88.0 2010.08.29 -
Jiangmin 13.0.900 2010.08.29 -
Kaspersky 7.0.0.125 2010.08.29 -
McAfee 5.400.0.1158 2010.08.29 -
McAfee-GW-Edition 2010.1B 2010.08.29 -
Microsoft 1.6103 2010.08.29 -
NOD32 5407 2010.08.29 -
Norman 6.05.11 2010.08.29 -
nProtect 2010-08-29.01 2010.08.29 -
Panda 10.0.2.7 2010.08.29 -
PCTools 7.0.3.5 2010.08.29 -
Prevx 3.0 2010.08.29 -
Rising 22.62.05.03 2010.08.28 -
Sophos 4.56.0 2010.08.29 -
Sunbelt 6809 2010.08.29 -
SUPERAntiSpyware 4.40.0.1006 2010.08.29 -
Symantec 20101.1.1.7 2010.08.29 -
TheHacker 6.5.2.1.358 2010.08.29 -
TrendMicro 9.120.0.1004 2010.08.29 -
TrendMicro-HouseCall 9.120.0.1004 2010.08.29 -
VBA32 3.12.14.0 2010.08.27 -
ViRobot 2010.8.28.4013 2010.08.29 -
VirusBuster 5.0.27.0 2010.08.29 -
Additional informationShow all
MD5 : 5c9ad5d799a72c5e5049d9a5e9d4bf05
SHA1 : 5238d36e6e28f83d6ef00cdac3b3f8e19728ecef
SHA256: e1d904e20ca97d19442a70aa1614672ad8da62fe92add7f5e0 8eef07f137ace4
ssdeep: 12288:6vLSNsijhQ0o92ZxczdrqoUODqOATAL8FWIYzTbHX:0L 8h9ZGzcoUXOATu8kIYzTbHX
File size : 501936 bytes
First seen: 2010-06-22 04:54:24
Last seen : 2010-08-29 17:47:51
TrID:
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
sigcheck:
publisher....: Google Inc.
copyright....: Copyright (c) 2000-2010
product......: Google Toolbar for Internet Explorer
description..: Google Toolbar Installer
original name: GoogleToolbarInstaller.exe
internal name: GoogleToolbarInstaller
file version.: 6, 5, 621, 1538
comments.....: n/a
signers......: Google Inc
VeriSign Class 3 Code Signing 2009-2 CA
Class 3 Public Primary Certification Authority
signing date.: 6:20 PM 6/21/2010
verified.....: -
PEInfo: PE structure information
[[ basic data ]]
entrypointaddress: 0x24DA9
timedatestamp....: 0x4C1F8A83 (Mon Jun 21 15:51:31 2010)
machinetype......: 0x14c (I386)
[[ 5 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
.text, 0x1000, 0x4538D, 0x45400, 6.64, 32b873a4e59a3a9b955c67d14ffecc1a
.rdata, 0x47000, 0xE0D8, 0xE200, 4.85, 82ba4437c0b51a1aef4bec5240ea2616
.data, 0x56000, 0xBD48, 0x2200, 4.12, e8cc6b8d60d79095489780fee8fca4df
.rsrc, 0x62000, 0x1E634, 0x1E800, 6.01, 9efb8ff92f2b0d916d32e3e2d575512c
.reloc, 0x81000, 0x4C4A, 0x4E00, 4.89, 989e6cc741f67284983249f497ccaec1
[[ 14 import(s) ]]
VERSION.dll: GetFileVersionInfoSizeW, GetFileVersionInfoW, VerQueryValueW
KERNEL32.dll: TerminateProcess, GetSystemTimeAsFileTime, Process32NextW, GetProcessTimes, Process32FirstW, CreateToolhelp32Snapshot, LocalAlloc, SystemTimeToFileTime, GetSystemTime, GetTempPathW, ProcessIdToSessionId, VerifyVersionInfoW, VerSetConditionMask, GetUserDefaultUILanguage, SetThreadLocale, CompareFileTime, FindClose, FindNextFileW, FindFirstFileW, EnumResourceLanguagesW, EnumResourceNamesW, GetVersionExA, HeapDestroy, HeapAlloc, HeapFree, HeapReAlloc, HeapSize, GetProcessHeap, IsProcessorFeaturePresent, VirtualFree, VirtualAlloc, GetACP, GetLocaleInfoA, GetThreadLocale, InterlockedCompareExchange, GetStringTypeW, GetStringTypeA, FlushFileBuffers, GetConsoleMode, GetConsoleCP, GetTimeZoneInformation, LCMapStringA, QueryPerformanceCounter, GetStartupInfoA, GetFileType, SetHandleCount, GetCommandLineA, GetEnvironmentStringsW, FreeEnvironmentStringsW, GetEnvironmentStrings, FreeEnvironmentStringsA, ExitProcess, CompareStringW, CompareStringA, IsValidCodePage, GetOEMCP, GetCPInfo, HeapCreate, TlsFree, TlsSetValue, TlsAlloc, TlsGetValue, GetModuleFileNameA, GetStdHandle, RtlUnwind, VirtualQuery, VirtualProtect, GetStartupInfoW, CreateThread, ExitThread, IsDebuggerPresent, SetUnhandledExceptionFilter, UnhandledExceptionFilter, GetSystemInfo, GetTickCount, GetProcessId, GetFileSizeEx, ReadFile, LCMapStringW, FormatMessageW, GlobalFree, CreateMutexW, ReleaseMutex, WriteFile, DeleteFileW, MoveFileExW, GetTempFileNameW, GetFileAttributesExW, OpenFileMappingW, LocalFree, SetEnvironmentVariableA, OpenEventW, GetCurrentProcessId, GetVersionExW, WideCharToMultiByte, ResetEvent, SetEvent, CreateEventW, OpenProcess, WaitForMultipleObjects, SetThreadPriority, ResumeThread, CreateFileW, CreateFileMappingW, MapViewOfFile, UnmapViewOfFile, Sleep, GetCommandLineW, CreateProcessW, WaitForSingleObject, GetExitCodeProcess, CloseHandle, MultiByteToWideChar, FreeLibrary, LoadLibraryExW, lstrcmpiW, lstrlenW, GetCurrentThreadId, OutputDebugStringA, GetModuleFileNameW, SetLastError, GetLastError, InterlockedDecrement, InterlockedIncrement, GetCurrentProcess, FlushInstructionCache, FindResourceExW, FindResourceW, LoadResource, LockResource, SizeofResource, DeleteCriticalSection, InitializeCriticalSection, LeaveCriticalSection, EnterCriticalSection, RaiseException, InterlockedExchange, GetVersion, GetFileAttributesW, GetProcAddress, GetModuleHandleW, LoadLibraryW, GetModuleHandleA, LoadLibraryA, SetFilePointer, SetStdHandle, WriteConsoleA, GetConsoleOutputCP, WriteConsoleW, SetEndOfFile, CreateFileA
USER32.dll: BeginPaint, RegisterClassW, EndPaint, SetWindowRgn, SetWindowLongW, DialogBoxParamW, CharNextW, DestroyWindow, GetActiveWindow, EndDialog, SendMessageW, GetWindowLongW, SetTimer, GetDlgItem, SetWindowPos, MapWindowPoints, GetClientRect, SystemParametersInfoW, UnregisterClassA, MessageBoxIndirectW, LoadImageW, GetWindowRect, GetWindow, GetParent, GetSystemMetrics, EnableWindow, GetClassNameW, IsWindow, LoadCursorW, RegisterClassExW, GetClassInfoExW, CreateWindowExW, DefWindowProcW, CallWindowProcW, BringWindowToTop, IsWindowEnabled, IsWindowVisible, GetWindowThreadProcessId, FindWindowExW, EnumChildWindows, PostMessageW, MessageBoxW
ADVAPI32.dll: GetSecurityDescriptorOwner, RegDeleteKeyW, RegDeleteValueW, RegCloseKey, RegCreateKeyExW, RegOpenKeyExW, RegSetValueExW, RegQueryInfoKeyW, RegEnumKeyExW, CryptDestroyHash, CryptDestroyKey, RegEnumValueW, GetSecurityDescriptorControl, GetSecurityDescriptorSacl, GetSecurityDescriptorDacl, GetSecurityDescriptorGroup, MakeSelfRelativeSD, CryptVerifySignatureW, CryptCreateHash, CryptHashData, CryptAcquireContextW, RegNotifyChangeKeyValue, SetSecurityDescriptorGroup, SetSecurityDescriptorOwner, ConvertStringSecurityDescriptorToSecurityDescripto rW, GetSidIdentifierAuthority, GetSidSubAuthorityCount, RegQueryValueExW, OpenProcessToken, GetTokenInformation, ConvertSidToStringSidW, AllocateAndInitializeSid, FreeSid, GetAce, GetSidLengthRequired, InitializeSid, GetSidSubAuthority, SetSecurityDescriptorDacl, EqualSid, CopySid, IsValidSid, GetLengthSid, InitializeSecurityDescriptor, MakeAbsoluteSD, GetAclInformation, InitializeAcl, AddAce, RegFlushKey, GetSecurityDescriptorLength
ole32.dll: CoInitialize, CLSIDFromProgID, CoCreateGuid, OleRun, CoTaskMemFree, CoCreateInstance, CoTaskMemRealloc, CoTaskMemAlloc, CoInitializeEx, CoUninitialize
SHELL32.dll: SHGetFolderPathW, -, ShellExecuteExW
OLEAUT32.dll: -, -, -, -, -
SHLWAPI.dll: PathAppendW, PathFileExistsW, PathIsDirectoryW, SHCreateStreamOnFileW, PathCombineW, SHDeleteValueW, SHSetValueW, StrCatBuffA, SHGetValueW
GDI32.dll: CreateRectRgn
urlmon.dll: CreateAsyncBindCtx, RegisterBindStatusCallback, CreateURLMonikerEx
USERENV.dll: UnloadUserProfile
CRYPT32.dll: CertVerifyCertificateChainPolicy, CertGetNameStringW, CertFreeCertificateChain, CertCreateContext, CryptUnprotectData, CryptProtectData, CryptQueryObject, CertEnumCertificatesInStore, CertDuplicateCertificateContext, CertNameToStrW, CertFreeCertificateContext, CryptImportPublicKeyInfo, CertGetCertificateChain
WININET.dll: InternetReadFile, InternetOpenW, InternetOpenUrlW, HttpQueryInfoW, InternetCloseHandle
WINTRUST.dll: WinVerifyTrust
VT Community
0
This file has never been reviewed by any VT Community member. Be the first one to comment on it!
e' un po' pasticciato postato cosi'ma nessun riscontro pare sia buono
se lo rileva pericoloso, come credo, eliminalo
ciao
guarda per tagliare la testa al toro lo ho eliminato.
qualche altro suggerimento su cose che potrei fare?? o il resto ti sembra ok??
al momento il problema non è scomparso del tutto ma si presenta molto meno frequentemente.
grazie
posta un log di hijackthis aggiornato, voglio vedere una cosa
ecco log hijackthis aggiornato
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20.28.14, on 29/08/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Programmi\AVG\AVG9\avgwdsvc.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
C:\Programmi\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService. exe
C:\Programmi\AVG\AVG9\avgnsx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\AVG\AVG9\avgrsx.exe
C:\Programmi\AVG\AVG9\avgchsvx.exe
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Programmi\AVG\AVG9\avgcsrvx.exe
C:\Programmi\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
C:\Programmi\Yahoo!\Search Protection\SearchProtection.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\vsnpstd3.exe
C:\WINDOWS\tsnpstd3.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Programmi\CyberLink\PCM4Everio\EverioService.ex e
C:\Programmi\Everything\Everything.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleTo olbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.it/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programmi\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG9\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programmi\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.5.5126 .1836\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugi n.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Programmi\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Programmi\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Programmi\File comuni\Adobe\CS4ServiceManager\CS4ServiceManager.e xe" -launchedbylogin
O4 - HKLM\..\Run: [YSearchProtection] "C:\Programmi\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [EverioService] "C:\Programmi\CyberLink\PCM4Everio\EverioService.e xe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Everything] "C:\Programmi\Everything\Everything.exe" -startup
O4 - HKCU\..\Run: [swg] "C:\Programmi\Google\GoogleToolbarNotifier\GoogleT oolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV0 2.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8 574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Programmi\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1253375577000
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1180109825622
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C49F7677-AAAC-445A-9BC1-22BD5BDCADF1}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Programmi\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG9\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Programmi\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Programmi\AVG\AVG9\avgwdsvc.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programmi\File comuni\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmi\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Programmi\Yahoo!\SoftwareUpdate\YahooAUService. exe
--
End of file - 9884 bytes
a me sembra tutto a posto....hai ancora il problema iniziale? specifica meglio coa riscontri
una domanda: avg lo hai scaricato dal sito ufficiale?
Il problema iniziale direi che non c'è più.
prima mi partiva cpu a 100% senza fare nulla ora va molto meglio durante il tempo passato qui sul forum per esempio non ho avuto problemi.
oggi pomeriggio invece il problema si presentava (cpu a 100%) ma meno frequentemente che all' inizio.
Forse il file eliminato Gtb8.tmp.exe ha risolto.
Avg a dirti la verità non mi ricordo se lo ho scaricato da sito ufficiale è passato tanto tempo.
Se credi magari posso disinstallarlo e reinstallarlo scricandolo da sito ufficiale.
Grazie mille dell' aiuto
per ora lascia avg, rieseguimi combofix (elimina prima il veccchiio log) e postami subito il rapporto caricalo qui non incollarlo
vai in C:\ ed elimina la cartella qoobox
scarica e installa malwarebytes
Aggiornalo: clicca sulla scheda "aggiornamenti" => "controlla aggiornamenti"
Esegui una "scansione completa" (seleziona l'opzione)
A scansione completa, fai clic su OK => Mostra i Risultati.
Assicurarti che tutto sia selezionato e clicca clic su Rimuovi selezionati.
Se ti chiede di riavviare, riavvia per completare il processo di pulizia.
Posta il rapporto .
Permessi di invio
Rispondi quotando