Ciao e benvenuto tra noi
cancella queste voci:
C:\Users\angela\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Users\angela\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\angela\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - Startup: Dropbox.lnk = angela\AppData\Roaming\Dropbox\bin\Dropbox.exe
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) -
Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300
(ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file
missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) -
Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) -
Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect)
- Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) -
Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601
(WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe
(file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) -
Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110
(wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file
missing)
O23 - Service: @%PROGRAMFILES%\Windows Media
Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program
Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
Inoltre se non conosci la provenienza di questi indirizzi ip (cioè se non li hai messi tu per la navigazione), cancella anche le seguenti voci
O17 - HKLM\System\CCS\Services\Tcpip\..\{69149A0F-00BD-4F1D-9951-779F6CD48C4B}: NameServer = 83.224.66.138 83.224.70.94
O17 - HKLM\System\CCS\Services\Tcpip\..\{72D7F655-BB83-4F13-957C-893E3C45C8FA}: NameServer = 83.224.66.138 83.224.70.94
Hai un bel casino nel PC !!!
Ti consiglio di ripulire un po il sistema....disinstalla i software che non usi, poi scaricati
CCleaner e fai un po pulizia (se non sai come si usa abbiamo un articolo in merito,
Ripulire il sistema con CCleaner)
Per finire ti consiglio di leggere questa guida
Cosa fare quando vieniamo infettati da un virus
Modificato da RAVEN - 30/Ottobre/2012 alle 18:22
PcPrimiPassi.it FORUM: SICUREZZA INFORMATICA: Infezioni informatiche e Sicurezza informatica in generale
RISOLTO!
Topic Chiuso)
Topic: Post n° 101.004 - Postato: 30/Ottobre/2012 alle 07:04
Topic Attivi
Lista Membri
Calendario
Cerca
Aiuto
Registrati
Login
