Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

XP starts very slow and sound is dirty!


  • This topic is locked This topic is locked
3 replies to this topic

#1 pinoff

pinoff

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:04:26 AM

Posted 13 March 2010 - 11:46 AM

I think this problem is not new.
I carefully red the guide and I have done almost all the steps.
My antivirus is Avast, I use CCClean, spybot and EasyCleaner from Tony Arts
My 3 HD are all controlled and defragmented.
Today I have tried ComboFix but nothing seems coming better.
(moreover I don't know how to read the ComboFix report!)

Above the slow opening speed, my worst point is the sound that is very often interrupted (broken).
As I use and write music this is not a minor problem.

Thak you for any more help you can give me

Pino -Rome-Italy

I forgot to say that I also use Advanced SystemCare

I have run ComboFix and I have the results on a TXT file that I send in attachement

ciao

Pino

PS I don't find the attachment..... I copy it to the msg HERE
-----------------------

ComboFix 10-03-11.05 - Utente 13/03/2010 16.27.36.4.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.2047.1638 [GMT 1:00]
Eseguito da: c:documents and settingsUtenteDesktopComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((( Files Creati Da 2010-02-13 al 2010-03-13 )))))))))))))))))))))))))))))))))))
.

2010-03-13 06:44 . 2010-03-13 06:44 -------- d-----w- c:documents and settingsUtenteImpostazioni localiDati applicazioniWMTools Downloaded Files
2010-03-12 15:20 . 2010-03-12 15:20 398336 ----a-w- c:windowssystem32CF12531.exe
2010-03-12 15:18 . 2010-03-12 15:18 398336 ----a-w- c:windowssystem32CF12106.exe
2010-03-12 15:16 . 2010-03-12 15:16 398336 ----a-w- c:windowssystem32CF11799.exe
2010-03-12 15:15 . 2010-03-12 15:15 398336 ----a-w- c:windowssystem32CF11479.exe
2010-03-12 15:12 . 2010-03-12 15:12 398336 ----a-w- c:windowssystem32CF11019.exe
2010-03-12 15:12 . 2010-03-12 15:12 398336 ----a-w- c:windowssystem32CF10931.exe
2010-03-12 10:52 . 2009-06-30 09:23 5504 ----a-w- c:windowssystem32driversmtxparmx.sys
2010-03-12 10:52 . 2009-06-30 09:23 1487488 ----a-w- c:windowssystem32driversMTXPARM.sys
2010-03-12 10:52 . 2009-06-30 09:24 761856 ----a-w- c:windowssystem32MtxEscape.dll
2010-03-12 10:52 . 2009-06-30 09:21 2017664 ----a-w- c:windowssystem32MTXPARD.dll
2010-03-12 10:52 . 2009-06-11 16:40 273920 ----a-w- c:windowssystem32MtxCIP2.dll
2010-03-12 10:52 . 2008-06-10 18:31 5410816 ----a-w- c:windowssystem32MTXOGL.dll
2010-03-11 20:05 . 2010-02-22 16:57 358944 ----a-w- c:windowsvncutil.exe
2010-03-11 20:05 . 2010-02-22 16:56 51232 ----a-w- c:windowssystem32RtkCoInstXP.dll
2010-03-11 20:05 . 2010-02-22 16:56 129568 ----a-w- c:windowsRtkAudioService.exe
2010-03-11 20:05 . 2009-11-18 06:17 1395800 ----a-w- c:windowssystem32driversMonfilt.sys
2010-03-11 20:04 . 2009-11-18 06:16 1691480 ----a-w- c:windowssystem32driversAmbfilt.sys
2010-03-11 17:37 . 2010-02-22 16:56 9721888 ----a-w- c:windowsRTLCPL.EXE
2010-03-11 17:35 . 2010-02-22 16:56 64032 ----a-w- c:windowsALCMTR.EXE
2010-03-11 07:45 . 2009-05-07 10:03 307200 ----a-w- c:windowssystem32AscSQLite.dll
2010-03-11 07:45 . 2008-11-06 15:04 20480 ----a-w- c:windowssystem32SysRestore.dll
2010-03-11 07:45 . 2008-11-06 15:04 36864 ----a-w- c:windowssystem32ascbalon.dll
2010-03-11 07:45 . 2009-04-15 17:50 217088 ----a-w- c:windowssystem32AscConTest.dll
2010-03-11 07:45 . 2010-03-11 08:03 -------- d-----w- c:programmiAscentive
2010-03-10 17:15 . 2006-04-18 03:00 102400 ----a-w- c:documents and settingsAll UsersDati applicazioniEPSONEPW!3 SSRPE_S30RP1.EXE
2010-03-10 17:10 . 2010-02-15 10:24 369952 ----a-w- c:windowssystem32yk51x86.dll
2010-03-10 16:18 . 2010-03-10 16:18 -------- d-----w- c:documents and settingsAll UsersDati applicazioniDriver Whiz
2010-03-10 14:49 . 2010-03-10 14:49 -------- d-sh--w- c:documents and settingsLocalServiceIETldCache
2010-03-10 14:47 . 2010-03-10 14:47 -------- d-----w- c:documents and settingsUtenteImpostazioni localiDati applicazioniIdentities
2010-03-10 12:24 . 2010-03-10 12:24 -------- d-----w- c:windowssystem32GroupPolicy
2010-03-10 10:51 . 2010-02-12 10:03 293376 ------w- c:windowssystem32browserchoice.exe
2010-03-10 10:24 . 2010-02-22 16:28 5862432 ----a-w- c:windowssystem32driversRtkHDAud.sys
2010-03-10 10:24 . 2010-02-22 16:56 18791456 ----a-w- c:windowsRTHDCPL.EXE
2010-03-07 09:15 . 2008-04-14 02:13 116224 -c--a-w- c:windowssystem32dllcachexrxwiadr.dll
2010-03-07 09:15 . 2001-08-30 22:08 23040 -c--a-w- c:windowssystem32dllcachexrxwbtmp.dll
2010-03-07 09:15 . 2008-04-14 02:13 18944 -c--a-w- c:windowssystem32dllcachexrxscnui.dll
2010-03-07 09:15 . 2001-08-30 22:08 27648 -c--a-w- c:windowssystem32dllcachexrxftplt.exe
2010-03-07 09:15 . 2001-08-30 22:08 4608 -c--a-w- c:windowssystem32dllcachexrxflnch.exe
2010-03-07 09:15 . 2001-08-30 22:08 99865 -c--a-w- c:windowssystem32dllcachexlog.exe
2010-03-07 09:15 . 2001-08-17 19:11 16970 -c--a-w- c:windowssystem32dllcachexem336n5.sys
2010-03-07 09:14 . 2004-08-03 21:29 19455 -c--a-w- c:windowssystem32dllcachewvchntxx.sys
2010-03-07 09:14 . 2008-04-13 18:46 19200 -c--a-w- c:windowssystem32dllcachewstcodec.sys
2010-03-07 09:14 . 2004-08-03 21:29 12063 -c--a-w- c:windowssystem32dllcachewsiintxx.sys
2010-03-07 09:14 . 2008-04-14 02:13 8192 -c--a-w- c:windowssystem32dllcachewshirda.dll
2010-03-07 09:13 . 2008-04-13 18:36 8832 -c--a-w- c:windowssystem32dllcachewmiacpi.sys
2010-03-07 09:13 . 2004-08-03 21:31 154624 -c--a-w- c:windowssystem32dllcachewlluc48.sys
2010-03-07 09:13 . 2001-08-30 19:46 35402 -c--a-w- c:windowssystem32dllcachewlandrv2.sys
2010-03-07 09:13 . 2001-08-17 20:28 771581 -c--a-w- c:windowssystem32dllcachewinacisa.sys
2010-03-07 09:13 . 2001-08-30 22:08 54272 -c--a-w- c:windowssystem32dllcachewiamsmud.dll
2010-03-07 09:13 . 2001-08-30 22:08 87040 -c--a-w- c:windowssystem32dllcachewiafbdrv.dll
2010-03-07 09:13 . 2001-08-17 20:28 701386 -c--a-w- c:windowssystem32dllcachewdhaalba.sys
2010-03-07 09:13 . 2004-08-03 21:29 23615 -c--a-w- c:windowssystem32dllcachewch7xxnt.sys
2010-03-07 09:13 . 2008-04-14 01:49 32000 -c--a-w- c:windowssystem32dllcachewceusbsh.sys
2010-03-07 09:11 . 2001-08-17 20:28 687999 -c--a-w- c:windowssystem32dllcacheusrwdxjs.sys
2010-03-07 09:10 . 2001-08-17 20:58 22912 -c--a-w- c:windowssystem32dllcacheumaxpcls.sys
2010-03-07 09:09 . 2001-08-30 19:10 4992 -c--a-w- c:windowssystem32dllcachetoside.sys
2010-03-07 09:09 . 2001-08-17 21:02 230912 -c--a-w- c:windowssystem32dllcachetosdvd03.sys
2010-03-07 09:09 . 2001-08-17 21:01 241664 -c--a-w- c:windowssystem32dllcachetosdvd02.sys
2010-03-07 09:09 . 2001-08-17 19:10 28232 -c--a-w- c:windowssystem32dllcachetos4mo.sys
2010-03-07 09:09 . 2001-08-17 19:14 123995 -c--a-w- c:windowssystem32dllcachetjisdn.sys
2010-03-07 09:09 . 2001-08-17 19:51 138528 -c--a-w- c:windowssystem32dllcachetgiulnt5.sys
2010-03-07 09:09 . 2001-08-30 22:07 81408 -c--a-w- c:windowssystem32dllcachetgiul50.dll
2010-03-07 09:09 . 2008-04-13 18:40 149376 -c--a-w- c:windowssystem32dllcachetffsport.sys
2010-03-07 09:09 . 2001-08-17 19:13 17129 -c--a-w- c:windowssystem32dllcachetdkcd31.sys
2010-03-07 09:09 . 2001-08-17 19:13 37961 -c--a-w- c:windowssystem32dllcachetdk100b.sys
2010-03-07 09:09 . 2001-08-17 20:49 30464 -c--a-w- c:windowssystem32dllcachetbatm155.sys
2010-03-07 09:09 . 2001-08-17 20:52 7040 -c--a-w- c:windowssystem32dllcachetandqic.sys
2010-03-07 09:09 . 2001-08-17 19:50 36640 -c--a-w- c:windowssystem32dllcachet2r4mini.sys
2010-03-07 09:07 . 2001-08-17 19:11 48736 -c--a-w- c:windowssystem32dllcachesrwlnd5.sys
2010-03-07 09:06 . 2001-08-30 22:07 147200 -c--a-w- c:windowssystem32dllcachesmidispb.dll
2010-03-07 09:05 . 2001-08-30 22:07 150144 -c--a-w- c:windowssystem32dllcachesis6306v.dll
2010-03-07 09:05 . 2001-08-17 19:50 68608 -c--a-w- c:windowssystem32dllcachesis6306p.sys
2010-03-07 09:05 . 2001-08-30 22:07 252032 -c--a-w- c:windowssystem32dllcachesis300iv.dll
2010-03-07 09:05 . 2001-08-17 19:50 101760 -c--a-w- c:windowssystem32dllcachesis300ip.sys
2010-03-07 09:05 . 2001-08-30 21:30 161792 -c--a-w- c:windowssystem32dllcachesgsmusb.sys
2010-03-07 09:05 . 2001-07-21 21:29 18400 -c--a-w- c:windowssystem32dllcachesgsmld.sys
2010-03-07 09:05 . 2001-08-17 19:51 98080 -c--a-w- c:windowssystem32dllcachesgiulnt5.sys
2010-03-07 09:05 . 2001-08-30 22:07 386560 -c--a-w- c:windowssystem32dllcachesgiul50.dll
2010-03-07 09:05 . 2001-08-17 19:19 36480 -c--a-w- c:windowssystem32dllcachesfmanm.sys
2010-03-07 09:05 . 2001-08-30 21:28 6912 -c--a-w- c:windowssystem32dllcacheserscan.sys
2010-03-07 09:05 . 2001-08-30 21:28 18176 -c--a-w- c:windowssystem32dllcachesermouse.sys
2010-03-07 09:03 . 2001-08-30 22:07 182272 -c--a-w- c:windowssystem32dllcaches3mt3d.dll
2010-03-07 09:02 . 2001-08-30 21:10 715338 -c--a-w- c:windowssystem32dllcacher2mdmkxx.sys
2010-03-07 09:01 . 2008-04-13 18:41 17664 -c--a-w- c:windowssystem32dllcacheppa3.sys
2010-03-07 09:00 . 2001-08-17 19:11 30282 -c--a-w- c:windowssystem32dllcachepcntn5hl.sys
2010-03-07 08:59 . 2001-08-17 19:20 54528 -c--a-w- c:windowssystem32dllcacheopl3sax.sys
2010-03-07 08:59 . 2008-04-13 18:46 61696 -c--a-w- c:windowssystem32dllcacheohci1394.sys
2010-03-07 08:59 . 2001-08-17 19:50 198144 -c--a-w- c:windowssystem32dllcachenv3.sys
2010-03-07 08:59 . 2001-08-30 22:07 123776 -c--a-w- c:windowssystem32dllcachenv3.dll
2010-03-07 08:59 . 2001-08-17 19:49 51552 -c--a-w- c:windowssystem32dllcachentgrip.sys
2010-03-07 08:13 . 2001-08-30 22:07 35392 -c--a-w- c:windowssystem32dllcachen9i128.dll
2010-03-07 08:13 . 2001-08-30 20:11 130048 -c--a-w- c:windowssystem32dllcachen100325.sys
2010-03-07 08:13 . 2001-08-30 20:11 53279 -c--a-w- c:windowssystem32dllcachen1000nt5.sys
2010-03-07 08:13 . 2001-08-30 20:11 76544 -c--a-w- c:windowssystem32dllcachemxport.sys
2010-03-07 08:13 . 2001-08-30 22:07 7168 -c--a-w- c:windowssystem32dllcachemxport.dll
2010-03-07 08:13 . 2001-08-17 20:49 19968 -c--a-w- c:windowssystem32dllcachemxnic.sys
2010-03-07 08:13 . 2001-08-30 22:07 19968 -c--a-w- c:windowssystem32dllcachemxicfg.dll
2010-03-07 08:13 . 2001-08-30 20:11 22144 -c--a-w- c:windowssystem32dllcachemxcard.sys
2010-03-07 08:13 . 2001-08-17 19:50 103296 -c--a-w- c:windowssystem32dllcachemtxvideo.sys
2010-03-07 08:13 . 2008-04-13 18:39 5504 -c--a-w- c:windowssystem32dllcachemstee.sys
2010-03-07 08:13 . 2008-04-13 18:46 49024 -c--a-w- c:windowssystem32dllcachemstape.sys
2010-03-07 08:13 . 2001-08-17 20:48 12416 -c--a-w- c:windowssystem32dllcachemsriffwv.sys
2010-03-07 08:13 . 2008-04-13 18:54 22016 -c--a-w- c:windowssystem32dllcachemsircomm.sys
2010-03-07 08:12 . 2001-08-17 21:02 35200 -c--a-w- c:windowssystem32dllcachemsgame.sys
2010-03-07 08:12 . 2001-08-17 20:48 6016 -c--a-w- c:windowssystem32dllcachemsfsio.sys
2010-03-07 08:12 . 2008-04-13 18:46 51200 -c--a-w- c:windowssystem32dllcachemsdv.sys
2010-03-07 08:12 . 2001-08-17 20:52 17280 -c--a-w- c:windowssystem32dllcachemraid35x.sys
2010-03-07 08:11 . 2008-04-13 18:46 15232 -c--a-w- c:windowssystem32dllcachempe.sys
2010-03-07 08:11 . 2001-08-17 20:57 16128 -c--a-w- c:windowssystem32dllcachemodemcsa.sys
2010-03-07 08:11 . 2001-08-17 20:52 6528 -c--a-w- c:windowssystem32dllcacheminiqic.sys
2010-03-07 08:11 . 2001-08-30 19:34 320384 -c--a-w- c:windowssystem32dllcachemgaum.sys
2010-03-07 08:11 . 2001-08-30 22:07 235648 -c--a-w- c:windowssystem32dllcachemgaud.dll
2010-03-07 08:11 . 2008-04-13 18:41 26112 -c--a-w- c:windowssystem32dllcachememstpci.sys
2010-03-07 08:11 . 2001-08-30 22:07 47616 -c--a-w- c:windowssystem32dllcachememgrp.dll
2010-03-07 08:11 . 2001-08-17 20:58 8320 -c--a-w- c:windowssystem32dllcachememcard.sys
2010-03-07 08:11 . 2001-08-30 19:21 165034 -c--a-w- c:windowssystem32dllcachemdgndis5.sys
2010-03-07 08:11 . 2001-08-17 20:52 7424 -c--a-w- c:windowssystem32dllcachemammoth.sys
2010-03-07 07:44 . 2001-08-17 19:19 48768 -c--a-w- c:windowssystem32dllcachemaestro.sys
2010-03-07 07:44 . 2001-08-30 22:07 59904 -c--a-w- c:windowssystem32dllcachem3092dc.dll
2010-03-07 07:44 . 2001-08-30 22:07 59392 -c--a-w- c:windowssystem32dllcachem3091dc.dll
2010-03-07 07:44 . 2001-08-17 19:49 22848 -c--a-w- c:windowssystem32dllcachelwusbhid.sys
2010-03-07 07:42 . 2008-04-14 01:53 14720 -c--a-w- c:windowssystem32dllcachekbdhid.sys
2010-03-07 07:42 . 2001-08-17 20:49 26624 -c--a-w- c:windowssystem32dllcacheirstusb.sys
2010-03-07 07:42 . 2001-08-17 20:51 18688 -c--a-w- c:windowssystem32dllcacheirsir.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-13 06:41 . 2004-08-19 12:00 84156 ----a-w- c:windowssystem32perfc010.dat
2010-03-13 06:41 . 2004-08-19 12:00 489410 ----a-w- c:windowssystem32perfh010.dat
2010-03-11 20:04 . 2010-02-10 16:22 -------- d-----w- c:programmiRealtek
2010-03-11 08:03 . 2010-02-10 16:22 -------- d--h--w- c:programmiInstallShield Installation Information
2010-03-09 11:24 . 2010-02-11 09:22 153184 ----a-w- c:windowssystem32aswBoot.exe
2010-03-09 11:12 . 2010-02-11 09:22 46672 ----a-w- c:windowssystem32driversaswTdi.sys
2010-03-09 11:12 . 2010-02-11 09:22 162640 ----a-w- c:windowssystem32driversaswSP.sys
2010-03-09 11:09 . 2010-02-11 09:22 23376 ----a-w- c:windowssystem32driversaswRdr.sys
2010-03-09 11:08 . 2010-02-11 09:22 100432 ----a-w- c:windowssystem32driversaswmon2.sys
2010-03-09 11:08 . 2010-02-11 09:22 94800 ----a-w- c:windowssystem32driversaswmon.sys
2010-03-09 11:08 . 2010-02-11 09:22 19024 ----a-w- c:windowssystem32driversaswFsBlk.sys
2010-03-09 11:08 . 2010-02-11 09:22 28880 ----a-w- c:windowssystem32driversaavmker4.sys
2010-03-05 17:00 . 2010-02-04 18:34 41288 ----a-w- c:documents and settingsUtenteImpostazioni localiDati applicazioniGDIPFONTCACHEV1.DAT
2010-02-25 18:48 . 2010-02-25 18:48 0 ---ha-w- c:windowssystem32driversMsft_User_PCCSWpdDriver_01_07_00.Wdf
2010-02-25 18:48 . 2010-02-25 18:48 0 ---ha-w- c:windowssystem32driversMsftWdf_user_01_07_00.Wdf
2010-02-22 16:57 . 2010-02-10 16:22 84512 ----a-w- c:windowsSOUNDMAN.EXE
2010-02-22 16:57 . 2010-02-10 16:22 1833504 ----a-w- c:windowsSkyTel.exe
2010-02-22 16:57 . 2010-02-10 16:22 1489440 ----a-w- c:windowsRtlUpd.exe
2010-02-22 16:56 . 2010-02-10 16:22 2815520 ----a-w- c:windowsALCWZRD.EXE
2010-02-21 16:26 . 2010-02-21 16:26 0 ---ha-w- c:windowssystem32driversMsft_Kernel_ccdcmb_01007.Wdf
2010-02-21 16:26 . 2010-02-21 16:26 0 ---ha-w- c:windowssystem32driversMsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2010-02-17 21:31 . 2010-02-11 09:14 -------- d-----w- c:programmiGoogle
2010-02-16 21:11 . 2010-02-04 18:10 -------- d-----w- c:programmiJava
2010-02-15 10:24 . 2005-05-06 07:27 304928 ----a-w- c:windowssystem32driversyk51x86.sys
2010-02-11 19:54 . 2010-02-04 18:31 -------- d-----w- c:programmiFile comuniInstallShield
2010-02-11 18:53 . 2010-02-11 09:22 38848 ----a-w- c:windowssystem32avastSS.scr
2010-02-11 09:22 . 2010-02-04 18:08 -------- d-----w- c:documents and settingsAll UsersDati applicazioniavg9
2010-02-11 09:22 . 2010-02-11 09:22 -------- d-----w- c:programmiAlwil Software
2010-02-11 09:22 . 2010-02-11 09:22 -------- d-----w- c:documents and settingsAll UsersDati applicazioniAlwil Software
2010-02-10 17:00 . 2010-02-04 18:22 -------- d-----w- c:programmiIntel
2010-02-10 16:38 . 2010-02-10 16:37 -------- d-----w- c:programmiASUS
2010-02-10 16:25 . 2010-02-10 16:25 -------- d-----w- c:programmiMSXML 4.0
2010-02-09 18:54 . 2010-02-09 18:54 -------- d-----w- c:documents and settingsAll UsersDati applicazioniMatrox
2010-02-09 18:54 . 2010-02-09 18:54 -------- d-----w- c:programmiMatrox Graphics Inc
2010-02-09 18:54 . 2010-02-09 18:54 -------- d-----w- c:documents and settingsAll UsersDati applicazioniMatrox Graphics Inc
2010-02-09 17:45 . 2010-02-09 17:45 135 ----a-w- c:documents and settingsUtenteImpostazioni localiDati applicazionifusioncache.dat
2010-02-09 17:26 . 2010-02-04 17:56 86327 ----a-w- c:windowspchealthhelpctrOfflineCacheindex.dat
2010-02-08 16:16 . 2010-02-08 16:16 152576 ----a-w- c:documents and settingsUtenteDati applicazioniSunJavajre1.6.0_17lzma.dll
2010-02-08 16:16 . 2010-02-08 16:16 79488 ----a-w- c:documents and settingsUtenteDati applicazioniSunJavajre1.6.0_17gtapi.dll
2010-02-04 18:32 . 2010-02-04 18:32 -------- d-----w- c:programmiMarvell
2010-02-04 18:13 . 2010-02-04 18:13 1 ----a-w- c:documents and settingsUtenteDati applicazioniOpenOffice.org3useruno_packagescachestamp.sys
2010-02-04 18:13 . 2010-02-04 18:13 -------- d-----w- c:documents and settingsUtenteDati applicazioniOpenOffice.org
2010-02-04 18:02 . 2010-02-04 18:02 -------- d-----w- c:programmiXP Codec Pack
2010-02-04 18:02 . 2010-02-04 18:02 -------- d-----w- c:programmiInfraRecorder
2010-02-04 17:57 . 2010-02-04 17:57 -------- d-----w- c:programmimicrosoft frontpage
2010-02-04 17:55 . 2010-02-04 17:55 -------- d-----w- c:programmiServizi in linea
2010-02-04 17:53 . 2010-02-04 17:53 21840 ----a-w- c:windowssystem32emptyregdb.dat
2010-02-04 09:01 . 2010-02-17 07:22 74072 ----a-w- c:windowssystem32XAPOFX1_4.dll
2010-02-04 09:01 . 2010-02-17 07:22 528216 ----a-w- c:windowssystem32XAudio2_6.dll
2010-02-04 09:01 . 2010-02-17 07:22 238936 ----a-w- c:windowssystem32xactengine3_6.dll
2010-02-04 09:01 . 2010-02-17 07:22 22360 ----a-w- c:windowssystem32X3DAudio1_7.dll
2010-02-01 15:14 . 2010-02-10 16:22 1247776 ----a-w- c:windowsRtlExUpd.dll
2009-12-31 16:50 . 2004-08-19 12:00 353792 ----a-w- c:windowssystem32driverssrv.sys
2009-12-21 19:06 . 2004-08-19 12:00 916480 ------w- c:windowssystem32wininet.dll
2009-12-17 16:14 . 2010-02-04 18:10 411368 ----a-w- c:windowssystem32deploytk.dll
2009-12-17 07:40 . 2010-02-04 17:52 346112 ----a-w- c:windowssystem32mspaint.exe
2009-12-14 07:08 . 2004-08-19 12:00 33280 ----a-w- c:windowssystem32csrsrv.dll
.

((((((((((((((((((((((((((((( SnapShot@2010-03-12_15.28.26 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-03-13 12:17 . 2010-03-13 12:17 16384 c:windowsTempPerflib_Perfdata_2b8.dat
- 2010-02-11 15:49 . 2007-11-30 04:39 18808 c:windowssystem32spmsg.dll
+ 2010-02-11 15:49 . 2008-07-08 13:06 18808 c:windowssystem32spmsg.dll
+ 2010-03-13 07:17 . 2006-07-21 15:14 86016 c:windowssystem32ReinstallBackups0027DriverFilesSOUNDMAN.EXE
+ 2010-03-13 07:16 . 2008-04-14 02:14 23552 c:windowssystem32ReinstallBackups0027DriverFilesi386wdmaud.drv
+ 2010-03-13 07:16 . 2008-04-13 18:45 49408 c:windowssystem32ReinstallBackups0027DriverFilesi386stream.sys
+ 2010-03-13 07:16 . 2008-04-13 18:45 60160 c:windowssystem32ReinstallBackups0027DriverFilesi386drmk.sys
+ 2010-03-13 07:17 . 2005-05-03 17:43 69632 c:windowssystem32ReinstallBackups0027DriverFilesALCMTR.EXE
+ 2010-03-13 07:13 . 2006-07-21 15:14 86016 c:windowssystem32ReinstallBackups0026DriverFilesSOUNDMAN.EXE
+ 2010-03-13 07:13 . 2008-04-14 02:14 23552 c:windowssystem32ReinstallBackups0026DriverFilesi386wdmaud.drv
+ 2010-03-13 07:13 . 2005-05-03 17:43 69632 c:windowssystem32ReinstallBackups0026DriverFilesALCMTR.EXE
+ 2004-08-19 12:00 . 2010-03-13 06:41 71196 c:windowssystem32perfc009.dat
- 2004-08-19 12:00 . 2010-03-10 14:55 71196 c:windowssystem32perfc009.dat
+ 2010-03-13 07:16 . 2008-04-14 02:13 4096 c:windowssystem32ReinstallBackups0027DriverFilesi386ksuser.dll
+ 2010-03-13 07:17 . 2006-11-29 07:31 151552 c:windowssystem32ReinstallBackups0027DriverFilesRTLCPAPI.dll
+ 2010-03-13 07:17 . 2006-08-17 13:03 270336 c:windowssystem32ReinstallBackups0027DriverFilesRTCOMDLL.dll
+ 2010-03-13 07:16 . 2008-04-13 19:19 146048 c:windowssystem32ReinstallBackups0027DriverFilesi386portcls.sys
+ 2010-03-13 07:16 . 2008-04-13 19:16 141056 c:windowssystem32ReinstallBackups0027DriverFilesi386ks.sys
+ 2010-03-13 07:13 . 2006-11-29 07:31 151552 c:windowssystem32ReinstallBackups0026DriverFilesRTLCPAPI.dll
+ 2010-03-13 07:13 . 2006-08-17 13:03 270336 c:windowssystem32ReinstallBackups0026DriverFilesRTCOMDLL.dll
- 2004-08-19 12:00 . 2010-03-10 14:55 441260 c:windowssystem32perfh009.dat
+ 2004-08-19 12:00 . 2010-03-13 06:41 441260 c:windowssystem32perfh009.dat
+ 2010-03-13 10:36 . 2008-07-08 13:06 402296 c:windowsie8updatesKB976749-IE8spuninstupdspapi.dll
+ 2010-03-13 10:36 . 2008-07-08 13:06 233848 c:windowsie8updatesKB976749-IE8spuninstspuninst.exe
+ 2010-03-13 07:16 . 2006-05-16 17:04 2879488 c:windowssystem32ReinstallBackups0027DriverFilesSkyTel.exe
+ 2010-03-13 07:17 . 2006-12-16 12:10 1191936 c:windowssystem32ReinstallBackups0027DriverFilesRtlUpd.exe
+ 2010-03-13 07:17 . 2006-05-04 15:35 9709568 c:windowssystem32ReinstallBackups0027DriverFilesRTLCPL.EXE
+ 2010-03-13 07:16 . 2006-12-21 15:26 4405248 c:windowssystem32ReinstallBackups0027DriverFilesRtkHDAud.sys
+ 2010-03-13 07:16 . 2006-10-11 16:42 2157568 c:windowssystem32ReinstallBackups0027DriverFilesMicCal.exe
+ 2010-03-13 07:17 . 2006-05-04 15:26 2808832 c:windowssystem32ReinstallBackups0027DriverFilesALCWZRD.EXE
+ 2010-03-13 07:13 . 2006-05-16 17:04 2879488 c:windowssystem32ReinstallBackups0026DriverFilesSkyTel.exe
+ 2010-03-13 07:13 . 2006-12-16 12:10 1191936 c:windowssystem32ReinstallBackups0026DriverFilesRtlUpd.exe
+ 2010-03-13 07:13 . 2006-05-04 15:35 9709568 c:windowssystem32ReinstallBackups0026DriverFilesRTLCPL.EXE
+ 2010-03-13 07:13 . 2006-12-21 15:26 4405248 c:windowssystem32ReinstallBackups0026DriverFilesRtkHDAud.sys
+ 2010-03-13 07:13 . 2006-10-11 16:42 2157568 c:windowssystem32ReinstallBackups0026DriverFilesMicCal.exe
+ 2010-03-13 07:13 . 2006-05-04 15:26 2808832 c:windowssystem32ReinstallBackups0026DriverFilesALCWZRD.EXE
+ 2010-03-13 07:16 . 2006-12-19 10:12 16062464 c:windowssystem32ReinstallBackups0027DriverFilesRTHDCPL.EXE
+ 2010-03-13 07:13 . 2006-12-19 10:12 16062464 c:windowssystem32ReinstallBackups0026DriverFilesRTHDCPL.EXE
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
"swg"="c:programmiGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe" [2010-02-11 39408]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
"SunJavaUpdateSched"="c:programmiFile comuniJavaJava Updatejusched.exe" [2010-01-11 246504]
"avast5"="c:progra~1ALWILS~1Avast5avastUI.exe" [2010-03-09 2769336]
"RTHDCPL"="RTHDCPL.EXE" [2010-02-22 18791456]

[HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
"CTFMON.EXE"="c:windowssystem32CTFMON.EXE" [2008-04-14 15360]

c:documents and settingsAll UsersMenu AvvioProgrammiEsecuzione automatica
Adobe Gamma Loader.lnk - c:programmiFile comuniAdobeCalibrationAdobe Gamma Loader.exe [2010-2-11 110592]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAdobe ARM]
2009-12-11 14:57 948672 ----a-r- c:programmiFile comuniAdobeARM1.0AdobeARM.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAdobe Reader Speed Launcher]
2009-12-22 00:57 35760 ----a-w- c:programmiAdobeReader 9.0Readerreader_sl.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregISUSPM Startup]
2004-04-17 11:41 196608 ----a-w- c:progra~1FILECO~1INSTAL~1UPDATE~1ISUSPM.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregISUSScheduler]
2004-04-13 05:07 69632 ----a-w- c:programmiFile comuniInstallShieldUpdateServiceissch.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMatrox PowerDesk 8]
2005-04-21 20:13 94208 ----a-w- c:windowssystem32PowerDesk8Matrox.PowerDesk.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMatrox PowerDesk SE]
2009-06-11 16:43 4223232 ----a-w- c:programmiMatrox Graphics IncPowerDesk SEMatrox.PowerDesk SE.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregRTHDCPL]
2010-02-22 16:56 18791456 ----a-w- c:windowsRTHDCPL.EXE

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregswg]
2010-02-11 09:14 39408 ----a-w- c:programmiGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionrun-]
"SpybotSD TeaTimer"=c:programmiSpybot - Search & DestroyTeaTimer.exe

[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
"%windir%system32sessmgr.exe"=
"%windir%Network Diagnosticxpnetdiag.exe"=
"c:ProgrammieMuleemule.exe"=
"c:ProgrammiFile comuniNokiaService LayerAnsl_host_process.exe"=
"c:ProgrammiNokiaNokia Software Updaternsu_ui_client.exe"=
"c:ProgrammiVideoLANVLCvlc.exe"=
"c:ProgrammiASUSASUSUpdateUpdate.exe"=

[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileGloballyOpenPortsList]
"6011:TCP"= 6011:TCP:EmuleTCP
"11642:UDP"= 11642:UDP:EmuleUDP

R1 aswSP;aswSP;c:windowssystem32driversaswSP.sys [11/02/2010 10.22.50 162640]
R1 Mtxparmx;Mtxparmx;c:windowssystem32driversmtxparmx.sys [12/03/2010 11.52.40 5504]
R2 aswFsBlk;aswFsBlk;c:windowssystem32driversaswFsBlk.sys [11/02/2010 10.22.51 19024]
R2 Matrox Centering Service;Matrox Centering Service;c:programmiMatrox Graphics IncPowerDeskServicesMatrox.PowerDesk.Services.exe [11/06/2009 17.44.20 1263872]
R2 Matrox.Pdesk.ServicesHost;Matrox.Pdesk.ServicesHost;c:programmiMatrox Graphics IncPowerDesk SEMatrox.Pdesk.ServicesHost.exe [11/06/2009 17.43.28 344832]
R3 MTXPAR;MTXPAR;c:windowssystem32driversMTXPARM.sys [12/03/2010 11.52.40 1487488]
S2 gupdate;Servizio di Google Update (gupdate);c:programmiGoogleUpdateGoogleUpdate.exe [11/02/2010 10.14.59 135664]
S3 Ambfilt;Ambfilt;c:windowssystem32driversAmbfilt.sys [11/03/2010 21.04.56 1691480]
S3 SynasUSB;SynasUSB;c:windowssystem32driversSynasUSB.sys --> c:windowssystem32driversSynasUSB.sys [?]
.
Contenuto della cartella 'Scheduled Tasks'

2010-03-13 c:windowsTasksGoogleUpdateTaskMachineCore.job
- c:programmiGoogleUpdateGoogleUpdate.exe [2010-02-11 09:14]

2010-03-13 c:windowsTasksGoogleUpdateTaskMachineUA.job
- c:programmiGoogleUpdateGoogleUpdate.exe [2010-02-11 09:14]

2010-03-13 c:windowsTasksOGALogon.job
- c:windowssystem32OGAEXEC.exe [2009-08-03 14:07]
.
.
------- Scansione supplementare -------
.
uStart Page = https://www.google.com/accounts/ServiceLogi...che=2&hl=it
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: &Google Search - c:programmiGoogleGoogleToolbar1.dll/cmsearch.html
IE: Backward Links - c:programmiGoogleGoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:programmiGoogleGoogleToolbar1.dll/cmcache.html
IE: Converti destinazione link in file PDF esistente - c:programmiAdobeAcrobat 7.0AcrobatAcroIEFavClient.dll/AcroIEAppend.html
IE: Converti i link selezionati in Adobe PDF - c:programmiAdobeAcrobat 7.0AcrobatAcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Converti i link selezionati in file PDF esistente - c:programmiAdobeAcrobat 7.0AcrobatAcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Converti nel file PDF esistente - c:programmiAdobeAcrobat 7.0AcrobatAcroIEFavClient.dll/AcroIEAppend.html
IE: Converti selezione in file PDF esistente - c:programmiAdobeAcrobat 7.0AcrobatAcroIEFavClient.dll/AcroIEAppend.html
IE: E&sporta in Microsoft Excel - c:progra~1MICROS~2OFFICE11EXCEL.EXE/3000
IE: Similar Pages - c:programmiGoogleGoogleToolbar1.dll/cmsimilar.html
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
DPF: {4FEE6316-7B6F-4A6C-BD4E-4157C59A9E9D} - hxxp://static.s2g.gate5.de/ovi_maps/OviMaps_2.3.37.6.cab
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
MSConfigStartUp-CorelDRAW Graphics Suite 11b - c:programmiCorelCorel Graphics 12LanguagesITProgramsRegistration.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-13 16:33
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINEsoftwareMicrosoftWindowsCurrentVersionInstallerUserDataLocalSystemComponents€–€|˙˙˙˙Ŕ•€|ů•9~*]
"0140111900063D11C8EF10054038389C"="C?WINDOWSsystem32FM20ENU.DLL"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'explorer.exe'(3256)
c:windowssystem32WININET.dll
c:windowssystem32msi.dll
c:windowssystem32webcheck.dll
c:windowssystem32WPDShServiceObj.dll
c:windowssystem32PortableDeviceTypes.dll
c:windowssystem32PortableDeviceApi.dll
.
Ora fine scansione: 2010-03-13 16:36:58
ComboFix-quarantined-files.txt 2010-03-13 15:36
ComboFix2.txt 2010-03-12 15:32
ComboFix3.txt 2010-03-12 09:34
ComboFix4.txt 2010-03-12 07:04

Pre-Run: 144.592.551.936 byte disponibili
Post-Run: 144.776.179.712 byte disponibili

- - End Of File - - B4F46EC35E0BA40C40C0BD97C6305DC3

Edited by garmanma, 15 March 2010 - 11:16 AM.


BC AdBot (Login to Remove)

 


#2 Shannon2012

Shannon2012

  • Security Colleague
  • 3,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:11:26 PM

Posted 15 March 2010 - 07:01 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

We also need a new log from the GMER anti-rootkit scanner. Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice

Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


Shannon

#3 pinoff

pinoff
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:04:26 AM

Posted 18 March 2010 - 05:44 AM

at the moment my PC has been send to assistence because wen enterin in Windows it reboot again and again.
No evident reason!

I'll let you know

regards

Pino Finizio

#4 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:04:26 AM

Posted 23 March 2010 - 12:08 AM

Due to the lack of feedback, this topic is now closed.
If you need this topic reopened, please PM a staff member and we will reopen it for you (include the address of this thread in your request). This applies to the original topic starter only. Everyone else with similar problems, please start a new topic.
regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users