prometeus8
18-12-2012, 09:35
Buongiorno,
Come da oggetto da un paio di giorni riesco ad accedere a windows solamente in modalità provvisoria mentre in modalità normale in computer sembra funzionare ma poi si blocca dopo i primi 10 secondi ed il cursore si trasforma in una clessidra.
Le cause che hanno portato a tale malfunzionamento sono le seguenti :
- sabato mi sono accorto di avere un qualche malware sul pc perché mi si aprivano in modo casuale e soprattutto non richiesto alcune pagine del browser.
- una scansione con avast ha confermato i miei sospetti rilevando la presenza del malware "Lollipop" più altri trojan.
- Ho cancellato brutalmente la cartella contenente Lollipop, e ho messo in quarantena gli altri files.
- Ho avviato il Combofix che mi rilevava la presenza di un Rootkit "Zero Access", ma durante l'esecuzione del Combofix il sistema si è bloccato.
- Al riavvio il computer presentava la situazione di cui sopra.
- Ho avviato Hijackthis che mi ha dato il seguente log :
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\DOCUME~1\xxxxx\IMPOST~1\temp\MCPR.tmp\MCCLEA~1.EXE
C:\DOCUME~1\xxxxx\IMPOST~1\temp\MCPR.tmp\McClnUI.exe
C:\Documents and Settings\xxxxx\Desktop\REPAIR KIT\Virus Removal\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programmi\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Programmi\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\ADVANC~3\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: (no name) - {F880A4A8-C436-4AC4-AFD1-AA0BDC9552DD} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Programmi\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
O4 - HKLM\..\Run: [IAStorIcon] C:\Programmi\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Programmi\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [EeeNoteSync] "C:\Programmi\ASUS\EeeNoteSync\EeeNoteSync.exe" hide
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Programmi\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Programmi\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [InstantBurn] C:\PROGRA~1\CYBERL~1\INSTAN~1\Win2K\IBurn.exe
O4 - HKLM\..\Run: [CLMLServer] "C:\Programmi\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Programmi\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Programmi\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\7.0"
O4 - HKLM\..\Run: [RemoteControl10] C:\Programmi\CyberLink\PowerDVD10\PDVD10Serv.exe
O4 - HKLM\..\Run: [BDRegion] C:\Programmi\Cyberlink\Shared files\brs.exe
O4 - HKCU\..\Run: [Eraser] C:\PROGRA~1\Eraser\eraser.exe -hide
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Documents and Settings\All Users\Dati applicazioni\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Programmi\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Programmi\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [Power2GoExpress] "C:\Programmi\CyberLink\Power2Go\Power2GoExpress.exe" /Startup
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Documents and Settings\Paolo\Desktop\REPAIR KIT\Virus Removal\SuperAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Paolo\Dati applicazioni\Dropbox\bin\Dropbox.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D371EA23-ECAF-45D7-9B80-4076C6B33A8A}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Programmi\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Programmi\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: CyberLink Product - 2012/12/01 15:44:55 (CLKMSVC10_1FAF0EAA) - CyberLink - C:\Programmi\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Programmi\File comuni\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: dlcc_device - - C:\WINDOWS\system32\dlcccoms.exe
O23 - Service: EZMQHB - Unknown owner - C:\DOCUME~1\Paolo\IMPOST~1\Temp\EZMQHB.exe (file missing)
O23 - Service: Guard Agent - CHENGDU YIWO Tech Development Co., Ltd - C:\Programmi\EaseUS\Todo Backup\bin\GuardAgent.exe
O23 - Service: HO - Unknown owner - C:\DOCUME~1\Paolo\IMPOST~1\Temp\HO.exe (file missing)
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Programmi\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconManager (iconmgr) - TEAC Corporation - C:\teac\iconmgr\iconmgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ILICVA - Unknown owner - C:\DOCUME~1\Paolo\IMPOST~1\Temp\ILICVA.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Programmi\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Programmi\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Programmi\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: ServiceLayer - Nokia - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programmi\Alcohol Soft\Alcohol 52\StarWind\StarWindService.exe
O23 - Service: TabletServiceISD - Wacom Technology, Corp. - C:\Programmi\Tablet\ISD\ISD_Tablet.exe
O23 - Service: VMware Agent Service (ufad-ws60) - Unknown owner - C:\Programmi\VMware\VMware Player\vmware-ufad.exe (file missing)
O23 - Service: URJDJMBPXCHP - Unknown owner - C:\DOCUME~1\Paolo\IMPOST~1\Temp\URJDJMBPXCHP.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Programmi\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Programmi\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
Domanda finale : è possibile ripristinare il funzionamento di windows senza formattare e reinstallare ???
Eviterei di reinstallare in quanto non ho i dischi di reinstallazione di windows che non mi sono stati forniti quando ho acquistato il pc. I files sono presenti in una cartella del pc chiamata i386.
Ho anche dei programmi che non riuscirei più a reinstallare perché ho perso i seriali.
Qualcuno sa come aiutarmi ?
Come da oggetto da un paio di giorni riesco ad accedere a windows solamente in modalità provvisoria mentre in modalità normale in computer sembra funzionare ma poi si blocca dopo i primi 10 secondi ed il cursore si trasforma in una clessidra.
Le cause che hanno portato a tale malfunzionamento sono le seguenti :
- sabato mi sono accorto di avere un qualche malware sul pc perché mi si aprivano in modo casuale e soprattutto non richiesto alcune pagine del browser.
- una scansione con avast ha confermato i miei sospetti rilevando la presenza del malware "Lollipop" più altri trojan.
- Ho cancellato brutalmente la cartella contenente Lollipop, e ho messo in quarantena gli altri files.
- Ho avviato il Combofix che mi rilevava la presenza di un Rootkit "Zero Access", ma durante l'esecuzione del Combofix il sistema si è bloccato.
- Al riavvio il computer presentava la situazione di cui sopra.
- Ho avviato Hijackthis che mi ha dato il seguente log :
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\DOCUME~1\xxxxx\IMPOST~1\temp\MCPR.tmp\MCCLEA~1.EXE
C:\DOCUME~1\xxxxx\IMPOST~1\temp\MCPR.tmp\McClnUI.exe
C:\Documents and Settings\xxxxx\Desktop\REPAIR KIT\Virus Removal\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programmi\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Programmi\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\ADVANC~3\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: (no name) - {F880A4A8-C436-4AC4-AFD1-AA0BDC9552DD} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Programmi\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
O4 - HKLM\..\Run: [IAStorIcon] C:\Programmi\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Programmi\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [EeeNoteSync] "C:\Programmi\ASUS\EeeNoteSync\EeeNoteSync.exe" hide
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Programmi\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Programmi\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [InstantBurn] C:\PROGRA~1\CYBERL~1\INSTAN~1\Win2K\IBurn.exe
O4 - HKLM\..\Run: [CLMLServer] "C:\Programmi\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Programmi\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Programmi\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\7.0"
O4 - HKLM\..\Run: [RemoteControl10] C:\Programmi\CyberLink\PowerDVD10\PDVD10Serv.exe
O4 - HKLM\..\Run: [BDRegion] C:\Programmi\Cyberlink\Shared files\brs.exe
O4 - HKCU\..\Run: [Eraser] C:\PROGRA~1\Eraser\eraser.exe -hide
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Documents and Settings\All Users\Dati applicazioni\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Programmi\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Programmi\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [Power2GoExpress] "C:\Programmi\CyberLink\Power2Go\Power2GoExpress.exe" /Startup
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Documents and Settings\Paolo\Desktop\REPAIR KIT\Virus Removal\SuperAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Paolo\Dati applicazioni\Dropbox\bin\Dropbox.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D371EA23-ECAF-45D7-9B80-4076C6B33A8A}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Programmi\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Programmi\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: CyberLink Product - 2012/12/01 15:44:55 (CLKMSVC10_1FAF0EAA) - CyberLink - C:\Programmi\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Programmi\File comuni\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: dlcc_device - - C:\WINDOWS\system32\dlcccoms.exe
O23 - Service: EZMQHB - Unknown owner - C:\DOCUME~1\Paolo\IMPOST~1\Temp\EZMQHB.exe (file missing)
O23 - Service: Guard Agent - CHENGDU YIWO Tech Development Co., Ltd - C:\Programmi\EaseUS\Todo Backup\bin\GuardAgent.exe
O23 - Service: HO - Unknown owner - C:\DOCUME~1\Paolo\IMPOST~1\Temp\HO.exe (file missing)
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Programmi\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconManager (iconmgr) - TEAC Corporation - C:\teac\iconmgr\iconmgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ILICVA - Unknown owner - C:\DOCUME~1\Paolo\IMPOST~1\Temp\ILICVA.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Programmi\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Programmi\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Programmi\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: ServiceLayer - Nokia - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programmi\Alcohol Soft\Alcohol 52\StarWind\StarWindService.exe
O23 - Service: TabletServiceISD - Wacom Technology, Corp. - C:\Programmi\Tablet\ISD\ISD_Tablet.exe
O23 - Service: VMware Agent Service (ufad-ws60) - Unknown owner - C:\Programmi\VMware\VMware Player\vmware-ufad.exe (file missing)
O23 - Service: URJDJMBPXCHP - Unknown owner - C:\DOCUME~1\Paolo\IMPOST~1\Temp\URJDJMBPXCHP.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Programmi\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Programmi\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
Domanda finale : è possibile ripristinare il funzionamento di windows senza formattare e reinstallare ???
Eviterei di reinstallare in quanto non ho i dischi di reinstallazione di windows che non mi sono stati forniti quando ho acquistato il pc. I files sono presenti in una cartella del pc chiamata i386.
Ho anche dei programmi che non riuscirei più a reinstallare perché ho perso i seriali.
Qualcuno sa come aiutarmi ?