Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

Pc e internet lenti...

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

Pc e internet lenti...

Messaggioda torch » sab nov 28, 2009 5:16 pm

Salve a tutti.
Da un paio il mio pc si è fatto sensibilmente più lento, ed anche la connessione internet accusa forti rallentamenti.
Spybot mi trova win32.agent.ws (c:windows\system.exe), lo rimuove, ma ad una successiva scansione il file è sempre lì.
Anche quando non navigo o scarico alcunchè dalla rete, la spia del router che segnala il traffico wi-fi e internet, lsmpeggia freneticamente.

Allego il log hijack appena fatto.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17.05.24, on 28/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
E:\Sicurezza\Comodo\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir Desktop\sched.exe
C:\Programmi\Avira\AntiVir Desktop\avguard.exe
E:\Scanner\abbyy\NetworkLicenseServer.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\ArchVision\ArchVision Content Manager\rpcACMapp.exe
C:\WINDOWS\ASTSRV.EXE
C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\Intel\WiFi\bin\EvtEng.exe
C:\Programmi\Java\jre6\bin\jqs.exe
E:\Architettura\3dMax2010Design\mentalray\satellite\raysat_3dsmax2010_32server.exe
C:\WINDOWS\system32\MNSFramework.exe
C:\Programmi\File comuni\Nero\Nero BackItUp 4\NBService.exe
C:\Programmi\Dell\QuickSet\NICCONFIGSVC.exe
C:\Programmi\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
E:\Manutenzione\PerfectDisk\PDAgent.exe
C:\Programmi\File comuni\Intel\WirelessCommon\RegSrvc.exe
C:\Programmi\CyberLink\Shared Files\RichVideo.exe
C:\Programmi\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Intel\WiFi\bin\WLKeeper.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
E:\Sicurezza\Comodo\COMODO Internet Security\cfp.exe
C:\Programmi\Dell\QuickSet\Quickset.exe
C:\Programmi\File comuni\Logitech\QCDriver3\LVCOMS.EXE
E:\Sistema\Office\Office12\GrooveMonitor.exe
E:\AdobeAcrobatPro\Acrobat\Acrotray.exe
C:\Programmi\Avira\AntiVir Desktop\avgnt.exe
C:\Programmi\Java\jre6\bin\jusched.exe
E:\Audio\iTunes\iTunesHelper.exe
C:\Programmi\Intel\WiFi\bin\ZCfgSvc.exe
C:\Programmi\File comuni\Intel\WirelessCommon\iFrmewrk.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
E:\Masterizzazione\DAEMON Tools\daemon.exe
C:\Programmi\File comuni\InstallShield\UpdateService\isuspm.exe
C:\Programmi\I8kfanGUI\I8kfanGUI.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Programmi\Gadwin Systems\PrintScreenPro\PrintScreenPro.exe
C:\Programmi\Mobile Net Switch\MNS.exe
C:\Programmi\Logitech\SetPoint\SetPoint.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\File comuni\Logishrd\KHAL2\KHALMNPR.EXE
C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
C:\Programmi\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Programmi\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Programmi\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Programmi\FreePOPs\freepopsd.exe
E:\Sicurezza\Spybot - Search & Destroy\SpybotSD.exe
E:\Internet\Firefox\firefox.exe
C:\Documents and Settings\TRH\Desktop\hi\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
F2 - REG:system.ini: Shell=
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - E:\Internet\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\SICURE~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DIALux 3.1 ULDBrowserHelper Class - {69AB812A-8CE4-4BF3-B49B-3B60A9F31FB2} - E:\Architettura\DIALux\DLXShellExtension.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Sistema\Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Programmi\IDM\QUICKfind\PlugIns\IEHelp.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Programmi\File comuni\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [COMODO Internet Security] "E:\Sicurezza\Comodo\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [Dell QuickSet] C:\Programmi\Dell\QuickSet\Quickset.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Programmi\File comuni\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "E:\Sistema\Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "E:\AdobeAcrobatPro\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "E:\AdobeAcrobatPro\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [OSSelectorReinstall] C:\Programmi\File comuni\Acronis\Acronis Disk Director\oss_reinstall.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "E:\Audio\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Programmi\Intel\WiFi\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Programmi\File comuni\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MSN Messanger] C:\Windows\System.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools] "E:\Masterizzazione\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [ISUSPM] "C:\Programmi\File comuni\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKCU\..\Run: [i8kfangui] C:\Programmi\I8kfanGUI\I8kfanGUI.exe /startup
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\TRH\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Gadwin PrintScreen Pro] C:\Programmi\Gadwin Systems\PrintScreenPro\PrintScreenPro.exe /nosplash
O4 - HKCU\..\Run: [MNS] C:\Programmi\Mobile Net Switch\MNS.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Registrazione prodotti Logitech.lnk = C:\Programmi\File comuni\LogiShared\eReg\SetPoint\eReg.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmi\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Sistema\Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Sistema\Office\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - E:\Internet\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Sistema\Office\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\SICURE~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\SICURE~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {4819DFDF-ABC4-488C-A323-919848C51175} (Conviva LivePass) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5A84A7A4-5314-4FDB-BABA-0F24F93011EC}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Sistema\Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: acaptuser32.dll
O23 - Service: ABBYY FineReader 9.0 - Servizio Gestione licenze (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - E:\Scanner\abbyy\NetworkLicenseServer.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ArchVision Content Manager Service - ArchVision - C:\Programmi\ArchVision\ArchVision Content Manager\rpcACMapp.exe
O23 - Service: ASTSRV - Nalpeiron Ltd. - C:\WINDOWS\ASTSRV.EXE
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Autodesk Network Licensing Service - Autodesk, Inc. - C:\Programmi\File comuni\Autodesk Shared\Service\AdskNetSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - E:\Sicurezza\Comodo\COMODO Internet Security\cmdagent.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Programmi\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Sony SPTI Service for DVE (ICDSPTSV) - Sony Corporation - C:\WINDOWS\system32\IcdSptSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Programmi\File comuni\Logitech\Bluetooth\LBTServ.exe
O23 - Service: mental ray 3.7 Satellite for Autodesk 3ds Max Design 2010 32-bit 32-bit (mi-raysat_3dsmax2010_32) - Unknown owner - E:\Architettura\3dMax2010Design\mentalray\satellite\raysat_3dsmax2010_32server.exe
O23 - Service: MNS Framework (MNSFramework) - Unknown owner - C:\WINDOWS\system32\MNSFramework.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Programmi\File comuni\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Programmi\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Provider supporto protezione LM NT (NtLmSsp) - Nokia - (no file)
O23 - Service: NVIDIA Performance Driver Service - Unknown owner - C:\Programmi\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDAgent - Raxco Software, Inc. - E:\Manutenzione\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - E:\Manutenzione\PerfectDisk\PDEngine.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Programmi\File comuni\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmi\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Intel(R) PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Programmi\Intel\WiFi\bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Programmi\Intel\WiFi\bin\WLKeeper.exe

--
End of file - 15259 bytes


Qualche suggerimento?

Grazie
Avatar utente
torch
Senior Member
Senior Member
 
Messaggi: 343
Iscritto il: ven feb 08, 2008 9:12 pm

Re: Pc e internet lenti...

Messaggioda lorenaino » sab nov 28, 2009 5:21 pm

ciao,in attesa degli esperti prova a fare una scansione completa con Malwarebytes' Anti-Malware free e superantispyware free

http://download.cnet.com/3001-8022_4-10 ... l-10804572

http://www.superantispyware.com/downloa ... PYWAREFREE

[^]
Avatar utente
lorenaino
Aficionado
Aficionado
 
Messaggi: 138
Iscritto il: mar feb 17, 2009 3:43 pm
Località: Sasso Marconi

Re: Pc e internet lenti...

Messaggioda Ale2695 » sab nov 28, 2009 5:39 pm

Fai una scansione con Combofix e posta il log, da Hijackthis non vedo nulla di strano. Gia che ci sei posta anche il log di Malwarebytes'
http://www.chimerarevo.com/
Avatar utente
Ale2695
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 5927
Iscritto il: dom gen 18, 2009 10:39 am
Località: Novara


Re: Pc e internet lenti...

Messaggioda ste_95 » sab nov 28, 2009 5:41 pm

Fixa queste voci:

F2 - REG:system.ini: Shell=
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "E:\AdobeAcrobatPro\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "E:\Audio\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MSN Messanger] C:\Windows\System.exe
O16 - DPF: {4819DFDF-ABC4-488C-A323-919848C51175} (Conviva LivePass) -
O23 - Service: Provider supporto protezione LM NT (NtLmSsp) - Nokia - (no file)

Poi scarica ComboFix , salvandolo sul desktop con un nome di fantasia, ed esegui la scansione seguendo queste istruzioni (giù in fondo). Al termine della scansione verrà creato il file di report C:\combofix.txt, copia qui il suo contenuto inserendolo tra i tag LOG, in questo modo:
Codice: Seleziona tutto
[LOG]qui va inserito il log[/LOG]
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am

Re: Pc e internet lenti...

Messaggioda dario-vr » sab nov 28, 2009 5:52 pm

torch ha scritto:Salve a tutti.
Da un paio il mio pc si è fatto sensibilmente più lento, ed anche la connessione internet accusa forti rallentamenti.
Spybot mi trova win32.agent.ws (c:windows\system.exe), lo rimuove, ma ad una successiva scansione il file è sempre lì.
Anche quando non navigo o scarico alcunchè dalla rete, la spia del router che segnala il traffico wi-fi e internet, lsmpeggia freneticamente.


Ciao ti sembrerà forse ovvia la mia domanda: ma la scansione con Spybot la fai in modalità provvisoria e con ripristino disattivato?

Inoltre proverei anche:
con Hijackthis e pulendo gli ADS in questo modo:
clicca sulla voce Open the misc tool section
clicca su Open ads spy
togli la spunta alla voce Quick scan (windows base folder only)
clicca su Scan.
Aspetta pazientemente la fine della scansione.
se venissero rilevati ADS, spunta tutte (senza paura) le caselline e clicca su Remove selected

Riavvia il pc.
[;)]
Si impara dagli errori degli altri: non si può vivere cosi' a lungo per farli tutti.
Avatar utente
dario-vr
Senior Member
Senior Member
 
Messaggi: 160
Iscritto il: gio gen 08, 2009 9:59 am
Località: Verona

Re: Pc e internet lenti...

Messaggioda torch » sab nov 28, 2009 6:34 pm

Ecco qui il log di combofix:

ComboFix 09-11-27.07 - TRH 28/11/2009 18.12.20.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.3326.2588 [GMT 1:00]
Eseguito da: c:\documents and settings\TRH\Desktop\Comb.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {00000002-0002-0000-7C25-9E7C08000A00}
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {00000000-0000-0000-1200-140000DCFD7F}
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {00000000-0000-0000-1200-140000ECFD7F}
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {00000000-0000-0000-1200-140000FCFD7F}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\TRH\Dati applicazioni\Desktopicon
c:\documents and settings\TRH\Dati applicazioni\Desktopicon\eBayShortcuts.exe
c:\windows\system32\prsgrc.dll
c:\windows\system32\twain_32.dll
c:\windows\system32\xwr88271.dll

.
((((((((((((((((((((((((( Files Creati Da 2009-10-28 al 2009-11-28 )))))))))))))))))))))))))))))))))))
.

2009-11-28 16:56 . 2009-11-28 16:56 -------- d-----w- c:\documents and settings\TRH\Dati applicazioni\Malwarebytes
2009-11-28 16:56 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-28 16:56 . 2009-11-28 16:56 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-11-28 16:56 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-27 23:10 . 2009-11-27 23:10 24419312 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\NokiaSoftwareUpdaterSetup_1.8.10IT.exe
2009-11-27 23:10 . 2009-11-27 23:10 3351812 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\msxml6Exec.exe
2009-11-27 23:10 . 2009-11-27 23:10 36864 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\Sleep.exe
2009-11-27 23:10 . 2009-11-27 23:10 3203453 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\vcredistExec.exe
2009-11-26 15:18 . 2009-11-26 20:53 -------- d-----w- C:\Autodesk
2009-11-22 09:52 . 2009-11-22 11:11 -------- d-----w- c:\programmi\Mobile Net Switch
2009-11-21 23:20 . 2009-11-21 23:22 -------- d-----w- c:\documents and settings\TRH\Dati applicazioni\Net Profile Switch
2009-11-21 23:09 . 2009-11-21 23:10 -------- d-----w- c:\programmi\SwitchANet
2009-11-18 19:26 . 2009-11-18 19:26 -------- d-----w- c:\programmi\MobilityDotNETnV
2009-11-18 19:21 . 2009-11-18 19:21 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\NVIDIA Corporation
2009-11-16 22:42 . 2009-07-20 11:25 301656 ----a-w- c:\windows\system32\BtCoreIf.dll
2009-11-16 22:41 . 2009-11-16 22:41 10134 ----a-r- c:\documents and settings\TRH\Dati applicazioni\Microsoft\Installer\{3101CB58-3482-4D21-AF1A-7057FC935355}\ARPPRODUCTICON.exe
2009-11-16 21:07 . 2009-11-16 21:07 10134 ----a-r- c:\documents and settings\TRH\Dati applicazioni\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2009-11-16 21:07 . 2009-11-16 21:07 -------- d-----w- c:\programmi\File comuni\LogiShared
2009-11-16 20:50 . 2009-07-20 11:26 84496 ----a-w- c:\windows\system32\KemXML.dll
2009-11-16 20:50 . 2009-07-20 11:26 117264 ----a-w- c:\windows\system32\KemWnd.dll
2009-11-16 20:50 . 2009-07-20 11:26 145936 ----a-w- c:\windows\system32\KemUtil.dll
2009-11-16 20:50 . 2009-07-20 11:26 170512 ----a-w- c:\windows\system32\kemutb.dll
2009-11-16 20:50 . 2009-11-16 21:11 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Logitech
2009-11-11 13:17 . 2009-11-11 13:17 -------- d-----w- c:\programmi\File comuni\ESRI
2009-11-11 13:17 . 1995-04-12 00:55 210944 ----a-w- c:\windows\system32\MSVCRT10.dll
2009-11-07 16:29 . 2009-11-07 16:29 -------- d-----w- c:\programmi\Ideate
2009-11-07 16:27 . 2009-11-07 16:31 -------- d-----w- c:\programmi\Active Registry Monitor
2009-11-05 21:36 . 2009-11-05 22:33 -------- d-----w- C:\Temp
2009-11-05 13:56 . 2009-11-05 13:56 -------- d-----w- c:\programmi\Earth Resource Mapping
2009-11-02 13:52 . 2009-11-02 13:52 51863 ----a-w- c:\windows\MaxwellMayaPluginUninstall.exe
2009-11-02 13:50 . 2009-11-03 07:15 52273 ----a-w- c:\windows\MaxwellMaxPluginUninstall.exe
2009-11-02 13:46 . 2009-11-02 13:46 -------- d-----w- c:\documents and settings\TRH\Impostazioni locali\Dati applicazioni\Robert_McNeel_&_Associate
2009-11-02 13:43 . 2009-11-02 13:43 -------- d-----w- c:\documents and settings\TRH\Dati applicazioni\MaxwellDotNET
2009-11-02 13:27 . 2009-11-02 13:27 11305 ----a-w- c:\windows\unins001.dat
2009-11-02 13:27 . 2009-11-02 13:27 684377 ----a-w- c:\windows\unins001.exe
2009-11-02 12:58 . 2007-07-31 14:48 749056 ----a-w- c:\windows\system32\DevIL.dll
2009-10-30 21:50 . 2009-10-30 21:50 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\MumboJumbo
2009-10-29 18:30 . 2009-10-29 20:38 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Watermark Factory

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-28 17:06 . 2009-10-24 21:16 945560 ----a-w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\FontCache3.0.0.0.dat
2009-11-28 16:29 . 2009-10-03 22:09 -------- d-----w- c:\documents and settings\TRH\Dati applicazioni\vlc
2009-11-28 15:14 . 2008-12-11 12:55 -------- d---a-w- c:\documents and settings\All Users\Dati applicazioni\TEMP
2009-11-28 15:14 . 2008-12-12 21:12 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2009-11-28 15:09 . 2009-01-05 17:29 -------- d-----w- c:\documents and settings\TRH\Dati applicazioni\uTorrent
2009-11-28 11:06 . 2009-11-28 10:56 -------- d-----w- c:\documents and settings\TRH\Dati applicazioni\LimeWire
2009-11-27 23:11 . 2009-01-06 20:47 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Installations
2009-11-27 23:11 . 2009-03-25 14:25 -------- d-----w- c:\programmi\Nokia
2009-11-27 23:11 . 2009-01-06 20:50 -------- d-----w- c:\programmi\File comuni\Nokia
2009-11-26 20:55 . 2008-12-16 14:54 -------- d-----w- c:\programmi\Autodesk
2009-11-26 12:11 . 2009-01-29 09:12 -------- d-----w- c:\documents and settings\TRH\Dati applicazioni\Canon
2009-11-23 13:21 . 2008-12-16 12:28 115264 ----a-w- c:\documents and settings\TRH\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-11-23 13:17 . 2008-12-12 21:25 -------- d-----w- c:\programmi\File comuni\Adobe
2009-11-22 00:17 . 2009-09-03 21:23 -------- d-----w- c:\programmi\Wolsink
2009-11-22 00:17 . 2009-08-03 07:40 -------- d-----w- c:\programmi\Xvid
2009-11-22 00:17 . 2008-12-12 22:26 -------- d-----w- c:\programmi\Windows Media Connect 2
2009-11-22 00:16 . 2009-10-26 23:12 -------- d-----w- c:\programmi\Comical
2009-11-20 11:40 . 2009-09-05 13:14 -------- d-----w- c:\programmi\Acronis
2009-11-20 11:19 . 2009-09-05 13:14 -------- d-----w- c:\programmi\File comuni\Acronis
2009-11-20 11:15 . 2009-02-07 11:49 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\2DBoy
2009-11-19 21:31 . 2008-12-11 12:54 171552 ----a-w- c:\windows\system32\guard32.dll
2009-11-19 21:30 . 2008-12-11 12:54 87104 ----a-w- c:\windows\system32\drivers\inspect.sys
2009-11-19 21:30 . 2008-12-11 12:54 25160 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2009-11-19 21:30 . 2008-12-11 12:54 132808 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2009-11-18 19:21 . 2009-01-17 20:53 -------- d-----w- c:\programmi\NVIDIA Corporation
2009-11-18 08:06 . 2009-01-13 09:55 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-11-16 22:43 . 2008-12-16 11:42 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\LogiShrd
2009-11-16 22:43 . 2008-12-16 11:41 -------- d-----w- c:\programmi\File comuni\Logishrd
2009-11-16 22:42 . 2009-07-29 12:14 -------- d-----w- c:\programmi\File comuni\Logitech
2009-11-16 22:41 . 2008-12-11 11:12 -------- d--h--w- c:\programmi\InstallShield Installation Information
2009-11-16 20:50 . 2008-12-16 11:41 -------- d-----w- c:\programmi\Logitech
2009-11-16 20:48 . 2009-06-21 08:28 -------- d-----w- c:\programmi\RegCure
2009-11-16 20:48 . 2009-06-17 00:28 -------- d-----w- c:\programmi\Flamingo 2.0
2009-11-16 20:48 . 2008-12-16 16:13 -------- d-----w- c:\programmi\FreePOPs
2009-11-16 20:48 . 2009-02-20 21:23 -------- d-----w- c:\programmi\Dream Aquarium
2009-11-16 20:48 . 2009-08-16 11:25 -------- d-----w- c:\programmi\Jalbum
2009-11-16 20:48 . 2009-05-30 18:07 -------- d-----w- c:\programmi\GraphicsConverterProforVector
2009-11-16 20:48 . 2009-09-21 08:18 -------- d-----w- c:\programmi\AGEIA Technologies
2009-11-16 20:48 . 2009-06-11 20:13 -------- d-----w- c:\programmi\Acoustica CD Label Maker
2009-11-11 10:03 . 2008-12-11 11:23 68141 ----a-w- c:\windows\system32\nvModes.dat
2009-11-11 02:04 . 2008-12-16 13:13 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2009-11-07 16:29 . 2009-04-16 19:37 -------- d-----w- c:\programmi\File comuni\Wise Installation Wizard
2009-11-06 18:46 . 2004-08-19 12:00 557816 ----a-w- c:\windows\system32\perfh010.dat
2009-11-06 18:46 . 2004-08-19 12:00 109732 ----a-w- c:\windows\system32\perfc010.dat
2009-11-05 14:07 . 2009-05-30 07:18 -------- d-----w- c:\programmi\File comuni\Adobe AIR
2009-11-05 14:07 . 2009-08-12 20:33 38208 ----a-w- c:\documents and settings\Default User\Dati applicazioni\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2009-11-02 13:27 . 2009-04-06 17:44 -------- d-----w- c:\programmi\Google
2009-11-02 12:58 . 2009-02-16 23:40 -------- d-----w- c:\programmi\Graphisoft
2009-10-28 11:39 . 2009-10-09 13:07 -------- d-----w- c:\documents and settings\TRH\Dati applicazioni\Abvent_Artlantis3
2009-10-27 21:10 . 2008-12-16 14:20 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Autodesk
2009-10-27 21:10 . 2008-12-16 14:19 -------- d-----w- c:\documents and settings\TRH\Dati applicazioni\Autodesk
2009-10-27 21:08 . 2009-01-10 17:37 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\FLEXnet
2009-10-27 20:57 . 2009-10-27 20:56 -------- d-----w- c:\programmi\File comuni\Alias Shared
2009-10-27 20:56 . 2008-12-16 14:54 -------- d-----w- c:\programmi\File comuni\Autodesk Shared
2009-10-27 20:54 . 2009-10-27 20:54 -------- d-----w- c:\programmi\File comuni\en-US
2009-10-27 20:54 . 2009-10-27 20:54 -------- d-----w- c:\programmi\File comuni\ja-JP
2009-10-27 19:38 . 2009-09-27 21:32 -------- d-----w- c:\documents and settings\TRH\Dati applicazioni\VSO
2009-10-27 19:37 . 2009-10-27 19:37 -------- d-----w- c:\programmi\VSO
2009-10-27 16:10 . 2009-01-17 21:08 -------- d-----w- c:\documents and settings\TRH\Dati applicazioni\Abvent_Artlantis2
2009-10-27 13:19 . 2009-10-27 13:19 -------- d-----w- c:\documents and settings\TRH\Dati applicazioni\Dell
2009-10-27 09:13 . 2009-10-27 09:13 -------- d-----w- c:\documents and settings\TRH\Dati applicazioni\HDRsoft
2009-10-24 19:03 . 2008-12-11 13:44 -------- d-----w- c:\documents and settings\TRH\Dati applicazioni\Skype
2009-10-24 14:00 . 2008-12-16 17:53 -------- d-----w- c:\documents and settings\TRH\Dati applicazioni\skypePM
2009-10-17 15:24 . 2009-10-17 15:24 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Phase One
2009-10-17 08:40 . 2009-10-17 08:40 -------- d-----w- c:\programmi\Gadwin Systems
2009-10-16 06:03 . 2008-12-16 12:27 -------- d-----w- c:\documents and settings\TRH\Dati applicazioni\Graphisoft
2009-10-16 05:57 . 2009-10-16 05:57 -------- d-----w- c:\programmi\File comuni\Graphisoft Shared
2009-10-15 15:45 . 2009-10-15 15:44 -------- d-----w- c:\programmi\ArchVision
2009-10-15 08:30 . 2009-10-15 08:30 -------- d-----w- c:\programmi\File comuni\Intel
2009-10-15 08:30 . 2008-12-11 11:09 -------- d-----w- c:\programmi\Intel
2009-10-15 08:16 . 2009-01-17 20:44 -------- d-----w- c:\programmi\SystemRequirementsLab
2009-10-14 21:37 . 2009-10-14 21:37 902432 ----a-w- c:\windows\system32\drivers\tdrpm251.sys
2009-10-14 21:37 . 2009-10-14 21:37 570016 ----a-w- c:\windows\system32\drivers\timntr.sys
2009-10-14 21:36 . 2009-09-05 13:14 157248 ----a-w- c:\windows\system32\drivers\snapman.sys
2009-10-14 17:50 . 2009-10-14 17:49 -------- d-----w- c:\programmi\Raster Design 2010 OE
2009-10-14 14:58 . 2009-10-14 14:58 -------- d-----w- c:\programmi\Widget vodafone.it
2009-10-12 14:02 . 2009-10-12 14:02 -------- d-----w- c:\documents and settings\TRH\Dati applicazioni\Leadertech
2009-10-10 08:03 . 2008-12-11 13:42 -------- d-----w- c:\documents and settings\TRH\Dati applicazioni\Apple Computer
2009-10-09 13:07 . 2009-01-17 21:08 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Abvent
2009-10-08 18:26 . 2009-08-02 20:20 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\DxO_Labs
2009-10-08 13:57 . 2007-10-09 12:03 613888 ----a-w- c:\windows\system32\uiautomationcore.dll
2009-10-08 13:57 . 2004-08-19 12:00 23040 ----a-w- c:\windows\system32\oleaccrc.dll
2009-10-08 13:57 . 2004-08-19 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2009-10-06 11:42 . 2009-10-06 11:42 57344 ----a-w- c:\documents and settings\TRH\Dati applicazioni\Autodesk\ACA 2010\ita\ContextualTabSelectorRules.dll
2009-10-05 18:43 . 2009-10-05 13:03 -------- d-----w- c:\programmi\Unlocker
2009-10-04 14:47 . 2009-09-04 09:17 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\VMware
2009-10-04 14:44 . 2009-09-06 00:07 -------- d-----w- c:\programmi\SpyMe Tools
2009-10-04 14:44 . 2009-09-24 18:09 -------- d-----w- c:\programmi\r2 Studios
2009-10-04 14:28 . 2009-09-24 08:29 -------- d-----w- c:\documents and settings\NetworkService\Dati applicazioni\VMware
2009-10-03 22:59 . 2009-10-03 22:59 -------- d-----w- c:\programmi\File comuni\ChaosGroup
2009-10-03 22:59 . 2009-10-03 22:59 -------- d-----w- c:\programmi\Chaos Group
2009-09-30 11:02 . 2009-09-30 11:02 57344 ----a-w- c:\documents and settings\TRH\Dati applicazioni\Autodesk\ACA 2010\enu\ContextualTabSelectorRules.dll
2009-09-28 17:54 . 2009-09-28 17:54 79144 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Apple Computer\Installer Cache\iTunes 9.0.1.8\SetupAdmin.exe
2009-09-28 15:11 . 2009-09-28 15:11 152576 ----a-w- c:\documents and settings\TRH\Dati applicazioni\Sun\Java\jre1.6.0_16\lzma.dll
2009-09-27 17:19 . 2009-09-27 17:19 3674112 ----a-w- c:\windows\system32\nvwssr.dll
2009-09-27 15:12 . 2009-09-27 15:12 1714792 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-09-27 15:12 . 2009-09-27 15:12 170600 ----a-w- c:\windows\system32\nvcodins.dll
2009-09-27 15:12 . 2009-09-27 15:12 1604482 ----a-w- c:\windows\system32\nvdata.bin
2009-09-27 15:12 . 2009-03-17 16:09 2194024 ----a-w- c:\windows\system32\nvcuvid.dll
2009-09-27 15:12 . 2008-12-25 23:08 2007040 ----a-w- c:\windows\system32\nvcuda.dll
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools"="e:\masterizzazione\DAEMON Tools\daemon.exe" [2007-09-18 171464]
"ISUSPM"="c:\programmi\File comuni\InstallShield\UpdateService\isuspm.exe" [2007-08-30 205480]
"i8kfangui"="c:\programmi\I8kfanGUI\I8kfanGUI.exe" [2007-02-16 856064]
"Google Update"="c:\documents and settings\TRH\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe" [2009-09-06 133104]
"PC Suite Tray"="c:\programmi\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-06-25 1414144]
"Gadwin PrintScreen Pro"="c:\programmi\Gadwin Systems\PrintScreenPro\PrintScreenPro.exe" [2009-02-28 516096]
"MNS"="c:\programmi\Mobile Net Switch\MNS.exe" [2009-02-19 1047552]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"SpybotDeletingB5242"="command" [X]
"SpybotDeletingD4030"="del" [X]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\programmi\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 761947]
"SigmatelSysTrayApp"="c:\programmi\SigmaTel\C-Major Audio\WDM\stsystra.exe" [2007-05-10 405504]
"AppleSyncNotifier"="c:\programmi\File comuni\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]
"AdobeCS4ServiceManager"="c:\programmi\File comuni\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"COMODO Internet Security"="e:\sicurezza\Comodo\COMODO Internet Security\cfp.exe" [2009-11-19 1800464]
"Dell QuickSet"="c:\programmi\Dell\QuickSet\Quickset.exe" [2006-08-03 1032192]
"LVCOMS"="c:\programmi\File comuni\Logitech\QCDriver3\LVCOMS.EXE" [2002-12-10 127022]
"GrooveMonitor"="e:\sistema\Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Acrobat Assistant 8.0"="e:\adobeacrobatpro\Acrobat\Acrotray.exe" [2008-06-11 640376]
"OSSelectorReinstall"="c:\programmi\File comuni\Acronis\Acronis Disk Director\oss_reinstall.exe" [2007-02-22 2209224]
"avgnt"="c:\programmi\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"IntelZeroConfig"="c:\programmi\Intel\WiFi\bin\ZCfgSvc.exe" [2009-05-21 1372160]
"IntelWireless"="c:\programmi\File comuni\Intel\WirelessCommon\iFrmewrk.exe" [2009-05-21 1202448]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-09-27 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-27 13918208]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2009-06-17 55824]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Logitech SetPoint.lnk - c:\programmi\Logitech\SetPoint\SetPoint.exe [2009-11-16 813584]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 11:28 72208 ----a-w- c:\programmi\File comuni\Logitech\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\acaptuser32.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk *

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^TRH^Menu Avvio^Programmi^Esecuzione automatica^Ritaglio schermata e avvio di OneNote 2007.lnk]

[HKLM\~\startupfolder\C:^Documents and Settings^TRH^Menu Avvio^Programmi^Esecuzione automatica^Widget vodafone.lnk]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlackBerryAutoUpdate

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"e:\\Architettura\\Archicad12\\ArchiCAD.exe"=
"e:\\Sistema\\Office\\Office12\\OUTLOOK.EXE"=
"e:\\Sistema\\Office\\Office12\\GROOVE.EXE"=
"e:\\Sistema\\Office\\Office12\\ONENOTE.EXE"=
"e:\\Internet\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"e:\\Internet\\Mirc\\mirc.exe"=
"c:\\Programmi\\File comuni\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"e:\\Internet\\eMule\\emule.exe"=
"e:\\Architettura\\SketchupPro7\\SketchUp.exe"=
"e:\\Architettura\\SketchupPro7\\LayOut\\LayOut.exe"=
"e:\\Internet\\Firefox\\firefox.exe"=
"c:\\Programmi\\Java\\jre6\\bin\\java.exe"=
"e:\\Internet\\SoulseekNS\\slsk.exe"=
"c:\\Programmi\\File comuni\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Programmi\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"e:\\Architettura\\Rhinoceros_4\\System\\Rhino4.exe"=
"d:\\3dsMax2010\\3dsmax.exe"=
"d:\\3dsMax2010\\mentalray\\satellite\\raysat_3dsmax2010_32server.exe"=
"d:\\3dsMax2010\\mentalray\\satellite\\raysat_3dsmax2010_32.exe"=
"c:\\Programmi\\Hercules\\Classic Silver\\Station2.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"e:\\Architettura\\Luxology\\modo 401 sp1\\modo.exe"=
"e:\\Audio\\iTunes\\iTunes.exe"=
"c:\\Programmi\\ArchVision\\ArchVision Content Manager\\rpcACMapp.exe"=
"e:\\Architettura\\ArchiCAD 13\\ArchiCAD.exe"=
"e:\\Internet\\Skype\\Phone\\Skype.exe"=
"c:\\Programmi\\Autodesk\\Backburner\\monitor.exe"=
"c:\\Programmi\\Autodesk\\Backburner\\manager.exe"=
"c:\\Programmi\\Autodesk\\Backburner\\server.exe"=
"e:\\Architettura\\3dMax2010Design\\3dsmax.exe"=
"e:\\Architettura\\3dMax2010Design\\mentalray\\satellite\\raysat_3dsmax2010_32server.exe"=
"e:\\Architettura\\3dMax2010Design\\mentalray\\satellite\\raysat_3dsmax2010_32.exe"=
"e:\\Architettura\\Maya2010\\bin\\maya.exe"=
"g:\\Maxwell 2\\maxwell.exe"=
"g:\\Maxwell 2\\mxnetwork.exe"=
"f:\\Archivi\\Arch\\Maxwell_2\\Maxwell 2\\maxwell.exe"=
"f:\\Archivi\\Arch\\Maxwell_2\\Maxwell 2\\mxnetwork.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4

R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [11/12/2008 13.54.01 132808]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [11/12/2008 13.54.01 25160]
R1 fanio;FanIO driver;c:\windows\system32\drivers\fanio.sys [16/06/2009 23.57.01 14464]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 - Servizio Gestione licenze;e:\scanner\abbyy\NetworkLicenseServer.exe -service --> e:\scanner\abbyy\NetworkLicenseServer.exe -service [?]
R2 ArchVision Content Manager Service;ArchVision Content Manager Service;c:\programmi\ArchVision\ArchVision Content Manager\rpcACMapp.exe --service --path "c:\programmi\ArchVision\ArchVision Content Manager" --> c:\programmi\ArchVision\ArchVision Content Manager\rpcACMapp.exe --service --path c:\programmi\ArchVision\ArchVision Content Manager [?]
R2 ASTSRV;ASTSRV;c:\windows\ASTSRV.EXE [07/01/2008 11.04.10 57344]
R2 CAMTHWDM;WebcamMax, WDM Video Capture;c:\windows\system32\drivers\CAMTHWDM.sys [06/10/2007 9.38.24 941784]
R2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service;c:\programmi\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [11/12/2008 7.08.52 3575808]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [16/12/2008 14.04.33 685816]
S2 cpwnt;cpwnt;c:\windows\system32\drivers\CPWNT.SYS [16/01/2009 22.52.09 21824]
S2 gupdate;Google Update Service (gupdate);c:\programmi\Google\Update\GoogleUpdate.exe [05/10/2009 14.34.17 133104]
S2 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max Design 2010 32-bit 32-bit;e:\architettura\3dMax2010Design\mentalray\satellite\raysat_3dsmax2010_32server.exe [12/03/2009 17.36.24 86016]
S3 camfilt2;camfilt2;c:\windows\system32\drivers\camfilt2.sys [29/07/2009 18.14.36 94720]
S3 HPx9G+;HPx9G+ Device USB Driver;c:\windows\system32\drivers\HPx9G2k.sys [06/01/2009 10.24.00 12658]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [12/07/2009 21.16.59 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [12/07/2009 21.17.00 8320]
S4 MSSQLServerADHelper100;Servizio SQL Server Active Directory Helper;c:\programmi\Microsoft SQL Server\100\Shared\sqladhlp.exe [11/07/2008 1.28.58 47128]
S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [10/07/2008 1.49.14 242712]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\programmi\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [11/07/2008 1.29.04 369688]
.
Contenuto della cartella 'Scheduled Tasks'

2009-11-23 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2009-11-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-10-05 13:34]

2009-11-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-10-05 13:34]

2009-11-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1482476501-1383384898-839522115-1003Core.job
- c:\documents and settings\TRH\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2009-09-06 16:54]

2009-11-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1482476501-1383384898-839522115-1003UA.job
- c:\documents and settings\TRH\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2009-09-06 16:54]

2009-11-28 c:\windows\Tasks\RegCure Program Check.job
- c:\programmi\RegCure\RegCure.exe [2009-06-10 22:28]

2009-11-28 c:\windows\Tasks\RegCure Startup.job
- c:\programmi\RegCure\RegCure.exe [2009-06-10 22:28]

2009-06-21 c:\windows\Tasks\RegCure.job
- c:\programmi\RegCure\RegCure.exe [2009-06-10 22:28]
.
.
------- Scansione supplementare -------
.
uInternet Settings,ProxyOverride = *.local
TCP: {5A84A7A4-5314-4FDB-BABA-0F24F93011EC} = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\documents and settings\TRH\Dati applicazioni\Mozilla\Firefox\Profiles\7vxkohbd.default\
FF - prefs.js: browser.startup.homepage - hxxp://it.altavista.com/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.as ... ource=2&q=
FF - component: c:\documents and settings\TRH\Dati applicazioni\Mozilla\Firefox\Profiles\7vxkohbd.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll
FF - component: c:\documents and settings\TRH\Dati applicazioni\Mozilla\Firefox\Profiles\7vxkohbd.default\extensions\{f592709f-ff4a-4862-b659-4afabda56312}\components\FFAlert.dll
FF - component: c:\programmi\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\documents and settings\TRH\Dati applicazioni\Mozilla\Firefox\Profiles\7vxkohbd.default\extensions\StreamingPlugin@conviva.com\platform\WINNT_x86-msvc\plugins\npconviva.4.dll
FF - plugin: c:\documents and settings\TRH\Dati applicazioni\Mozilla\Firefox\Profiles\7vxkohbd.default\extensions\VMwareVMRC@vmware.com\plugins\np-vmware-vmrc-2.5.0-122581.dll
FF - plugin: c:\documents and settings\TRH\Impostazioni locali\Dati applicazioni\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\programmi\Earth Resource Mapping\Image Web Server\Firefox Plug-in\NP_NCS6.dll
FF - plugin: c:\programmi\Earth Resource Mapping\Image Web Server\Firefox Plug-in\NP_NCSPB6.dll
FF - plugin: c:\programmi\Earth Resource Mapping\Image Web Server\Firefox Plug-in\NP_NCSTB6.dll
FF - plugin: c:\programmi\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\programmi\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\programmi\Virtual Earth 3D\npVE3D.dll
FF - plugin: e:\audio\iTunes\Mozilla Plugins\npitunes.dll
FF - plugin: e:\internet\Firefox\plugins\npseek32.dll
FF - plugin: e:\players\VLC\npvlc.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

Toolbar-Locked - (no file)
AddRemove-DVD Label Maker - e:\masterizzazione\Acoustica CD Label Maker\cdlabel.exe UNINSTALL
AddRemove-mIRC - e:\internet\Mirc\uninstall.exe _?=e:\internet\Mirc
AddRemove-NVIDIA Drivers - c:\windows\system32\nvuninst.exe UninstallGUI
AddRemove-V-Ray for 3dsmax 2010 for x86 - c:\programmi\Chaos Group\V-Ray\3dsmax 2010 for x86\uninstall\wininstaller.exe-uninstall=c:\programmi\Chaos Group\V-Ray\3dsmax 2010 for x86\uninstall\install.log
AddRemove-{f4f38af8-356e-453c-8876-219ab79fcc3d} - c:\programmi\File comuni\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER=8M01-249K-1T0E-3A1A-C7AA-MUZ3-8EL4-2U9W



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-28 18:38
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}]
"ImagePath"="\??\e:\players\PowerDVD\000.fcl"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\S-1-5-21-1482476501-1383384898-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{8158CD65-29A9-7815-9916-FDE3385F5E4B}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"nabjodhgbhkbiccepoekoafbipib"=hex:6b,61,6e,6e,6c,6f,6d,68,67,69,65,66,6b,6e,
6d,6d,64,62,6b,65,67,70,00,ff
"malhcajkmkogmnaoocakkcpilj"=hex:6b,61,6e,6e,6c,6f,6d,68,67,69,65,66,6b,6e,6d,
6d,64,62,6b,65,67,70,00,00

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*]
"AB141C35E9F4BF344B9FC010BB17F68A"=""
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(1312)
c:\windows\system32\IWPDGINA.DLL
c:\programmi\Intel\WiFi\bin\LangResources\ITA\SsoGnITA.dll
c:\programmi\file comuni\logitech\bluetooth\LBTWlgn.dll
c:\programmi\file comuni\logitech\bluetooth\LBTServ.dll
.
Ora fine scansione: 2009-11-28 18:38
ComboFix-quarantined-files.txt 2009-11-28 17:37

Pre-Run: 3.491.647.488 byte disponibili
Post-Run: 3.443.572.736 byte disponibili

- - End Of File - - C7ED7899B51CA01A1C822A596FDCCE8C
Avatar utente
torch
Senior Member
Senior Member
 
Messaggi: 343
Iscritto il: ven feb 08, 2008 9:12 pm

Re: Pc e internet lenti...

Messaggioda torch » dom nov 29, 2009 3:31 pm

Salve a tutti,

ho usato praticamente tutti i software che mi avete suggerito, ed ora il pc sembra pulito (nessuna segnalazione di schifezze in giro). Grazie a tutti!

Ma la navigazione continua ad essere lentissima.
Dovo aver provato di tutto, ho disattivato il servizio wi-fi del router, e mi sono collegato tramite cavo di rete. Tutto perfetto!
Speedtest oltre i 15megabit (contro i 3.2 che mi da in wi-fi).

Ho controllato il log del router, e mi appare questo:

Immagine

Dite che c'è qualche problema?

Ho ristretto l'accesso al router ai soli mac-address delle mie macchine (2 notebook ed 1 cellulare nokia), reso raggiungibile il menu del router solo da una delle macchine, aggiornato la chiave wpa, ma la navigazione wifi è sempre lentissima...

Ripeto: fino a 2 giorni fa, tutto funzionava alla perfezione.

Sembra quasi che qualcuno o qualcosa mi saturi la banda del wi-fi...

Vi ringrazio,
torcH
Avatar utente
torch
Senior Member
Senior Member
 
Messaggi: 343
Iscritto il: ven feb 08, 2008 9:12 pm


Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 31 ospiti

cron
Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising