Valutazione 4.87/ 5 (100.00%) 5838 voti

Condividi:        

internet lento

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: kadosh, Luke57

internet lento

Postdi stix » 27/01/10 15:25

da gionri il mio pc per caricare una pagina impiega 5 minuti..aveva pensato che fosse un virus e ho fatto una scansione..ma niente continua ad andare lento..

qualcuno mi puo dare una mano??

ps:con programmi tipo utorrent la velocita è sempre la stessa e con altri computer con la stessa connesione wirless la velocita è uguale a quella che avevo prima...quindi è il mio pc.
stix
Utente Junior
 
Post: 23
Iscritto il: 05/01/10 17:14

Sponsor
 

Re: internet lento

Postdi shel » 27/01/10 15:41

ciao

inizia col postare un log di hijackthis per vedere piu' da vicino il tuo problema

http://www.trendsecure.com/portal/en-US ... kthis.php#

lancia il programma cliccando l’eseguibile e avvia la scansione, scegliendo la voce "Do a system scan and save a logfile"

Ricordati di mettere HIJACKTHIS in una cartella a lui dedicata (in Programmi o Documenti), l'importante è che non si trovi sul desktop o in cartelle temporanee è importante se vuoi salvare i backup

Posta il log che rilascia
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: internet lento

Postdi stix » 27/01/10 17:18

ecco il log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17.16.42, on 27/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Programmi\HPQ\IAM\bin\asghost.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Programmi\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Programmi\Windows Live\Family Safety\fsui.exe
C:\Programmi\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ICO.EXE
C:\Programmi\Logitech\QuickCam\Quickcam.exe
C:\Programmi\File comuni\LogiShrd\LComMgr\Communications_Helper.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\SlySoft\CloneCD\CloneCDTray.exe
C:\Programmi\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\mmrtkrnl.exe
C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe
C:\WINDOWS\NCLAUNCH.EXe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Windows Media Player\WMPNSCFG.exe
C:\Programmi\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
C:\Programmi\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Programmi\Windows Live\Family Safety\fsssvc.exe
C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programmi\File comuni\LogiShrd\LVCOMSER\LVComSer.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\File comuni\Nikon\Monitor\NkMonitor.exe
C:\Programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Programmi\File comuni\LogiShrd\LVCOMSER\LVComSer.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\File comuni\Logishrd\LQCVFX\COCIManager.exe
C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Pelmiced.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Programmi\IObitCom\tbIObi.dll
O2 - BHO: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Programmi\IObitCom\tbIObi.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programmi\Windows Live\Family Safety\fssbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programmi\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Programmi\HPQ\IAM\Bin\ItIeAddIN.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programmi\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programmi\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Programmi\IObitCom\tbIObi.dll
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Programmi\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [WatchDog] C:\Programmi\InterVideo\DVD Check\bak\DVDCheck.exe
O4 - HKLM\..\Run: [fssui] "C:\Programmi\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [OpwareSE4] "C:\Programmi\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Programmi\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Programmi\File comuni\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Programmi\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [egui] "C:\Programmi\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Realtime Audio Engine] "mmrtkrnl.exe" /i
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FILECO~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] "C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Programmi\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Programmi\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Nikon Monitor.lnk = C:\Programmi\File comuni\Nikon\Monitor\NkMonitor.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Aggiungi all'elenco di stampa Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Anteprima Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Stampa ad alta velocità Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Stampa Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-U ... E_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZI ... b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: OneCard - C:\Programmi\HPQ\IAM\Bin\AsWlnPkg.dll
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Programmi\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Programmi\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Programmi\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Servizio di Google Update (gupdate1ca2240a5d49d0a) (gupdate1ca2240a5d49d0a) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Programmi\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Programmi\File comuni\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Programmi\File comuni\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Programmi\File comuni\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Programmi\File comuni\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe

--
End of file - 13366 bytes
stix
Utente Junior
 
Post: 23
Iscritto il: 05/01/10 17:14

Re: internet lento

Postdi shel » 27/01/10 20:53

vai nel pannello di controllo e disinstalla tutte le toolbar che hai

Avvia Hijack e clicca su "do a system scan only"
Metti la spunta a queste voci e clicca su "fix checked"

R3 - URLSearchHook: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Programmi\IObitCom\tbIObi.dll

O2 - BHO: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Programmi\IObitCom\tbIObi.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Programmi\IObitCom\tbIObi.dll


Scarica e installa malwarebytes
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Aggiornalo: clicca sulla scheda "aggiornamenti" => "controlla aggiornamenti"
Esegui una "scansione completa" (seleziona l'opzione)
A scansione completata, posta il rapporto e per ora non rimuovere nulla
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: internet lento

Postdi stix » 27/01/10 22:22

ecco il log :

Malwarebytes' Anti-Malware 1.44
Versione del database: 3646
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

27/01/2010 22.21.28
mbam-log-2010-01-27 (22-21-23).txt

Tipo di scansione: Scansione completa (C:\|E:\|)
Elementi scansionati: 236416
Tempo trascorso: 1 hour(s), 11 minute(s), 26 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 1
Valori di registro infetti: 0
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 15

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
HKEY_LOCAL_MACHINE\SOFTWARE\AGprotect (Malware.Trace) -> No action taken.

Valori di registro infetti:
(Nessun elemento malevolo rilevato)

Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
C:\ComboFix\PV.cfxxe (Trojan.Agent) -> No action taken.
C:\ComboFix\pv.com (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{46616198-43C1-410E-A2C1-948CCBD25CB5}\RP3\A0000840.com (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{46616198-43C1-410E-A2C1-948CCBD25CB5}\RP3\A0001949.com (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{46616198-43C1-410E-A2C1-948CCBD25CB5}\RP3\A0002670.com (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{46616198-43C1-410E-A2C1-948CCBD25CB5}\RP4\A0003405.com (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{46616198-43C1-410E-A2C1-948CCBD25CB5}\RP4\A0003472.com (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{46616198-43C1-410E-A2C1-948CCBD25CB5}\RP4\A0003539.com (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{46616198-43C1-410E-A2C1-948CCBD25CB5}\RP4\A0003606.com (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{46616198-43C1-410E-A2C1-948CCBD25CB5}\RP4\A0003673.com (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{46616198-43C1-410E-A2C1-948CCBD25CB5}\RP4\A0003739.com (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{46616198-43C1-410E-A2C1-948CCBD25CB5}\RP4\A0003807.com (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{46616198-43C1-410E-A2C1-948CCBD25CB5}\RP4\A0003875.com (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{46616198-43C1-410E-A2C1-948CCBD25CB5}\RP5\A0004159.com (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{46616198-43C1-410E-A2C1-948CCBD25CB5}\RP6\A0004722.com (Trojan.Agent) -> No action taken.
stix
Utente Junior
 
Post: 23
Iscritto il: 05/01/10 17:14

Re: internet lento

Postdi shel » 27/01/10 22:30

elimina tutto cio' che ha trovato malwarebytes

disattiva il ripristino

riavvia il pc

riattivalo e crea un nuovo punto

Scarica ComboFix da qui http://download.bleepingcomputer.com/sUBs/ComboFix.exe , avvialo e quindi premi 1 per avviare la scansione. Alla fine della scansione ti verrà rilasciato un file chiamato combofix.txt nella cartella c:\combofix, allegami tale file nel prossimo messaggio. ;)
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: internet lento

Postdi stix » 28/01/10 15:39

ecco il file:

ComboFix 10-01-27.05 - Administrator 28/01/2010 15.21.32.4.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.2039.1544 [GMT 1:00]
Eseguito da: c:\documents and settings\Administrator\Documenti\Download\ComboFix.exe
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\Fonts\MyriadPro-Regular.otf
c:\windows\system32\Thumbs.db
c:\windows\system32\twain_32.dll

.
((((((((((((((((((((((((( Files Creati Da 2009-12-28 al 2010-01-28 )))))))))))))))))))))))))))))))))))
.

2010-01-28 13:24 . 2010-01-28 13:24 -------- d-----w- c:\programmi\File comuni\xing shared
2010-01-28 13:24 . 2010-01-28 13:24 -------- d-----w- c:\programmi\Real
2010-01-28 13:24 . 2010-01-28 13:25 -------- d-----w- c:\programmi\File comuni\Real
2010-01-28 13:08 . 2010-01-28 13:09 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Winamp
2010-01-28 13:08 . 2010-01-28 13:09 -------- d-----w- c:\programmi\Winamp
2010-01-27 16:16 . 2010-01-27 16:16 -------- d-----w- c:\programmi\Trend Micro
2010-01-27 14:44 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-27 14:44 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-27 14:44 . 2010-01-27 14:44 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2010-01-27 14:27 . 2004-08-19 13:00 7168 ----a-w- c:\windows\system32\dllcache\wamregps.dll
2010-01-27 14:27 . 2001-08-30 22:07 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll
2010-01-27 14:27 . 2004-08-19 13:00 7680 ----a-w- c:\windows\system32\dllcache\inetmgr.exe
2010-01-27 14:27 . 2004-08-19 13:00 19968 ----a-w- c:\windows\system32\dllcache\inetsloc.dll
2010-01-27 14:27 . 2004-08-19 13:00 171520 ----a-w- c:\windows\system32\dllcache\iisui.dll
2010-01-27 14:27 . 2004-08-19 13:00 6144 ----a-w- c:\windows\system32\dllcache\ftpsapi2.dll
2010-01-27 14:27 . 2004-08-19 13:00 5632 ----a-w- c:\windows\system32\dllcache\iisrstap.dll
2010-01-27 14:27 . 2004-08-19 13:00 15360 ----a-w- c:\windows\system32\dllcache\iisreset.exe
2010-01-27 13:39 . 2010-01-27 13:55 -------- d-----w- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\IObitCom
2010-01-27 13:39 . 2010-01-27 20:08 -------- d-----w- c:\programmi\IObitCom
2010-01-27 13:38 . 2010-01-27 13:54 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\IObit
2010-01-27 13:38 . 2010-01-27 13:38 -------- d-----w- c:\programmi\IObit
2010-01-21 13:03 . 2009-12-21 19:06 594432 ------w- c:\windows\system32\dllcache\msfeeds.dll
2010-01-21 13:03 . 2009-12-21 19:06 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll
2010-01-21 13:03 . 2009-12-21 19:06 184320 ------w- c:\windows\system32\dllcache\iepeers.dll
2010-01-21 13:03 . 2009-12-21 19:06 5942784 ------w- c:\windows\system32\dllcache\mshtml.dll
2010-01-21 13:03 . 2009-12-21 19:06 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-01-21 13:03 . 2009-12-21 19:06 1985536 ------w- c:\windows\system32\dllcache\iertutil.dll
2010-01-21 13:03 . 2009-12-21 19:06 206848 ------w- c:\windows\system32\dllcache\occache.dll
2010-01-21 13:03 . 2009-12-21 19:06 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2010-01-21 13:03 . 2009-12-21 13:20 173056 ------w- c:\windows\system32\dllcache\ie4uinit.exe
2010-01-21 13:03 . 2009-12-21 19:06 387584 ------w- c:\windows\system32\dllcache\iedkcs32.dll
2010-01-21 13:03 . 2009-12-21 19:06 11070464 ------w- c:\windows\system32\dllcache\ieframe.dll
2010-01-20 15:15 . 2010-01-20 15:16 -------- d-----w- c:\programmi\DustBuster
2010-01-18 19:32 . 2010-01-18 19:32 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-01-18 12:37 . 2010-01-18 12:37 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2010-01-13 12:37 . 2009-10-15 16:29 119808 ------w- c:\windows\system32\dllcache\t2embed.dll
2010-01-13 12:37 . 2009-10-15 16:29 81920 ------w- c:\windows\system32\dllcache\fontsub.dll
2010-01-09 16:01 . 2010-01-09 16:01 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\AlcaTech
2010-01-09 16:01 . 2010-01-09 16:03 126464 ----a-w- c:\windows\system32\Setup.dll
2010-01-09 16:01 . 2010-01-09 16:01 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\AlcaTech
2010-01-08 15:27 . 2010-01-08 15:28 -------- dc-h--w- c:\windows\ie8
2010-01-08 11:16 . 2010-01-08 11:16 -------- d-----w- c:\windows\system32\XPSViewer
2010-01-08 11:16 . 2010-01-08 11:16 -------- d-----w- c:\programmi\MSBuild
2010-01-08 11:15 . 2010-01-08 11:15 -------- d-----w- c:\programmi\Reference Assemblies
2010-01-08 11:15 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-01-08 11:14 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-01-08 11:14 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2010-01-08 11:14 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-01-08 11:14 . 2010-01-08 11:15 -------- d-----w- C:\5520caff0b684e20f7b72e75b18c
2010-01-08 11:14 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-01-07 16:45 . 2010-01-07 16:46 -------- d-----w- C:\abc27347a
2010-01-07 16:44 . 2010-01-07 16:44 -------- d-----w- C:\abc295a
2010-01-07 16:40 . 2010-01-07 16:40 -------- d-----w- C:\abc21603a
2010-01-07 16:39 . 2010-01-07 16:39 -------- d-----w- C:\abc21075a
2010-01-07 16:38 . 2010-01-07 16:38 -------- d-----w- C:\abc
2010-01-05 20:37 . 2010-01-05 20:37 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Malwarebytes
2010-01-05 20:37 . 2010-01-05 20:37 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-28 13:24 . 2003-02-21 02:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-01-28 13:24 . 2003-03-18 20:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-01-28 13:18 . 2008-03-23 11:53 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-01-27 20:08 . 2009-07-06 10:46 -------- d-----w- c:\programmi\Ask.com
2010-01-27 16:34 . 2009-03-24 18:40 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\uTorrent
2010-01-21 13:03 . 2009-08-19 22:41 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Vso
2010-01-18 19:34 . 2010-01-17 22:13 79488 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Sun\Java\jre1.6.0_17\gtapi.dll
2010-01-18 12:35 . 2004-08-19 08:00 212224 ----a-w- c:\windows\system32\drivers\ndis.sys
2010-01-17 14:50 . 2009-09-10 15:19 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\NOS
2010-01-17 13:40 . 2010-01-17 13:39 1924200 ----a-w- c:\documents and settings\All Users\Dati applicazioni\NOS\Adobe_Downloads\install_flash_player.exe
2010-01-13 15:19 . 2009-12-27 12:23 -------- d-----w- c:\programmi\Native Instruments
2010-01-10 11:43 . 2009-05-27 17:23 -------- d-----w- c:\programmi\Wisdom-soft ScreenHunter 5 Free
2010-01-10 11:43 . 2009-06-10 09:42 -------- d-----w- c:\programmi\VDOWNLOADER
2010-01-10 11:43 . 2008-05-20 19:37 -------- d-----w- c:\programmi\Windows Media Connect 2
2010-01-10 11:43 . 2007-04-17 20:41 -------- d-----w- c:\programmi\QuickTime
2010-01-10 11:43 . 2009-12-21 15:44 -------- d-----w- c:\programmi\Lame for Audacity
2010-01-10 11:43 . 2008-05-19 09:15 -------- d-----w- c:\programmi\Microsoft CAPICOM 2.1.0.2
2010-01-10 11:43 . 2008-03-25 20:37 -------- d-----w- c:\programmi\Microsoft .NET Compact Framework 1.0 SP3
2010-01-10 11:43 . 2009-09-04 17:47 -------- d-----w- c:\programmi\Audacity 1.3 Beta (Unicode)
2010-01-10 11:43 . 2009-04-17 18:43 -------- d-----w- c:\programmi\Falco Chess
2010-01-10 11:43 . 2009-01-07 21:12 -------- d-----w- c:\programmi\DISK1
2010-01-10 10:55 . 2004-08-30 10:50 88896 ----a-w- c:\windows\system32\perfc010.dat
2010-01-10 10:55 . 2004-08-30 10:50 504052 ----a-w- c:\windows\system32\perfh010.dat
2010-01-08 13:20 . 2009-07-14 08:20 -------- d-----w- c:\programmi\Alfaseeker
2010-01-08 11:22 . 2007-02-09 15:59 138296 ----a-w- c:\documents and settings\Administrator\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2010-01-07 19:05 . 2009-02-05 19:38 -------- d-----w- c:\programmi\Download-ES
2010-01-07 13:17 . 2009-02-21 13:11 -------- d-----w- c:\programmi\Microsoft Silverlight
2010-01-05 15:30 . 2009-07-31 22:08 -------- d-----w- c:\programmi\File comuni\Nero
2010-01-05 15:29 . 2009-07-31 22:08 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Nero
2009-12-29 19:43 . 2008-01-19 12:08 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\U3
2009-12-28 14:17 . 2009-12-28 14:16 -------- d-----w- c:\programmi\GfedEuroit73F
2009-12-24 17:26 . 2009-12-24 17:26 -------- d-----w- c:\programmi\ESET
2009-12-24 17:18 . 2009-11-18 10:44 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\ESET
2009-12-23 11:26 . 2009-12-23 11:26 -------- d-----w- c:\programmi\SlySoft
2009-12-22 16:08 . 2009-12-22 16:08 253952 ------w- c:\windows\Setup1.exe
2009-12-22 16:08 . 2009-12-22 16:08 74752 ----a-w- c:\windows\ST6UNST.EXE
2009-12-22 13:26 . 2009-06-28 19:36 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\Audacity
2009-12-21 19:06 . 2004-08-19 08:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-18 16:16 . 2009-03-21 21:22 -------- d-----w- c:\documents and settings\Administrator\Dati applicazioni\gtk-2.0
2009-12-18 16:14 . 2009-05-27 16:57 -------- d-----w- c:\programmi\GIMP-2.0
2009-12-17 16:08 . 2009-11-11 12:02 -------- d-----w- c:\programmi\VS Revo Group
2009-12-02 15:10 . 2009-12-02 15:10 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Messenger Plus!
2009-12-02 13:44 . 2009-12-02 13:44 -------- d-----w- c:\programmi\Messenger Plus! Live
2009-11-30 14:28 . 2008-05-14 19:22 -------- d-----w- c:\programmi\Windows Live
2009-11-25 14:05 . 2009-11-25 14:05 39936 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Thinstall\WLM Lite\4000001900003i\ngen.exe
2009-11-25 14:05 . 2009-11-25 14:05 39936 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Thinstall\WLM Lite\4000001100002i\mscorsvw.exe
2009-11-25 14:04 . 2009-11-25 14:04 39936 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Thinstall\WLM Lite\4000001f00002i\crashreporter.exe
2009-11-25 14:04 . 2009-11-25 14:04 39936 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Thinstall\WLM Lite\400000df00002i\firefox.exe
2009-11-25 14:04 . 2009-11-25 14:04 39936 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Thinstall\WLM Lite\400000800002i\wlcomm.exe
2009-11-25 14:02 . 2009-11-25 14:02 39936 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Thinstall\WLM Lite\18000001d00003i\netsh.exe
2009-11-25 14:02 . 2009-11-25 14:02 39936 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Thinstall\WLM Lite\40000013800002i\WindowsLiveSync.exe
2009-11-25 14:01 . 2009-11-25 14:01 39936 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Thinstall\WLM Lite\10000001700003i\taskkill.exe
2009-11-25 14:01 . 2009-11-25 14:01 39936 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Thinstall\WLM Lite\10000007900002i\DXSETUP.exe
2009-11-25 14:00 . 2009-11-25 14:00 39936 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Thinstall\WLM Lite\10000001e00002i\WindowsXP-KB954708-x86-ENU.exe
2009-11-25 13:29 . 2009-11-25 13:29 39936 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Thinstall\WLM Lite\10000001b00002i\msiexec.exe
2009-11-25 13:29 . 2009-11-25 13:29 39936 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\Thinstall\WLM Lite\40000022b100002i\nd34f5.exe
2009-11-21 15:54 . 2004-08-19 08:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-14 04:30 . 2009-11-14 04:30 70144 ----a-w- c:\windows\system32\mmrtkrnl.exe
2009-11-14 04:30 . 2009-11-14 04:30 480256 ----a-w- c:\windows\system32\mmrtkrnl.dll
2009-11-04 15:49 . 2010-01-27 13:38 635664 ----a-w- c:\documents and settings\Administrator\Dati applicazioni\IObit\Common\TB_Helper.exe
2009-03-16 12:36 . 2009-03-16 12:36 13264160 ----a-w- c:\programmi\dxnt.cab
2009-03-16 12:36 . 2009-03-16 12:36 1155483 ----a-w- c:\programmi\BDANT.cab
2009-03-16 12:36 . 2009-03-16 12:36 975148 ----a-w- c:\programmi\BDAXP.cab
2009-03-16 12:36 . 2009-03-16 12:36 95296 ----a-w- c:\programmi\dxupdate.cab
2009-03-16 12:36 . 2009-03-16 12:36 1691464 ----a-w- c:\programmi\dsetup32.dll
2009-03-16 12:36 . 2009-03-16 12:36 44444 ----a-w- c:\programmi\dxdllreg_x86.cab
2009-03-16 12:35 . 2009-03-16 12:35 525128 ----a-w- c:\programmi\DXSETUP.exe
2009-03-16 12:35 . 2009-03-16 12:35 94024 ----a-w- c:\programmi\DSETUP.dll
2008-07-18 18:42 . 2008-07-17 16:13 38860944 ----a-w- c:\programmi\GoogleSketchUpWIT.exe
2000-04-04 16:13 . 2009-01-07 21:12 13277 ----a-w- c:\programmi\FB63U.CAT
2000-04-04 16:12 . 2009-01-07 21:12 14605 ----a-w- c:\programmi\FB63UNT.CAT
2000-03-27 11:49 . 2009-01-07 21:12 5381 ----a-w- c:\programmi\FB63u.inf
2009-06-05 10:31 . 2009-06-05 10:31 8 --sh--r- c:\windows\system32\6A317A8ED6.sys
2009-06-05 10:31 . 2009-06-05 10:30 3140 --sha-w- c:\windows\system32\KGyGaAvL.sys
.

------- Sigcheck -------

[-] 2010-01-18 . 1DF7F42665C94B825322FAE71721130D . 212224 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
[7] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\ndis.sys
[7] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys

[-] 2008-04-14 . 6DC43081C760EEC1130D2C8C145DF375 . 549888 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . 6DC43081C760EEC1130D2C8C145DF375 . 549888 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[7] 2008-04-14 . 9259170D29B5A256735FCB8B80280857 . 510464 . . [5.1.2600.5512] . . c:\windows\VistaMizer\old\winlogon.exe

[-] 2008-04-14 . 97CBB1689BB951AD8DEE44C9F9C44318 . 724992 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2008-04-14 . 97CBB1689BB951AD8DEE44C9F9C44318 . 724992 . . [5.82] . . c:\windows\system32\comctl32.dll
[7] 2008-04-14 . 10AA0E13B4D20EE798E3382C9B89B3E3 . 617472 . . [5.82] . . c:\windows\VistaMizer\old\comctl32.dll

[-] 2008-04-14 . 3DBD6DC6D74C517D55A1B3AECA88EF48 . 588800 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . 3DBD6DC6D74C517D55A1B3AECA88EF48 . 588800 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[7] 2008-04-14 . FA94696C0727BD59E517C674CD6E7C72 . 579584 . . [5.1.2600.5512] . . c:\windows\VistaMizer\old\user32.dll
[-] 2007-03-08 . BAB4F995E526484A235A276E269AAF7F . 579072 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
[-] 2005-03-02 . 488019BFE2B0F9F8CD8394276D5B664A . 578048 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll

[-] 2008-04-14 . 287B3020F1324E99F313C9E7FCFCCCCC . 1554944 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 287B3020F1324E99F313C9E7FCFCCCCC . 1554944 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[7] 2008-04-14 . 70D7F99D95615C3C278367756287DB71 . 1036288 . . [6.00.2900.5512] . . c:\windows\VistaMizer\old\explorer.exe
[-] 2007-06-13 . B4E85805BE6D23DE697F7B3BA7492D0B . 1035776 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe

[-] 2008-04-14 . 91B6AAC828F8BBE1796275424E44DFB0 . 25088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 91B6AAC828F8BBE1796275424E44DFB0 . 25088 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[7] 2008-04-14 . F53CDDEF33A4C41336A782BE3D170158 . 15360 . . [5.1.2600.5512] . . c:\windows\VistaMizer\old\ctfmon.exe
.
((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-02-25 16:52 . 2004-01-14 01:10 409600 c:\programmi\Canon\Easy-PrintToolBox\bak\BJPSMAIN.EXE

2007-02-09 13:01 . 2005-11-08 10:59 184320 c:\programmi\InterVideo\DVD Check\bak\DVDCheck.exe

2006-06-15 11:36 . 2006-06-15 11:36 229376 c:\programmi\Nokia\Nokia PC Suite 6\bak\LAUNCH~1.EXE

2007-02-16 08:54 . 2007-02-16 08:54 282624 c:\programmi\QuickTime\bak\qttask.exe
2009-01-05 14:18 . 2009-01-05 14:18 413696 c:\programmi\QuickTime\QTTask.exe

2006-08-21 18:24 . 2005-11-10 18:04 761945 c:\programmi\Synaptics\SynTP\bak\SynTPEnh.exe
2006-08-21 18:24 . 2005-11-10 18:04 761945 c:\programmi\Synaptics\SynTP\SynTPEnh.exe

2007-02-13 21:30 . 2007-02-13 21:30 40960 c:\windows\bak\NCLAUNCH.EXe
2007-02-13 21:30 . 2008-05-23 12:06 40960 c:\windows\NCLAUNCH.EXe

.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NCLaunch"="c:\windows\NCLAUNCH.EXe" [2008-05-23 40960]
"MsnMsgr"="c:\programmi\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-20 39408]
"WMPNSCFG"="c:\programmi\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288]
"Advanced SystemCare 3"="c:\programmi\IObit\Advanced SystemCare 3\AWC.exe" [2010-01-06 2335952]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 25088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsmqIntCert"="mqrt.dll" [2008-04-14 177152]
"hpWirelessAssistant"="c:\programmi\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-02-14 454656]
"CognizanceTS"="c:\progra~1\HPQ\IAM\Bin\AsTsVcc.dll" [2003-12-22 17920]
"QlbCtrl"="c:\programmi\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-03-02 131072]
"WatchDog"="c:\programmi\InterVideo\DVD Check\bak\DVDCheck.exe" [2005-11-08 184320]
"fssui"="c:\programmi\Windows Live\Family Safety\fsui.exe" [2009-02-06 454000]
"OpwareSE4"="c:\programmi\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"iTunesHelper"="c:\programmi\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"Mouse Suite 98 Daemon"="ICO.EXE" [2004-07-14 57344]
"LogitechQuickCamRibbon"="c:\programmi\Logitech\QuickCam\Quickcam.exe" [2007-10-25 2178832]
"LogitechCommunicationsManager"="c:\programmi\File comuni\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 563984]
"SynTPEnh"="c:\programmi\Synaptics\SynTP\SynTPEnh.exe" [2005-11-10 761945]
"CloneCDTray"="c:\programmi\SlySoft\CloneCD\CloneCDTray.exe" [2009-01-29 57344]
"egui"="c:\programmi\ESET\ESET NOD32 Antivirus\egui.exe" [2008-10-24 1451264]
"Realtime Audio Engine"="mmrtkrnl.exe" [2009-11-14 70144]
"ISUSPM Startup"="c:\progra~1\FILECO~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="c:\programmi\File comuni\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"WinampAgent"="c:\programmi\Winamp\winampa.exe" [2010-01-13 37888]
"TkBellExe"="c:\programmi\File comuni\Real\Update_OB\realsched.exe" [2010-01-28 198160]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 25088]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
BTTray.lnk - c:\programmi\WIDCOMM\Software Bluetooth\BTTray.exe [2006-2-15 581693]
Logitech Desktop Messenger.lnk - c:\programmi\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2009-1-9 66864]
Nikon Monitor.lnk - c:\programmi\File comuni\Nikon\Monitor\NkMonitor.exe [2007-10-18 479232]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoPopUpsOnBoot"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]
2005-07-25 18:41 40960 ----a-w- c:\programmi\HPQ\IAM\Bin\AsWlnPkg.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-09-28 12:16 185896 ----a-w- c:\programmi\File comuni\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SVCHOST.EXE]
c:\windows\system32\drivers\svchost.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2006-11-02 20:56 204288 ----a-w- c:\programmi\Windows Media Player\wmpnscfg.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Programmi\\Ares\\Ares.exe"=
"c:\\Programmi\\Mozilla Firefox\\firefox.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\File comuni\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Programmi\\BitLord2\\BitLord.exe"=
"c:\\Programmi\\WIDCOMM\\Software Bluetooth\\bin\\btwdins.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\ESET\\ESET NOD32 Antivirus\\ekrn.exe"=
"c:\\Programmi\\iPod\\bin\\iPodService.exe"=
"c:\\Programmi\\iTunes\\iTunes.exe"=
"c:\\Programmi\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Programmi\\File comuni\\Microsoft Shared\\VS7DEBUG\\MDM.EXE"=
"c:\\WINDOWS\\system32\\mqsvc.exe"=
"c:\\Programmi\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4760:TCP"= 4760:TCP:htivodh
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [24/10/2008 20.53.28 34824]
R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\programmi\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [16/09/2008 11.03.18 169312]
R2 ASChannel;Canale di comunicazione locale;c:\windows\System32\svchost.exe -k Cognizance [19/08/2004 9.00.00 14336]
R2 ekrn;Eset Service;c:\programmi\ESET\ESET NOD32 Antivirus\ekrn.exe [24/10/2008 20.51.16 468224]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [06/01/2009 21.50.43 55152]
R2 fsssvc;Windows Live Family Safety;c:\programmi\Windows Live\Family Safety\fsssvc.exe [06/02/2009 18.08.58 533360]
S2 gupdate1ca2240a5d49d0a;Servizio di Google Update (gupdate1ca2240a5d49d0a);c:\programmi\Google\Update\GoogleUpdate.exe [21/08/2009 10.20.30 133104]
S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [19/08/2004 9.00.00 25600]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Cognizance REG_MULTI_SZ ASChannel
.
Contenuto della cartella 'Scheduled Tasks'

2010-01-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-08-21 09:20]

2010-01-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2009-08-21 09:20]

2010-01-27 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]

2010-01-28 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]

2010-01-28 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\programmi\Ask.com\UpdateTask.exe [2009-05-19 11:37]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = local
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: Aggiungi all'elenco di stampa Easy-WebPrint - c:\programmi\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Anteprima Easy-WebPrint - c:\programmi\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: Invia a &Bluetooth - c:\programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
IE: Stampa ad alta velocità Easy-WebPrint - c:\programmi\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Stampa Easy-WebPrint - c:\programmi\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\programmi\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\Administrator\Dati applicazioni\Mozilla\Firefox\Profiles\wy1yafqv.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&o ... &gfns=1&q=
FF - component: c:\programmi\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\documents and settings\Administrator\Dati applicazioni\Mozilla\Firefox\Profiles\wy1yafqv.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: c:\programmi\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\programmi\Microsoft\Office Live\npOLW.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - fales
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
Toolbar-{31c7d459-9cc3-44f2-9dca-fc11795309b4} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{31C7D459-9CC3-44F2-9DCA-FC11795309B4} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-28 15:29
Windows 5.1.2600 Service Pack 3 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe >>UNKNOWN [0x89D06530]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf74ebf28
\Driver\ACPI -> ACPI.sys @ 0xf735ecb8
\Driver\atapi -> atapi.sys @ 0xf72d2852
\Driver\iaStor -> iaStor.sys @ 0xf7208b58
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
NDIS: Intel(R) PRO/Wireless 3945ABG Network Connection -> SendCompleteHandler -> NDIS.sys @ 0x89cedbb0
PacketIndicateHandler -> NDIS.sys @ 0x89cdca0d
SendHandler -> NDIS.sys @ 0x89cf0b40
user & kernel MBR OK

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\S-1-5-21-1987944545-1339218757-4151644466-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d7,1d,0e,6d,ba,27,28,4e,a6,75,6d,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d7,1d,0e,6d,ba,27,28,4e,a6,75,6d,\

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
"0140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'winlogon.exe'(872)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\sfc_os.dll
c:\programmi\HPQ\IAM\Bin\AsWlnPkg.dll
c:\windows\system32\COMRes.dll
c:\windows\system32\cscui.dll
c:\windows\system32\msi.dll

- - - - - - - > 'lsass.exe'(932)
c:\windows\system32\setupapi.dll
c:\windows\system32\scecli.dll
c:\windows\system32\psbase.dll

- - - - - - - > 'explorer.exe'(8660)
c:\windows\system32\SHDOCVW.dll
c:\windows\system32\WININET.dll
c:\programmi\File comuni\Logishrd\LVMVFM\LVPrcInj.dll
c:\programmi\ScanSoft\OmniPageSE4.0\OpHookSE4.dll
c:\windows\system32\COMRes.dll
c:\programmi\HPQ\IAM\Bin\SFSShell.dll
c:\programmi\HPQ\IAM\bin\ItMsg.dll
c:\programmi\HPQ\IAM\bin\1040\SFSShell.dll
c:\windows\System32\cscui.dll
c:\windows\system32\LINKINFO.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\MSVCP60.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\msi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\File comuni\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\windows\system32\DllHost.exe
c:\programmi\HPQ\IAM\bin\asghost.exe
c:\windows\system32\msdtc.exe
c:\programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\File comuni\LightScribe\LSSrvc.exe
c:\programmi\File comuni\LogiShrd\LVCOMSER\LVComSer.exe
c:\programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\programmi\Hewlett-Packard\Shared\hpqwmiex.exe
c:\programmi\Windows Media Player\WMPNetwk.exe
c:\programmi\File comuni\LogiShrd\LVCOMSER\LVComSer.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\ICO.EXE
c:\windows\system32\mmrtkrnl.exe
c:\programmi\iPod\bin\iPodService.exe
c:\progra~1\HPQ\Shared\HPQTOA~1.EXE
c:\programmi\File comuni\Logishrd\LQCVFX\COCIManager.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Ora fine scansione: 2010-01-28 15:37:20 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2010-01-28 14:37
ComboFix2.txt 2010-01-08 11:41
ComboFix3.txt 2010-01-06 17:06

Pre-Run: 13.522.960.384 byte disponibili
Post-Run: 13.534.228.480 byte disponibili

- - End Of File - - AA105FD9072AA032733B98CB43BD7AF4
stix
Utente Junior
 
Post: 23
Iscritto il: 05/01/10 17:14

Re: internet lento

Postdi stix » 01/02/10 15:33

dopo aver fatto questo??

cosa devo fare??
stix
Utente Junior
 
Post: 23
Iscritto il: 05/01/10 17:14

Re: internet lento

Postdi shel » 01/02/10 16:04

Scarica Avenger

http://swandog46.geekstogo.com/avenger.zip

Estrailo in una cartella a tua scelta
Esegui il file avenger.exe
Ora incolla queste righe nella box bianca che si è aperta:

files to move:
c:\programmi\Canon\Easy-PrintToolBox\bak\BJPSMAIN.EXE | c:\programmi\Canon\Easy-PrintToolBox\BJPSMAIN.EXE
c:\programmi\InterVideo\DVD Check\bak\DVDCheck.exe | c:\programmi\InterVideo\DVD Check\DVDCheck.exe
c:\programmi\Nokia\Nokia PC Suite 6\bak\LAUNCH~1.EXE | c:\programmi\Nokia\Nokia PC Suite 6\LAUNCH~1.EXE
c:\programmi\QuickTime\bak\qttask.exe | c:\programmi\QuickTime\qttask.exe
c:\programmi\Synaptics\SynTP\bak\SynTPEnh.exe | c:\programmi\Synaptics\SynTP\SynTPEnh.exe
c:\windows\bak\NCLAUNCH.EXe | c:\windows\NCLAUNCH.EXe


Togli il segno di spunta dalla voce Scan for Rootkits
Premi il pulsante Execute
Rispondi di Si alle due richieste di Avenger
Adesso il tuo computer dovrebbe riavviarsi, nel caso non succedesse, riavvialo tu manualmente
Al riavvio del computer, copia e incolla qui il contenuto del blocco note che apparirà.
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: internet lento

Postdi stix » 01/02/10 19:36

ecco il post :

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

File move operation "c:\programmi\Canon\Easy-PrintToolBox\bak\BJPSMAIN.EXE|c:\programmi\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" completed successfully.
File move operation "c:\programmi\InterVideo\DVD Check\bak\DVDCheck.exe|c:\programmi\InterVideo\DVD Check\DVDCheck.exe" completed successfully.
File move operation "c:\programmi\Nokia\Nokia PC Suite 6\bak\LAUNCH~1.EXE|c:\programmi\Nokia\Nokia PC Suite 6\LAUNCH~1.EXE" completed successfully.
File move operation "c:\programmi\QuickTime\bak\qttask.exe|c:\programmi\QuickTime\qttask.exe" completed successfully.
File move operation "c:\programmi\Synaptics\SynTP\bak\SynTPEnh.exe|c:\programmi\Synaptics\SynTP\SynTPEnh.exe" completed successfully.
File move operation "c:\windows\bak\NCLAUNCH.EXe|c:\windows\NCLAUNCH.EXe" completed successfully.

Completed script processing.

*******************

Finished! Terminate.
stix
Utente Junior
 
Post: 23
Iscritto il: 05/01/10 17:14

Re: internet lento

Postdi shel » 01/02/10 20:14

qeste cartelle sono tue? le riconosci?

C:\abc27347a

C:\abc295a

C:\abc21603a

C:\abc21075a

C:\abc
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: internet lento

Postdi stix » 01/02/10 21:47

no per niente..
stix
Utente Junior
 
Post: 23
Iscritto il: 05/01/10 17:14

Re: internet lento

Postdi shel » 01/02/10 21:58

eliminale tutte se non le riconosci

elimina anche questa se non la riconosci

C:\5520caff0b684e20f7b72e75b18c

esegui anche questo per precauzione

Scarica MBR:EXE direttamente nella Directory C:\
http://www2.gmer.net/mbr/mbr.exe

Posta il log che troverai in C:\ come mbr.log

vai in provvisoria

Da Start - Esegui - digita C:\mbr.exe e clicca su OK
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: internet lento

Postdi shel » 01/02/10 22:01

scusa ripeto l'operazione, ho sbagliato a scrivere

Scarica MBR:EXE direttamente nella Directory C:\
http://www2.gmer.net/mbr/mbr.exe

vai in provvisoria

Da Start - Esegui - digita C:\mbr.exe e clicca su OK



Posta il log che troverai in C:\ come mbr.log
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: internet lento

Postdi stix » 02/02/10 13:09

ho fatto tutte le cancellazioni ed ecco il log :

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
stix
Utente Junior
 
Post: 23
Iscritto il: 05/01/10 17:14

Re: internet lento

Postdi shel » 02/02/10 17:23

finiamo le pulizie

scarica

http://www.ccleaner.com/download/downloading

installalo, aprilo e da opzioni>avanzate togli la spunta a "cancella file di winsows più vecchi di 48 ore", poi eseguilo con avvia pulizia.

clicca su Registro, nella pagina successiva clicca Trova problemi, poi al termine dello scan clicca su Ripara selezionati , risposndi di sì alla richiesta di salvare il backup (salvalo in una cartella a piacimento) poi ripara tutti gli elementi trovati.

Scarica ATF Cleaner
http://www.atribune.org/ccount/click.php?id=1
- Avvia ATF Cleaner.exe con un doppio click
- clicca sul menu main
- seleziona la casella Select All
- clicca sul pulsante Empty selected
- aspetta l'avviso Done Cleaning.
(se usi opera o firefox,spunta anche le loro sezioni)



scarica Malwarebytes http://www.malwarebytes.org/mbam/program/mbam-setup.exe
1) lo installi
2) lo aggiorni
3) fai una scansione scegliendo la modalità completa
4) NON eliminare per ora le ventuali minacce che rileva
5) finita la scansione seleziona il tabellino log, apri il file di testo e postalo sul forum
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: internet lento

Postdi stix » 04/02/10 20:42

ho fatto tutto ed ecco il log

Malwarebytes' Anti-Malware 1.44
Versione del database: 3683
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

03/02/2010 17.20.36
mbam-log-2010-02-03 (17-20-32).txt

Tipo di scansione: Scansione completa (C:\|E:\|)
Elementi scansionati: 236894
Tempo trascorso: 1 hour(s), 5 minute(s), 38 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 1
Valori di registro infetti: 0
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 0

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
HKEY_LOCAL_MACHINE\SOFTWARE\AGprotect (Malware.Trace) -> No action taken.

Valori di registro infetti:
(Nessun elemento malevolo rilevato)

Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
(Nessun elemento malevolo rilevato)


non penso che sia un virus..

ps: ora la cosa è migliorata, cioè prima scaricavo i programmi da un altro pc e gli mettevo su questo...ora invece sembra che le cose sono migliorate rispetto a prima che nn potevo proprio usare internet...ho le pagine si caricano ma ci vuole un po di tempo..
stix
Utente Junior
 
Post: 23
Iscritto il: 05/01/10 17:14


Torna a Sicurezza e Privacy


Topic correlati a "internet lento":

Internet
Autore: ranger
Forum: Reti, ADSL e wireless
Risposte: 5
pc lento
Autore: caiazza.rocco
Forum: Sistemi Operativi Windows
Risposte: 8

Chi c’è in linea

Visitano il forum: Nessuno e 5 ospiti