Internet Rallentato

**lucasspd** · 15-06-2011, 22:41

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"LDM"="c:\programmi\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe" [2011-04-21 32768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2010-03-17 19520544]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-12 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-12 174616]
"Persistence"="c:\windows\system32\igfxpers.ex e" [2010-04-12 145432]
"Six Engine"="c:\programmi\ASUS\EPU-4 Engine\FourEngine.exe" [2010-02-03 5756544]
"HP Component Manager"="c:\programmi\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 241664]
"SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe" [2010-10-29 249064]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"COMODO Internet Security"="c:\programmi\COMODO\COMODO Internet Security\cfp.exe" [2011-05-19 2552648]
"avgnt"="c:\programmi\Avira\AntiVir Desktop\avgnt.exe" [2011-03-04 281768]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2002-12-31 15360]
"MsnMsgr"="c:\programmi\Windows Live\Messenger\MsnMsgr.Exe" [2010-04-16 3872080]
.
c:\documents and settings\Administrator\Menu Avvio\Programmi\Esecuzione automatica\
PopTray.lnk - c:\programmi\PopTray\PopTray.exe [2006-9-16 1666048]
.
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Acrobat Assistant.lnk - c:\programmi\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-5-15 217193]
HP Digital Imaging Monitor.lnk - c:\programmi\HP\Digital Imaging\bin\hpqtra08.exe [2003-9-16 237568]
Logitech Desktop Messenger.lnk - c:\programmi\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2011-4-21 450560]
Logitech SetPoint.lnk - c:\programmi\Logitech\SetPoint\SetPoint.exe [2011-4-21 813584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 10:28 72208 ----a-w- c:\programmi\File comuni\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\run-]
"LDM"=c:\programmi\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run-]
"QuickTime Task"="c:\programmi\QuickTime\QTTask.exe" -atboottime
"HP Software Update"="c:\programmi\HP\HP Software Update\HPWuSchd.exe"
.
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\fxsclnt.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessen ger.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=
.
R0 VIRAGTLT;VIRAGTLT;c:\windows\system32\drivers\VIRA GTLT.sys [14/03/2011 14.00.02 81016]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [06/01/2011 17.37.02 242472]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [06/01/2011 17.37.04 29400]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepK E.sys [21/04/2011 9.50.25 10384]
R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\programmi\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [20/04/2011 16.27.08 2314240]
R2 viritsvclite;VirIT eXplorer Lite;c:\vexplite\VIRITSVC.EXE [14/03/2011 13.54.14 86016]
R3 IntcDAud;Audio schermo Intel(R);c:\windows\system32\drivers\IntcDAud.sys [20/04/2011 16.20.41 235520]
R3 PAC207;Trust WB-1200p Mini Webcam;c:\windows\system32\drivers\PFC027.sys [24/02/2005 12.29.14 162176]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfil t.sys [20/04/2011 16.19.30 1691480]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenuto della cartella 'Scheduled Tasks'
.
2011-05-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
2011-05-20 c:\windows\Tasks\WebReg 20110520131306.job
- c:\programmi\HP\Digital Imaging\bin\hpqwrg.exe [2003-07-06 23:43]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/index.html
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: Interfaces\{B7C64984-57D6-4B3C-9193-29A7BBD0CC9A}: NameServer = 151.99.125.1,151.99.0.100
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\programmi\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\Administrator\Dati applicazioni\Mozilla\Firefox\Profiles\fpf11hmw.def ault\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - www.google.it
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
.
************************************************** ************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-06-15 21:14
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwClose, ZwOpenFile
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
************************************************** ************************
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'winlogon.exe'(936)
c:\programmi\file comuni\logishrd\bluetooth\LBTWlgn.dll
c:\programmi\file comuni\logishrd\bluetooth\LBTServ.dll
.
- - - - - - - > 'lsass.exe'(992)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'explorer.exe'(3488)
c:\windows\system32\guard32.dll
c:\docume~1\ADMINI~1\IMPOST~1\Temp\IadHide5.dll
c:\programmi\Logitech\SetPoint\lgscroll.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\Avira\AntiVir Desktop\sched.exe
c:\programmi\Avira\AntiVir Desktop\avguard.exe
c:\programmi\Bonjour\mDNSResponder.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\System32\PAStiSvc.exe
c:\programmi\Avira\AntiVir Desktop\avshadow.exe
c:\windows\System32\TUProgSt.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
c:\programmi\File comuni\Logishrd\KHAL2\KHALMNPR.EXE
.
************************************************** ************************
.
Ora fine scansione: 2011-06-15 21:17:03 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2011-06-15 19:17
ComboFix2.txt 2011-05-04 09:19
.
Pre-Run: 458.819.473.408 byte disponibili
Post-Run: 458.805.313.536 byte disponibili
.
- - End Of File - - 85EE596C73D40EC11DEAC5B5B9349B9E

Discussione: Internet Rallentato

Strumenti discussione

Ricerca discussione

Visualizza

Visualizzazione discussione

Permessi di invio