Navigazione con browser bloccata dopo pochi minuti

[fcervell]

Ho una piccola rete domestica con un pc fisso e 2 portatili, un modem/router netgear dg834 e collegamento adsl.
Il problema viene riscostrato solo su un portatile (xp sp2): all'avvio del pc riesco a navigare via browser per circa una decina di minuti,
passati i quali nessuna pagina vine più caricata. Firefox segnala che il 'Tempo di attesa terminato.
Il server xxxx sta impiegando troppo tempo a rispondere.', mentre explorer mi da 'pagina non raggiungibile'
Riesco comunque a scaricare la posta, e connettermi con skype, invece il download degli aggiornamenti delle applicazioni non riesce.
I ping verso il router e verso i dns sono ok.
Le scansionicon avg 8 e spybot S&D non segnalano nulla.
idee a riguardo?

Grazie

[wizard1993]

segui qui
http://www.hwupgrade.it/forum/showthread.php?t=1599737

[xcdegasp]

pubblicando tutti i log

[fcervell]

ecco i log delle scansioni. il problema rimane.

A SQUARED

a-squared Free - Version 3.5
Last update: 09/06/2008 22.51.32

Impostazioni scansione:

Oggetti: Memoria, Tracce, Cookies, C:\
Archivio scansioni: On
Scientifico: On
ADS Scan: On

Scansione avviata: 10/06/2008 13.11.43

c:\programmi\realvnc rilevati: Trace.Directory.VNC
c:\programmi\realvnc\vnc4 rilevati: Trace.Directory.VNCServer
c:\programmi\realvnc\vnc4\logmessages.dll rilevati: Trace.File.VNCServer
c:\programmi\realvnc\vnc4\unins000.exe rilevati: Trace.File.VNCServer
c:\programmi\realvnc\vnc4\vncconfig.exe rilevati: Trace.File.VNCServer
c:\programmi\realvnc\vnc4\vncviewer.exe rilevati: Trace.File.VNCServer
c:\programmi\realvnc\vnc4\winvnc4.exe rilevati: Trace.File.VNCServer
c:\programmi\realvnc\vnc4\wm_hooks.dll rilevati: Trace.File.VNCServer
Value: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run --> monitor rilevati: Trace.Registry.CMJSpy
Key: HKEY_CLASSES_ROOT\.vnc rilevati: Trace.Registry.VNC.CommonComponents
Key: HKEY_CLASSES_ROOT\vnc.connectioninfo rilevati: Trace.Registry.VNC.CommonComponents
Key: HKEY_CLASSES_ROOT\.vnc rilevati: Trace.Registry.VNC
Key: HKEY_CLASSES_ROOT\vnc.connectioninfo rilevati: Trace.Registry.VNC
Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\realvnc_is1 rilevati: Trace.Registry.VNC
Key: HKEY_LOCAL_MACHINE\software\realvnc rilevati: Trace.Registry.VNC
Key: HKEY_LOCAL_MACHINE\system\currentcontrolset\services\eventlog\application\winvnc4 rilevati: Trace.Registry.VNC
Key: HKEY_LOCAL_MACHINE\system\currentcontrolset\services\winvnc4 rilevati: Trace.Registry.VNC
Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\realvnc_is1 rilevati: Trace.Registry.VNCServer
Key: HKEY_LOCAL_MACHINE\software\realvnc\winvnc4 rilevati: Trace.Registry.VNCServer
Key: HKEY_USERS\S-1-5-21-1551120380-2359452814-2880085343-1005\software\realvnc\vncviewer4 rilevati: Trace.Registry.VNCViewer
Value: HKEY_USERS\S-1-5-21-1551120380-2359452814-2880085343-1005\Software\BST\bsplayerv1 --> AppPath rilevati: Trace.Registry.BSplayer
Value: HKEY_USERS\S-1-5-21-1551120380-2359452814-2880085343-1005\Software\BST\bsplayerv1 --> AppVer rilevati: Trace.Registry.BSplayer
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BSPlayer1 --> DisplayName rilevati: Trace.Registry.BSplayer
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BSPlayer1 --> UninstallString rilevati: Trace.Registry.BSplayer
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> DisplayIcon rilevati: Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> DisplayName rilevati: Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> DisplayVersion rilevati: Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> HelpLink rilevati: Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> Inno Setup: App Path rilevati: Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> Inno Setup: Deselected Components rilevati: Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> Inno Setup: Deselected Tasks rilevati: Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> Inno Setup: Icon Group rilevati: Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> Inno Setup: Selected Components rilevati: Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> Inno Setup: Selected Tasks rilevati: Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> Inno Setup: Setup Type rilevati: Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> Inno Setup: Setup Version rilevati: Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> Inno Setup: User rilevati: Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> InstallLocation rilevati: Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> NoModify rilevati: Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> NoRepair rilevati: Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> Publisher rilevati: Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> QuietUninstallString rilevati: Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> UninstallString rilevati: Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> URLInfoAbout rilevati: Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> URLUpdateInfo rilevati: Trace.Registry.RealVNC 4.1.2
Value: HKEY_USERS\S-1-5-21-1551120380-2359452814-2880085343-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Antivirus --> Order rilevati: Trace.Registry.Antivirus 2008
C:\Documents and Settings\Filippo\Dati applicazioni\Mozilla\Firefox\Profiles\z5x1vsdu.default\cookies.txt:10 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Filippo\Dati applicazioni\Mozilla\Firefox\Profiles\z5x1vsdu.default\cookies.txt:25 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Filippo\Dati applicazioni\Mozilla\Firefox\Profiles\z5x1vsdu.default\cookies.txt:26 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Filippo\Dati applicazioni\Mozilla\Firefox\Profiles\z5x1vsdu.default\cookies.txt:27 rilevati: Trace.TrackingCookie
C:\Documents and Settings\Filippo\Dati applicazioni\Mozilla\Firefox\Profiles\z5x1vsdu.default\cookies.txt:28 rilevati: Trace.TrackingCookie

Scansionati

Files: 137451
Tracce: 405442
Cookies: 36
Processi: 42

Rilevato

Files: 0
Tracce: 46
Cookies: 5
Processi: 0
Chiavi registro: 0

Fine scansione: 10/06/2008 14.11.02
Tempo scansione: 0:59:19

C:\Documents and Settings\Filippo\Dati applicazioni\Mozilla\Firefox\Profiles\z5x1vsdu.default\cookies.txt:10 In quarantena Trace.TrackingCookie
C:\Documents and Settings\Filippo\Dati applicazioni\Mozilla\Firefox\Profiles\z5x1vsdu.default\cookies.txt:25 In quarantena Trace.TrackingCookie
C:\Documents and Settings\Filippo\Dati applicazioni\Mozilla\Firefox\Profiles\z5x1vsdu.default\cookies.txt:26 In quarantena Trace.TrackingCookie
C:\Documents and Settings\Filippo\Dati applicazioni\Mozilla\Firefox\Profiles\z5x1vsdu.default\cookies.txt:27 In quarantena Trace.TrackingCookie
C:\Documents and Settings\Filippo\Dati applicazioni\Mozilla\Firefox\Profiles\z5x1vsdu.default\cookies.txt:28 In quarantena Trace.TrackingCookie
Value: HKEY_USERS\S-1-5-21-1551120380-2359452814-2880085343-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Antivirus --> Order In quarantena Trace.Registry.Antivirus 2008
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> DisplayIcon In quarantena Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> DisplayName In quarantena Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> DisplayVersion In quarantena Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> HelpLink In quarantena Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> Inno Setup: App Path In quarantena Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> Inno Setup: Deselected Components In quarantena Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> Inno Setup: Deselected Tasks In quarantena Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> Inno Setup: Icon Group In quarantena Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> Inno Setup: Selected Components In quarantena Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> Inno Setup: Selected Tasks In quarantena Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> Inno Setup: Setup Type In quarantena Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> Inno Setup: Setup Version In quarantena Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> Inno Setup: User In quarantena Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> InstallLocation In quarantena Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> NoModify In quarantena Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> NoRepair In quarantena Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> Publisher In quarantena Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> QuietUninstallString In quarantena Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> UninstallString In quarantena Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> URLInfoAbout In quarantena Trace.Registry.RealVNC 4.1.2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealVNC_is1 --> URLUpdateInfo In quarantena Trace.Registry.RealVNC 4.1.2
Value: HKEY_USERS\S-1-5-21-1551120380-2359452814-2880085343-1005\Software\BST\bsplayerv1 --> AppPath In quarantena Trace.Registry.BSplayer
Value: HKEY_USERS\S-1-5-21-1551120380-2359452814-2880085343-1005\Software\BST\bsplayerv1 --> AppVer In quarantena Trace.Registry.BSplayer
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BSPlayer1 --> DisplayName In quarantena Trace.Registry.BSplayer
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BSPlayer1 --> UninstallString In quarantena Trace.Registry.BSplayer
Key: HKEY_USERS\S-1-5-21-1551120380-2359452814-2880085343-1005\software\realvnc\vncviewer4 In quarantena Trace.Registry.VNCViewer
Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\realvnc_is1 In quarantena Trace.Registry.VNCServer
Key: HKEY_LOCAL_MACHINE\software\realvnc\winvnc4 In quarantena Trace.Registry.VNCServer
Key: HKEY_CLASSES_ROOT\.vnc In quarantena Trace.Registry.VNC
Key: HKEY_CLASSES_ROOT\vnc.connectioninfo In quarantena Trace.Registry.VNC
Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\realvnc_is1 In quarantena Trace.Registry.VNC
Key: HKEY_LOCAL_MACHINE\software\realvnc In quarantena Trace.Registry.VNC
Key: HKEY_LOCAL_MACHINE\system\currentcontrolset\services\eventlog\application\winvnc4 In quarantena Trace.Registry.VNC
Key: HKEY_LOCAL_MACHINE\system\currentcontrolset\services\winvnc4 In quarantena Trace.Registry.VNC
Key: HKEY_CLASSES_ROOT\.vnc In quarantena Trace.Registry.VNC.CommonComponents
Key: HKEY_CLASSES_ROOT\vnc.connectioninfo In quarantena Trace.Registry.VNC.CommonComponents
Value: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run --> monitor In quarantena Trace.Registry.CMJSpy
c:\programmi\realvnc\vnc4\logmessages.dll In quarantena Trace.File.VNCServer
c:\programmi\realvnc\vnc4\unins000.exe In quarantena Trace.File.VNCServer
c:\programmi\realvnc\vnc4\vncconfig.exe In quarantena Trace.File.VNCServer
c:\programmi\realvnc\vnc4\vncviewer.exe In quarantena Trace.File.VNCServer
c:\programmi\realvnc\vnc4\winvnc4.exe In quarantena Trace.File.VNCServer
c:\programmi\realvnc\vnc4\wm_hooks.dll In quarantena Trace.File.VNCServer
c:\programmi\realvnc\vnc4 In quarantena Trace.Directory.VNCServer
c:\programmi\realvnc In quarantena Trace.Directory.VNC

In quarantena

Files: 0
Tracce: 46
Cookies: 5


DR.WEB
RegUBP2b-Filippo.reg;C:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy\Snapshots2;Trojan.StartPage.1505;Cancellato.;
50C3040A.exe;C:\Documents and Settings\All Users\Dati applicazioni\Symantec\Norton AntiVirus\Quarantine;Win32.HLLP.Whboy;Spostato.;
Desktop_.ini;C:\Documents and Settings\All Users\Documenti\Registrazioni;Win32.HLLW.Gavir.ini;Cancellato.;
Desktop_.ini;C:\Documents and Settings\All Users\Documenti\Registrazioni\TempRec;Win32.HLLW.Gavir.ini;Cancellato.;
Desktop_.ini;C:\Documents and Settings\All Users\Documenti\Registri MCE;Win32.HLLW.Gavir.ini;Cancellato.;
MSNFix.zip\MSNFix/incl/Process.exe;C:\Programmi Download\MSNFix.zip;Tool.Prockill;;
MSNFix.zip;C:\Programmi Download;l'Archivio contiene oggetti infetti;Spostato.;
proxyi.exe;C:\Programmi Download;Program.AnalogProxy;Spostato.;
vnc-4_1_2-x86_win32.exe\data005;C:\Programmi Download\Real VNC\vnc-4_1_2-x86_win32.exe;Program.RemoteAdmin.51;;
vnc-4_1_2-x86_win32.exe;C:\Programmi Download\Real VNC;l'Archivio contiene oggetti infetti;Spostato.;

HIJACK
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13.07.27, on 11/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\a-squared Free\a2service.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Programmi\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmi\Toshiba\Toshiba Applet\thotkey.exe
C:\Programmi\Synaptics\SynTP\Toshiba.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Programmi\TOSHIBA\ConfigFree\NDSTray.exe
C:\Programmi\TOSHIBA\Tvs\TvsTray.exe
C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Programmi\Skype\Plugin Manager\skypePM.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [THotkey] C:\Programmi\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Tvs] C:\Programmi\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [IntelWireless] "C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8D5E64BD-5EE2-4F8F-8FFC-D6A0EC40854E}: NameServer = 212.216.112.112,212.216.172.62
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Programmi\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Programmi\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Programmi\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

GMER
Rootkit scan 2008-06-11 13:31:28
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.14 ----

SSDT sptd.sys ZwCreateKey [0xF74EF0D0]
SSDT \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC) ZwDeleteKey [0xB5058190]
SSDT \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC) ZwDeleteValueKey [0xB50580C0]
SSDT sptd.sys ZwEnumerateKey [0xF74F4E2C]
SSDT sptd.sys ZwEnumerateValueKey [0xF74F51BA]
SSDT \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC) ZwLoadKey [0xB5058210]
SSDT sptd.sys ZwOpenKey [0xF74EF0B0]
SSDT sptd.sys ZwQueryKey [0xF74F5292]
SSDT sptd.sys ZwQueryValueKey [0xF74F5112]
SSDT \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC) ZwReplaceKey [0xB5058380]
SSDT \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC) ZwRestoreKey [0xB50584C0]
SSDT \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC) ZwSetValueKey [0xB5057FE0]

---- Kernel code sections - GMER 1.0.14 ----

? C:\WINDOWS\system32\drivers\sptd.sys Impossibile accedere al file. Il file è utilizzato da un altro processo.
.text USBPORT.SYS!DllUnload B9B0062C 5 Bytes JMP 8A3761C8

---- User code sections - GMER 1.0.14 ----

.text C:\Programmi\a-squared Free\a2service.exe[1052] kernel32.dll!CreateThread + 1A 7C810651 4 Bytes [ 4B, F3, C3, 83 ]

---- Kernel IAT/EAT - GMER 1.0.14 ----

IAT \WINDOWS\System32\Drivers\SCSIPORT.SYS[ntoskrnl.exe!IoConnectInterrupt] [F7505886] sptd.sys
IAT pci.sys[ntoskrnl.exe!IoDetachDevice] [F7505832] sptd.sys
IAT pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F7527892] sptd.sys
IAT atapi.sys[ntoskrnl.exe!IoConnectInterrupt] [F7505886] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F74EFAD4] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F74EFC1A] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F74EFB9C] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F74F0748] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F74F061E] sptd.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F7504ACA] sptd.sys
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [B50482D0] \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [B5048560] \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [B50486A0] \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [B5048450] \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] [B5048450] \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] [B50482D0] \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter] [B5048560] \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter] [B50486A0] \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [B50482D0] \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [B50486A0] \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [B5048560] \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [B5048450] \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [B50486A0] \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [B5048560] \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [B50482D0] \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [B5048450] \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [B50482D0] \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [B5048560] \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [B50486A0] \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\tcpip6.sys[NDIS.SYS!NdisRegisterProtocol] [B50482D0] \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\tcpip6.sys[NDIS.SYS!NdisDeregisterProtocol] [B5048450] \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\tcpip6.sys[NDIS.SYS!NdisCloseAdapter] [B50486A0] \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\tcpip6.sys[NDIS.SYS!NdisOpenAdapter] [B5048560] \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisCloseAdapter] [B50486A0] \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisOpenAdapter] [B5048560] \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisDeregisterProtocol] [B5048450] \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisRegisterProtocol] [B50482D0] \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [B50482D0] \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] [B5048450] \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter] [B50486A0] \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter] [B5048560] \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC)

---- Devices - GMER 1.0.14 ----

Device \FileSystem\Ntfs \Ntfs 8A5D51E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{8D5E64BD-5EE2-4F8F-8FFC-D6A0EC40854E} 8A4221E8
Device \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

Device \Driver\Tcpip6 \Device\Ip6 avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
Device \Driver\usbuhci \Device\USBPDO-0 8A3751E8
Device \Driver\usbuhci \Device\USBPDO-1 8A3751E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon 8A6481E8
Device \Driver\dmio \Device\DmControl\DmConfig 8A6481E8
Device \Driver\dmio \Device\DmControl\DmPnP 8A6481E8
Device \Driver\dmio \Device\DmControl\DmInfo 8A6481E8
Device \Driver\usbuhci \Device\USBPDO-2 8A3751E8
Device \Driver\usbuhci \Device\USBPDO-3 8A3751E8
Device \Driver\usbehci \Device\USBPDO-4 8A3481E8
Device \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
Device \Driver\Ftdisk \Device\HarddiskVolume1 8A5D71E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{705F774C-DA21-4D94-8659-D932AF286D96} 8A4221E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 8A5D71E8
Device \Driver\Cdrom \Device\CdRom0 8A3397A0
Device \Driver\Tcpip6 \Device\RawIp6 avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 8A5D61E8
Device \Driver\atapi \Device\Ide\IdePort0 8A5D61E8
Device \Driver\atapi \Device\Ide\IdePort1 8A5D61E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e 8A5D61E8
Device \Driver\Tcpip6 \Device\Tcp6 avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
Device \Driver\NetBT \Device\NetBt_Wins_Export 8A4221E8
Device \Driver\NetBT \Device\NetbiosSmb 8A4221E8
Device \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
Device \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
Device \Driver\usbuhci \Device\USBFDO-0 8A3751E8
Device \Driver\usbuhci \Device\USBFDO-1 8A3751E8
Device \Driver\usbuhci \Device\USBFDO-2 8A3751E8
Device \Driver\Tcpip \Device\IPMULTICAST avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
Device \Driver\Tcpip6 \Device\Udp6 avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8A1207A0
Device \Driver\usbuhci \Device\USBFDO-3 8A3751E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 8A1207A0
Device \Driver\Ftdisk \Device\FtControl 8A5D71E8
Device \Driver\usbehci \Device\USBFDO-4 8A3481E8
Device \FileSystem\Cdfs \Cdfs 8A3AA608

---- Registry - GMER 1.0.14 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x63 0xD1 0x06 0x8B ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x7D 0x29 0x84 0x20 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@d0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xE3 0xC9 0xA1 0xB3 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x63 0xD1 0x06 0x8B ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x7D 0x29 0x84 0x20 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@d0 1
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xE3 0xC9 0xA1 0xB3 ...

---- EOF - GMER 1.0.14 ----

[wjmat]

riedita il post caricando i log secondo le modalità please...

modalità di pubblicazione dei log
Se i log o le immagini (.JPG) non superano i 24Kb allegali tramite il comodo comando Gestisci allegati nelle Opzioni aggiuntive.
Clicca su Gestisci allegati → si aprirà una finestra → Click su Sfoglia → seleziona il file da caricare → Click su Carica → sotto allegati correnti vedrai il tuo log caricato → Chiudi la finestra
Altrimenti caricali su [wikisend.com] o su [mediafire.com].
Una volta sul sito → clicca su sfoglia → seleziona il file da caricare → poi invia o upload → aspetta che venga caricato → copia tutto il contenuto a fianco della della riga "Forum link nel primo caso oppure sotto "Sharing URL" nel secondo e lo incolli nella risposta della discussione.
Le immagini più grosse salvale in JPG, essendo più leggere, e caricale su fileqube.com che permette di visualizzarle direttamente online.


la scansione con f-secure o kaspersky?

[fcervell]

ecco i log.

a-squared:
report_a2scan_080610-131143.txt

f-secure: non sono riuscito a portarla termine, per il problema in oggetto...

sys inspector:
SysInspector-PANSA-080611-1303.xml

[wjmat]

se f-secure non ha terminato passa a kasperky lo scarichi è poi è tutto in offline

[fcervell]

fatta anche la scansione con kaspersky.

[wjmat]

come sta il pc?

Dai un'occhiata al trattamento di prevenzione / post disinfezione, ti aiuta a verificare la configurazione di sicurezza del tuo pc, aggiornare programmi vulnerabili obsoleti ed eliminare eventuali residui inutili dei programmi utilizzati nelle guide.

tra cui aggiornare:

• internet explorer
• java
• adobe reader

[fcervell]

mentre seguivo la guida, scaricando e installando i programmi consigliati, il pc è peggiorato. Ora con i browser non riesco proprio a navigare, neanche riavviando il pc.
La rete locale funziona, riesco a scaricare la posta, usare skype. facendo il ping da shell verso vari siti ottengo risposta.

[Chill-Out]

Problemi nella configurazione della rete, il portatile è collegato via cavo RJ o Wireless?

[fcervell]

sono collegato via cavo rj, l'indirizzo ip del mio pc è impostato manualmente all'interno della rete (192.168.0.x)

[wjmat]

se hai installato online armor o comodo hai provato a disattivarli?

[fcervell]

sono entrambi disattivati

[wjmat]

i dns dove sono impostati e quali sono?

[fcervell]

li ho impostati nelle proprietà del protocollo tcp/ip, sono
212.216.112.112
212.216.172.62

[wjmat]

Se Ie l'hai aggiornato alla 7 dagli una resettata
Strumenti → Opzioni Internet → Avanzate → Reimposta
NB: La reimpostazione delle impostazioni predefinite di Internet Explorer consente di ripristinare lo stato del programma al momento della prima installazione nel computer. Questo può essere utile per risolvere problemi potenzialmente originati dalla modifica di alcune impostazioni dopo l'installazione. Quando vengono ripristinate le impostazioni predefinite di Internet Explorer, alcune pagine Web che fanno riferimento a cookie, dati dei moduli e password memorizzati in precedenza o a componenti aggiuntivi del browser precedentemente installati potrebbero non funzionare correttamente. La reimpostazione delle impostazioni predefinite di Internet Explorer non elimina i Preferiti, i feed e altre impostazioni personalizzate. .

[fcervell]

...ho sempre evitato di installare IE 7

può essere un problema di porte da riconfigurare?

[wjmat]

che firewall hai messo?

Svuota anche la cache di Firefox.
Strumenti → Opzioni → Privacy → Elimina sempre i dati personali alla chiusura di Firefox
Nelle impostazioni spunta tutto tranne "Password salvate" → OK → Togli la spunta a "Chiedi prima di eliminare i dati personali" → Ok

[fcervell]

non avendo un firewall, ho installato Online Armor...riavviando dopo l'installazione sembrava tutto ok, riuscivo a navigare (oltre i tempi a cui ero abituato), poi ho spento il pc.
Al successivo avvio tutto è tornato come prima, non è stato possibile aprire le pagine web. Ho provato anche a disinstallare e reinstallare il firewall ma non cambia nulla.
Ecco lo screenshot del firewall mentre tento di aprire una pagina web
http://www.fileqube.com/shared/DJjDbO49650