Ciao ragazzi,
ho un piccolo problema col mio pc: da qualche tempo, periodicamente si verificano dei rallentamenti dei processi in corso (distorsione audio, rallentamento pesante frame durante gioco) e disconnessione da internet in seguito al primo della serie.
Questo problema si verifica variabilmente da secondi a minuti e non c'è modo di risolverlo se non con il riavvio del sistema, finché non si ripresenta nuovamente.
L'antivirus (avira personal free antivirus) non rileva niente di anormale e aprendo il task manager non risultano attive applicazioni sconosciute.
Il sistema operativo è windows 7. Allego la scansione con hjt.


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:36:32, on 13/01/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Users\Gics88\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gics88\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gics88\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Gics88\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gics88\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=ddrnw
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\bh\facemoods.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodsTlbr.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [facemoods] "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe" /md I
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Gics88\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-21-4249938616-3044564719-3798989743-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'postgres')
O4 - HKUS\S-1-5-21-4249938616-3044564719-3798989743-1002\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'postgres')
O9 - Extra button: PartyPoker.it - {4B21E152-BA59-4ebf-B522-8C55B265EE1A} - C:\Users\Gics88\Desktop\PartyPoker.it.lnk
O9 - Extra 'Tools' menuitem: PartyPoker.it - {4B21E152-BA59-4ebf-B522-8C55B265EE1A} - C:\Users\Gics88\Desktop\PartyPoker.it.lnk
O9 - Extra button: PokerStars.it - {C4046502-6524-4d87-896C-878F57D1FF07} - C:\Program Files (x86)\PokerStars.IT\PokerStarsUpdate.exe
O9 - Extra button: Lock Poker - {7000ccff-ab59-4eab-a7ae-a502e91a89e8} - C:\Users\Gics88\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lock Poker\Lock Poker.lnk (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: postgresql-8.4 - PostgreSQL Server 8.4 (postgresql-8.4) - PostgreSQL Global Development Group - C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 8910 bytes

guarda se hai impostato avira con scansione programmata e se così fosse .... togli la spunta e riavvia

ciao :O)

ps .... perchè non usi essential come antivirus ?

---

Ora provo e vi faccio sapere!!! Grazie 1000!!! :D




Scusami se ci ho messo un po', ma ero sempre impegnatissimo...
Ecco qua il post del programma che mi hai consigliato:

Malwarebytes Anti-Malware (Prova) 1.60.0.1800
www.malwarebytes.org

Versione database: v2012.01.24.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Gics88 :: GICS88-PC [amministratore]

Protezione: Attivata

24/01/2012 21:35:44
mbam-log-2012-01-24 (22-06-23).txt

Tipo di scansione: Scansione completa
Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File system | Euristica/Extra | Euristica/Shuriken | PUP | PUM
Opzioni di scansione disattivate: P2P
Elementi esaminati: 329199
Tempo impiegato: 28 minuti, 29 secondi

Processi rilevati in memoria: 0
(non sono stati rilevati elementi nocivi)

Moduli di memoria rilevati: 0
(non sono stati rilevati elementi nocivi)

Chiavi di registro rilevate: 3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BetClic Poker (PUP.Casino) -> Nessuna azione intrapresa.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\pokersnai_real (PUP.Casino) -> Nessuna azione intrapresa.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\powerpoker_real (PUP.Casino) -> Nessuna azione intrapresa.

Valori di registro rilevati: 0
(non sono stati rilevati elementi nocivi)

Voci rilevate nei dati di registro: 0
(non sono stati rilevati elementi nocivi)

Cartelle rilevate: 0
(non sono stati rilevati elementi nocivi)

File rilevati: 29
C:\Poker\BetClic Poker\_SetupPoker_13b8.exe (PUP.Casino) -> Nessuna azione intrapresa.
C:\Poker\Poker Snai\_SetupPoker_dfa4b7.exe (PUP.Casino) -> Nessuna azione intrapresa.
C:\Poker\PowerPoker\_SetupPoker_b01 .exe (PUP.Casino) -> Nessuna azione intrapresa.
C:\Program Files\Seven Ice Startup\Files\1g.exe (Trojan.Agent) -> Nessuna azione intrapresa.
C:\Program Files\Seven Ice Startup\Files\2g.exe (Trojan.Agent) -> Nessuna azione intrapresa.
C:\Program Files\Seven Ice Startup\Files\3g.exe (Trojan.Agent) -> Nessuna azione intrapresa.
C:\Program Files\Seven Ice Startup\Files\4g.exe (Trojan.Agent) -> Nessuna azione intrapresa.
C:\Program Files\Seven Ice Startup\Files\6g.exe (Trojan.Agent) -> Nessuna azione intrapresa.
C:\Program Files\Seven Ice Startup\Files\8g.exe (Trojan.Agent) -> Nessuna azione intrapresa.
C:\Program Files\Seven Ice Startup\Files\dll.exe (Trojan.Agent) -> Nessuna azione intrapresa.
C:\Program Files\Seven Ice Startup\Files\paging.exe (Trojan.Agent) -> Nessuna azione intrapresa.
C:\Program Files\Seven Ice Startup\Files\restore.exe (Trojan.Agent) -> Nessuna azione intrapresa.
C:\Program Files\Seven Ice Startup\Files\Theme1.exe (Trojan.Agent) -> Nessuna azione intrapresa.
C:\Program Files\Seven Ice Startup\Files\Theme2.exe (Trojan.Agent) -> Nessuna azione intrapresa.
C:\Program Files\Seven Ice Startup\Files\Theme3.exe (Trojan.Agent) -> Nessuna azione intrapresa.
C:\Program Files\Seven Ice Startup\Files\updateshell.exe (Trojan.Agent) -> Nessuna azione intrapresa.
C:\Program Files\Seven Ice Startup\Files\wallpaper2.exe (Trojan.Agent) -> Nessuna azione intrapresa.
C:\Program Files\Seven Ice Startup\Files\wallpaper3.exe (Trojan.Agent) -> Nessuna azione intrapresa.
C:\Program Files\Seven Ice Startup\Files\Explorer1\Replacer.exe (Trojan.Agent) -> Nessuna azione intrapresa.
C:\Program Files\Seven Ice Startup\Files\Explorer2\Replacer.exe (Trojan.Agent) -> Nessuna azione intrapresa.
C:\Program Files\Seven Ice Startup\Files\Explorer3\Replacer.exe (Trojan.Agent) -> Nessuna azione intrapresa.
C:\Program Files\Seven Ice Startup\Files\Explorer4\Replacer.exe (Trojan.Agent) -> Nessuna azione intrapresa.
C:\Users\Gics88\Desktop\SetupPoker_dfa4b7.exe (PUP.Casino) -> Nessuna azione intrapresa.
C:\Users\Gics88\Downloads\setup.exe (Affiliate.Downloader) -> Nessuna azione intrapresa.
C:\Users\Gics88\Downloads\SetupPoker_13b8.exe (PUP.Casino) -> Nessuna azione intrapresa.
C:\Users\Gics88\Downloads\SetupPoker_22c.exe (PUP.Casino) -> Nessuna azione intrapresa.
C:\Users\Gics88\Downloads\SetupPoker_b01 .exe (PUP.Casino) -> Nessuna azione intrapresa.
C:\Users\Gics88\Downloads\Sisalpoker.exe (PUP.Casino) -> Nessuna azione intrapresa.
C:\Windows\Temp\reboot.exe (Trojan.Agent) -> Nessuna azione intrapresa.

(fine)

Fammi sapere se noti qualcosa di strano nel post. Grazie 1000!!!