MegaLab.it

Inviato: **lun ago 10, 2009 7:33 am**

ciao a tutti ragazzi,il mio computer e lento su internet,non so se si tratta di virus o di un problema con schede di rete.
di seguito riporto quelle con il punto di domanda.
6t04 adapter
microsoft isatap adapter
microsoft isatap adaPter °13
scheda microsoft 6t04 °13
scheda microsoft 6t04 °18
scheda microsoft 6t04 °9.
ho fatto la scansione con combo,ma dopo internet non funzionava piu'.ho dovuto fare il ripristino a una data precedente.
vi posto il log di combo se volete dare un occhiata .grazie in anticipo.

ComboFix 09-08-08.04 - user 09/08/2009 14.12.16.1.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.39.1040.18.2046.1175 [GMT 2:00]
Eseguito da: c:\users\user\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
AV: Norton Internet Security *On-access scanning enabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Norton Internet Security *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
SP: COMODO Defense+ *disabled* (Updated) {043803A4-4F86-4ef7-AFC5-F6E02A79969B}
SP: Kaspersky Internet Security *disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Norton Internet Security *enabled* (Outdated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
SP: SUPERAntiSpyware *enabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-2787158615-3351997273-2867723842-1000
c:\windows\Installer\1f50c3.msi

.
((((((((((((((((((((((((( Files Creati Da 2009-07-09 al 2009-08-09 )))))))))))))))))))))))))))))))))))
.

2009-08-09 12:21 . 2009-08-09 12:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-08-09 07:59 . 2009-08-09 07:59 -------- d-----w- c:\program files\Panda Security
2009-08-08 09:37 . 2009-08-08 09:37 -------- d-----w- c:\users\user\AppData\Roaming\Overlook
2009-08-08 09:34 . 2009-08-08 09:34 -------- d-----w- c:\programdata\Overlook
2009-07-27 04:47 . 2009-07-27 04:47 471664 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb3802.tmp.exe
2009-07-25 11:34 . 2009-07-25 11:34 604488 ----a-w- c:\windows\system32\TUProgSt.exe
2009-07-25 11:34 . 2009-07-15 09:48 17224 ----a-w- c:\windows\system32\authuitu.dll
2009-07-25 11:34 . 2009-07-15 09:48 29000 ----a-w- c:\windows\system32\uxtuneup.dll
2009-07-25 11:34 . 2009-07-25 11:34 361288 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-07-25 11:33 . 2009-07-25 11:33 -------- d-----w- c:\users\user\AppData\Roaming\TuneUp Software
2009-07-25 11:32 . 2009-07-25 11:34 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-07-25 11:32 . 2009-07-25 11:32 -------- d-----w- c:\programdata\TuneUp Software
2009-07-25 11:32 . 2009-07-25 11:32 -------- d-sh--w- c:\programdata\{55A29068-F2CE-456C-9148-C869879E2357}
2009-07-24 09:56 . 2009-07-24 10:06 -------- d-----w- c:\users\user\AppData\Roaming\IObit
2009-07-23 13:28 . 2009-07-23 13:45 -------- d-----w- c:\users\user\AppData\Roaming\GlarySoft
2009-07-18 06:38 . 2009-07-29 15:58 -------- d-----w- c:\program files\The Cleaner
2009-07-15 07:58 . 2009-06-15 14:53 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-07-15 07:58 . 2009-06-15 14:52 23552 ----a-w- c:\windows\system32\lpk.dll
2009-07-15 07:58 . 2009-06-15 14:52 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-07-15 07:58 . 2009-06-15 12:42 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-07-15 07:58 . 2009-06-15 14:51 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-07-10 17:44 . 2008-12-11 06:38 159600 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2009-07-10 17:44 . 2009-04-03 09:18 130936 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2009-07-10 17:44 . 2008-12-18 10:16 73840 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2009-07-10 17:44 . 2009-07-10 17:44 -------- d-----w- c:\program files\Common Files\PC Tools
2009-07-10 17:44 . 2008-12-10 09:36 64392 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2009-07-10 17:44 . 2009-08-07 07:05 -------- d-----w- c:\program files\Spyware Doctor
2009-07-10 17:44 . 2009-07-10 17:44 -------- d-----w- c:\users\user\AppData\Roaming\PC Tools
2009-07-10 17:44 . 2009-07-10 17:44 -------- d-----w- c:\programdata\PC Tools
2009-07-10 12:48 . 2009-07-10 12:48 -------- d-----w- c:\programdata\Nokia
2009-07-10 12:47 . 2009-07-10 12:46 24384200 ----a-w- c:\programdata\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\NokiaSoftwareUpdaterSetup_it.exe
2009-07-10 12:47 . 2009-07-10 12:47 36864 ----a-w- c:\programdata\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\Installer\CommonCustomActions\Sleep.exe
2009-07-10 12:47 . 2009-07-10 12:47 3351812 ----a-w- c:\programdata\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\Installer\CommonCustomActions\msxml6Exec.exe
2009-07-10 12:47 . 2009-07-10 12:47 3181612 ----a-w- c:\programdata\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\Installer\CommonCustomActions\vcredistExec.exe
2009-07-10 12:33 . 2009-07-10 12:33 -------- d-----w- c:\program files\Common Files\PCSuite
2009-07-10 12:32 . 2009-07-10 13:46 -------- d-----w- c:\program files\Common Files\Nokia
2009-07-10 12:32 . 2009-07-10 12:31 33853800 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Nokia_PC_Suite_7_1_30_9_ita.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-09 12:03 . 2007-06-29 21:20 719842 ----a-w- c:\windows\system32\perfh010.dat
2009-08-09 12:03 . 2007-06-29 21:20 142438 ----a-w- c:\windows\system32\perfc010.dat
2009-08-09 11:59 . 2009-03-19 18:12 117760 ----a-w- c:\users\user\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-08-09 07:31 . 2007-06-29 12:07 -------- d-----w- c:\programdata\Microsoft Help
2009-08-09 07:31 . 2008-12-01 20:28 -------- d-----w- c:\programdata\Google Updater
2009-08-08 16:18 . 2009-01-30 18:51 -------- d-----w- c:\program files\eMule
2009-08-08 15:09 . 2009-06-24 12:44 -------- d-----w- c:\users\user\AppData\Roaming\IM
2009-08-07 13:17 . 2009-05-16 20:22 1 ----a-w- c:\users\user\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-08-06 11:42 . 2008-12-01 20:28 -------- d-----w- c:\program files\Google
2009-08-06 11:35 . 2009-01-02 11:50 -------- d-----w- c:\program files\Mozilla Thunderbird
2009-08-05 09:49 . 2009-03-19 20:41 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-08-03 12:06 . 2008-01-05 16:25 -------- d-----w- c:\program files\Yahoo!
2009-07-31 06:39 . 2009-06-25 09:03 -------- d-----w- c:\program files\SolidWorks Corp
2009-07-31 06:37 . 2009-06-24 12:46 -------- d-----w- c:\program files\Common Files\Gestore installazioni SolidWorks
2009-07-29 13:35 . 2009-06-25 09:37 -------- d-----w- c:\users\user\AppData\Roaming\SolidWorks
2009-07-29 11:41 . 2009-03-06 18:47 -------- d-----w- c:\program files\Microsoft
2009-07-24 15:11 . 2009-01-19 21:21 -------- d-----w- c:\programdata\NOS
2009-07-23 15:50 . 2009-01-03 10:24 -------- d-----w- c:\program files\Common Files\Real
2009-07-21 21:52 . 2009-07-29 05:31 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-07-29 05:31 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-07-29 05:31 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-21 20:13 . 2009-07-29 05:31 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-18 06:44 . 2009-02-28 21:47 -------- d-----w- c:\program files\The Cleaner Demo
2009-07-16 21:09 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-07-14 11:23 . 2008-12-29 23:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-14 11:22 . 2009-01-07 21:12 3775176 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-07-13 11:36 . 2008-12-29 23:50 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-13 11:36 . 2008-12-29 23:50 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-13 09:43 . 2009-01-09 19:47 -------- d-----w- c:\programdata\CanonIJPLM
2009-07-10 13:46 . 2009-05-04 06:15 -------- d-----w- c:\program files\Nokia
2009-07-10 12:47 . 2008-02-08 21:29 -------- d-----w- c:\programdata\Installations
2009-07-10 12:44 . 2008-02-08 21:33 -------- d-----w- c:\users\user\AppData\Roaming\Nokia
2009-07-10 05:52 . 2009-07-10 05:52 33773208 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Nokia_PC_Suite_7_1_30_9_eng_web.exe
2009-07-10 05:29 . 2009-07-10 05:29 95232 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\pcswpcsi.exe
2009-07-10 05:29 . 2009-07-10 05:29 8192 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstCCD.exe
2009-07-10 05:29 . 2009-07-10 05:29 61440 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-07-10 05:29 . 2009-07-10 05:29 10240 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCS.exe
2009-07-10 05:29 . 2009-07-10 05:29 33773208 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Nokia_PC_Suite_7_1_30_9_eng.exe
2009-07-08 16:58 . 2008-12-31 11:46 -------- d-----w- c:\program files\COMODO
2009-07-08 16:55 . 2008-12-31 11:46 179792 ----a-w- c:\windows\system32\guard32.dll
2009-07-08 16:55 . 2008-12-31 11:46 128888 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2009-07-08 16:52 . 2009-07-08 16:52 -------- d-----w- c:\programdata\NokiaMusic
2009-07-05 07:12 . 2008-12-31 11:46 74328 ----a-w- c:\windows\system32\drivers\inspect.sys
2009-07-05 07:11 . 2008-12-31 11:46 29520 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2009-07-04 20:35 . 2009-07-04 20:35 -------- d-----w- c:\program files\Common Files\Windows Live
2009-07-03 10:53 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-07-03 10:53 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-07-03 10:53 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-07-03 10:53 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-07-03 10:53 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-07-03 10:53 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-07-03 10:51 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-07-03 10:37 . 2006-11-02 12:37 37665 ----a-w- c:\windows\Fonts\GlobalUserInterface.CompositeFont
2009-07-03 07:37 . 2009-07-03 07:37 -------- d-----w- c:\program files\Softi Software
2009-07-03 07:36 . 2009-07-03 07:36 -------- d-----w- c:\users\user\AppData\Roaming\Softi Software
2009-06-29 16:42 . 2009-06-29 16:37 -------- d-----w- c:\users\user\AppData\Roaming\InfraRecorder
2009-06-26 12:11 . 2007-06-29 12:09 -------- d-----w- c:\program files\Microsoft Works
2009-06-26 11:41 . 2009-06-26 11:37 -------- d-----w- c:\program files\Nitro PDF
2009-06-26 11:00 . 2009-06-26 09:03 -------- d-----w- c:\program files\Universal Document Converter
2009-06-26 10:40 . 2009-06-26 10:33 -------- d-----w- c:\program files\Simpo PDF Creator
2009-06-26 10:33 . 2009-06-26 10:32 -------- d-----w- c:\users\user\AppData\Roaming\GetRightToGo
2009-06-26 09:06 . 2008-01-05 16:25 116736 ----a-w- c:\users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2009-06-25 12:03 . 2009-06-25 12:03 -------- d-----w- c:\users\user\AppData\Roaming\DWGeditor
2009-06-25 12:03 . 2009-06-25 09:46 -------- d-----w- c:\programdata\DassaultSystemes
2009-06-25 09:46 . 2009-06-25 09:46 -------- d-----w- c:\users\user\AppData\Roaming\DassaultSystemes
2009-06-25 09:38 . 2009-06-25 09:03 -------- d-----w- c:\programdata\SolidWorks
2009-06-25 09:08 . 2009-06-25 09:03 -------- d-----w- c:\program files\Common Files\SolidWorks Shared
2009-06-25 09:03 . 2009-06-25 09:03 -------- d-----w- c:\program files\AGEIA Technologies
2009-06-25 09:02 . 2009-06-25 09:02 -------- d-----w- c:\program files\MSECache
2009-06-24 01:57 . 2009-06-24 12:44 126976 ----a-w- c:\users\user\AppData\Roaming\IM\lang\italian\sldadminoptioneditorresu.dll
2009-06-24 01:56 . 2009-06-24 12:44 278528 ----a-w- c:\users\user\AppData\Roaming\IM\lang\italian\sldIMresu.dll
2009-06-18 18:36 . 2009-06-18 18:36 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2009-06-18 18:19 . 2008-02-08 21:33 -------- d-----w- c:\program files\DIFX
2009-06-18 18:19 . 2009-06-18 18:19 -------- d-----w- c:\program files\PC Connectivity Solution
2009-06-18 18:14 . 2009-06-18 17:18 33775224 ----a-w- c:\programdata\Installations\{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}\Nokia_PC_Suite_7_1_30_8_eng.exe
2009-06-18 17:17 . 2009-06-18 17:17 95232 ----a-w- c:\programdata\Installations\{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}\Installer\CommonCustomActions\pcswpcsi.exe
2009-06-18 17:17 . 2009-06-18 17:17 8192 ----a-w- c:\programdata\Installations\{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}\Installer\CommonCustomActions\UninstCCD.exe
2009-06-18 17:17 . 2009-06-18 17:17 61440 ----a-w- c:\programdata\Installations\{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-06-18 17:17 . 2009-06-18 17:17 10240 ----a-w- c:\programdata\Installations\{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}\Installer\CommonCustomActions\UninstPCS.exe
2009-06-03 07:10 . 2009-06-03 07:10 390664 ----a-w- c:\users\user\AppData\Roaming\Real\RealPlayer\Update\RealPlayer11.exe
2009-06-03 07:10 . 2009-06-03 07:10 390664 ----a-w- c:\users\user\AppData\Roaming\Real\Update\temp\~Upg6\RealPlayer11.exe
2009-05-25 18:15 . 2009-06-26 10:33 4003288 ----a-w- c:\windows\PDFCreatorPilot.dll
2009-05-12 06:39 . 2009-05-12 06:39 390664 ----a-w- c:\users\user\AppData\Roaming\Real\Update\temp\~Upg5\RealPlayer11.exe
2008-12-14 13:02 . 2008-12-14 12:11 270368 --sh--w- c:\windows\System32\drivers\fidbox.dat
2007-10-13 23:47 . 2007-10-13 23:46 8192 --sh--w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-01 39408]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-12-09 1809648]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-06-25 1414144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 815104]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 178712]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-06-15 850704]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-04-25 457216]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-19 209153]
"PLFSet"="c:\windows\PLFSet.dll" [2007-04-24 45056]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2009-07-05 1793808]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2008-12-08 1173384]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-02-07 54832]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"SolidWorks_CheckForUpdates"="c:\program files\Common Files\Gestore installazioni SolidWorks\Scheduler\sldIMScheduler.exe" [2009-06-24 7320872]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-05-29 4472832]
"Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-05-29 1826816]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-09 17:33 352256 ------w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe"
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):39,b3,42,6e,cd,fb,c9,01

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{4F9EAF6B-6F99-40C7-9ACE-2469FFA6F139}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{C9A23E54-55B1-4763-A97F-7C3577496CF2}"= c:\program files\CyberLink\PowerDVD\PowerDVD.EXE:CyberLink PowerDVD
"{A4D7AAFB-A74D-46E6-A882-D9BC2F36325A}"= Disabled:UDP:c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe:Nokia PC Suite
"{66D7EDF1-170B-4A98-A512-960DCB1173EA}"= Disabled:TCP:c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe:Nokia PC Suite
"TCP Query User{635772A6-BC24-4494-BA55-A8CCB4F46FE9}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{CC9EBEA5-12C6-4AE6-B5C9-FC4C164349BA}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"TCP Query User{F2D9F7CF-5BE4-479D-9A5A-791A04D4A370}c:\\program files\\skype\\phone\\skype.exe"= Disabled:UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{72FC1513-6CD3-4F8A-8A08-7CE99D818D40}c:\\program files\\skype\\phone\\skype.exe"= Disabled:TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"TCP Query User{22A9D9CC-B931-43AB-ABD9-7185D3480792}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{436C1642-4825-46CD-BF6A-4C2702C9F646}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{1BE19143-6256-40A5-A80A-B630FBE61533}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{3C0F5B5C-F133-4766-A1B9-1FFB66E8F92C}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"TCP Query User{1214ACFC-7AA7-4C92-958E-372789E4B621}c:\\program files\\yahoo!\\messenger\\yahoomessenger.exe"= UDP:c:\program files\yahoo!\messenger\yahoomessenger.exe:Yahoo! Messenger
"UDP Query User{1C47EE61-9A6E-4778-AFE5-B99C6E856BEA}c:\\program files\\yahoo!\\messenger\\yahoomessenger.exe"= TCP:c:\program files\yahoo!\messenger\yahoomessenger.exe:Yahoo! Messenger
"TCP Query User{90FE61B8-C718-4BD2-822F-B8B5C963F1A6}c:\\program files\\common files\\nokia\\service layer\\a\\nsl_host_process.exe"= UDP:c:\program files\common files\nokia\service layer\a\nsl_host_process.exe:Nokia Service Layer Host Process
"UDP Query User{86D1C893-72DA-4746-8A3F-9D5B4907AF70}c:\\program files\\common files\\nokia\\service layer\\a\\nsl_host_process.exe"= TCP:c:\program files\common files\nokia\service layer\a\nsl_host_process.exe:Nokia Service Layer Host Process
"TCP Query User{892C7D3E-F819-4831-B74D-21F0EA16B8D2}c:\\program files\\nokia\\nokia software updater\\nsu_ui_client.exe"= UDP:c:\program files\nokia\nokia software updater\nsu_ui_client.exe:Nokia Software Updater
"UDP Query User{FB89A668-D324-49D6-AF63-74D78A2906D1}c:\\program files\\nokia\\nokia software updater\\nsu_ui_client.exe"= TCP:c:\program files\nokia\nokia software updater\nsu_ui_client.exe:Nokia Software Updater
"{F54F83F6-96A6-451D-AD85-661D10E95FB7}"= UDP:f:\bittorrent\bittorrent.exe:BitTorrent
"{50B59649-2834-4FC5-A1BE-5A412DCAC97F}"= TCP:f:\bittorrent\bittorrent.exe:BitTorrent
"TCP Query User{2D55C2E6-3A9D-4242-A36B-09AECF055719}c:\\users\\user\\desktop\\emule.exe"= UDP:c:\users\user\desktop\emule.exe:emule.exe
"UDP Query User{691699FB-CE15-4FE4-B9BE-305190AD7740}c:\\users\\user\\desktop\\emule.exe"= TCP:c:\users\user\desktop\emule.exe:emule.exe

R0 pavboot;pavboot;c:\windows\System32\drivers\pavboot.sys [29/12/2008 20.19.24 28544]
R0 PCTCore;PCTools KDS;c:\windows\System32\drivers\PCTCore.sys [10/07/2009 19.44.34 130936]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\System32\drivers\cmdguard.sys [31/12/2008 13.46.32 128888]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\System32\drivers\cmdhlp.sys [31/12/2008 13.46.32 29520]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17/11/2008 16.11.06 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [17/11/2008 16.11.04 55024]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [19/03/2009 22.41.10 108289]
R2 BcmSqlStartupSvc;Servizio di avvio SQL Server di Business Contact Manager;c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [16/01/2008 11.41.32 30312]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [10/07/2009 19.44.20 348752]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [25/07/2009 13.34.42 604488]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [09/02/2007 0.03.20 179712]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [17/11/2008 8.40.22 3668480]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [17/11/2008 16.11.08 7408]
S2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\Avira\AntiVir Desktop\avmailc.exe [19/03/2009 22.41.09 194817]
S2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [19/03/2009 22.41.09 434945]
S2 gupdate1c98af7e792a377;Google Update Service (gupdate1c98af7e792a377);c:\program files\Google\Update\GoogleUpdate.exe [09/02/2009 22.49.23 133104]
S3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\System32\drivers\athrusb.sys [08/07/2008 18.34.10 451072]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [19/03/2009 11.31.52 83240]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [24/11/2008 23.31.10 29263712]
S3 WSVD;WSVD;c:\windows\System32\drivers\WSVD.sys [05/01/2009 17.54.54 80744]

--- Altri Servizi/Drivers In Memoria ---

*Deregistered* - mchInjDrv

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contenuto della cartella 'Scheduled Tasks'

2009-08-09 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-07-16 08:54]

2009-08-09 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-12-01 06:51]

2009-08-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-09 20:49]

2009-08-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-09 20:49]

2009-08-09 c:\windows\Tasks\User_Feed_Synchronization-{94A873B7-0707-4DE8-B731-048AD8A19EA3}.job
- c:\windows\system32\msfeedssync.exe [2009-07-29 20:13]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uSearchURL,(Default) = hxxp://it.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
.

Inviato: **lun ago 10, 2009 1:04 pm**

I report delle scansione vanno inseriti usando il tag LOG
*IMPORTANTE* - Come allegare i log alle discussioni

Già dopo aver viste le prime righe del log... ci credo che hai la connessione lenta con 3 (se non 4) firewall installati, Quello di KIS, NIS, Comodo e probabilmente anche quello di Windows, 2 antivirus - Kaspersky e Norton, e 5! antispyware - Quello di Kaspersky, quello di Norton, Quello di Comodo Defense, + SUPERAntiSpyware, + Windows Defender, di quali solo alcuni sembrano essere disattivati [nonono]

Per iniziare disinstalla/disattiva almeno la metà di questi. Se vuoi tenere Comodo come il firewall, ti consiglio di non installare le versioni Internet Security di altri prodotti, un Kaspersky Antivirus è più che sufficiente. Per la stessa ragione ti consiglio di tenere come antispyware il Comodo Defense ( visto che tanto ce l'hai installato) e al massimo! Superantispyware se è nella versione Full, disinstallando tutto il resto.

Mentre fai le pulizie, io controllo se nel log si vede la presenza anche di qualche malware (anche se dubito che il poveraccio sarebbe riuscito a trovarsi un posticino tutto per se in mezzo a quel macello [acc2]

).

EDIT:
A controllare bene illog è uscito fuori anche il terzo antivirus, Antivir [:D]

Ci sarebbero anche alcuni malware da rimuovere, lo potrai fare usando The Avenger.
Scarica The Avenger, estrailo in una cartella ed avvia il file avenger.exe.
Incolla il seguente spript nello spazio bianco sotto alla voce Input script here, togli la spunta alla voce Scan for rootkits e clicca su Execute.

Codice: Seleziona tutto: Folders to delete: c:\$recycle.bin\S-1-5-21-2787158615-3351997273-2867723842-1000 Drivers to unload: mchInjDrv

Il pc dovrebbe riavviarsi, se così non fosse, riavvialo manualmente.
Al riavvio dovrebbe apparire il log avenger.txt, posta qui il suo contenuto.

Inviato: **lun ago 10, 2009 1:14 pm**

ciao amantide.grazie inanzitutto per la risposta.
io ho installato solo antivir.antispyware.e comodo e nientaltro.che ne pensi delle schede di rete col punto esclamativo e il log di combo?
ciao e grazie.
avevo norton e karsperky.forse sono solo tracce .come faccio a togliere tutto?

Inviato: **lun ago 10, 2009 1:18 pm**

Per quanto riguarda il log di Combofix, ho aggiornato il mio post di prima, non credevo rispondessi così in fretta.
Per quanto invece riguarda gli antivirus e Co. di troppo, puoi usare questi tool di rimozione.

Inviato: **lun ago 10, 2009 1:33 pm**

ciao amantide.questo e' il post di avenger.ciao

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows Vista

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Folder "c:\$recycle.bin\S-1-5-21-2787158615-3351997273-2867723842-1000" deleted successfully.

Error: registry key "\Registry\Machine\System\CurrentControlSet\Services\mchInjDrv" not found!
Deletion of driver "mchInjDrv" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
-->

the object does not exist

Completed script processing.

*******************

Finished! Terminate.

MegaLab.it

connessione internet lenta

connessione internet lenta

Re: connessione internet lenta

Re: connessione internet lenta

Re: connessione internet lenta

Re: connessione internet lenta