ADSL e internet più veloci

Non tutte quelle che ti ho indicato hai cancellato. Controlla bene.

Per eliminare quelle due voci dopo aver attivato la visualizzazione file nascosti dovresti trovarli.

Usa ComboFix ( http://download.bleepingcomputer.com/sUBs/ComboFix.exe ) come spiegato qui: http://www.steven.altervista.org/files/ ... tml#tools1

Fai uno scan on line con Kaspersky: http://www.kaspersky.com/virusscanner

ho istallato unlocker come si usa nn riesco ad aprirlo e cancellare quelle voci

scusami quali voci non ho cancellato ho controllato ma mi sembra ke quelle ke mi hai scritto lo cancellate tutte.scrivimi quelle ke nn ho cancellato.

ComboFix 09-02-18.01 - Demo 2009-02-19 18.06.23.1 - NTFSx86
Microsoft® Windows Vista™ Ultimate 6.0.6001.1.1252.1.1040.18.1023.390 [GMT 1:00]
Eseguito da: c:\users\Demo\Downloads\ComboFix.exe
* Creato nuovo punto di ripristino
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\QUAD Utilities

.
((((((((((((((((((((((((( Files Creati Da 2009-01-19 al 2009-02-19 )))))))))))))))))))))))))))))))))))
.

2009-02-19 17:51 . 2009-02-19 17:55 <DIR> d-------- c:\program files\Unlocker
2009-02-19 15:07 . 2009-02-19 15:07 <DIR> d-------- c:\users\All Users\Avira
2009-02-19 15:07 . 2009-02-19 15:07 <DIR> d-------- c:\programdata\Avira
2009-02-19 15:07 . 2009-02-19 15:07 <DIR> d-------- c:\program files\Avira
2009-02-19 14:34 . 2009-02-19 14:34 <DIR> d-------- c:\users\All Users\Avg7
2009-02-19 14:34 . 2009-02-19 14:34 <DIR> d-------- c:\programdata\Avg7
2009-02-19 14:32 . 2009-02-19 14:32 <DIR> d-------- c:\users\Demo\AppData\Roaming\Conviva
2009-02-19 12:57 . 2006-09-05 20:28 38,480 --------- c:\windows\System32\IJRMF.exe
2009-02-19 01:58 . 2009-02-19 01:58 <DIR> d-------- C:\PerfLogs
2009-02-18 15:39 . 2009-02-18 15:39 <DIR> d-------- c:\program files\CCleaner
2009-02-18 13:49 . 2009-02-18 13:49 7,341,032 --a------ c:\users\Demo\Firefox Setup 3.0.6.exe
2009-02-18 13:43 . 2009-02-18 13:43 <DIR> d-------- c:\windows\System32\Conviva
2009-02-18 12:47 . 2009-02-18 12:47 <DIR> d-------- c:\program files\Trend Micro
2009-02-18 12:43 . 2009-02-18 12:43 <DIR> d-------- c:\users\Demo\AppData\Roaming\Malwarebytes
2009-02-18 12:43 . 2009-02-18 12:43 <DIR> d-------- c:\users\All Users\Malwarebytes
2009-02-18 12:43 . 2009-02-18 12:43 <DIR> d-------- c:\programdata\Malwarebytes
2009-02-18 12:43 . 2009-02-18 12:43 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-02-18 12:43 . 2009-02-11 10:19 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-02-18 12:43 . 2009-02-11 10:19 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-02-17 16:46 . 2008-12-05 05:32 428,544 --a------ c:\windows\System32\EncDec.dll
2009-02-17 16:46 . 2008-12-05 05:31 217,088 --a------ c:\windows\System32\psisrndr.ax
2009-02-17 16:45 . 2008-12-05 05:32 293,376 --a------ c:\windows\System32\psisdecd.dll
2009-02-17 16:45 . 2008-12-05 05:31 177,664 --a------ c:\windows\System32\mpg2splt.ax
2009-02-17 16:45 . 2008-12-05 05:31 80,896 --a------ c:\windows\System32\MSNP.ax
2009-02-13 14:43 . 2009-02-19 12:42 <DIR> d-------- c:\users\Demo\AppData\Roaming\skypePM
2009-02-13 14:43 . 2009-02-13 14:43 56 --ah----- c:\users\All Users\ezsidmv.dat
2009-02-13 14:43 . 2009-02-13 14:43 56 --ah----- c:\programdata\ezsidmv.dat
2009-02-13 14:39 . 2009-02-13 14:39 <DIR> d-------- c:\users\All Users\Google
2009-02-13 14:39 . 2009-02-13 14:39 <DIR> d-------- c:\program files\Google
2009-02-13 14:37 . 2009-02-19 14:30 <DIR> d-------- c:\users\Demo\AppData\Roaming\Skype
2009-02-13 14:37 . 2009-02-13 14:37 <DIR> d-------- c:\users\All Users\Skype
2009-02-13 14:37 . 2009-02-13 14:37 <DIR> d-------- c:\programdata\Skype
2009-02-13 14:37 . 2009-02-13 14:37 <DIR> dr------- c:\program files\Skype
2009-02-13 14:37 . 2009-02-13 14:37 <DIR> d-------- c:\program files\Common Files\Skype
2009-02-11 18:03 . 2009-01-15 04:36 1,383,424 --a------ c:\windows\System32\mshtml.tlb
2009-02-11 18:03 . 2009-01-15 07:11 827,392 --a------ c:\windows\System32\wininet.dll
2009-02-01 16:32 . 2008-01-19 08:33 8,139,264 --a------ c:\windows\System32\ssBranded.scr
2009-02-01 16:31 . 2008-01-19 08:35 3,072,000 --a------ c:\windows\System32\networkmap.dll
2009-02-01 16:30 . 2008-01-19 07:06 8,147,456 --a------ c:\windows\System32\wmploc.DLL
2009-02-01 16:29 . 2008-01-19 08:33 599,552 --a------ c:\windows\System32\vsp1cln.exe
2009-02-01 16:29 . 2008-01-05 12:31 145,455 --a------ c:\windows\System32\perfmon.msc
2009-02-01 16:29 . 2008-01-05 12:22 144,909 --a------ c:\windows\System32\fsmgmt.msc
2009-02-01 16:29 . 2008-01-05 12:32 120,458 --a------ c:\windows\System32\secpol.msc
2009-02-01 16:29 . 2008-01-05 12:34 15,181 --a------ c:\windows\System32\gatherWirelessInfo.vbs
2009-02-01 16:29 . 2008-01-05 12:21 12,198 --a------ c:\windows\System32\gatherWiredInfo.vbs
2009-02-01 16:29 . 2008-01-05 12:39 150 --a------ c:\windows\System32\RacUREx.xml
2009-02-01 16:29 . 2008-01-05 12:31 3 --a------ c:\windows\System32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf
2009-02-01 16:28 . 2008-01-19 08:36 357,888 --a------ c:\windows\System32\wbemcomn.dll
2009-02-01 16:27 . 2008-01-19 08:36 704,512 --a------ c:\windows\System32\SmiEngine.dll
2009-02-01 16:27 . 2008-01-19 08:36 218,624 --a------ c:\windows\System32\wdscore.dll
2009-02-01 16:27 . 2008-01-19 08:36 139,264 --a------ c:\windows\System32\SmiInstaller.dll
2009-02-01 16:27 . 2008-01-19 08:33 130,560 --a------ c:\windows\System32\PkgMgr.exe
2009-02-01 16:27 . 2008-01-19 08:36 129,536 --a------ c:\windows\System32\sqmapi.dll
2009-02-01 16:25 . 2008-01-19 08:34 305,152 --a------ c:\windows\System32\msdelta.dll
2009-02-01 16:25 . 2008-01-19 08:34 258,560 --a------ c:\windows\System32\dpx.dll
2009-02-01 16:25 . 2008-01-19 08:34 246,784 --a------ c:\windows\System32\drvstore.dll
2009-02-01 16:25 . 2008-01-19 08:35 35,328 --a------ c:\windows\System32\mspatcha.dll
2009-01-28 21:48 . 2009-01-28 21:48 <DIR> d-------- c:\program files\Java
2009-01-28 21:48 . 2009-01-28 21:48 410,984 --a------ c:\windows\System32\deploytk.dll
2009-01-28 20:40 . 2009-01-28 20:40 <DIR> d-------- c:\users\All Users\Office Genuine Advantage
2009-01-28 20:40 . 2009-01-28 20:40 <DIR> d-------- c:\programdata\Office Genuine Advantage

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-19 01:10 174 --sha-w c:\program files\desktop.ini
2009-02-19 01:02 --------- d-----w c:\program files\Windows Sidebar
2009-02-19 01:02 --------- d-----w c:\program files\Windows Photo Gallery
2009-02-19 01:02 --------- d-----w c:\program files\Windows Mail
2009-02-19 01:02 --------- d-----w c:\program files\Windows Journal
2009-02-19 01:02 --------- d-----w c:\program files\Windows Defender
2009-02-19 01:02 --------- d-----w c:\program files\Windows Collaboration
2009-02-19 01:02 --------- d-----w c:\program files\Windows Calendar
2009-02-18 15:20 82,432 ----a-w c:\windows\System32\axaltocm.dll
2009-02-18 15:20 101,888 ----a-w c:\windows\System32\ifxcardm.dll
2009-02-18 11:39 --------- d-----w c:\users\Demo\AppData\Roaming\SlipStream
2009-02-12 06:32 --------- d-----w c:\programdata\Microsoft Help
2009-01-28 19:52 --------- d-----w c:\programdata\eMule
2009-01-06 11:27 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-06 11:27 --------- d-----w c:\program files\Trust USB WiFi Adapter Driver
2009-01-06 11:26 --------- d-----w c:\users\Demo\AppData\Roaming\InstallShield
2009-01-04 13:11 --------- d-----w c:\programdata\CanonIJPLM
2008-12-31 16:04 691,560 ----a-w c:\windows\System32\OGACheckControl.dll
2008-12-31 16:04 528,744 ----a-w c:\windows\System32\OGAVerify.exe
2008-12-31 16:04 502,120 ----a-w c:\windows\System32\OGAAddin.dll
2005-09-08 13:44 2,021,035 ----a-r c:\program files\caraoche 5.exe
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Avvio veloce di Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.X264"= x264vfw.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{831E0454-BF1D-407F-9E03-8F97B90DD321}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{509866FA-EDE4-415E-8D9E-596E487A3C30}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{6E7F149C-EE89-41CE-9726-5A044D323D78}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{31EE9F5D-DB0B-419C-8DEA-597C9AA7938D}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{192A9308-90B8-44CF-8051-6A31676FAF0B}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{45EA043A-3FEF-44B1-B468-3A8665BCA2A6}"= UDP:c:\program files\Grisoft\AVG7\avginet.exe:avginet.exe
"{4EF9AFE2-53D0-47C3-B02A-21F98981BD19}"= TCP:c:\program files\Grisoft\AVG7\avginet.exe:avginet.exe
"{01E66B7C-6448-43AD-BCFB-4FA79FEA4750}"= UDP:c:\program files\Grisoft\AVG7\avgamsvr.exe:avgamsvr.exe
"{5B881695-98D7-462C-8C1F-DC9BFDF5843C}"= TCP:c:\program files\Grisoft\AVG7\avgamsvr.exe:avgamsvr.exe
"{679222EB-FE8F-4040-BC00-431EE1C8F8C2}"= UDP:c:\program files\Grisoft\AVG7\avgcc.exe:avgcc.exe
"{A3ECCD01-285F-43D0-9483-EB71F61C1D94}"= TCP:c:\program files\Grisoft\AVG7\avgcc.exe:avgcc.exe
"{8C0EB3EB-0589-4836-891F-E96047411CD8}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"TCP Query User{BB8D8BD2-65EB-4CCA-94F5-4D0FA415C8F3}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{39EBB9B3-E8F0-47CB-9C3B-2FB7BEBD358B}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"{77A9E21D-1935-4A01-8F3F-19382AFD22B8}"= c:\program files\Skype\Phone\Skype.exe:Skype
"TCP Query User{F4AB8AEE-C3B0-41CB-A6CC-E0B335B86905}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{BDCD9B2B-248D-400C-9524-359B09FEFF26}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox

R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\System32\drivers\SiSGB6.sys [2007-08-08 46592]
S0 OemBiosDevice;Royalty OEM Bios Extension;c:\windows\System32\drivers\royal.sys [2007-08-08 240128]

--- Altri Servizi/Drivers In Memoria ---

*NewlyCreated* - SSMDRV
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.libero.it/
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: {4819DFDF-ABC4-488C-A323-919848C51175} - hxxp://portal3.rinera.com/download/Conv ... -1.7.0.cab
FF - ProfilePath - c:\users\Demo\AppData\Roaming\Mozilla\Firefox\Profiles\2c0gsh8x.default\
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\users\Demo\AppData\Roaming\Mozilla\Firefox\Profiles\2c0gsh8x.default\extensions\StreamingPlugin@conviva.com\platform\WINNT_x86-msvc\plugins\npconviva.4.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-19 18:09:34
Windows 6.0.6001 Service Pack 1 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
Ora fine scansione: 2009-02-19 18.11.21
ComboFix-quarantined-files.txt 2009-02-19 17:11:18

Pre-Run: 290.272.915.456 byte disponibili
Post-Run: 290,238,431,232 byte disponibili

162 --- E O F --- 2009-02-18 15:32:56


questa e la scansione di combofix

Fixa queste voci in modalità provvisoria:



Puoi anche usare CCleaner per eliminare questi avvii automatici, nel tab Strumenti, Avvio, trovi queste voci e le cancelli.


Per quei due file, se non riesci ad usare Unlocker prova semplicemente a eliminarli in modalità provvisoria, dovresti riuscirci.
Ricordati di attivare prima la visualizzazione file nascosti.
Se non li trovi manualmente usa la funzione cerca.

Fai la scansione on-line.

E postami un nuovo log di Hijackthis fatto in modalità normale.

Per questi due file:

C:\Users\Demo\AppData\Local\bbxdl.exe

C:\Program Files\GLFA0F4.tmp

Se non riesci ad eliminarli puoi fare anche così:


Clic destro sul Desktop (punto vuoto), Nuovo, Documento di testo; ti si apre un blocco note vuoto, te copiaci dentro questo testo:



Salva e nomina il file blocco note in questo modo: CFScript.txt

Poi trascini semplicemtne questo file blocco note sopra l'icona di ComboFix posta sul desktop e ComboFix provvederà all'eliminazione.

penso di aver fatto tutto adesso cmq io quelle voci che mi hai scritto nn le vedo piu cera solo l ultima di avvio veloce che ho cancellato adesso ti posto il log di combo e di hijakthis:

ComboFix 09-02-18.01 - Demo 2009-02-19 20.47.19.3 - NTFSx86
Microsoft® Windows Vista™ Ultimate 6.0.6001.1.1252.1.1040.18.1023.361 [GMT 1:00]
Eseguito da: c:\users\Demo\Desktop\ComboFix.exe
.

((((((((((((((((((((((((( Files Creati Da 2009-01-19 al 2009-02-19 )))))))))))))))))))))))))))))))))))
.

2009-02-19 17:51 . 2009-02-19 17:55 <DIR> d-------- c:\program files\Unlocker
2009-02-19 15:07 . 2009-02-19 15:07 <DIR> d-------- c:\users\All Users\Avira
2009-02-19 15:07 . 2009-02-19 15:07 <DIR> d-------- c:\programdata\Avira
2009-02-19 15:07 . 2009-02-19 15:07 <DIR> d-------- c:\program files\Avira
2009-02-19 14:34 . 2009-02-19 14:34 <DIR> d-------- c:\users\All Users\Avg7
2009-02-19 14:34 . 2009-02-19 14:34 <DIR> d-------- c:\programdata\Avg7
2009-02-19 14:32 . 2009-02-19 14:32 <DIR> d-------- c:\users\Demo\AppData\Roaming\Conviva
2009-02-19 12:57 . 2006-09-05 20:28 38,480 --------- c:\windows\System32\IJRMF.exe
2009-02-19 01:58 . 2009-02-19 01:58 <DIR> d-------- C:\PerfLogs
2009-02-18 15:39 . 2009-02-18 15:39 <DIR> d-------- c:\program files\CCleaner
2009-02-18 13:49 . 2009-02-18 13:49 7,341,032 --a------ c:\users\Demo\Firefox Setup 3.0.6.exe
2009-02-18 13:43 . 2009-02-18 13:43 <DIR> d-------- c:\windows\System32\Conviva
2009-02-18 12:47 . 2009-02-18 12:47 <DIR> d-------- c:\program files\Trend Micro
2009-02-18 12:43 . 2009-02-18 12:43 <DIR> d-------- c:\users\Demo\AppData\Roaming\Malwarebytes
2009-02-18 12:43 . 2009-02-18 12:43 <DIR> d-------- c:\users\All Users\Malwarebytes
2009-02-18 12:43 . 2009-02-18 12:43 <DIR> d-------- c:\programdata\Malwarebytes
2009-02-18 12:43 . 2009-02-18 12:43 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-02-18 12:43 . 2009-02-11 10:19 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-02-18 12:43 . 2009-02-11 10:19 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-02-17 16:46 . 2008-12-05 05:32 428,544 --a------ c:\windows\System32\EncDec.dll
2009-02-17 16:46 . 2008-12-05 05:31 217,088 --a------ c:\windows\System32\psisrndr.ax
2009-02-17 16:45 . 2008-12-05 05:32 293,376 --a------ c:\windows\System32\psisdecd.dll
2009-02-17 16:45 . 2008-12-05 05:31 177,664 --a------ c:\windows\System32\mpg2splt.ax
2009-02-17 16:45 . 2008-12-05 05:31 80,896 --a------ c:\windows\System32\MSNP.ax
2009-02-13 14:43 . 2009-02-19 12:42 <DIR> d-------- c:\users\Demo\AppData\Roaming\skypePM
2009-02-13 14:43 . 2009-02-13 14:43 56 --ah----- c:\users\All Users\ezsidmv.dat
2009-02-13 14:43 . 2009-02-13 14:43 56 --ah----- c:\programdata\ezsidmv.dat
2009-02-13 14:39 . 2009-02-13 14:39 <DIR> d-------- c:\users\All Users\Google
2009-02-13 14:39 . 2009-02-13 14:39 <DIR> d-------- c:\program files\Google
2009-02-13 14:37 . 2009-02-19 14:30 <DIR> d-------- c:\users\Demo\AppData\Roaming\Skype
2009-02-13 14:37 . 2009-02-13 14:37 <DIR> d-------- c:\users\All Users\Skype
2009-02-13 14:37 . 2009-02-13 14:37 <DIR> d-------- c:\programdata\Skype
2009-02-13 14:37 . 2009-02-13 14:37 <DIR> dr------- c:\program files\Skype
2009-02-13 14:37 . 2009-02-13 14:37 <DIR> d-------- c:\program files\Common Files\Skype
2009-02-11 18:03 . 2009-01-15 04:36 1,383,424 --a------ c:\windows\System32\mshtml.tlb
2009-02-11 18:03 . 2009-01-15 07:11 827,392 --a------ c:\windows\System32\wininet.dll
2009-02-01 16:32 . 2008-01-19 08:33 8,139,264 --a------ c:\windows\System32\ssBranded.scr
2009-02-01 16:31 . 2008-01-19 08:35 3,072,000 --a------ c:\windows\System32\networkmap.dll
2009-02-01 16:30 . 2008-01-19 07:06 8,147,456 --a------ c:\windows\System32\wmploc.DLL
2009-02-01 16:29 . 2008-01-19 08:33 599,552 --a------ c:\windows\System32\vsp1cln.exe
2009-02-01 16:29 . 2008-01-05 12:31 145,455 --a------ c:\windows\System32\perfmon.msc
2009-02-01 16:29 . 2008-01-05 12:22 144,909 --a------ c:\windows\System32\fsmgmt.msc
2009-02-01 16:29 . 2008-01-05 12:32 120,458 --a------ c:\windows\System32\secpol.msc
2009-02-01 16:29 . 2008-01-05 12:34 15,181 --a------ c:\windows\System32\gatherWirelessInfo.vbs
2009-02-01 16:29 . 2008-01-05 12:21 12,198 --a------ c:\windows\System32\gatherWiredInfo.vbs
2009-02-01 16:29 . 2008-01-05 12:39 150 --a------ c:\windows\System32\RacUREx.xml
2009-02-01 16:29 . 2008-01-05 12:31 3 --a------ c:\windows\System32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf
2009-02-01 16:28 . 2008-01-19 08:36 357,888 --a------ c:\windows\System32\wbemcomn.dll
2009-02-01 16:27 . 2008-01-19 08:36 704,512 --a------ c:\windows\System32\SmiEngine.dll
2009-02-01 16:27 . 2008-01-19 08:36 218,624 --a------ c:\windows\System32\wdscore.dll
2009-02-01 16:27 . 2008-01-19 08:36 139,264 --a------ c:\windows\System32\SmiInstaller.dll
2009-02-01 16:27 . 2008-01-19 08:33 130,560 --a------ c:\windows\System32\PkgMgr.exe
2009-02-01 16:27 . 2008-01-19 08:36 129,536 --a------ c:\windows\System32\sqmapi.dll
2009-02-01 16:25 . 2008-01-19 08:34 305,152 --a------ c:\windows\System32\msdelta.dll
2009-02-01 16:25 . 2008-01-19 08:34 258,560 --a------ c:\windows\System32\dpx.dll
2009-02-01 16:25 . 2008-01-19 08:34 246,784 --a------ c:\windows\System32\drvstore.dll
2009-02-01 16:25 . 2008-01-19 08:35 35,328 --a------ c:\windows\System32\mspatcha.dll
2009-01-28 21:48 . 2009-01-28 21:48 <DIR> d-------- c:\program files\Java
2009-01-28 21:48 . 2009-01-28 21:48 410,984 --a------ c:\windows\System32\deploytk.dll
2009-01-28 20:40 . 2009-01-28 20:40 <DIR> d-------- c:\users\All Users\Office Genuine Advantage
2009-01-28 20:40 . 2009-01-28 20:40 <DIR> d-------- c:\programdata\Office Genuine Advantage

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-19 01:10 174 --sha-w c:\program files\desktop.ini
2009-02-19 01:02 --------- d-----w c:\program files\Windows Sidebar
2009-02-19 01:02 --------- d-----w c:\program files\Windows Photo Gallery
2009-02-19 01:02 --------- d-----w c:\program files\Windows Mail
2009-02-19 01:02 --------- d-----w c:\program files\Windows Journal
2009-02-19 01:02 --------- d-----w c:\program files\Windows Defender
2009-02-19 01:02 --------- d-----w c:\program files\Windows Collaboration
2009-02-19 01:02 --------- d-----w c:\program files\Windows Calendar
2009-02-18 15:20 82,432 ----a-w c:\windows\System32\axaltocm.dll
2009-02-18 15:20 101,888 ----a-w c:\windows\System32\ifxcardm.dll
2009-02-18 11:39 --------- d-----w c:\users\Demo\AppData\Roaming\SlipStream
2009-02-12 06:32 --------- d-----w c:\programdata\Microsoft Help
2009-01-28 19:52 --------- d-----w c:\programdata\eMule
2009-01-06 11:27 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-06 11:27 --------- d-----w c:\program files\Trust USB WiFi Adapter Driver
2009-01-06 11:26 --------- d-----w c:\users\Demo\AppData\Roaming\InstallShield
2009-01-04 13:11 --------- d-----w c:\programdata\CanonIJPLM
2008-12-31 16:04 691,560 ----a-w c:\windows\System32\OGACheckControl.dll
2008-12-31 16:04 528,744 ----a-w c:\windows\System32\OGAVerify.exe
2008-12-31 16:04 502,120 ----a-w c:\windows\System32\OGAAddin.dll
2005-09-08 13:44 2,021,035 ----a-r c:\program files\caraoche 5.exe
.

((((((((((((((((((((((((((((( SnapShot@2009-02-19_18.10.06,04 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-02-19 16:47:22 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2009-02-19 17:10:08 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
- 2009-02-18 11:43:29 16,384 --sha-w c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-02-19 17:33:08 16,384 --sha-w c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-02-18 11:43:29 32,768 --sha-w c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-02-19 17:33:08 32,768 --sha-w c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-02-18 11:43:29 16,384 --sha-w c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-02-19 17:33:08 16,384 --sha-w c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-02-19 16:47:17 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2009-02-19 17:10:01 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2009-02-19 17:10:01 262,144 ---ha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2009-02-19 16:45:39 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-02-19 19:08:00 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-02-19 16:45:39 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-02-19 19:08:00 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-02-19 16:45:39 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-02-19 19:08:00 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.X264"= x264vfw.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{831E0454-BF1D-407F-9E03-8F97B90DD321}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{509866FA-EDE4-415E-8D9E-596E487A3C30}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{6E7F149C-EE89-41CE-9726-5A044D323D78}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{31EE9F5D-DB0B-419C-8DEA-597C9AA7938D}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{192A9308-90B8-44CF-8051-6A31676FAF0B}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{45EA043A-3FEF-44B1-B468-3A8665BCA2A6}"= UDP:c:\program files\Grisoft\AVG7\avginet.exe:avginet.exe
"{4EF9AFE2-53D0-47C3-B02A-21F98981BD19}"= TCP:c:\program files\Grisoft\AVG7\avginet.exe:avginet.exe
"{01E66B7C-6448-43AD-BCFB-4FA79FEA4750}"= UDP:c:\program files\Grisoft\AVG7\avgamsvr.exe:avgamsvr.exe
"{5B881695-98D7-462C-8C1F-DC9BFDF5843C}"= TCP:c:\program files\Grisoft\AVG7\avgamsvr.exe:avgamsvr.exe
"{679222EB-FE8F-4040-BC00-431EE1C8F8C2}"= UDP:c:\program files\Grisoft\AVG7\avgcc.exe:avgcc.exe
"{A3ECCD01-285F-43D0-9483-EB71F61C1D94}"= TCP:c:\program files\Grisoft\AVG7\avgcc.exe:avgcc.exe
"{8C0EB3EB-0589-4836-891F-E96047411CD8}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"TCP Query User{BB8D8BD2-65EB-4CCA-94F5-4D0FA415C8F3}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{39EBB9B3-E8F0-47CB-9C3B-2FB7BEBD358B}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"{77A9E21D-1935-4A01-8F3F-19382AFD22B8}"= c:\program files\Skype\Phone\Skype.exe:Skype
"TCP Query User{F4AB8AEE-C3B0-41CB-A6CC-E0B335B86905}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{BDCD9B2B-248D-400C-9524-359B09FEFF26}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox

R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\System32\drivers\SiSGB6.sys [2007-08-08 46592]
S0 OemBiosDevice;Royalty OEM Bios Extension;c:\windows\System32\drivers\royal.sys [2007-08-08 240128]

--- Altri Servizi/Drivers In Memoria ---

*NewlyCreated* - SSMDRV
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.libero.it/
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: {4819DFDF-ABC4-488C-A323-919848C51175} - hxxp://portal3.rinera.com/download/Conv ... -1.7.0.cab
FF - ProfilePath - c:\users\Demo\AppData\Roaming\Mozilla\Firefox\Profiles\2c0gsh8x.default\
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\users\Demo\AppData\Roaming\Mozilla\Firefox\Profiles\2c0gsh8x.default\extensions\StreamingPlugin@conviva.com\platform\WINNT_x86-msvc\plugins\npconviva.4.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-19 20:48:57
Windows 6.0.6001 Service Pack 1 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...


c:\users\Demo\AppData\Local\Temp\catchme.dll 53248 bytes executable
c:\windows\TEMP\TMP000000996864AF11A4B8208E 524288 bytes executable

Scansione completata con successo
Files nascosti: 2

**************************************************************************
.
Ora fine scansione: 2009-02-19 20.50.00
ComboFix-quarantined-files.txt 2009-02-19 19:49:54
ComboFix2.txt 2009-02-19 19:43:53
ComboFix3.txt 2009-02-19 17:11:22

Pre-Run: 289.433.964.544 byte disponibili
Post-Run: 289,403,215,872 byte disponibili

178 --- E O F --- 2009-02-18 15:32:56



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17.42.09, on 19/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Safe mode

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO DI RETE')
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {4819DFDF-ABC4-488C-A323-919848C51175} (Conviva LivePass) - http://portal3.rinera.com/download/Conv ... -1.7.0.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/ ... 586-jc.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: SmartLinkService (SLService) - - C:\Windows\SYSTEM32\slserv.exe

--
End of file - 5493 bytes


secondo te adesso dovrebbe funzionare meglio internet?

Queste voci sono ancora presenti:

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

eliminale anche con CCleaner.


Credo te sia ancora infetto.
ComboFix rileva due file nascosti.


Usa Navilog come spiegato qui: http://www.steven.altervista.org/files/ ... tml#tools4

SDFix come spiegato qui: http://www.steven.altervista.org/files/tools.html#tools

FindyKill come spiegato qui: http://www.steven.altervista.org/files/findykill.html

ti spiego quando faccio lo scan con hijakthis nn rileva quelle voci e neanche con ccleaner quando invece appare il blocnote quelle voci ci sono come mai?nn posso cancellarle come mi hai fatto cancellare quelle con combo fix?adesso faccio quello che mi hai scritto prima!

penso di aver fatto tutto quello che mi hai detto cos altro devo mandarti per vedere se il pc e ancora infetto?come ti dicevo quelle voci nn ci sono appaiono solo sul blocnote!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0.05.09, on 20/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Windows\explorer.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [FixCamera] C:\Windows\FixCamera.exe
O4 - HKLM\..\Run: [snpstd3] C:\Windows\vsnpstd3.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {4819DFDF-ABC4-488C-A323-919848C51175} (Conviva LivePass) - http://portal3.rinera.com/download/Conv ... -1.7.0.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/ ... 586-jc.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: SmartLinkService (SLService) - - C:\Windows\SYSTEM32\slserv.exe

--
End of file - 4422 bytes

mi sa ke adesso nn ci sono piu vero?

Ora è ok...

prova a navigare con Firefox e a vedere come va...
fai anche un nuovo test di velocità...

ciao l ho fatto adesso mi sembra bassino oggi 147 e 470!ma nn sara dovuto a qualcosa che nn lo fa collegare bene?

Il pc è ok ora quindi il problema risiede o nel modem/router o nella linea...

puoi contattare il call center della tua linea e spiegargli il problema, loro faranno delle verifiche...

e provare con un altro router/modem....