Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » pc lento

pc lento Opzioni
Topic Precedente · Topic Sucessivo
eufonio
Inviato: Thursday, December 27, 2012 6:13:21 PM
Rank: AiutAmico

Iscritto dal : 1/18/2002
Posts: 76
Buonasera,
credo che su questo pc ci siano problemi, con una scansione con l'antivirus mi ha trovatovarie cose che ho eliminato.
Mi controllate il log di Hijacktihs.
Grazie mille

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:05:34, on 27/12/2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
C:\Program Files\Protected Search\ProtectedSearch.exe
C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Program Files\USB Safely Remove\USBSafelyRemove.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Programmi\Microsoft Student\Microsoft Encarta 2009 - Premium + Student DVD\EDICT.EXE
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\PROGRA~1\Uniblue\DRIVER~1\driverscanner.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.certified-toolbar.com?si=41460&home=true&tid=2937
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.certified-toolbar.com?si=41460&home=true&tid=2937
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IB Updater Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files\Softonic\softonic\1.5.11.5\bh\softonic.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files\Softonic\softonic\1.5.11.5\softonicTlbr.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [USB Safely Remove] C:\Program Files\USB Safely Remove\USBSafelyRemove.exe /startup
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-21-3134665804-992661644-2385791402-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3134665804-992661644-2385791402-1002\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: Apri con ScanSoft PDF Converter 4.1 - res://C:\Program Files\ScanSoft\PDF Professional 4.0\cnvres_ita.dll /100
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: Barra di ricerca di Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/it/mjss/MJSS.cab109791.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/it/uno1/GAME_UNO1.cab
O16 - DPF: {75AA409D-05F9-4F27-BD53-C7339D4B1D0A} (IBM Lotus iNotes 8.5 Control) - https://netinps.inps.it/http://srv-h.domino.inps/dwa85W.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM - C:\ASUS.SYS\config\DVMExportService.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IB Updater Updater - Unknown owner - C:\Program Files\IB Updater\ExtensionUpdaterService.exe
O23 - Service: IBUpdaterService - Unknown owner - C:\Windows\system32\dmwu.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LEC TranslateDotNet Server - Language Engineering Corporation, LLC - C:\Program Files\Power Translator 12\LogoMedia TranslateDotNet Server.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmileyCentral Service (SmileyCentral_1vService) - SmileyCentral - C:\PROGRA~1\SMILEY~2\bar\1.bin\1vbarsvc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: USB Safely Remove Assistant (USBSafelyRemoveService) - Unknown owner - C:\Program Files\USB Safely Remove\USBSRService.exe

--
End of file - 11615 bytes
Torna in alto
 
Sponsor
Inviato: Thursday, December 27, 2012 6:13:21 PM

 
Torna in alto
 
r16
Inviato: Thursday, December 27, 2012 6:19:39 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Ciao.
Scarica Adwcleaner sul desktop:
http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner
Clicca sul pulsante "Elimina".
Conferma con OK le varie finestre che ti compariranno.
Il pc si riavvierà, e uscirà il log con le eliminazioni.
Postalo qui.

Poi:
Scarica ed installa MalwareBytes:
clicca qui per il download : http://www.aiutamici.com/software?id=80346
Prima di fare la scansione AGGIORNALO. (è molto importante)
Esegui una scansione completa del sistema.
Elimina gli eventuali file infetti trovati.
Posta il log

PS:
Ovviamente non scaricare Malwarebytes visto che è già installato.
Basta aggiornarlo, fare la scansione completa, e postare il log.
Torna in alto
 
eufonio
Inviato: Thursday, December 27, 2012 6:32:11 PM
Rank: AiutAmico

Iscritto dal : 1/18/2002
Posts: 76
ecco il log di Adwcleaner, ora ho avviato Malwarebytes appena fatto posto il log

# AdwCleaner v2.103 - Logfile creato il 27/12/2012 alle 18:23:28
# Aggiornamento 25/12/2012 by Xplode
# Sistema Operativo : Windows 7 Ultimate (32 bits)
# Utente : Utente - UTENTE-PC
# Modalità Avvio : Modalità Normale
# Eseguito da : C:\Users\Utente\Desktop\adwcleaner.exe
# Opzioni [Elimina]


***** [Servizi] *****

Fermato & Eliminato : IBUpdaterService

***** [File / Cartelle] *****

Cartella Eliminato : C:\Program Files\Ask.com
Cartella Eliminato : C:\Program Files\incredibar.com
Cartella Eliminato : C:\Program Files\Softonic
Cartella Eliminato : C:\Program Files\SweetIM
Cartella Eliminato : C:\ProgramData\SweetIM
Cartella Eliminato : C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Cartella Eliminato : C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Cartella Eliminato : C:\Users\Utente\AppData\LocalLow\incredibar.com
Cartella Eliminato : C:\Users\Utente\AppData\LocalLow\Softonic
Cartella Eliminato : C:\Users\Utente\AppData\Roaming\Mozilla\Firefox\Profiles\fnnegvh2.default\Conduit
Cartella Eliminato : C:\Users\Utente\AppData\Roaming\Mozilla\Firefox\Profiles\fnnegvh2.default\ConduitEngine
Cartella Eliminato : C:\Users\Utente\AppData\Roaming\Mozilla\Firefox\Profiles\fnnegvh2.default\CT2086315
Cartella Eliminato : C:\Users\Utente\AppData\Roaming\Mozilla\Firefox\Profiles\fnnegvh2.default\extensions\{ecdc465a-cf20-4b82-9a26-47c9dc52fa32}
Cartella Eliminato : C:\Users\Utente\AppData\Roaming\Mozilla\Firefox\Profiles\fnnegvh2.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
Cartella Eliminato : C:\Users\Utente\AppData\Roaming\Mozilla\Firefox\Profiles\fnnegvh2.default\extensions\engine@conduit.com
Cartella Eliminato : C:\Users\Utente\AppData\Roaming\Mozilla\Firefox\Profiles\fnnegvh2.default\extensions\ffxtlbr@incredibar.com
Cartella Eliminato : C:\Users\Utente\AppData\Roaming\Mozilla\Firefox\Profiles\fnnegvh2.default\extensions\ffxtlbra@softonic.com
Cartella Eliminato : C:\Windows\system32\WNLT
Eliminato al riavvio : C:\Program Files\IB Updater
File Eliminato : C:\END
File Eliminato : C:\user.js
File Eliminato : C:\Users\Utente\AppData\Roaming\Mozilla\Firefox\Profiles\fnnegvh2.default\searchplugins\Askcom.xml
File Eliminato : C:\Users\Utente\AppData\Roaming\Mozilla\Firefox\Profiles\fnnegvh2.default\searchplugins\Conduit.xml
File Eliminato : C:\Users\Utente\AppData\Roaming\Mozilla\Firefox\Profiles\fnnegvh2.default\searchplugins\MyStart Search.xml
File Eliminato : C:\Users\Utente\AppData\Roaming\Mozilla\Firefox\Profiles\fnnegvh2.default\searchplugins\softonic.xml
File Eliminato : C:\Users\Utente\AppData\Roaming\Mozilla\Firefox\Profiles\fnnegvh2.default\searchplugins\SweetIm.xml
File Eliminato : C:\Users\Utente\AppData\Roaming\Mozilla\Firefox\Profiles\fnnegvh2.default\searchplugins\Web Search.xml
File Eliminato : C:\Users\Utente\Desktop\Search The Web.url
File Eliminato : C:\Users\Utente\Desktop\sweetpcfix.url

***** [Registro] *****

Chiave Eliminata : HKCU\Software\Ask.com.tmp
Chiave Eliminata : HKCU\Software\IM
Chiave Eliminata : HKCU\Software\ImInstaller
Chiave Eliminata : HKCU\Software\incredibar.com
Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Chiave Eliminata : HKCU\Software\Softonic
Chiave Eliminata : HKCU\Software\SweetIM
Chiave Eliminata : HKCU\Software\WNLT
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Chiave Eliminata : HKLM\SOFTWARE\Classes\escort.escortIEPane
Chiave Eliminata : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Chiave Eliminata : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Chiave Eliminata : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\I
Chiave Eliminata : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\Incredibar.dskBnd
Chiave Eliminata : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr
Chiave Eliminata : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Chiave Eliminata : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Chiave Eliminata : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Chiave Eliminata : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Chiave Eliminata : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\S
Chiave Eliminata : HKLM\SOFTWARE\Classes\sim-packages
Chiave Eliminata : HKLM\SOFTWARE\Classes\Softonic.dskBnd
Chiave Eliminata : HKLM\SOFTWARE\Classes\Softonic.dskBnd.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr
Chiave Eliminata : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\SoftonicApp.appCore
Chiave Eliminata : HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc
Chiave Eliminata : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Chiave Eliminata : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Chiave Eliminata : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Chiave Eliminata : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Chiave Eliminata : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Chiave Eliminata : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Chiave Eliminata : HKLM\Software\IB Updater
Chiave Eliminata : HKLM\Software\incredibar.com
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{13F3917B56CD4C25848BDC69916971BB}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{18D10072035C4515918F7E37EAFAACFC}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3FC7CBBC4C1E11DCA1A752EA55D89593}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{62369F2F77534556AEF4C58152E3BDE5}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7585478E9D9B42108671C12F8714CEFE}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7B63B2922B174135AFC0E1377DD81EC2}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8ADFC4160D694100B5B8A22DE9DCABD9}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A96E97134CA649888820BCDE5E300BBD}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AAC389499AEF40428987B3D30CFC76C9}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AEF9DC35ADDF4825B049ACBFD1C6EB37}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B13A7C41581B411290FBC0395694E2A9}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B7050CBDB2504B34BC2A9CA0A692CC29}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\6194C28A8F62DD817EA1B918E6E46E806A21B452
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\65B6FE5418CE28F4D72543FB2D964C3CEC83F161
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe_faf656ef605427ee2f42989c3ad31b8
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Chiave Eliminata : HKLM\Software\Softonic
Chiave Eliminata : HKLM\SOFTWARE\Software
Chiave Eliminata : HKLM\Software\SweetIM
Chiave Eliminata : HKLM\Software\WNLT
Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valore Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Run []
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5018CFD2-804D-4C99-9F81-25EAEA2769DE}]
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Valore Eliminata : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

***** [Browser Internet] *****

-\\ Internet Explorer v9.0.8112.16457

Sostituito : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= --> hxxp://www.google.com
Sostituito : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 --> hxxp://www.google.com
Sostituito : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 --> hxxp://www.google.com
Sostituito : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= --> hxxp://www.google.com
Sostituito : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= --> hxxp://www.google.com
Sostituito : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://newtab.certified-toolbar.com/nie?si=41460&tid=2937&new=true --> hxxp://www.google.com
Sostituito : [HKCU\Software\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 --> hxxp://www.google.com
Sostituito : [HKCU\Software\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 --> hxxp://www.google.com
Sostituito : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= --> hxxp://www.google.com
Sostituito : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= --> hxxp://www.google.com
Sostituito : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= --> hxxp://www.google.com
Sostituito : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 --> hxxp://www.google.com
Sostituito : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 --> hxxp://www.google.com
Sostituito : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= --> hxxp://www.google.com
Sostituito : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= --> hxxp://www.google.com
Sostituito : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= --> hxxp://www.google.com
Sostituito : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= --> hxxp://www.google.com
Sostituito : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 --> hxxp://www.google.com
Sostituito : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= --> hxxp://www.google.com
Sostituito : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 --> hxxp://www.google.com
Sostituito : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= --> hxxp://www.google.com

-\\ Mozilla Firefox v3.5.2 (it)

File : C:\Users\Utente\AppData\Roaming\Mozilla\Firefox\Profiles\fnnegvh2.default\prefs.js

C:\Users\Utente\AppData\Roaming\Mozilla\Firefox\Profiles\fnnegvh2.default\user.js ... Eliminato !

Eliminata : user_pref("CT2086315..clientLogIsEnabled", false);
Eliminata : user_pref("CT2086315..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Eliminata : user_pref("CT2086315..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Eliminata : user_pref("CT2086315.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Eliminata : user_pref("CT2086315.CTID", "CT2086315");
Eliminata : user_pref("CT2086315.CurrentServerDate", "27-1-2012");
Eliminata : user_pref("CT2086315.DialogsAlignMode", "LTR");
Eliminata : user_pref("CT2086315.DownloadReferralCookieData", "");
Eliminata : user_pref("CT2086315.EMailNotifierPollDate", "Fri Jan 27 2012 16:52:13 GMT+0100 (ora solare Europa o[...]
Eliminata : user_pref("CT2086315.ExternalComponentPollDate128977527366575420", "Fri Jan 27 2012 15:01:03 GMT+010[...]
Eliminata : user_pref("CT2086315.ExternalComponentPollDate128986977888844094", "Fri Jan 27 2012 15:01:03 GMT+010[...]
Eliminata : user_pref("CT2086315.ExternalComponentPollDate129234911592044562", "Fri Jan 27 2012 15:01:03 GMT+010[...]
Eliminata : user_pref("CT2086315.FeedLastCount128731247637625063", 469);
Eliminata : user_pref("CT2086315.FeedLastCount129310091389719498", 450);
Eliminata : user_pref("CT2086315.FeedPollDate128731245136062514", "Fri Jan 27 2012 15:01:04 GMT+0100 (ora solare[...]
Eliminata : user_pref("CT2086315.FeedPollDate128731245316218848", "Fri Jan 27 2012 15:01:04 GMT+0100 (ora solare[...]
Eliminata : user_pref("CT2086315.FeedPollDate128731245436844224", "Fri Jan 27 2012 15:01:04 GMT+0100 (ora solare[...]
Eliminata : user_pref("CT2086315.FeedPollDate128731245529813054", "Fri Jan 27 2012 15:01:04 GMT+0100 (ora solare[...]
Eliminata : user_pref("CT2086315.FeedPollDate128731246282468810", "Fri Jan 27 2012 15:01:04 GMT+0100 (ora solare[...]
Eliminata : user_pref("CT2086315.FeedPollDate128731246553406402", "Fri Jan 27 2012 15:01:04 GMT+0100 (ora solare[...]
Eliminata : user_pref("CT2086315.FeedPollDate128731246684343903", "Fri Jan 27 2012 15:01:04 GMT+0100 (ora solare[...]
Eliminata : user_pref("CT2086315.FeedPollDate128731246876375154", "Fri Jan 27 2012 15:01:04 GMT+0100 (ora solare[...]
Eliminata : user_pref("CT2086315.FeedPollDate128731247027625394", "Fri Jan 27 2012 15:01:04 GMT+0100 (ora solare[...]
Eliminata : user_pref("CT2086315.FeedPollDate128731247188094432", "Fri Jan 27 2012 15:01:05 GMT+0100 (ora solare[...]
Eliminata : user_pref("CT2086315.FeedPollDate128731247334657027", "Fri Jan 27 2012 15:01:05 GMT+0100 (ora solare[...]
Eliminata : user_pref("CT2086315.FeedPollDate128731247470125937", "Fri Jan 27 2012 15:01:05 GMT+0100 (ora solare[...]
Eliminata : user_pref("CT2086315.FeedPollDate128731247603093789", "Fri Jan 27 2012 15:01:05 GMT+0100 (ora solare[...]
Eliminata : user_pref("CT2086315.FeedPollDate129238074883359303", "Fri Jan 27 2012 16:21:04 GMT+0100 (ora solare[...]
Eliminata : user_pref("CT2086315.FeedPollDate129306636034094489", "Fri Jan 27 2012 16:21:05 GMT+0100 (ora solare[...]
Eliminata : user_pref("CT2086315.FeedPollDate129309122421437583", "Fri Jan 27 2012 16:21:04 GMT+0100 (ora solare[...]
Eliminata : user_pref("CT2086315.FeedPollDate129310091390032000", "Fri Jan 27 2012 16:21:04 GMT+0100 (ora solare[...]
Eliminata : user_pref("CT2086315.FeedPollDate129310091390032001", "Fri Jan 27 2012 16:21:04 GMT+0100 (ora solare[...]
Eliminata : user_pref("CT2086315.FeedPollDate129310091390032002", "Fri Jan 27 2012 16:21:04 GMT+0100 (ora solare[...]
Eliminata : user_pref("CT2086315.FeedPollDate129310091390032003", "Fri Jan 27 2012 16:21:04 GMT+0100 (ora solare[...]
Eliminata : user_pref("CT2086315.FeedPollDate129310091390032004", "Fri Jan 27 2012 16:21:04 GMT+0100 (ora solare[...]
Eliminata : user_pref("CT2086315.FeedPollDate129310091390032005", "Fri Jan 27 2012 16:21:04 GMT+0100 (ora solare[...]
Eliminata : user_pref("CT2086315.FeedPollDate129310091390032006", "Fri Jan 27 2012 16:41:04 GMT+0100 (ora solare[...]
Eliminata : user_pref("CT2086315.FeedTTL128731245529813054", 10);
Eliminata : user_pref("CT2086315.FeedTTL128731247334657027", 2);
Eliminata : user_pref("CT2086315.FeedTTL129238074883359303", 40);
Eliminata : user_pref("CT2086315.FeedTTL129306636034094489", 40);
Eliminata : user_pref("CT2086315.FeedTTL129309122421437583", 40);
Eliminata : user_pref("CT2086315.FeedTTL129310091390032000", 40);
Eliminata : user_pref("CT2086315.FeedTTL129310091390032001", 40);
Eliminata : user_pref("CT2086315.FeedTTL129310091390032002", 40);
Eliminata : user_pref("CT2086315.FeedTTL129310091390032003", 40);
Eliminata : user_pref("CT2086315.FeedTTL129310091390032004", 40);
Eliminata : user_pref("CT2086315.FeedTTL129310091390032005", 40);
Eliminata : user_pref("CT2086315.FirstServerDate", "29-1-2011");
Eliminata : user_pref("CT2086315.FirstTime", true);
Eliminata : user_pref("CT2086315.FirstTimeFF3", true);
Eliminata : user_pref("CT2086315.FixPageNotFoundErrors", true);
Eliminata : user_pref("CT2086315.GroupingServerCheckInterval", 1440);
Eliminata : user_pref("CT2086315.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Eliminata : user_pref("CT2086315.HasUserGlobalKeys", true);
Eliminata : user_pref("CT2086315.Initialize", true);
Eliminata : user_pref("CT2086315.InitializeCommonPrefs", true);
Eliminata : user_pref("CT2086315.InstallationAndCookieDataSentCount", 3);
Eliminata : user_pref("CT2086315.InstallationType", "UnknownIntegration");
Eliminata : user_pref("CT2086315.InstalledDate", "Sat Jan 29 2011 18:06:51 GMT+0100 (ora solare Europa occidenta[...]
Eliminata : user_pref("CT2086315.InvalidateCache", false);
Eliminata : user_pref("CT2086315.IsGrouping", false);
Eliminata : user_pref("CT2086315.IsMulticommunity", false);
Eliminata : user_pref("CT2086315.IsOpenThankYouPage", true);
Eliminata : user_pref("CT2086315.IsOpenUninstallPage", true);
Eliminata : user_pref("CT2086315.LanguagePackLastCheckTime", "Thu Jan 26 2012 18:14:15 GMT+0100 (ora solare Euro[...]
Eliminata : user_pref("CT2086315.LanguagePackReloadIntervalMM", 1440);
Eliminata : user_pref("CT2086315.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Eliminata : user_pref("CT2086315.LastLogin_3.2.5.2", "Fri Jan 27 2012 15:01:04 GMT+0100 (ora solare Europa occid[...]
Eliminata : user_pref("CT2086315.LatestVersion", "3.9.0.3");
Eliminata : user_pref("CT2086315.Locale", "it");
Eliminata : user_pref("CT2086315.MCDetectTooltipHeight", "83");
Eliminata : user_pref("CT2086315.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Eliminata : user_pref("CT2086315.MCDetectTooltipWidth", "295");
Eliminata : user_pref("CT2086315.RadioIsPodcast", false);
Eliminata : user_pref("CT2086315.RadioLastCheckTime", "Thu Jan 26 2012 18:14:26 GMT+0100 (ora solare Europa occi[...]
Eliminata : user_pref("CT2086315.RadioLastUpdateIPServer", "3");
Eliminata : user_pref("CT2086315.RadioLastUpdateServer", "128929877726170000");
Eliminata : user_pref("CT2086315.RadioMediaID", "9433860");
Eliminata : user_pref("CT2086315.RadioMediaType", "Media Player");
Eliminata : user_pref("CT2086315.RadioMenuSelectedID", "EBRadioMenu_CT20863159433860");
Eliminata : user_pref("CT2086315.RadioShrinked", "expanded");
Eliminata : user_pref("CT2086315.RadioStationName", "Centro%20Suono%20Sport%20");
Eliminata : user_pref("CT2086315.RadioStationURL", "hxxp://wms.mclink.it/rcs_65_live");
Eliminata : user_pref("CT2086315.RadioVolume", "80");
Eliminata : user_pref("CT2086315.SHRINK_TOOLBAR", 1);
Eliminata : user_pref("CT2086315.SavedHomepage", "hxxp://home.mywebsearch.com/index.jhtml?n=77C09F4F&ptnrS=ZNzfb[...]
Eliminata : user_pref("CT2086315.SearchBoxWidth", 100);
Eliminata : user_pref("CT2086315.SearchEngine", "App||hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceO[...]
Eliminata : user_pref("CT2086315.SearchFromAddressBarIsInit", true);
Eliminata : user_pref("CT2086315.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT208[...]
Eliminata : user_pref("CT2086315.SearchInNewTabEnabled", true);
Eliminata : user_pref("CT2086315.SearchInNewTabIntervalMM", 1440);
Eliminata : user_pref("CT2086315.SearchInNewTabLastCheckTime", "Thu Jan 26 2012 18:26:04 GMT+0100 (ora solare Eu[...]
Eliminata : user_pref("CT2086315.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Eliminata : user_pref("CT2086315.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Eliminata : user_pref("CT2086315.ServiceMapLastCheckTime", "Thu Jan 26 2012 18:26:26 GMT+0100 (ora solare Europa[...]
Eliminata : user_pref("CT2086315.SettingsLastCheckTime", "Fri Jan 27 2012 15:01:03 GMT+0100 (ora solare Europa o[...]
Eliminata : user_pref("CT2086315.SettingsLastUpdate", "1321973134");
Eliminata : user_pref("CT2086315.ThirdPartyComponentsInterval", 504);
Eliminata : user_pref("CT2086315.ThirdPartyComponentsLastCheck", "Sun Jan 08 2012 11:41:48 GMT+0100 (ora solare [...]
Eliminata : user_pref("CT2086315.ThirdPartyComponentsLastUpdate", "1291279838");
Eliminata : user_pref("CT2086315.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID");
Eliminata : user_pref("CT2086315.UserID", "UN66598984712703467");
Eliminata : user_pref("CT2086315.ValidationData_Search", 2);
Eliminata : user_pref("CT2086315.ValidationData_Toolbar", 2);
Eliminata : user_pref("CT2086315.WeatherNetwork", "");
Eliminata : user_pref("CT2086315.WeatherPollDate", "Fri Jan 27 2012 16:31:06 GMT+0100 (ora solare Europa occiden[...]
Eliminata : user_pref("CT2086315.WeatherUnit", "C");
Eliminata : user_pref("CT2086315.alertChannelId", "513878");
Eliminata : user_pref("CT2086315.backendstorage.d_date_ginyas1", "31333237363739353532363431");
Eliminata : user_pref("CT2086315.backendstorage.d_ginyas1", "30");
Eliminata : user_pref("CT2086315.backendstorage.d_ginyas1_d", "");
Eliminata : user_pref("CT2086315.backendstorage.d_ginyas1_t", "31333237363738383637313336");
Eliminata : user_pref("CT2086315.backendstorage.ginyasstest", "676F6F64");
Eliminata : user_pref("CT2086315.backendstorage.hxxp://cmg1_conduit-widgets_com/pitsi.state", "4F50454E");
Eliminata : user_pref("CT2086315.backendstorage.hxxp://rv_ginyas_com/app/conduit.bbrs_affid", "626567726561745F6[...]
Eliminata : user_pref("CT2086315.backendstorage.hxxp://rv_ginyas_com/app/conduit.bbrs_bguid", "626567726561745F6[...]
Eliminata : user_pref("CT2086315.backendstorage.hxxp://rv_ginyas_com/app/conduit.bbrs_lba", "3232313237383831");
Eliminata : user_pref("CT2086315.backendstorage.hxxp://rv_ginyas_com/app/conduit.bbrs_lba1", "323031322D312D3237[...]
Eliminata : user_pref("CT2086315.backendstorage.hxxp://rv_ginyas_com/app/conduit.bbrs_updatesliststr1_exp", "323[...]
Eliminata : user_pref("CT2086315.myStuffEnabled", true);
Eliminata : user_pref("CT2086315.myStuffPublihserMinWidth", 400);
Eliminata : user_pref("CT2086315.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Eliminata : user_pref("CT2086315.myStuffServiceIntervalMM", 1440);
Eliminata : user_pref("CT2086315.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Eliminata : user_pref("CT2086315.testingCtid", "");
Eliminata : user_pref("CT2086315.toolbarAppMetaDataLastCheckTime", "Thu Jan 26 2012 18:26:26 GMT+0100 (ora solar[...]
Eliminata : user_pref("CT2086315.toolbarContextMenuLastCheckTime", "Sat Jan 29 2011 18:06:55 GMT+0100 (ora solar[...]
Eliminata : user_pref("CT2086315.usagesFlag", 2);
Eliminata : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2086315/CT2086315[...]
Eliminata : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/513878/509748/IT", "\"0\"")[...]
Eliminata : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/IT", "\"0\"")[...]
Eliminata : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2086315", [...]
Eliminata : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Eliminata : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Eliminata : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Eliminata : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Eliminata : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"13a760730d9291[...]
Eliminata : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Eliminata : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=1/11/20[...]
Eliminata : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/17/20[...]
Eliminata : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/22/20[...]
Eliminata : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Eliminata : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2086315&octid=[...]
Eliminata : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2086315/CT2086315[...]
Eliminata : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer[...]
Eliminata : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/maxi.gif"[...]
Eliminata : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.[...]
Eliminata : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif"[...]
Eliminata : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play_mini[...]
Eliminata : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif"[...]
Eliminata : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif",[...]
Eliminata : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=it", "\"dbb[...]
Eliminata : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16409683.xml", "\"537282e64f5b8595369[...]
Eliminata : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16727535.xml", "\"0ca99915f664c110124[...]
Eliminata : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/18863815.xml", "\"2eaa4e234cc96a5e7af[...]
Eliminata : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/19058681.xml", "\"e589da8164ee424914f[...]
Eliminata : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/19248106.xml", "\"ff18e8d50f1c3aaf37d[...]
Eliminata : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/19554706.xml", "\"fe5841bb5aa98c8ffb7[...]
Eliminata : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/428333.xml", "\"69966ed64fddf9768bacc[...]
Eliminata : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/807095.xml", "\"865cf63f007eba4658da6[...]
Eliminata : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/813286.xml", "\"c1c6a2d33d1241c1157cc[...]
Eliminata : user_pref("CommunityToolbar.EngineOwner", "CT2086315");
Eliminata : user_pref("CommunityToolbar.EngineOwnerGuid", "{ecdc465a-cf20-4b82-9a26-47c9dc52fa32}");
Eliminata : user_pref("CommunityToolbar.EngineOwnerToolbarId", "eazel-it");
Eliminata : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Eliminata : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://tv.shareware.pro/", "1138x154");
Eliminata : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://m1.blabbers.com/app/conduit/disclaimer_ginyas[...]
Eliminata : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://rv.ginyas.com/app/conduit/disclaimer_ginyas.h[...]
Eliminata : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://www.shareware.pro/hit.php?m=Powerpong_EN&url=[...]
Eliminata : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2086315");
Eliminata : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{ecdc465a-cf20-4b82-9a26-47c9dc52fa32}");
Eliminata : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "eazel-it");
Eliminata : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.mywebsearch.com/mywebsearc[...]
Eliminata : user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2086315");
Eliminata : user_pref("CommunityToolbar.ToolbarsList2", "CT2086315");
Eliminata : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Eliminata : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Thu Dec 27 2012 12:46:41 GMT+0100 (ora s[...]
Eliminata : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Eliminata : user_pref("CommunityToolbar.alert.firstTimeAlertShown", true);
Eliminata : user_pref("CommunityToolbar.alert.locale", "en");
Eliminata : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Eliminata : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Dec 27 2012 12:13:09 GMT+0100 (ora solar[...]
Eliminata : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
Eliminata : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Eliminata : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Eliminata : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Eliminata : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Eliminata : user_pref("CommunityToolbar.alert.userId", "ecdf38a5-1ce1-4c39-9ae3-bbaa46d597a3");
Eliminata : user_pref("CommunityToolbar.facebook.sessionKey", "78567f3bd98caac50cca79db.0-100001716037225");
Eliminata : user_pref("CommunityToolbar.facebook.sessionSecret", "05b22fce4697722f426483d86cfdb1ee");
Eliminata : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu Jan 26 2012 18:14:15 GMT+0100 (ora[...]
Eliminata : user_pref("CommunityToolbar.facebook.userId", "100001716037225");
Eliminata : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2086315");
Eliminata : user_pref("CommunityToolbar.twitter.user_16409683.LastCheckTime", "Fri Jan 27 2012 15:01:06 GMT+0100[...]
Eliminata : user_pref("CommunityToolbar.twitter.user_16727535.LastCheckTime", "Fri Jan 27 2012 15:01:06 GMT+0100[...]
Eliminata : user_pref("CommunityToolbar.twitter.user_18863815.LastCheckTime", "Fri Jan 27 2012 15:01:06 GMT+0100[...]
Eliminata : user_pref("CommunityToolbar.twitter.user_19058681.LastCheckTime", "Fri Jan 27 2012 15:01:06 GMT+0100[...]
Eliminata : user_pref("CommunityToolbar.twitter.user_19248106.LastCheckTime", "Fri Jan 27 2012 15:01:06 GMT+0100[...]
Eliminata : user_pref("CommunityToolbar.twitter.user_19554706.LastCheckTime", "Fri Jan 27 2012 15:01:06 GMT+0100[...]
Eliminata : user_pref("CommunityToolbar.twitter.user_19757371.LastCheckTime", "Fri Jan 27 2012 15:01:06 GMT+0100[...]
Eliminata : user_pref("CommunityToolbar.twitter.user_428333.LastCheckTime", "Fri Jan 27 2012 15:01:06 GMT+0100 ([...]
Eliminata : user_pref("CommunityToolbar.twitter.user_807095.LastCheckTime", "Fri Jan 27 2012 15:01:06 GMT+0100 ([...]
Eliminata : user_pref("CommunityToolbar.twitter.user_813286.LastCheckTime", "Fri Jan 27 2012 15:01:06 GMT+0100 ([...]
Eliminata : user_pref("ConduitEngine.FirstServerDate", "01/29/2011 20");
Eliminata : user_pref("ConduitEngine.FirstTime", true);
Eliminata : user_pref("ConduitEngine.FirstTimeFF3", true);
Eliminata : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Eliminata : user_pref("ConduitEngine.Initialize", true);
Eliminata : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Eliminata : user_pref("ConduitEngine.InstalledDate", "Sat Jan 29 2011 18:06:51 GMT+0100 (ora solare Europa occid[...]
Eliminata : user_pref("ConduitEngine.IsMulticommunity", false);
Eliminata : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Eliminata : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Eliminata : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Thu Jan 26 2012 18:26:26 GMT+0100 (ora solare [...]
Eliminata : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Fri Jan 27 2012 15:01:04 GMT+0100 (ora solare Europa o[...]
Eliminata : user_pref("ConduitEngine.PublisherContainerWidth", 0);
Eliminata : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Eliminata : user_pref("ConduitEngine.SettingsLastCheckTime", "Fri Jan 27 2012 15:01:04 GMT+0100 (ora solare Euro[...]
Eliminata : user_pref("ConduitEngine.UserID", "UN37296177382980944");
Eliminata : user_pref("ConduitEngine.engineLocale", "it");
Eliminata : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Thu Jan 26 2012 18:26:20 GMT+0100 (ora s[...]
Eliminata : user_pref("ConduitEngine.initDone", true);
Eliminata : user_pref("browser.search.defaultengine", "Web Search");
Eliminata : user_pref("browser.search.defaultenginename", "Web Search");
Eliminata : user_pref("browser.search.defaultthis.engineName", "Eazel-IT Customized Web Search");
Eliminata : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2086315&Sea[...]
Eliminata : user_pref("browser.search.order.1", "Web Search");
Eliminata : user_pref("browser.search.selectedEngine", "Web Search");
Eliminata : user_pref("browser.startup.homepage", "hxxp://search.certified-toolbar.com?si=41460&home=true&tid=29[...]
Eliminata : user_pref("extensions.SmileyCentral_1v.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/op[...]
Eliminata : user_pref("extensions.incredibar.admin", false);
Eliminata : user_pref("extensions.incredibar.aflt", "orgnl");
Eliminata : user_pref("extensions.incredibar.cntry", "IT");
Eliminata : user_pref("extensions.incredibar.dfltLng", "");
Eliminata : user_pref("extensions.incredibar.dfltSrch", false);
Eliminata : user_pref("extensions.incredibar.dfltlng", "en");
Eliminata : user_pref("extensions.incredibar.dfltsrch", "false");
Eliminata : user_pref("extensions.incredibar.did", "10665");
Eliminata : user_pref("extensions.incredibar.envrmnt", "production");
Eliminata : user_pref("extensions.incredibar.excTlbr", false);
Eliminata : user_pref("extensions.incredibar.hdrMd5", "424CA9FE7F0FA2FE716CD90A7E97B589");
Eliminata : user_pref("extensions.incredibar.hmpg", false);
Eliminata : user_pref("extensions.incredibar.hrdid", "aea02b330000000000000018e762a0d8");
Eliminata : user_pref("extensions.incredibar.id", "aea02b330000000000000018e762a0d8");
Eliminata : user_pref("extensions.incredibar.installerproductid", "26");
Eliminata : user_pref("extensions.incredibar.instlDay", "15640");
Eliminata : user_pref("extensions.incredibar.instlRef", "");
Eliminata : user_pref("extensions.incredibar.instlday", "15640");
Eliminata : user_pref("extensions.incredibar.instlref", "");
Eliminata : user_pref("extensions.incredibar.isdcmntcmplt", "false");
Eliminata : user_pref("extensions.incredibar.keywordurl", "");
Eliminata : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1416:07:01");
Eliminata : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
Eliminata : user_pref("extensions.incredibar.newTab", false);
Eliminata : user_pref("extensions.incredibar.newtab", "false");
Eliminata : user_pref("extensions.incredibar.newtaburl", "");
Eliminata : user_pref("extensions.incredibar.noFFXTlbr", false);
Eliminata : user_pref("extensions.incredibar.ppd", "");
Eliminata : user_pref("extensions.incredibar.prdct", "incredibar");
Eliminata : user_pref("extensions.incredibar.productid", "26");
Eliminata : user_pref("extensions.incredibar.prtnrId", "Incredibar");
Eliminata : user_pref("extensions.incredibar.prtnrid", "Incredibar");
Eliminata : user_pref("extensions.incredibar.sg", "none");
Eliminata : user_pref("extensions.incredibar.smplGrp", "none");
Eliminata : user_pref("extensions.incredibar.smplgrp", "none");
Eliminata : user_pref("extensions.incredibar.srch", "");
Eliminata : user_pref("extensions.incredibar.srchprvdr", "");
Eliminata : user_pref("extensions.incredibar.tlbrId", "base");
Eliminata : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQNUoc4vQ&loc=IB_T[...]
Eliminata : user_pref("extensions.incredibar.tlbrid", "base");
Eliminata : user_pref("extensions.incredibar.tlbrsrchurl", "hxxp://mystart.Incredibar.com/?a=6PQNUoc4vQ&loc=IB_T[...]
Eliminata : user_pref("extensions.incredibar.upn2", "6PQNUoc4vQ");
Eliminata : user_pref("extensions.incredibar.upn2n", "92543823494425382");
Eliminata : user_pref("extensions.incredibar.vrsn", "1.5.11.14");
Eliminata : user_pref("extensions.incredibar.vrsnTs", "1.5.11.1416:07:01");
Eliminata : user_pref("extensions.incredibar.vrsni", "1.5.11.14");
Eliminata : user_pref("extensions.incredibar.vrsnts", "1.5.11.1416:07:01");
Eliminata : user_pref("extensions.incredibar_i.aflt", "orgnl");
Eliminata : user_pref("extensions.incredibar_i.dfltLng", "");
Eliminata : user_pref("extensions.incredibar_i.did", "10665");
Eliminata : user_pref("extensions.incredibar_i.excTlbr", false);
Eliminata : user_pref("extensions.incredibar_i.id", "aea02b330000000000000018e762a0d8");
Eliminata : user_pref("extensions.incredibar_i.installerproductid", "26");
Eliminata : user_pref("extensions.incredibar_i.instlDay", "15640");
Eliminata : user_pref("extensions.incredibar_i.instlRef", "");
Eliminata : user_pref("extensions.incredibar_i.ms_url_id", "");
Eliminata : user_pref("extensions.incredibar_i.newTab", false);
Eliminata : user_pref("extensions.incredibar_i.ppd", "");
Eliminata : user_pref("extensions.incredibar_i.prdct", "incredibar");
Eliminata : user_pref("extensions.incredibar_i.productid", "26");
Eliminata : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Eliminata : user_pref("extensions.incredibar_i.smplGrp", "none");
Eliminata : user_pref("extensions.incredibar_i.tlbrId", "base");
Eliminata : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQNUoc4vQ&loc=IB[...]
Eliminata : user_pref("extensions.incredibar_i.upn2", "6PQNUoc4vQ");
Eliminata : user_pref("extensions.incredibar_i.upn2n", "92543823494425382");
Eliminata : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Eliminata : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1416:07:01");
Eliminata : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Eliminata : user_pref("extensions.softonic.admin", false);
Eliminata : user_pref("extensions.softonic.aflt", "SD");
Eliminata : user_pref("extensions.softonic.dfltLng", "IT");
Eliminata : user_pref("extensions.softonic.dfltSrch", true);
Eliminata : user_pref("extensions.softonic.excTlbr", false);
Eliminata : user_pref("extensions.softonic.hmpg", true);
Eliminata : user_pref("extensions.softonic.id", "aea02b330000000000000018e762a0d8");
Eliminata : user_pref("extensions.softonic.instlDay", "15366");
Eliminata : user_pref("extensions.softonic.instlRef", "MON00080");
Eliminata : user_pref("extensions.softonic.keyWordUrl", "hxxp://search.softonic.com/MON00080/tb_v1?SearchSource=[...]
Eliminata : user_pref("extensions.softonic.lastVrsnTs", "1.5.11.516:22:19");
Eliminata : user_pref("extensions.softonic.newTab", true);
Eliminata : user_pref("extensions.softonic.newTabUrl", "hxxp://search.softonic.com/MON00080/tb_v1?SearchSource=1[...]
Eliminata : user_pref("extensions.softonic.noFFXTlbr", false);
Eliminata : user_pref("extensions.softonic.prdct", "softonic");
Eliminata : user_pref("extensions.softonic.prtnrId", "softonic");
Eliminata : user_pref("extensions.softonic.smplGrp", "eng7");
Eliminata : user_pref("extensions.softonic.srchPrvdr", "Search the web (Softonic)");
Eliminata : user_pref("extensions.softonic.tlbrId", "it12JANdefault");
Eliminata : user_pref("extensions.softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MON00080/tb_v1?SearchSource[...]
Eliminata : user_pref("extensions.softonic.updateRunOnce", true);
Eliminata : user_pref("extensions.softonic.updateRunOnce1", true);
Eliminata : user_pref("extensions.softonic.vrsn", "1.5.11.5");
Eliminata : user_pref("extensions.softonic.vrsnTs", "1.5.11.516:22:19");
Eliminata : user_pref("extensions.softonic.vrsni", "1.5.11.5");
Eliminata : user_pref("extensions.softonic_i.aflt", "SD");
Eliminata : user_pref("extensions.softonic_i.dfltLng", "it");
Eliminata : user_pref("extensions.softonic_i.dfltSrch", true);
Eliminata : user_pref("extensions.softonic_i.dnsErr", true);
Eliminata : user_pref("extensions.softonic_i.excTlbr", false);
Eliminata : user_pref("extensions.softonic_i.hmpg", true);
Eliminata : user_pref("extensions.softonic_i.hmpgUrl", "hxxp://search.softonic.com/MON00080/tb_v1?SearchSource=1[...]
Eliminata : user_pref("extensions.softonic_i.id", "aea02b330000000000000018e762a0d8");
Eliminata : user_pref("extensions.softonic_i.instlDay", "15366");
Eliminata : user_pref("extensions.softonic_i.instlRef", "MON00080");
Eliminata : user_pref("extensions.softonic_i.keyWordUrl", "hxxp://search.softonic.com/MON00080/tb_v1?SearchSourc[...]
Eliminata : user_pref("extensions.softonic_i.newTab", true);
Eliminata : user_pref("extensions.softonic_i.newTabUrl", "hxxp://search.softonic.com/MON00080/tb_v1?SearchSource[...]
Eliminata : user_pref("extensions.softonic_i.prdct", "softonic");
Eliminata : user_pref("extensions.softonic_i.prtnrId", "softonic");
Eliminata : user_pref("extensions.softonic_i.smplGrp", "eng7");
Eliminata : user_pref("extensions.softonic_i.srchPrvdr", "Search the web (Softonic)");
Eliminata : user_pref("extensions.softonic_i.tlbrId", "it12JANdefault");
Eliminata : user_pref("extensions.softonic_i.tlbrSrchUrl", "hxxp://search.softonic.com/MON00080/tb_v1?SearchSour[...]
Eliminata : user_pref("extensions.softonic_i.vrsn", "1.5.11.5");
Eliminata : user_pref("extensions.softonic_i.vrsnTs", "1.5.11.516:22:19");
Eliminata : user_pref("extensions.softonic_i.vrsni", "1.5.11.5");
Eliminata : user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=");
Eliminata : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=too[...]
Eliminata : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_referrer", "hxxp://search.softonic.[...]
Eliminata : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_temp_referer", "hxxp://search.softo[...]
Eliminata : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Preferences

Eliminata [l.9] : homepage = "hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937",
Eliminata [l.1678] : homepage = "hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937",

*************************

AdwCleaner[S1].txt - [54326 octets] - [27/12/2012 18:23:28]

########## EOF - C:\AdwCleaner[S1].txt - [54387 octets] ##########
Torna in alto
 
r16
Inviato: Thursday, December 27, 2012 6:40:05 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Disattiva il ripristino configurazione di sistema,
http://guide.aiutamici.com/guide?C1=7&C2=68&ID=80121

Dai una pulita (registro compreso)con CCleaner: http://www.aiutamici.com/software?ID=11223
Nella schermata iniziale di CCleaner, clicca su Opzioni e poi Avanzate, togli il segno di spunta a: Cancella i file in Windows Temp solo se più vecchi di 48 ore. (poi esegui le pulizie)

Riattiva il ripristino configurazione di sistema, e crea un punto di ripristino.
Torna in alto
 
eufonio
Inviato: Thursday, December 27, 2012 7:13:49 PM
Rank: AiutAmico

Iscritto dal : 1/18/2002
Posts: 76
Ho fatto le operazione che mi hai indicato
Ecco il logo di Malwarebytes

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Versione database: v2012.12.27.07

Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Utente :: UTENTE-PC [amministratore]

27/12/2012 18:27:40
mbam-log-2012-12-27 (19-12-29).txt

Tipo di scansione: Scansione completa (C:\|)
Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File di sistema | Euristica/Extra | Euristica/Shuriken | PUP | PUM
Opzioni di scansione disattivate: P2P
Elementi esaminati: 377477
Tempo impiegato: 44 minuti, 15 secondi

Processi rilevati in memoria: 0
(non sono stati rilevati elementi nocivi)

Moduli di memoria rilevati: 0
(non sono stati rilevati elementi nocivi)

Chiavi di registro rilevate: 0
(non sono stati rilevati elementi nocivi)

Valori di registro rilevati: 0
(non sono stati rilevati elementi nocivi)

Voci rilevate nei dati di registro: 0
(non sono stati rilevati elementi nocivi)

Cartelle rilevate: 1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search (PUP.ProtectedSearch) -> Nessuna azione intrapresa.

File rilevati: 1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search\Protected Search Settings.lnk (PUP.ProtectedSearch) -> Nessuna azione intrapresa.

(fine)
Torna in alto
 
r16
Inviato: Thursday, December 27, 2012 8:34:55 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Perchè non hai eliminato quello che ha trovato Malwarebytes ? (conosci quel programma?)

Scarica Combofix (usa Internet Explorer)

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Salvalo sul desktop. (è obbligatorio)

Importante: Disabilita il tuo antivirus e chiudi TUTTI i programmi aperti,(Firewall compreso) e dopo aver scaricato COMBOFIX, chiudi la connessione.

Doppio click su combofix.exe (se usi Vista o Seven: tasto destro su Combofix.exe e clicca su: "Esegui come Amministratore" )

E' probabile che ti siano inviati messaggi dall'antivirus,(o dallo stesso Combofix) tu ignorali, e prosegui con la scansione.

Durante l'operazione di scansione è importante non usare il PC (neanche il mouse) e attendere pazientemente la fine delle operazioni.
Al termine, verrà creato un file log sul Desktop, chiamato C:\ComboFix.txt.
Postalo qui.

Per postare il log:
Collegati ad internet e vai alla pagina WikiSend: http://www.wikisend.com/
Clicca sul bottone "Sfoglia"
Seleziona il file appena salvato
Clicca su Upload file
Dopo qualche secondo, vieni spostato su una nuova pagina con il link in diversi formati:
Download Link / Forum Link
Seleziona Forum Link, copialo e incollalo in un nuovo messaggio per il forum.
Torna in alto
 
eufonio
Inviato: Friday, December 28, 2012 12:25:22 PM
Rank: AiutAmico

Iscritto dal : 1/18/2002
Posts: 76
Ho eliminato i due file segnalati da malwarebites ed ho avviato combofix, ecco il log
log.txt
Torna in alto
 
r16
Inviato: Friday, December 28, 2012 6:16:34 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Apri un file di testo con il Block Note sul Desktop
Ci incolli il codice che vedi qui sotto, e salvi il file di testo obbligatoriamente con il nome CFScript.txt


Commenta:
KillAll::

Driver::
McComponentHostService

File::
c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe

Folder::
c:\program files\McAfee Security Scan\2.0.181
c:\program files\McAfee Security Scan

FCopy::
c:\windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll|c:\windows\System32\user32.dll




e trascinalo sull'icona di ComboFix.
Attendi la fine dei lavori, senza toccare tastiera, mouse o altro.
Posta il log aggiornato di combofix.

Consiglio la disistallazione di questi programmi:
Uniblue
PC Tools
Torna in alto
 
eufonio
Inviato: Friday, December 28, 2012 7:33:10 PM
Rank: AiutAmico

Iscritto dal : 1/18/2002
Posts: 76
Ecco il log di combofix
ComboFix.txt

ho anche disinstallato i due programmi che mi hai indicato
Torna in alto
 
r16
Inviato: Friday, December 28, 2012 7:59:50 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Come funziona il pc?
Ancora problemi di lentezza?
Torna in alto
 
eufonio
Inviato: Friday, December 28, 2012 8:03:02 PM
Rank: AiutAmico

Iscritto dal : 1/18/2002
Posts: 76
mi sembra possa andare.
Combofix lo devo disinstallare e come?
Torna in alto
 
r16
Inviato: Friday, December 28, 2012 8:36:33 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Commenta:
Combofix lo devo disinstallare e come?

Rinomina Combofix in uninstall
Avvialo e aspetta che ti venga comunicata la sua disistallazione.

Disattiva il Ripristino configurazione sistema:
http://windows.microsoft.com/it-IT/windows-vista/Turn-System-Restore-on-or-off

Dai una pulita (registro compreso)con CCleaner: http://www.aiutamici.com/software?ID=11223
Nella schermata iniziale di CCleaner, clicca su Opzioni e poi Avanzate, togli il segno di spunta a: Cancella i file in Windows Temp solo se più vecchi di 48 ore. (poi esegui le pulizie)

Riattiva il Ripristino configurazione sistema.

Per un ultimo controllo posta un nuovo log di hijackthis
Torna in alto
 
eufonio
Inviato: Friday, December 28, 2012 9:03:15 PM
Rank: AiutAmico

Iscritto dal : 1/18/2002
Posts: 76
fatto tutto, ecco il log

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:02:14, on 28/12/2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files\USB Safely Remove\USBSafelyRemove.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [USB Safely Remove] C:\Program Files\USB Safely Remove\USBSafelyRemove.exe /startup
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-21-3134665804-992661644-2385791402-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3134665804-992661644-2385791402-1002\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: Apri con ScanSoft PDF Converter 4.1 - res://C:\Program Files\ScanSoft\PDF Professional 4.0\cnvres_ita.dll /100
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: Barra di ricerca di Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/it/mjss/MJSS.cab109791.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/it/uno1/GAME_UNO1.cab
O16 - DPF: {75AA409D-05F9-4F27-BD53-C7339D4B1D0A} (IBM Lotus iNotes 8.5 Control) - https://netinps.inps.it/http://srv-h.domino.inps/dwa85W.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM - C:\ASUS.SYS\config\DVMExportService.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LEC TranslateDotNet Server - Language Engineering Corporation, LLC - C:\Program Files\Power Translator 12\LogoMedia TranslateDotNet Server.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmileyCentral Service (SmileyCentral_1vService) - SmileyCentral - C:\PROGRA~1\SMILEY~2\bar\1.bin\1vbarsvc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: USB Safely Remove Assistant (USBSafelyRemoveService) - Unknown owner - C:\Program Files\USB Safely Remove\USBSRService.exe

--
End of file - 8023 bytes
Torna in alto
 
r16
Inviato: Friday, December 28, 2012 9:11:50 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Dovresti aggiornare il S.O. al SP1 (è importante )
http://www.microsoft.com/it-it/download/details.aspx?id=5842
Torna in alto
 
eufonio
Inviato: Friday, December 28, 2012 9:32:02 PM
Rank: AiutAmico

Iscritto dal : 1/18/2002
Posts: 76
ok S.O. aggiornato al SP1
Torna in alto
 
r16
Inviato: Friday, December 28, 2012 9:37:00 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Ok.
Vai in "Windows Update" e scarica (se ci sono) tutti gli aggiornamenti a "alta priorità" .
Se il funzionamento del pc ti soddisfa, e non riscontri problemi, abbiamo concluso.
Torna in alto
 
eufonio
Inviato: Friday, December 28, 2012 9:39:11 PM
Rank: AiutAmico

Iscritto dal : 1/18/2002
Posts: 76
Grazie mille per il tuo prezioso aiuto.
Ti saluto e ti auguro Buon Anno
Torna in alto
 
r16
Inviato: Friday, December 28, 2012 9:40:49 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Ho aggiunto qualcosa nel mio post precedente.
Un saluto anche da parte mia, e auguri di Buon Anno.
Ciao.
Torna in alto
 
eufonio
Inviato: Friday, December 28, 2012 9:42:05 PM
Rank: AiutAmico

Iscritto dal : 1/18/2002
Posts: 76
grazie, avevo già controllato windows update
Torna in alto
 
Utenti presenti in questo topic
Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » pc lento


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.