Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Potreste controllare nel log cosa rallenta il mio portatile

3 pages: [1] 2 3
Potreste controllare nel log cosa rallenta il mio portatile Opzioni
Topic Precedente · Topic Sucessivo
troleo
Inviato: Saturday, January 26, 2013 12:08:37 AM

Rank: AiutAmico

Iscritto dal : 11/29/2004
Posts: 137
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0.06.55, on 26/01/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Programmi\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
C:\Programmi\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
C:\Programmi\Alwil Software\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\Microsoft\BingBar\7.1.391.0\SeaPort.exe
C:\Programmi\Mozilla Firefox\plugin-container.exe
C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file)
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programmi\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: CrossriderApp0004479 - {11111111-1111-1111-1111-110011441179} - C:\Programmi\Giant Savings\Giant Savings.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmi\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programmi\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: (no name) - !{872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programmi\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [avast] "C:\Programmi\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\Policies\Explorer\Run: [2301] C:\DOCUME~1\ALLUSE~1\Local Settings\Temp\c534fff600093acb.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Admin\Dati applicazioni\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: Scarica con Download &Express - C:\Programmi\Download Express\Add_Url.htm
O8 - Extra context menu item: Scarica con Mipony - file://C:\Programmi\MiPony\Browser\IEContext.htm
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: FreshDownload - {539EFD4A-2AF7-47B3-82A1-255BA186B2E9} - C:\Programmi\FreshDevices\FreshDownload\fd.exe (file missing)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1341859798656
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmi\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\Skype4COM.dll
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Programmi\McAfee Security Scan\3.0.207\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Programmi\Skype\Updater\Updater.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Programmi\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
O23 - Service: WMService - Unknown owner - C:\Programmi\T55\WinMate\WMService.exe

--
End of file - 9733 bytes
Torna in alto
 
Sponsor
Inviato: Saturday, January 26, 2013 12:08:37 AM

 
Torna in alto
 
cbbusto
Inviato: Saturday, January 26, 2013 10:53:44 AM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Ciao troleo, in effetti c'è qualcosa da togliere.
Fai questa scansione:

Scarica Adwcleaner sul desktop:
http://general-changelog-team.fr/en/downloads/finish/20-outils-de-xplode/2-adwcleaner
Avvialo e clicca sul pulsante "Elimina".
Conferma con OK le varie finestre che ti compariranno.
Il pc si riavvierà, e uscirà il log con le eliminazioni.
Postalo qui.

Poi rifai la scansione con HJT e posta un nuovo log aggiornato vediamo cos'è rimasto.
Torna in alto
 
troleo
Inviato: Sunday, January 27, 2013 12:25:15 AM

Rank: AiutAmico

Iscritto dal : 11/29/2004
Posts: 137
# AdwCleaner v2.108 - Logfile creato il 27/01/2013 alle 00:20:42
# Aggiornamento 24/01/2013 by Xplode
# Sistema Operativo : Microsoft Windows XP Service Pack 3 (32 bits)
# Utente : Admin - PORTATILE
# Modalità Avvio : Modalità Normale
# Eseguito da : C:\Documents and Settings\Admin\Documenti\Download\adwcleaner.exe
# Opzioni [Elimina]


***** [Servizi] *****


***** [File / Cartelle] *****

Cartella Eliminato : C:\DOCUME~1\Admin\IMPOST~1\Temp\Babylon
Cartella Eliminato : C:\Documents and Settings\Admin\Dati applicazioni\Application Updater
Cartella Eliminato : C:\Documents and Settings\Admin\Dati applicazioni\Babylon
Cartella Eliminato : C:\Documents and Settings\Admin\Dati applicazioni\BabylonToolbar
Cartella Eliminato : C:\Documents and Settings\Admin\Dati applicazioni\ilividtoolbarguid
Cartella Eliminato : C:\Documents and Settings\Admin\Dati applicazioni\OfferBox
Cartella Eliminato : C:\Documents and Settings\Admin\Dati applicazioni\OpenCandy
Cartella Eliminato : C:\Documents and Settings\Admin\Dati applicazioni\PriceGong
Cartella Eliminato : C:\Documents and Settings\Admin\Dati applicazioni\QuickStoresToolbar
Cartella Eliminato : C:\Documents and Settings\All Users\Dati applicazioni\Babylon
Cartella Eliminato : C:\Documents and Settings\All Users\Dati applicazioni\boost_interprocess
Cartella Eliminato : C:\Documents and Settings\All Users\Dati applicazioni\IBUpdaterService
Cartella Eliminato : C:\Documents and Settings\All Users\Dati applicazioni\SweetIM
Cartella Eliminato : C:\Documents and Settings\All Users\Dati applicazioni\Tarma Installer
Cartella Eliminato : C:\Documents and Settings\All Users\Menu Avvio\Programmi\Babylon
Cartella Eliminato : C:\Documents and Settings\All Users\Menu Avvio\Programmi\DealPly
Cartella Eliminato : C:\Documents and Settings\Angelo\Dati applicazioni\Babylon
Cartella Eliminato : C:\Documents and Settings\Angelo\Dati applicazioni\ilividtoolbarguid
Cartella Eliminato : C:\Documents and Settings\Angelo\Dati applicazioni\PriceGong
Cartella Eliminato : C:\Documents and Settings\Angelo\Dati applicazioni\searchquband
Cartella Eliminato : C:\Documents and Settings\Angelo\Dati applicazioni\Searchqutoolbar
Cartella Eliminato : C:\Programmi\AskBarDis
Cartella Eliminato : C:\Programmi\Babylon
Cartella Eliminato : C:\Programmi\Conduit
Cartella Eliminato : C:\Programmi\ConduitEngine
Cartella Eliminato : C:\Programmi\DealPly
Cartella Eliminato : C:\Programmi\Giant Savings
Cartella Eliminato : C:\Programmi\Mozilla Firefox\Extensions\quickstores@quickstores.de
Cartella Eliminato : C:\Programmi\OfferBox
Cartella Eliminato : C:\Programmi\Productivity_2.2
Cartella Eliminato : C:\Programmi\Savings Sidekick
Cartella Eliminato : C:\Programmi\Searchqu Toolbar
Cartella Eliminato : C:\Programmi\Softonic-IT
Cartella Eliminato : C:\Programmi\SweetIM
Cartella Eliminato : C:\WINDOWS\assembly\GAC_MSIL\QuickStoresToolbar
Cartella Eliminato : C:\WINDOWS\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Cartella Eliminato : C:\WINDOWS\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
File Eliminato : C:\Documents and Settings\Admin\Menu Avvio\QuickStores.url
File Eliminato : C:\Documents and Settings\All Users\Menu Avvio\Programmi\Offerbox.lnk
File Eliminato : C:\Programmi\Mozilla FireFox\Components\AskHPRFF.js
File Eliminato : C:\Programmi\Mozilla FireFox\Components\AskSearch.js
File Eliminato : C:\Programmi\Mozilla Firefox\searchplugins\babylon.xml
File Eliminato : C:\Programmi\Mozilla FireFox\searchplugins\Search_Results.xml
File Eliminato : C:\user.js
File Eliminato : C:\WINDOWS\Tasks\DealPlyUpdate.job
File Eliminato : C:\WINDOWS\Tasks\OfferBoxUpdate.job

***** [Registro] *****

Chiave Eliminata : HKCU\Software\APN DTX
Chiave Eliminata : HKCU\Software\AppDataLow\AskBarDis
Chiave Eliminata : HKCU\Software\AppDataLow\Software\Search Settings
Chiave Eliminata : HKCU\Software\Ask.com
Chiave Eliminata : HKCU\Software\Babylon
Chiave Eliminata : HKCU\Software\BabylonToolbar
Chiave Eliminata : HKCU\Software\Conduit
Chiave Eliminata : HKCU\Software\conduitEngine
Chiave Eliminata : HKCU\Software\ConduitSearchScopes
Chiave Eliminata : HKCU\Software\Cr_Installer
Chiave Eliminata : HKCU\Software\Crossrider
Chiave Eliminata : HKCU\Software\DataMngr
Chiave Eliminata : HKCU\Software\DealPly
Chiave Eliminata : HKCU\Software\Giant Savings
Chiave Eliminata : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Chiave Eliminata : HKCU\Software\ilividtoolbarguid
Chiave Eliminata : HKCU\Software\InstallCore
Chiave Eliminata : HKCU\Software\InstalledBrowserExtensions
Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate this web page with Babylon
Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate with Babylon
Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\DealPly
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011441179}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E3393495-8103-46A0-8181-270273EDDD60}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E84CC2C1-B722-48FC-A39C-EDB8B525C777}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011441179}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{65E0144F-39C9-400D-A6A7-2ADB131449D7}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B71C18FF-97C8-4799-8ECA-BF976850B53A}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E3393495-8103-46A0-8181-270273EDDD60}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E84CC2C1-B722-48FC-A39C-EDB8B525C777}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Chiave Eliminata : HKCU\Software\Offerbox
Chiave Eliminata : HKCU\Software\PriceGong
Chiave Eliminata : HKCU\Software\Productivity_2.2
Chiave Eliminata : HKCU\Software\Softonic
Chiave Eliminata : HKCU\Software\Softonic-IT
Chiave Eliminata : HKCU\Toolbar
Chiave Eliminata : HKLM\Software\AskBarDis
Chiave Eliminata : HKLM\Software\Babylon
Chiave Eliminata : HKLM\Software\BabylonToolbar
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{C0CEA572-2978-4DFC-A672-8100FF0E276A}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\BabylonIEPI.DLL
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\BabylonTC.EXE
Chiave Eliminata : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Chiave Eliminata : HKLM\SOFTWARE\Classes\BabyDict
Chiave Eliminata : HKLM\SOFTWARE\Classes\BabyGloss
Chiave Eliminata : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho
Chiave Eliminata : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin
Chiave Eliminata : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\BabylonTC.GingerApplication
Chiave Eliminata : HKLM\SOFTWARE\Classes\BabylonTC.GingerApplication.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\BabyOptFile
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110011441179}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{20E1481B-E285-4ABC-ADC7-AE24842B81CD}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220022442279}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{6AC0BB10-C922-45E2-857D-2A368FE749E5}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{DF390AA1-1E65-4825-B8E7-BE6B47BD56B8}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CrossriderApp0004479.BHO
Chiave Eliminata : HKLM\SOFTWARE\Classes\CrossriderApp0004479.BHO.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\CrossriderApp0004479.Sandbox
Chiave Eliminata : HKLM\SOFTWARE\Classes\CrossriderApp0004479.Sandbox.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Chiave Eliminata : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Chiave Eliminata : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Chiave Eliminata : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Chiave Eliminata : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055445579}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066446679}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Chiave Eliminata : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Chiave Eliminata : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Chiave Eliminata : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\Prod.cap
Chiave Eliminata : HKLM\SOFTWARE\Classes\sim-packages
Chiave Eliminata : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Chiave Eliminata : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Chiave Eliminata : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Chiave Eliminata : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{0C2E529C-A82C-4AC6-8807-0B51F7AD7BB2}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440044444479}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{92E5039E-FF1E-4AFB-8F24-87592D20C383}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{A1489C85-4F6F-48C4-AC9E-18B63AF4703E}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{F310F027-15CB-4A7F-B10D-3A4AFB5013A5}
Chiave Eliminata : HKLM\Software\Conduit
Chiave Eliminata : HKLM\Software\conduitEngine
Chiave Eliminata : HKLM\Software\DataMngr
Chiave Eliminata : HKLM\Software\DealPly
Chiave Eliminata : HKLM\Software\Freeze.com
Chiave Eliminata : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Chiave Eliminata : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Chiave Eliminata : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Chiave Eliminata : HKLM\SOFTWARE\Google\Chrome\Extensions\ndkhncnongaclekkbelchmeafffimifj
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441179}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011441179}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\facemoods
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask Toolbar_is1
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Babylon
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DealPly
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Giant Savings
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilividtoolbarguid
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Offerbox
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Productivity_2.2 Toolbar
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Babylon.exe
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011441179}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{65E0144F-39C9-400D-A6A7-2ADB131449D7}
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar_is1
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Babylon
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Giant Savings
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilividtoolbarguid
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Offerbox
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Productivity_2.2 Toolbar
Chiave Eliminata : HKLM\Software\Offerbox
Chiave Eliminata : HKLM\Software\Productivity_2.2
Chiave Eliminata : HKLM\Software\SearchquSRTB
Chiave Eliminata : HKLM\Software\Softonic-IT
Chiave Eliminata : HKLM\Software\Tarma Installer
Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{3041D03E-FD4B-44E0-B742-2D9B88305F98}]
Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E3393495-8103-46A0-8181-270273EDDD60}]
Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E84CC2C1-B722-48FC-A39C-EDB8B525C777}]
Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EEE6C35D-6118-11DC-9C72-001320C79847}]
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Programmi\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Programmi\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]

***** [Browser Internet] *****

-\\ Internet Explorer v8.0.6001.18702

Sostituito : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?affID=10588&tl=gpn46649&tt=300812_58_3512_6&babsrc=NT_def --> hxxp://www.google.com

*************************

AdwCleaner[S1].txt - [31877 octets] - [27/01/2013 00:20:42]

########## EOF - C:\AdwCleaner[S1].txt - [31938 octets] ##########
Torna in alto
 
troleo
Inviato: Sunday, January 27, 2013 12:27:26 AM

Rank: AiutAmico

Iscritto dal : 11/29/2004
Posts: 137
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0.26.56, on 27/01/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Programmi\Microsoft\BingBar\7.1.391.0\BBSvc.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
C:\Programmi\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Alwil Software\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\Mozilla Firefox\plugin-container.exe
C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmi\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - !{872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Programmi\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\Policies\Explorer\Run: [2301] C:\DOCUME~1\ALLUSE~1\Local Settings\Temp\c534fff600093acb.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Admin\Dati applicazioni\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: Scarica con Download &Express - C:\Programmi\Download Express\Add_Url.htm
O8 - Extra context menu item: Scarica con Mipony - file://C:\Programmi\MiPony\Browser\IEContext.htm
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: FreshDownload - {539EFD4A-2AF7-47B3-82A1-255BA186B2E9} - C:\Programmi\FreshDevices\FreshDownload\fd.exe (file missing)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1341859798656
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmi\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\Skype4COM.dll
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Programmi\McAfee Security Scan\3.0.207\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Programmi\Skype\Updater\Updater.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Programmi\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
O23 - Service: WMService - Unknown owner - C:\Programmi\T55\WinMate\WMService.exe

--
End of file - 8464 bytes
Torna in alto
 
cbbusto
Inviato: Sunday, January 27, 2013 10:48:42 AM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
ADW ha tolto parecchia robaccia, ora facciamo altre pulizie.

Segui il percorso ed elimina questo programma: C:\Programmi\Bonjour\mDNSResponder.exe
Controlla se avast è aggiornato l'ultima vs è la 7.0.1474

Chiudi tutti i programmi e disconnesso lanci HJT e clicca sul secondo pulsante: Do a system scan only poi metti la spunta alle voci che ti indico e alla fine clic su Fix checked:

R3 - Default URLSearchHook is missing
O3 - Toolbar: (no name) - !{872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file)
O4 - HKLM\..\Policies\Explorer\Run: [2301] C:\DOCUME~1\ALLUSE~1\Local Settings\Temp\c534fff600093acb.exe
O9 - Extra button: FreshDownload - {539EFD4A-2AF7-47B3-82A1-255BA186B2E9} - C:\Programmi\FreshDevices\FreshDownload\fd.exe (file missing)

Poi vai in Pannello di Controllo>Strumenti di amministrazione>Servizi cerca queste voci:
McAfee Security Scan
WMService
se le trovi fai doppio clic su di esse e poi in Tipo di avvio metti disattivato OK esci e riavvia il pc.

Vai in C:\windows cerca la cartella prefetch aprila ed elimina tutto il contenuto, non eliminare la cartella.

Fai una pulizia con Ccleaner compreso il Registro per il registro spunta tutte le voci acconsenti al backup quando richiesto.
Poi sempre in Ccleaner vai in Strumenti>Ripristino sistema, seleziona tutte le voci e poi clic su Rimuovi, l'ultima voce non è selezionabile e rimane.

Il pc dovrebbe esere a posto, fai sapere se è migliorato. Ciao
Torna in alto
 
troleo
Inviato: Sunday, January 27, 2013 11:32:57 AM

Rank: AiutAmico

Iscritto dal : 11/29/2004
Posts: 137
Questo e l'ultimo Log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11.30.36, on 27/01/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Microsoft\BingBar\7.1.391.0\BBSvc.exe
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Google\Update\GoogleUpdate.exe
C:\Programmi\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
C:\Programmi\Alwil Software\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\Mozilla Firefox\plugin-container.exe
C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmi\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - !{872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Programmi\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\Policies\Explorer\Run: [2301] C:\DOCUME~1\ALLUSE~1\Local Settings\Temp\c534fff600093acb.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Admin\Dati applicazioni\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: Scarica con Download &Express - C:\Programmi\Download Express\Add_Url.htm
O8 - Extra context menu item: Scarica con Mipony - file://C:\Programmi\MiPony\Browser\IEContext.htm
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1341859798656
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmi\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\Skype4COM.dll
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Programmi\Skype\Updater\Updater.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Programmi\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
O23 - Service: WMService - Unknown owner - C:\Programmi\T55\WinMate\WMService.exe

--
End of file - 7857 bytes
Torna in alto
 
r16
Inviato: Sunday, January 27, 2013 3:40:37 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Ciao a tutti.

Il virus risiede in memoria.
Scarica Combofix (usa Internet Explorer)

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Salvalo sul desktop. (è obbligatorio)

Importante: Disabilita il tuo antivirus e chiudi TUTTI i programmi aperti,(Firewall compreso) e dopo aver scaricato COMBOFIX, chiudi la connessione.

Se ti verrà chiesto se vuoi Installare LA CONSOLE DI RIPRISTINO DI EMERGENZA, clicca NO.

E' probabile che ti siano inviati messaggi dall'antivirus,(o dallo stesso Combofix) tu ignorali, e prosegui con la scansione.

Durante l'operazione di scansione è importante non usare il PC (neanche il mouse) e attendere pazientemente la fine delle operazioni.
Al termine, verrà creato un file log sul Desktop, chiamato C:\ComboFix.txt.
Postalo qui.

Per postare il log:
Collegati ad internet e vai alla pagina WikiSend:
http://www.wikisend.com/
Clicca sul bottone "Sfoglia"
Seleziona il file appena salvato
Clicca su Upload file
Dopo qualche secondo, vieni spostato su una nuova pagina con il link in diversi formati:
Download Link / Forum Link
Seleziona Forum Link, copialo e incollalo in un nuovo messaggio per il forum.
Torna in alto
 
troleo
Inviato: Tuesday, January 29, 2013 12:05:24 AM

Rank: AiutAmico

Iscritto dal : 11/29/2004
Posts: 137
r16: Ho fatto come richiesto,questo e il log:ComboFix.txt-
Per il momento vi ringrazio per le indicazioni,rimango in attesa di gradito riscontro e Vi saluto.
Torna in alto
 
r16
Inviato: Tuesday, January 29, 2013 6:27:04 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Ciao.
Combofix ha eliminato un servizio, la chiave del virus, e alcuni file fra cui un falso positivo.
Prima di fare altre operazioni vorrei sapere come funziona il pc.
Torna in alto
 
troleo
Inviato: Tuesday, January 29, 2013 11:31:02 PM

Rank: AiutAmico

Iscritto dal : 11/29/2004
Posts: 137
r16,a mio parere sembra migliorato,rimane un poco lento ad aprire le finestre attive,inoltre quando passo da un sito all'altro,ad esempio,finito di leggere le notizie in Virgilio e passo al corriere della sera o ad altri giornali web,il passaggio e abbastanza lento e non sempre le parti attive nella pagina si aprono,rimango in attesa di ulteriori consigli per il miglioramento,intato ti saluto e ringrazio.
Torna in alto
 
r16
Inviato: Wednesday, January 30, 2013 9:14:17 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Ciao.
Facciamo un'altro controllo:
Scarica OTL, e salvalo sul desktop:

http://oldtimer.geekstogo.com/OTL.exe

Clicca sull'icona di OTL che trovi sul tuo desktop .

Metti la spunta su SCAN ALL USERS.

Sotto output, metti la spunta : minimal output

Clicca sulla freccettina di File Age e seleziona 60 Days

Metti la spunta a LOP Check e Purity Check.

Clicca su RUN SCAN

Lascia fare la scansione senza interferire.

Al termine della scansione trovi 2 log sul desktop. OTL.txt ed Extras.txt, salvali e caricali su Wikisend, per postarli sul forum.
Torna in alto
 
cbbusto
Inviato: Wednesday, January 30, 2013 11:02:48 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
troleo ha scritto:
quando passo da un sito all'altro,ad esempio,finito di leggere le notizie in Virgilio e passo al corriere della sera o ad altri giornali web,il passaggio e abbastanza lento e non sempre le parti attive nella pagina si aprono.


Su questo particolare vorrei capire meglio, siccome si tratta di siti molto frequentati ci possono essere dei momenti di punta dove i server sono intasati ed è difficile accedervi, DOMANDA: in quei siti il collegamento è sempre lento per tutto il giorno oppure ci sono degli orari in cui l'accesso è normale. Io ho dei siti che frequento quotidianamente ed in certe ore non riesco proprio ad aprire le pagine, provo dopo un ora o 2 e tutto fila liscio, in questo caso dipende tutto dai server e non c'entra niente il pc o le infezioni. Ciao
Torna in alto
 
troleo
Inviato: Wednesday, January 30, 2013 11:09:23 PM

Rank: AiutAmico

Iscritto dal : 11/29/2004
Posts: 137
cbbusto:La tua domanda mi mette in imbarazzo perche io il PC lo uso il mattino dalle 10,30 alle 12,00 e la sera più o meno allo stesso orario,in questi orari vado anche su siti di shopping e anche queste pagine scorrono male e a scatti,specialmente siti stranieri.Grazie
Torna in alto
 
troleo
Inviato: Wednesday, January 30, 2013 11:11:15 PM

Rank: AiutAmico

Iscritto dal : 11/29/2004
Posts: 137
Torna in alto
 
cbbusto
Inviato: Thursday, January 31, 2013 12:25:39 AM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
troleo ha scritto:
cbbusto:La tua domanda mi mette in imbarazzo perche io il PC lo uso il mattino dalle 10,30 alle 12,00 e la sera più o meno allo stesso orario,in questi orari vado anche su siti di shopping e anche queste pagine scorrono male e a scatti,specialmente siti stranieri.Grazie


Troleo era solo per capire se è un problema del tuo pc oppure dei server a cui ti colleghi. Per esempio dalle 10,30 alle 12
sono ore di punta e i siti sono intasati.
Se tutti i siti che visiti e a tutte le ore l'accesso è lento allora bisogna cercare la causa nel pc, se invece nei vari siti in alcuni momenti della giornata l'accesso è normale, il tuo pc è a posto e dipende dai server intasati.
Fai una prova, vai sul sito del Corriere in diverse ore della giornata e vedi se l'accesso è sempre difficile oppure no.
Torna in alto
 
troleo
Inviato: Thursday, January 31, 2013 11:10:51 AM

Rank: AiutAmico

Iscritto dal : 11/29/2004
Posts: 137
r16: Ho provato a lanciare OTL per ben 2 volte pensando di avere fatto qualche errore nelle spunte,ma per tutte le 2 volte,il programma parte,fa la scansione dei componenti i pochi minuti poi si fissa sulla finestra originaria e dove prima scorrevano i componenti controllati ora rimane fissa la frase "FirFox setting" questo per più di mezzora,a questo punto annullo e riprovo,ma con lo stesso risultato. Forse questa scansione dura ore o sbaglio qualche cosa,o nel PC vi è qualche cosa che blocca il proseguimento della scansioni: Saluti e scusami se continuo a disturbarti.
Torna in alto
 
troleo
Inviato: Thursday, January 31, 2013 11:25:10 AM

Rank: AiutAmico

Iscritto dal : 11/29/2004
Posts: 137
cbbusto: Può darsi tu abbia ragione,qualche volta le pagine scorrono normalmente,proverò in altri orari,comunque anche quando vanno bene le pafine,le figure attive o ad esempio nel Corriere le ultime notizie dovrebbero scorrere in una finestrella attiva inserita nella pagina,la finestra rimane bianca bloccata,le notizie ci sono perchè nello stesso momento su un altro PC acceso le vedo scorrere normalmente, forse qualche problema in Adobe flash Player. Mi sono accorto che andando in Risorse del computer mi trovo visinili le cartelle che dovrebbero essere nascoste e che ieri avevo regolarmente nascosto,forse che il programma OTL consiliato da r16 le renda visibili, grazie per l'interessamento.
Torna in alto
 
cbbusto
Inviato: Thursday, January 31, 2013 11:59:09 AM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Per OTL aspetta r16, il flash Player è aggiornato? QUI trovi l'ultima vs
per firefox, per certi siti occorre avere silverlight.
Controlla anche se Java è aggiornato. Ciao
Torna in alto
 
troleo
Inviato: Thursday, January 31, 2013 1:42:22 PM

Rank: AiutAmico

Iscritto dal : 11/29/2004
Posts: 137
cbbusto; Avevi ragione, ho aggiornato flash Player ed ora sembra funzioni,per quanto concerne le cartelle ed i file nascosti non avevo cliccato su "Applica" ma solo su OK. Saluti e grazie.
Torna in alto
 
Utenti presenti in questo topic
Guest

3 pages: [1] 2 3

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Potreste controllare nel log cosa rallenta il mio portatile


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.