Autore Topic: Log Hijack this (Letto 1723 volte)

carminer82 · « **il:** Aprile 16, 2011, 01:04:34 pm »

Vi sottopongo un log di hijackthis, perchè sto provando Avira premium security suite, ma il pc ci ha messo circa 5 minuti a caricarsi

+ un altro minuto a caricare firefox (che non so perchè certe volte mi riapre le stesse schede con cui avevo chiuso il programma).

Il processore: intel pentium 4 inside
scheda video: Ati mobility radeon 9000 igp
ram 640 mb

Ho il vago sospetto che il disco rigido vada lento per problemi meccanici

Codice: [Seleziona]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:55:59, on 16/04/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Programmi\Avira\AntiVir Desktop\avguard.exe
C:\Programmi\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir Desktop\sched.exe
C:\Programmi\Avira\AntiVir Desktop\avfwsvc.exe
C:\Programmi\Avira\AntiVir Desktop\avmailc.exe
C:\Programmi\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Programmi\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Programmi\IVT Corporation\BlueSoleil\BsMobileCS.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programmi\ltmoh\Ltmoh.exe
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\IVT Corporation\BlueSoleil\BtTray.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmi\Visagesoft\eXPert PDF 6\vspdfprsrv.exe
C:\Programmi\Unlocker\UnlockerAssistant.exe
C:\Programmi\Avira\AntiVir Desktop\avgnt.exe
C:\DOCUME~1\CARMIN~1\IMPOST~1\Temp\RtkBtMnt.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\carminer82\Impostazioni locali\Dati applicazioni\Megamedia\Megakey\Megakey.exe
C:\Documents and Settings\carminer82\Impostazioni locali\Dati applicazioni\Megamedia\Megakey\MegakeyUpdater.exe
C:\Programmi\Orbitdownloader\orbitdm.exe
C:\Programmi\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\Programmi\IVT Corporation\BlueSoleil\BlueSoleil VoIP Plugin.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\msiexec.exe
C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Programmi\Orbitdownloader\orbitcth.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: MegaIeHelperBHO - {77F4E711-789B-447F-9614-96759B2F83C6} - C:\Documents and Settings\carminer82\Impostazioni locali\Dati applicazioni\Megamedia\Megakey\MegaIeHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LtMoh] C:\Programmi\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Programmi\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [BtTray] "C:\Programmi\IVT Corporation\BlueSoleil\BtTray.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [vspdfprsrv.exe] C:\Programmi\Visagesoft\eXPert PDF 6\vspdfprsrv.exe --background
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Programmi\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Megakey] C:\Documents and Settings\carminer82\Impostazioni locali\Dati applicazioni\Megamedia\Megakey\Megakey.exe /Tray
O4 - HKCU\..\Run: [MegakeyUpdater] C:\Documents and Settings\carminer82\Impostazioni locali\Dati applicazioni\Megamedia\Megakey\MegakeyUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: Orbit.lnk = C:\Programmi\Orbitdownloader\orbitdm.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Capture Web Page - C:\Documents and Settings\carminer82\Impostazioni locali\Dati applicazioni\Megamedia\Megakey\CaptureWebPage.htm
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Fetch to Megaupload - C:\Documents and Settings\carminer82\Impostazioni locali\Dati applicazioni\Megamedia\Megakey\MegaUpload.htm
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\carminer82\Dati applicazioni\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\carminer82\Dati applicazioni\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: I&nvia a OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Invia tramite Bluetooth - C:\Programmi\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
O8 - Extra context menu item: Invia usando Messaggio(&M)... - C:\Programmi\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\documents and settings\all users\dati applicazioni\megamedia\megakey\msadm.dll
O10 - Unknown file in Winsock LSP: c:\documents and settings\all users\dati applicazioni\megamedia\megakey\msadm.dll
O10 - Unknown file in Winsock LSP: c:\documents and settings\all users\dati applicazioni\megamedia\megakey\msadm.dll
O10 - Unknown file in Winsock LSP: c:\documents and settings\all users\dati applicazioni\megamedia\megakey\msadm.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1300471965109
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\skype4com.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira FireWall (AntiVirFirewallService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Programmi\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Programmi\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: BsMobileCS - Unknown owner - C:\Programmi\IVT Corporation\BlueSoleil\BsMobileCS.exe

--
End of file - 10504 bytes

VincenzoGTA · « **Risposta #1 il:** Aprile 16, 2011, 01:42:47 pm »

l' analizzatore segna parecchie voci di "megakey"
come pericolose
prova a disinstallarlo e vedi se va meglio
poi riposta il log

per la lentezza dell' hard disk fermati hai box

per una deframmentazione e pulizie varie con ccleaner

r0880 · « **Risposta #2 il:** Aprile 16, 2011, 02:59:07 pm »

Queste chiavi possono essere eliminate:FIXATE

O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Programmi\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [vspdfprsrv.exe] C:\Programmi\Visagesoft\eXPert PDF 6\vspdfprsrv.exe --background
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')

Se vuoi essere sicuro al 100% fai il baclup del registro:esegui->regedit->invio->file->esporta e lo salvi da qualche parte.
nLite una volta usato lo puoi disinstallare,sopratutto carica Megakey.exe su «virus total»,vediamo come viene considerato.
Io lo eliminerei a prescindere e userei Jdownloader .quando hai fatto posta un nuovo log.

carminer82 · « **Risposta #3 il:** Aprile 16, 2011, 04:29:56 pm »

Ehm ma Ati non fa parte della scheda grafica

per ora ce lo lascio

Ho provato a caricare megakey.exe (l'installer) ma Virus total dà "Errore del server"
Era un programmino che permetteva di avere Megavideo Premium per circa un'ora al giorno (;D) per ora lo lascio e comunque provo a vedere miglioramenti

Vi allego l'immagine di avira relativo al megakey, ma è sicuro

Ho cmq fixato alcune voci Se vi va vi riposto il log

Codice: [Seleziona]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:27:35, on 16/04/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Programmi\Avira\AntiVir Desktop\avguard.exe
C:\Programmi\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir Desktop\sched.exe
C:\Programmi\Avira\AntiVir Desktop\avfwsvc.exe
C:\Programmi\Avira\AntiVir Desktop\avmailc.exe
C:\Programmi\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Programmi\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Programmi\IVT Corporation\BlueSoleil\BsMobileCS.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programmi\ltmoh\Ltmoh.exe
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\IVT Corporation\BlueSoleil\BtTray.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmi\Unlocker\UnlockerAssistant.exe
C:\Programmi\Avira\AntiVir Desktop\avgnt.exe
C:\DOCUME~1\CARMIN~1\IMPOST~1\Temp\RtkBtMnt.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\carminer82\Impostazioni locali\Dati applicazioni\Megamedia\Megakey\Megakey.exe
C:\Documents and Settings\carminer82\Impostazioni locali\Dati applicazioni\Megamedia\Megakey\MegakeyUpdater.exe
C:\Programmi\Orbitdownloader\orbitdm.exe
C:\Programmi\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\Programmi\IVT Corporation\BlueSoleil\BlueSoleil VoIP Plugin.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\Mozilla Firefox\plugin-container.exe
C:\Programmi\Avira\AntiVir Desktop\avscan.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Programmi\Orbitdownloader\orbitcth.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: MegaIeHelperBHO - {77F4E711-789B-447F-9614-96759B2F83C6} - C:\Documents and Settings\carminer82\Impostazioni locali\Dati applicazioni\Megamedia\Megakey\MegaIeHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LtMoh] C:\Programmi\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BtTray] "C:\Programmi\IVT Corporation\BlueSoleil\BtTray.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Programmi\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Megakey] C:\Documents and Settings\carminer82\Impostazioni locali\Dati applicazioni\Megamedia\Megakey\Megakey.exe /Tray
O4 - HKCU\..\Run: [MegakeyUpdater] C:\Documents and Settings\carminer82\Impostazioni locali\Dati applicazioni\Megamedia\Megakey\MegakeyUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Orbit.lnk = C:\Programmi\Orbitdownloader\orbitdm.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Capture Web Page - C:\Documents and Settings\carminer82\Impostazioni locali\Dati applicazioni\Megamedia\Megakey\CaptureWebPage.htm
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Programmi\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Fetch to Megaupload - C:\Documents and Settings\carminer82\Impostazioni locali\Dati applicazioni\Megamedia\Megakey\MegaUpload.htm
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\carminer82\Dati applicazioni\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\carminer82\Dati applicazioni\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: I&nvia a OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Invia tramite Bluetooth - C:\Programmi\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
O8 - Extra context menu item: Invia usando Messaggio(&M)... - C:\Programmi\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\documents and settings\all users\dati applicazioni\megamedia\megakey\msadm.dll
O10 - Unknown file in Winsock LSP: c:\documents and settings\all users\dati applicazioni\megamedia\megakey\msadm.dll
O10 - Unknown file in Winsock LSP: c:\documents and settings\all users\dati applicazioni\megamedia\megakey\msadm.dll
O10 - Unknown file in Winsock LSP: c:\documents and settings\all users\dati applicazioni\megamedia\megakey\msadm.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1300471965109
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\skype4com.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira FireWall (AntiVirFirewallService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Programmi\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Programmi\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: BsMobileCS - Unknown owner - C:\Programmi\IVT Corporation\BlueSoleil\BsMobileCS.exe

--
End of file - 9219 bytes

r0880 · « **Risposta #4 il:** Aprile 16, 2011, 04:59:26 pm »

O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe

questa del pannello di controllo della schda video è inutile il suo caricamento all'avvio, quando ti
serve puoi accederci manualmente la puoi eliminare (Risparmi un po' di risorse).

O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE

Questa della scheda audio vale quanto detto sopra la puoi eliminare

O4 - HKCU\..\Run: [Megakey] C:\Documents and Settings\carminer82\Impostazioni locali\Dati applicazioni\Megamedia\Megakey\Megakey.exe
/Tray
O4 - HKCU\..\Run: [MegakeyUpdater] C:\Documents and Settings\carminer82\Impostazioni locali\Dati applicazioni\Megamedia\
Megakey\MegakeyUpdater.exe

Il fatto che megakey si avvii automaticamente e allo stesso modo si aggiorni non mi piace tanto ma se tu la ritieni un'app sicura lasciale.

Se non va virus total prova a caricarlo «QUI» ! (per curiosità non per altro).

Va un po' meglio il pc?

carminer82 · « **Risposta #5 il:** Aprile 16, 2011, 06:08:57 pm »

Effettivamente va meglio, perchè comunque un rallentamento spaventoso l'ho avuto con l'installazione proprio di avira suite, casomai provo solo con l'antivirus ...

Ma avira va installato in modalità normale o sicura

Io avrei scelto in mod sicura, ma penso che influisca sulla velocità di reazione del pc

Edit:
Ho disinstallato Avira perchè probabilmente il firewall mi bloccava tutte le connessioni

non riuscivo ad accedere nè ad internet

nè alla rete locale

casomai provo solo con l'antivirus

Ma eventualmente va installato in mod. sicura o normale

VincenzoGTA · « **Risposta #6 il:** Aprile 16, 2011, 06:48:35 pm »

io ce l' ho in mod normale.
in mod sicura rallenta un pò l' avvio

carminer82 · « **Risposta #7 il:** Aprile 16, 2011, 07:12:06 pm »

Ultimi sviluppi (Poi vi lascio in pace

;)) Ho reinstallato Avira, togliendo il MailGuard e WebGuard (lasciando comunque il firewall) e installando in mod normale

Adesso pare che va meglio

Mail guard controlla le mail via web ? ho fatto bene a toglierlo ?

T3STY · « **Risposta #8 il:** Aprile 17, 2011, 12:57:00 am »

Il MailGuard controlla le e-mail, sia in locale (programmi stand-alone, come Live Mail) sia sul web.
Il WebGuard controlla l'affidabilità degli URL, ovvero, delle pagine che visiti. Fa anche una specie di scansione da quel che ho capio. Comunque, se un sito non è sicuro ti avvisa prima che venga caricato e/o aperto.
Hai fatto male a toglierli, sei rimasto con la protezione in locale, solo antivirus che scansiona i file in uso sul pc. In poche parole, Antivir Free in versione Trial...

carminer82 · « **Risposta #9 il:** Aprile 18, 2011, 11:09:48 pm »

Per ora sto provando Trend Micro, sembra molto leggero e protegge (Testato ;D)

Ovviamente non so quali e quanti virus riconosce

PeterFly · « **Risposta #10 il:** Aprile 19, 2011, 11:20:57 am »

hai inviato megakey al laboratorio avira? http://analysis.avira.com/samples/ ti informano via email se il file è pericoloso.

carminer82 · « **Risposta #11 il:** Aprile 19, 2011, 01:05:31 pm »

Detto fatto

Clean ;), dice che è pulito

Comunque l'ho disinstallato

anche perchè rallentava la rete e dava l'happy hour, un'ora al giorno di no limits sui servers megavideo/megaupload

r0880 · « **Risposta #12 il:** Aprile 19, 2011, 02:35:56 pm »

E' un po' piu' veloce adesso il pc? Hai fatto bene a disinstallarlo! ;)

carminer82 · « **Risposta #13 il:** Aprile 19, 2011, 07:33:18 pm »

Si va meglio, thanks;

Su quest'altro pc (di mia madre) cosa si può togliere?

Codice: [Seleziona]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:29:59, on 19/04/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Lexmark 5400 Series\ezprint.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\IncrediMail\Bin\IncMail.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
C:\Program Files\IncrediMail\Bin\ImApp.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\explorer.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files\IncrediMail\Bin\ImNotfy.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.alboscuole.it/lagazzettadelgrembiule/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =  127.0.0.1;192.168.*.*
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: Magentic Toolbar - {07C92F45-3193-4FD9-AF54-B1925707C872} - C:\Program Files\magentictb\magenticDx.dll
O2 - BHO: Lexmark Barra degli strumenti - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Updater For Magentic Toolbar - {B3312915-9368-4FE4-8D4E-B60E5B36D0FF} - C:\Program Files\magentictb\auxi\magenticAu.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Lexmark Barra degli strumenti - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: Magentic Toolbar - {07C92F45-3193-4FD9-AF54-B1925707C872} - C:\Program Files\magentictb\magenticDx.dll
O3 - Toolbar: TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [lxctmon.exe] "C:\Program Files\Lexmark 5400 Series\lxctmon.exe"
O4 - HKLM\..\Run: [Lexmark 5400 Series Fax Server] "C:\Program Files\Lexmark 5400 Series\fm3032.exe" /s
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 5400 Series\ezprint.exe"
O4 - HKLM\..\Run: [LXCTCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO DI RETE')
O4 - Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Users\vicaria\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\vicaria\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe
O23 - Service: lxct_device -   - C:\Windows\system32\lxctcoms.exe
O23 - Service: MotoHelper Service (MotoHelper) - Unknown owner - C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool (NitroReaderDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 9470 bytes

flower · « **Risposta #14 il:** Aprile 19, 2011, 07:50:12 pm »

Io toglierei tutte le toolbar, tanto per cominciare, ma non con HJ ;)

Win Magazine community

Autore Topic: Log Hijack this (Letto 1723 volte)

carminer82

Log Hijack this

VincenzoGTA

Re: Log Hijack this

r0880

Re: Log Hijack this

carminer82

Re: Log Hijack this

r0880

Re: Log Hijack this

carminer82

Re: Log Hijack this

VincenzoGTA

Re: Log Hijack this

carminer82

Re: Log Hijack this

T3STY

Re: Log Hijack this

carminer82

Re: Log Hijack this

PeterFly

Re: Log Hijack this

carminer82

Re: Log Hijack this

r0880

Re: Log Hijack this

carminer82

Re: Log Hijack this

flower

Re: Log Hijack this