Malware Pup optional

[zelbia]

Grazie in anticipo a chi potrà aiutarmi
Da un paio di giorni notavo comportamenti strani del PC (Windows 7 pro SP1) e soprattutto FF che non funzionava praticamente più.
Ho fatto una scansione con Malwarebytes e ho trovato 4 file PUP.Optional:
C:\Program Files\Uninstaller\Uninstall.exe (PUP.Optional.DomaIQ) -> Spostato in quarantena ed eliminato con successo.
C:\Qoobox\Quarantine\C\ProgramData\DSearchLink\DSe archLink.exe.vir (PUP.Optional.Delta.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\Stefano\Downloads\rcpsetup4_adgorithms_30 0_250_ag_2.exe (PUP.Optional.RegCleanPro) -> Spostato in quarantena ed eliminato con successo.
C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx (PUP.Optional.NewTab.A) -> Spostato in quarantena ed eliminato con successo.

I comportamenti sono sempre strani, PC lentissimo e FF continua a non funzionare.
Ho fatto scansione completa anche con Avira Antivirus Suite che però non mi ha trovato niente.

Posto per maggiori info anche il log di Hijack This:
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\System32\spool\drivers\w32x86\3\E_FATIH KE.EXE
C:\Users\Stefano\AppData\Roaming\Dropbox\bin\Dropb ox.exe
C:\Program Files\Philips Display\SmartControl\DTHtml.exe
C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
C:\Program Files\Common Files\Portrait Displays\Drivers\pdiSdkHelper.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\StikyNot.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin \IE\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [DT PLP] C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe -PLP
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_D53A2F730372543005853147156 6890C] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIH KE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX230"
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\system32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO DI RETE')
O4 - Startup: Dropbox.lnk = Stefano\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O8 - Extra context menu item: I&nvia a OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Invia immagine alla periferica &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Invia pagina alla periferica &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\Networ kLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpda teService.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Portrait Displays, Inc. - C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

[Lele.1990]

Qoobox fa riferimento a combofix ... scarica http://www.geekstogo.com/forum/files...imers-list-it/ portalo sul desktop avvialo premi "cleanup" alla richiesta di riavvio accetta (rimuoverai combofix). Scarica https://toolslib.net/downloads/finish/1/ dopo di che chiudi tutti i browser disattiva il ripristino configurazione di sistema portalo sul desktop avvialo premi "scansiona". Al termine clicca " pulisci" posta il log.

P.S. il log di Hijackthis non è completo..... postami un nuovo log al termine (stavolta completo). La versione più aggiornata se non ce l'hai è questa http://sourceforge.net/projects/hjt/...atest/download..... la scansione deve essere eseguita dal desktop.

Fammi sapere

[zelbia]

ho fatto già tutto con Qoobox e riavviato. Ora sto provando a disattivare protezione di sistema ma in 10 minuti non è successo nulla, nel senso che sto aspettando

[zelbia]

ho fatto già tutto con Qoobox e riavviato. Ora sto provando a disattivare protezione di sistema ma in 10 minuti non è successo nulla, nel senso che sto aspettando

cioè ho fatto girare OTL e ora subisco la lentezza massima del PC...almeno spero che si tratti solo di lentezza

[Lele.1990]

Hai eseguito correttamente Otl? hai rimosso Qoobox?

[zelbia]

ho eseguito OTL. Non so se ho rimosso Qoobox. Ho avuto un problema lungo per entrare in Internet. Non riconosce le schede di rete. Ora pare risolto anche se segnala problemi nelle schede di rete.
Questo è il report di ADWCLEANER:
# AdwCleaner v3.212 - Rapporto creato 07/06/2014 in 15:24:56
# Aggiornato 05/06/2014 di Xplode
# Sistema operativo : Windows 7 Professional Service Pack 1 (32 bits)
# Nome utente : Stefano - STEFANO-PC
# In esecuzione da : C:\Users\Stefano\Desktop\adwcleaner_3.212.exe
# Opzione : Pulisci


***** [ Servizi ] *****




***** [ File / Cartelle ] *****


Cartella Eliminato : C:\Users\Stefano\AppData\Roaming\eCyber
Cartella Eliminato : C:\Users\Stefano\AppData\Roaming\iSafe
Cartella Eliminato : C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlik pgpnhp
File Eliminato : C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.local storage


***** [ Collegamenti ] *****




***** [ Registro ] *****


Chiave Eliminati : HKCU\Software\Google\Chrome\Extensions\nikpibnbobm bdbheedjfogjlikpgpnhp
[#] Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EC951 0D-A439-4950-9399-B6399EDF9EA7}
Chiave Eliminati : HKLM\Software\Microsoft\Windows\CurrentVersion\Ins taller\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4


***** [ Browser ] *****


-\\ Internet Explorer v11.0.9600.17041




-\\ Mozilla Firefox v29.0.1 (it)


[ File : C:\Users\Stefano\AppData\Roaming\Mozilla\Firefox\P rofiles\3bxtppte.default-1402036749927\prefs.js ]




-\\ Google Chrome v35.0.1916.114


[ File : C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\preferences ]


Eliminati [Extension] : nikpibnbobmbdbheedjfogjlikpgpnhp


*************************


AdwCleaner[R0].txt - [38068 octets] - [05/11/2013 00:16:42]
AdwCleaner[R1].txt - [1886 octets] - [07/06/2014 15:21:25]
AdwCleaner[S0].txt - [5974 octets] - [05/11/2013 00:18:24]
AdwCleaner[S1].txt - [1824 octets] - [07/06/2014 15:24:56]


########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1884 octets] ##########

[zelbia]

...e questo è HIJACH THIS:
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 16:36:14, on 07/06/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)


FIREFOX: 29.0.1 (it)
Boot mode: Normal


Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\System32\spool\drivers\w32x86\3\E_FATIH KE.EXE
C:\Windows\System32\StikyNot.exe
C:\Users\Stefano\AppData\Roaming\Dropbox\bin\Dropb ox.exe
C:\Program Files\Philips Display\SmartControl\DTHtml.exe
C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Common Files\Portrait Displays\Drivers\pdiSdkHelper.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\mmc.exe
C:\Users\Stefano\Desktop\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin \IE\rpbrowserrecordplugin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [DT PLP] C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe -PLP
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_D53A2F730372543005853147156 6890C] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIH KE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX230"
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO DI RETE')
O4 - Startup: Dropbox.lnk = Stefano\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O8 - Extra context menu item: I&nvia a OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Invia immagine alla periferica &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Invia pagina alla periferica &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\Networ kLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Portrait Displays, Inc. - C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

[zelbia]

Nel caso potesse essere utile ti segnalo le schede che segnalano problemi in gestione dispositivi:
Microsoft ISATAP Adapter
Scheda Microsoft 6to4
Teredo Tunnelling Pseudo-interface

[zelbia]

Nel caso potesse essere utile ti segnalo le schede che segnalano problemi in gestione dispositivi:
Microsoft ISATAP Adapter
Scheda Microsoft 6to4
Teredo Tunnelling Pseudo-interface

le ho disattivate

[zelbia]

pare che ora sia tornato efficiente...ma se tu trovassi ancora qualche problema nei report fammi sapere!!
Grazie infinite per il preziosissimo supporto

PS: aspetto un po' per mettere [RISOLTO]