Problema Malwarebytes

[pty]

Ciao a tutti, vi spiego il mio problema:
faccio la scansione con MalwareBytes, mi rileva 76 minaccie ma non riesce a rimuoverle, parte ma poi si ferma e il programma non risponde. Può aiutarmi qualcuno di voi esperti? Grazie!
ecco Il log:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Versione database: v2013.10.30.02
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Luca Mattavelli :: LUCALUDICANDO [amministratore]
30/10/2013 11.03.21
MBAM-log-2013-10-30 (11-18-11).txt
Tipo di scansione: Scansione veloce
Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File di sistema | Euristica/Extra | Euristica/Shuriken | PUP | PUM
Opzioni di scansione disattivate: P2P
Elementi esaminati: 264869
Tempo impiegato: 13 minuti, 53 secondi
Processi rilevati in memoria: 0
(non sono stati rilevati elementi nocivi)
Moduli di memoria rilevati: 0
(non sono stati rilevati elementi nocivi)
Chiavi di registro rilevate: 10
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Nessuna azione intrapresa.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85} (PUP.Optional.Delta.A) -> Nessuna azione intrapresa.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Nessuna azione intrapresa.
HKCU\SOFTWARE\DELTA\DELTA (PUP.Optional.Delta.A) -> Nessuna azione intrapresa.
HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Nessuna azione intrapresa.
HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Nessuna azione intrapresa.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \bProtectSettings (PUP.Optional.BProtector.A) -> Nessuna azione intrapresa.
HKLM\SOFTWARE\Delta\delta\Instl (PUP.Optional.Delta.A) -> Nessuna azione intrapresa.
HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnpp fjjklapaamhcdmjbilmde (PUP.Optional.Delta.A) -> Nessuna azione intrapresa.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\Delta Chrome Toolbar (PUP.Optional.BabSolution.A) -> Nessuna azione intrapresa.
Valori di registro rilevati: 3
HKCU\SOFTWARE\Delta\Delta|tlbrSrchUrl (PUP.Optional.Delta.A) -> Dati: -> Nessuna azione intrapresa.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|bProtector Start Page (PUP.BProtector) -> Dati: http://www2.delta-search.com/?babsrc...23925&tsp=5007 -> Nessuna azione intrapresa.
HKCU\Software\Delta\delta|lastB (PUP.Optional.Delta.A) -> Dati: http://www2.delta-search.com/?babsrc...23925&tsp=5007 -> Nessuna azione intrapresa.
Voci rilevate nei dati di registro: 2
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.Protector) -> Cattivo: (c:\progra~2\bitguard\261694~1.246\{c16c1~1\bitgua rd.dll) Buono: () -> Nessuna azione intrapresa.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.StartPage) -> Cattivo: (http://www2.delta-search.com/?babsrc...23925&tsp=5007) Buono: (http://www.google.com) -> Nessuna azione intrapresa.
Cartelle rilevate: 44
C:\Users\Luca Mattavelli\AppData\Roaming\BabSolution (PUP.Optional.BabSolution.A) -> Nessuna azione intrapresa.
C:\Users\Luca Mattavelli\AppData\Roaming\BabSolution\Shared (PUP.Optional.BabSolution.A) -> Nessuna azione intrapresa.
C:\Program Files\Delta\delta\1.8.24.6 (PUP.Optional.Delta.A) -> Nessuna azione intrapresa.
C:\Users\Luca Mattavelli\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Nessuna azione intrapresa.
C:\Users\Luca Mattavelli\AppData\Roaming\OpenCandy\OpenCandy_891 0550A2AC6480B8B5AE87CC4C6CB68 (PUP.Optional.OpenCandy) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ChromeExtension (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ChromeExtension\config (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ChromeExtension\config\skin (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\css (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\image s (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ChromeExtension\lib (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\content (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data\searc h (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\cs s (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\de fault (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\de fault\css (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\de fault\images (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\de fault\scripts (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\im ages (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\ima ges (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbu tton (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbu tton\icons (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbu tton\panels (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbu tton\panels\images (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\components (PUP.Optional.Searchqu) -> Nessuna azione intrapresa.
C:\ProgramData\BitGuard\2.6.1694.246 (PUP.Optional.BitGuard.A) -> Nessuna azione intrapresa.
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8} (PUP.Optional.BitGuard.A) -> Nessuna azione intrapresa.
C:\Program Files\LyricsFinder (PUP.Optional.AddLyrics.A) -> Nessuna azione intrapresa.
File rilevati: 14
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll (PUP.Optional.Protector) -> Nessuna azione intrapresa.
C:\Users\Luca Mattavelli\AppData\Local\Temp\D901.tmp (PUP.Optional.Conduit.A) -> Nessuna azione intrapresa.
C:\Windows\Installer\2cb5b9.msi (PUP.Optional.Spigot.A) -> Nessuna azione intrapresa.
C:\Users\Luca Mattavelli\AppData\Roaming\BabSolution\Shared\BabM aint.exe (PUP.Optional.BabSolution.A) -> Nessuna azione intrapresa.
C:\Users\Luca Mattavelli\AppData\Roaming\BabSolution\Shared\BUSo lution.dll (PUP.Optional.BabSolution.A) -> Nessuna azione intrapresa.
C:\Users\Luca Mattavelli\AppData\Roaming\BabSolution\Shared\Delt a.ico (PUP.Optional.BabSolution.A) -> Nessuna azione intrapresa.
C:\Users\Luca Mattavelli\AppData\Roaming\BabSolution\Shared\GUni nstaller.exe (PUP.Optional.BabSolution.A) -> Nessuna azione intrapresa.
C:\Users\Luca Mattavelli\AppData\Roaming\BabSolution\Shared\Setu pParams.ini (PUP.Optional.BabSolution.A) -> Nessuna azione intrapresa.
C:\Users\Luca Mattavelli\AppData\Roaming\BabSolution\Shared\sqli te3.dll (PUP.Optional.BabSolution.A) -> Nessuna azione intrapresa.
C:\Program Files\Delta\delta\1.8.24.6\GUninstaller.exe (PUP.Optional.Delta.A) -> Nessuna azione intrapresa.
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe (PUP.Optional.BitGuard.A) -> Nessuna azione intrapresa.
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl (PUP.Optional.BitGuard.A) -> Nessuna azione intrapresa.
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm (PUP.Optional.BitGuard.A) -> Nessuna azione intrapresa.
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe (PUP.Optional.BitGuard.A) -> Nessuna azione intrapresa.
(fine)

[pty]

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 11.49.57, on 30/10/2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16514)
FIREFOX: 24.0 (it)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\Portrait Displays\HP My Display\dthtml.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Winamp\winampa.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Windows\ehome\ehtray.exe
C:\Garmin\gStart.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Users\Luca Mattavelli\AppData\Roaming\Spotify\Data\SpotifyWeb Helper.exe
C:\Program Files\Garmin\ANT Agent\ANT Agent.exe
C:\Users\Luca Mattavelli\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Users\Public\Documents\AppData\PoApp\PService.e xe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\ProgramData\BitGuard\2.7.1769.27\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Luca Mattavelli\Downloads\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.chatzum.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: SearchToolbar.ShowToolbarBHO - {86a3cdaa-9b25-480e-b73f-c2d359b87966} - mscoree.dll (file missing)
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Tube Karaoke - {F351B686-F6AF-45F1-9EB9-684C805B25B1} - (no file)
O2 - BHO: TBSB09850 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\ChatZum Toolbar\tbunso2DA1.tmp\tbcore3.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: SearchToolbar - {691ca8ec-7205-4aa9-bdd6-15493d16f835} - mscoree.dll (file missing)
O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O3 - Toolbar: ChatZum Toolbar - {37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1} - C:\Program Files\ChatZum Toolbar\tbunso2DA1.tmp\tbcore3.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [DT Task] C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe -startup_folder
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [D-Link D-Link Wireless G DWA-110] C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
O4 - HKLM\..\Run: [FUFAXSTM] "C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PosService] C:\Users\Public\Documents\AppData\PoApp\PLauncher. exe
O4 - HKLM\..\Run: [Winsent Messenger] "C:\Program Files\Winsent Messenger\winsent.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Nvtmru] "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Nation toolbar\vprot.exe"
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIC EE.EXE /FU "C:\Windows\TEMP\E_S55EC.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [gStart] C:\Garmin\gStart.exe
O4 - HKCU\..\Run: [EPSON544C69 (Epson Stylus Office BX620FWD)] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIG BU.EXE /FU "C:\Windows\TEMP\E_S46B0.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Epson Stylus Office BX620FWD(Rete)] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIG BU.EXE /FU "C:\Windows\TEMP\E_SE3BA.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Luca Mattavelli\AppData\Roaming\Spotify\Data\SpotifyWeb Helper.exe"
O4 - HKCU\..\Run: [Hoolapp Android] "C:\Users\LUCAMA~1\AppData\Roaming\HOOLAP~1\Hoolap p.exe" /Minimized
O4 - HKCU\..\Run: [ANT Agent] C:\Program Files\Garmin\ANT Agent\ANT Agent.exe
O4 - HKCU\..\Run: [AVG-Secure-Search-Update_0913b] C:\Users\Luca Mattavelli\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid 6e04789dede0bb14e86cb8e11276eda9-56c31f6f9f6e2774e540fa112a8ea01ba2991568 --CMPID 0913b
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-21-3815552940-3739112743-3437565797-1006\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Dropbox.lnk = C:\Users\Luca Mattavelli\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Ritaglio schermata e avvio di OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E117 12C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

[menatwork]

faccio la scansione con MalwareBytes, mi rileva 76 minaccie ma non riesce a rimuoverle

hai selezionato gli elementi trovati da malwarebyts? una volta selezionati devi cliccare su "Rimuovi elementi selezionati". e riavviare

fai anche questa scansione

scarica adwcleaner

clicca su scan e poi su ''clean'' conferma con OK le varie finestre che ti compariranno.

alla fine clicca su Report e allega il contenuto



scarica Junkware Removal Tool

clicca sull'icona di JRT e attendi pazientemente la fine della scansione
Una volta terminata dovrebbe aprirsi il log sul desktop come JRT.txt

Allega i log come da regolamento

[pty]

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 11.49.57, on 30/10/2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16514)
FIREFOX: 24.0 (it)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\Portrait Displays\HP My Display\dthtml.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Winamp\winampa.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Windows\ehome\ehtray.exe
C:\Garmin\gStart.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Users\Luca Mattavelli\AppData\Roaming\Spotify\Data\SpotifyWeb Helper.exe
C:\Program Files\Garmin\ANT Agent\ANT Agent.exe
C:\Users\Luca Mattavelli\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Users\Public\Documents\AppData\PoApp\PService.e xe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\ProgramData\BitGuard\2.7.1769.27\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Luca Mattavelli\Downloads\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.chatzum.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: SearchToolbar.ShowToolbarBHO - {86a3cdaa-9b25-480e-b73f-c2d359b87966} - mscoree.dll (file missing)
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Tube Karaoke - {F351B686-F6AF-45F1-9EB9-684C805B25B1} - (no file)
O2 - BHO: TBSB09850 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\ChatZum Toolbar\tbunso2DA1.tmp\tbcore3.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: SearchToolbar - {691ca8ec-7205-4aa9-bdd6-15493d16f835} - mscoree.dll (file missing)
O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O3 - Toolbar: ChatZum Toolbar - {37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1} - C:\Program Files\ChatZum Toolbar\tbunso2DA1.tmp\tbcore3.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [DT Task] C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe -startup_folder
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [D-Link D-Link Wireless G DWA-110] C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
O4 - HKLM\..\Run: [FUFAXSTM] "C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PosService] C:\Users\Public\Documents\AppData\PoApp\PLauncher. exe
O4 - HKLM\..\Run: [Winsent Messenger] "C:\Program Files\Winsent Messenger\winsent.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Nvtmru] "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Nation toolbar\vprot.exe"
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIC EE.EXE /FU "C:\Windows\TEMP\E_S55EC.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [gStart] C:\Garmin\gStart.exe
O4 - HKCU\..\Run: [EPSON544C69 (Epson Stylus Office BX620FWD)] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIG BU.EXE /FU "C:\Windows\TEMP\E_S46B0.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Epson Stylus Office BX620FWD(Rete)] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIG BU.EXE /FU "C:\Windows\TEMP\E_SE3BA.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Luca Mattavelli\AppData\Roaming\Spotify\Data\SpotifyWeb Helper.exe"
O4 - HKCU\..\Run: [Hoolapp Android] "C:\Users\LUCAMA~1\AppData\Roaming\HOOLAP~1\Hoolap p.exe" /Minimized
O4 - HKCU\..\Run: [ANT Agent] C:\Program Files\Garmin\ANT Agent\ANT Agent.exe
O4 - HKCU\..\Run: [AVG-Secure-Search-Update_0913b] C:\Users\Luca Mattavelli\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid 6e04789dede0bb14e86cb8e11276eda9-56c31f6f9f6e2774e540fa112a8ea01ba2991568 --CMPID 0913b
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-21-3815552940-3739112743-3437565797-1006\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Dropbox.lnk = C:\Users\Luca Mattavelli\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Ritaglio schermata e avvio di OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E117 12C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

[pty]

Ecco i log:
.txt]AdwCleaner[S0].txt
JRT.txt
mbam-log-2013-10-30 (14-42-34).txt

Grazie mille per l'aiuto, il pc gira già meglio e l'antivirus non rileva più nulla.
E' tutto ok?
Grazieee!

hai selezionato gli elementi trovati da malwarebyts? una volta selezionati devi cliccare su "Rimuovi elementi selezionati". e riavviare

fai anche questa scansione

scarica adwcleaner

clicca su scan e poi su ''clean'' conferma con OK le varie finestre che ti compariranno.

alla fine clicca su Report e allega il contenuto



scarica Junkware Removal Tool

clicca sull'icona di JRT e attendi pazientemente la fine della scansione
Una volta terminata dovrebbe aprirsi il log sul desktop come JRT.txt

Allega i log come da regolamento

[menatwork]

ripeti la scansione con malwarebytes, devi farla completa non veloce
a fine scansione seleziona gli elementi rilevati e premi rimuovi elementi selezionati

allega il report

[pty]

ripeti la scansione con malwarebytes, devi farla completa non veloce
a fine scansione seleziona gli elementi rilevati e premi rimuovi elementi selezionati

allega il report

Scansione completa fatta, ecco il log:
mbam-log-2013-11-04 (11-48-48).txt
E' tutto ok?
Grazie!

[menatwork]

prima di mandarti via facciamo un ultimo controllo

Scarica OTL e salvalo sul desktop

Metti la spunta su SCAN ALL USERS.

Sotto output, metti la spunta su minimal output

Clicca sulla freccettina di File Age e seleziona 60 Days

Metti la spunta a LOP Check e Purity Check.

Clicca su RUN SCAN

Lascia fare la scansione senza interferire.

Al termine della scansione trovi due log sul desktop. OTL.txt ed Extras.txt, salvali e caricali su Wikisend,

[pty]

prima di mandarti via facciamo un ultimo controllo

Scarica OTL e salvalo sul desktop

Metti la spunta su SCAN ALL USERS.

Sotto output, metti la spunta su minimal output

Clicca sulla freccettina di File Age e seleziona 60 Days

Metti la spunta a LOP Check e Purity Check.

Clicca su RUN SCAN

Lascia fare la scansione senza interferire.

Al termine della scansione trovi due log sul desktop. OTL.txt ed Extras.txt, salvali e caricali su Wikisend,

Eccoli qui:
Extras.Txt
OTL.Txt
Tutto ok? ... grazie!

[menatwork]

controlla su virus total questi, hanno un'estensione che non conosco

C:\Windows\System32\tempfile.$$a

C:\Users\Luca Mattavelli\Documents\tempfile.$$a


ora a pri otl e copia sotto "Custom Scans\Fixes" questo testo per intero

:OTL
SRV - (ServUpdater) -- C:\Users\Luca Mattavelli\AppData\Local\ServUpdater\ServiceUpd.ex e File not found
SRV - (PowerOffer Service) -- C:\Users\Luca Mattavelli\AppData\Local\PosService\Pos.exe (PowerOfferService)
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKU\S-1-5-21-3815552940-3739112743-3437565797-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
O3 - HKU\S-1-5-21-3815552940-3739112743-3437565797-1002\..\Toolbar\WebBrowser: (no name) - {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - No CLSID value found.
O4 - HKLM..\Run: [PosService] C:\Users\Public\Documents\AppData\PoApp\PLauncher. exe (PLauncher)
@Alternate Data Stream - 76 bytes -> C:\Users\Luca Mattavelli\Documents\Updater5:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Luca Mattavelli\Documents\Updater:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Luca Mattavelli\Documents\Origini dati utente:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Luca Mattavelli\Documents\Il Mio Garmin:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Luca Mattavelli\Documents\DVDFab:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Luca Mattavelli\Documents\Blocchi appunti di OneNote:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Luca Mattavelli\Documents\AnyDVDHD:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Luca Mattavelli\Documents\Adlm:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Luca Mattavelli\Documents\3dsmax:Roxio EMC Stream
@Alternate Data Stream - 24 bytes -> C:\Windows:3DA85E8B66B56A4C
@Alternate Data Stream - 161 bytes -> C:\Users\Luca Mattavelli\Desktop\TimbroRadaelliGrosso.jpg:com.dr opbox.attributes
@Alternate Data Stream - 160 bytes -> C:\Users\Luca Mattavelli\Desktop\SfondoXPresentazioniA3.jpg:com. dropbox.attributes

:Files
ipconfig /flushdns /c

:commands
[purity]
[Reboot]

clicca su RUN FIX attendi il termine dell'operazione

Nella cartella C:\_OTL\MovedFiles\ verrà creato un log tipo ggMMaaaa_hhmmss.log


Allegalo nel forum