Discussione: Forse sono infetto
Visualizza messaggio singolo
Vecchio 23-06-2014, 20.05.53   #19
Joele1965
Hero Member
 
Registrato: 06-04-2008
Loc.: Brescia
Messaggi: 775
Joele1965 promette bene
Rif: Forse sono infetto

Quota:
Inviato da AMIGA Visualizza messaggio
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (questa ti da l'iconina gestione audio sotto sulla barra applicazioni accanto a data-ora, io consiglio di eliminarla, quando ti serve lo lanci da start-programmi)
Quì non sono stato capace di toglierlo.

Quota:
Inviato da AMIGA Visualizza messaggio
La Startup ......, ecco perchè ti dicevo di lasciare solo l'antivirus, in questo modo non solo hai velocizzato il sistema, ma hai escluso l'avvio di altra zavorra, Startup-Sequence.
Ciò capito molto poco io non ho fatto nulla all'avvio parte tutto quello che io non ho deciso, boh......
Codice:
# AdwCleaner v3.213 - Rapporto creato 23/06/2014 in 19:55:36
# Aggiornato 23/06/2014 di Xplode
# Sistema operativo : Windows 7 Ultimate Service Pack 1 (32 bits)
# Nome utente : Administrator - ADMINISTRATOR
# In esecuzione da : C:\Users\Administrator\Downloads\adwcleaner_3.213.exe
# Opzione : Pulisci

***** [ Servizi ] *****

[#] Servizio Eliminato : globalUpdate
[#] Servizio Eliminato : globalUpdatem

***** [ File / Cartelle ] *****

[#] Cartella Eliminato : C:\ProgramData\BitGuard
[#] Cartella Eliminato : C:\ProgramData\Browser Manager
[#] Cartella Eliminato : C:\ProgramData\BrowserProtect
Cartella Eliminato : C:\ProgramData\Uniblue
Cartella Eliminato : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
Cartella Eliminato : C:\Program Files\globalUpdate
Cartella Eliminato : C:\Program Files\smart pc cleaner
Cartella Eliminato : C:\Users\Administrator\AppData\Local\genienext
Cartella Eliminato : C:\Users\Administrator\AppData\Local\globalUpdate
Cartella Eliminato : C:\Users\Administrator\AppData\Local\Mobogenie
Cartella Eliminato : C:\Users\Administrator\AppData\LocalLow\DataMngr
Cartella Eliminato : C:\Users\Administrator\AppData\Roaming\DigitalSites
Cartella Eliminato : C:\Users\Administrator\AppData\Roaming\sweet-page
Cartella Eliminato : C:\Users\Home\AppData\Local\Mobogenie
Cartella Eliminato : C:\Users\Home\AppData\Local\torch
Cartella Eliminato : C:\Users\Home\AppData\LocalLow\DataMngr
Cartella Eliminato : C:\Users\Home\AppData\LocalLow\ilividmoviestoolbar181
Cartella Eliminato : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\yj43fpf9.default-1396711159520\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
File Eliminato : C:\END
File Eliminato : C:\Users\Administrator\daemonprocess.txt
File Eliminato : C:\Users\Home\daemonprocess.txt
File Eliminato : C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
File Eliminato : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
File Eliminato : C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
File Eliminato : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
File Eliminato : C:\Windows\System32\Tasks\PC Optimizer Pro Updates

***** [ Collegamenti ] *****


***** [ Registro ] *****

Chiave Eliminati : HKLM\SOFTWARE\Google\Chrome\Extensions\ocoombckbcnabpaghmokhaapnbngahck
[#] Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{349EE266-E84D-4244-890C-0158A9462046}
[#] Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{349EE266-E84D-4244-890C-0158A9462046}
[#] Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC5C6D73-9CD1-4B83-B59B-8FD2D207E1AE}
[#] Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC5C6D73-9CD1-4B83-B59B-8FD2D207E1AE}
[#] Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EC9510D-A439-4950-9399-B6399EDF9EA7}
[#] Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{53357301-36B2-4713-95C6-79E2F57C8715}
[#] Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53357301-36B2-4713-95C6-79E2F57C8715}
Chiave Eliminati : HKLM\SOFTWARE\Classes\driverscanner
Chiave Eliminati : HKLM\SOFTWARE\Classes\iLivid.torrent
Chiave Eliminati : HKLM\SOFTWARE\Classes\speedupmypc
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASAPI32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\Lollipop_RASAPI32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\Lollipop_RASMANCS
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\LyricsFinder_RASAPI32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\LyricsFinderUpdater_RASAPI32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASAPI32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASAPI32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASMANCS
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\updateJumpFlip_RASAPI32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\updateJumpFlip_RASMANCS
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASAPI32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASMANCS
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Chiave Eliminati : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Chiave Eliminati : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_per_bittorrent_RASAPI32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_per_bittorrent_RASMANCS
Chiave Eliminati : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Chiave Eliminati : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chiave Eliminati : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Chiave Eliminati : HKCU\Software\dsiteproducts
Chiave Eliminati : HKCU\Software\pc optimizer pro
Chiave Eliminati : HKCU\Software\Softonic
Chiave Eliminati : HKLM\Software\torch
Chiave Eliminati : HKLM\Software\Uniblue
Chiave Eliminati : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Chiave Eliminati : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75FF6D97AF9FC004A9521D4B83FA6321
Chiave Eliminati : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB13D869D7D092348847B7481BB59E27
Chiave Eliminati : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Mozilla Firefox v30.0 (it)

[ File : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\yj43fpf9.default-1396711159520\prefs.js ]

Riga eliminata : user_pref("iminent.adapters", "{\"it.iminent.com\":{\"CountryCode\":\"IT\",\"NoAds\":false,\"Status\":1,\"AdapterKey\":\"iminent\",\"v\":true,\"p\":0,\"t\":1,\"th\":0.228,\"expireTime\":\"140320876761[...]
Riga eliminata : user_pref("iminent.externalScripts", "{\"value\":[{\"addonUid\":\"10bb6277-6b2b-413e-8d82-ad9398543254\",\"name\":\"Dealply\",\"addonId\":1,\"url\":\"//i.iminentjs.info/imitin/javascript.js\",\"queryS[...]
Riga eliminata : user_pref("iminent.trackingInfo", "{\"state\":0,\"samplingRate\":0}");

[ File : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\8sqih2gi.default\prefs.js ]

Riga eliminata : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]

-\\ Google Chrome v28.0.1500.72

[ File : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Eliminati [Search Provider] : hxxp://www.search.ask.com/web?p2=%5EBBK%5EOSJ000%5EYY%5EIT&gct=&o=APN11412&tpid=ORJ-V7C&itbv=12.7.0.15&doi=2013-12-30&apn_uid=9D546AF3-99B8-4F1F-9806-65EC70C5A0D8&apn_ptnrs=BBK&apn_dtid=%5EOSJ000%5EYY%5EIT&apn_dbr=cr_28.0.1500.72&psv=&trgb=CR&q={searchTerms}
Eliminati [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=120&systemid=406&v=n11099-245&apn_uid=4050785245254500&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
Eliminati [Search Provider] : hxxp://www.softonic.it/s/{searchTerms}
Eliminati [Extension] : dbpebffoameokfhnaaedmefjncfboino
Eliminati [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
Eliminati [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Eliminati [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Eliminati [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Eliminati [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
Eliminati [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc

[ File : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Eliminati [Search Provider] : hxxp://it.ask.com/web?q={searchTerms}
Eliminati [Search Provider] : hxxp://search.iminent.com/?appId=5BB7CAF2-11A7-4AFA-9D89-DC8A8A641003&ref=toolbox&q={searchTerms}
Eliminati [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN11196510013117319&ctid=CT3311327&UM=1
Eliminati [Search Provider] : hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
Eliminati [Search Provider] : hxxp://dts.search-results.com/sr?src=crb&appid=164&systemid=406&sr=0&q={searchTerms}
Eliminati [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&affID=17425&tt=3812_6&babsrc=SP_def&mntrId=10e59b9a000000000000001bfcbde17d
Eliminati [Search Provider] : hxxp://websearch.youwillfind.info/?l=1&q={searchTerms}&pid=377&r=2013/04/29&hid=2616451004&lg=EN&cc=IT
Eliminati [Search Provider] : hxxp://search.fbdownloader.com/search.php?channel=sfit202fbdgy11&q={searchTerms}
Eliminati [Search Provider] : hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=10E5001BFCBDE17D&affID=122139&tt=110713_9126&tsp=4942
Eliminati [Search Provider] : hxxp://www.holasearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=10E5001BFCBDE17D&affID=121962&tsp=4926
Eliminati [Search Provider] : hxxp://feed.snapdo.com/?publisher=Bundlore&dpid=Bundlore&co=IT&userid=f37e54e9-615d-834a-4489-c645a3355ce7&searchtype=ds&q={searchTerms}&installDate={installDate}
Eliminati [Search Provider] : hxxp://www.search.ask.com/web?p2=%5EBBK%5EOSJ000%5EYY%5EIT&gct=&o=APN11412&tpid=ORJ-V7C&itbv=12.7.0.15&doi=2013-12-30&apn_uid=9D546AF3-99B8-4F1F-9806-65EC70C5A0D8&apn_ptnrs=BBK&apn_dtid=%5EOSJ000%5EYY%5EIT&apn_dbr=cr_28.0.1500.72&psv=&trgb=CR&q={searchTerms}
Eliminati [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=120&systemid=406&v=n11099-245&apn_uid=4050785245254500&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
Eliminati [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
Eliminati [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Eliminati [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Eliminati [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Eliminati [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
Eliminati [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc

*************************

AdwCleaner[R1].txt - [10987 octets] - [23/06/2014 19:54:27]
AdwCleaner[S1].txt - [11111 octets] - [23/06/2014 19:55:36]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [11172 octets] ##########
ho fatto anche adware

solo che ora non vedo + l'iconcina di F.secure in basso a dx
Joele1965 non è collegato   Rispondi citando