Ciao ragazzi.
Chi mi dà una mano ad eliminare pp.developunit.info ??
Grazie
Registrazione
Moderatori: m.paolo, kadosh, Luke57
di mauri1974 » 24/02/14 13:52
di FDACCC » 24/02/14 13:57
di mauri1974 » 24/02/14 14:52
di mauri1974 » 24/02/14 15:18
# AdwCleaner v3.019 - Report created 24/02/2014 at 14:59:06
# Updated 17/02/2014 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : Otto - LENOVO-PC
# Running from : C:\Users\Otto\Downloads\AdwCleaner(1).exe
# Option : Clean
***** [ Services ] *****
Service Deleted : 70e6ca8c
[#] Service Deleted : Update BuzzSearch
[#] Service Deleted : Util BuzzSearch
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LiveSupport
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro v3.2
Folder Deleted : C:\Program Files (x86)\BuzzSearch
Folder Deleted : C:\Program Files (x86)\LiveSupport
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Nosibay
Folder Deleted : C:\Program Files (x86)\optimizer pro
Folder Deleted : C:\Users\Otto\AppData\Local\FilesFrog Update Checker
Folder Deleted : C:\Users\Otto\AppData\Local\lollipop
Folder Deleted : C:\Users\Otto\AppData\Roaming\aartemis
Folder Deleted : C:\Users\Otto\AppData\Roaming\Nosibay
Folder Deleted : C:\Users\Otto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bubble Dock
Folder Deleted : C:\Users\Otto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
File Deleted : C:\Users\Otto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\lollipop.lnk
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\aartemis.xml
File Deleted : C:\Users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\m0x7ahq8.default-1387107677864\user.js
File Deleted : C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [bubbledock@nosibay.com]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Bubble Dock]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{23AF19F7-1D5B-442C-B14C-3D1081953C94}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5CF5A690-C8F4-488E-9D20-F21AEF602D41}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D0EC4142-5808-41D2-A4DC-6081CF1A9693}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CF5A690-C8F4-488E-9D20-F21AEF602D41}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{23AF19F7-1D5B-442C-B14C-3D1081953C94}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5CF5A690-C8F4-488E-9D20-F21AEF602D41}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{23AF19F7-1D5B-442C-B14C-3D1081953C94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EBFCF40E-A87B-463F-A782-55BDD4160B5E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D0EC4142-5808-41D2-A4DC-6081CF1A9693}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\BuzzSearch
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\LiveSupport
Key Deleted : HKCU\Software\lollipop
Key Deleted : HKCU\Software\Nosibay
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKCU\Software\Somoto
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\aartemisSoftware
Key Deleted : HKLM\Software\BuzzSearch
Key Deleted : HKLM\Software\do-searchSoftware
Key Deleted : HKLM\Software\ImInstaller
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\aartemis Browser Protecter
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LiveSupport_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BuzzSearch
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\optimi~1\optpro~1.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16798
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v27.0.1 (it)
[ File : C:\Users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\m0x7ahq8.default-1387107677864\prefs.js ]
Line Deleted : user_pref("extensions.BQ_hOi.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumorobo\")>-1||url.inde[...]
Line Deleted : user_pref("extensions.wZkVeTbL.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumorobo\")>-1||url.in[...]
-\\ Google Chrome v31.0.1650.63
[ File : C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [8224 octets] - [24/02/2014 14:57:28]
AdwCleaner[S0].txt - [7029 octets] - [24/02/2014 14:59:06]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7089 octets] ##########
di mauri1974 » 24/02/14 15:23
di FDACCC » 24/02/14 15:30
di mauri1974 » 24/02/14 15:39
FDACCC ha scritto:Controlla sul desktop o nel disco locale C:\, dovrebbe esserci!
di FDACCC » 24/02/14 15:42
di mauri1974 » 24/02/14 16:05
FDACCC ha scritto:Mi riferivo a JRT veramente
Il PC ora come funziona?
di mauri1974 » 24/02/14 20:48
di mauri1974 » 25/02/14 07:15
di mauri1974 » 25/02/14 07:21
di mauri1974 » 25/02/14 13:27
[ResponseResult]
ResultCode=0
[Install Progress]
Confirm Realtek Driver
Check Operation System Version
OS Information [WINMAJOR Number] = 6
OS Information [WINMAJOR String] = 6.2
OS Information [SYSINFO.nWinMajor] = 6
OS Information [SYSINFO.nWinMinor] = 2
OS Information [IsWin2000] = 0
OS Information [IsWinXP] = 0
OS Information [IsWin2003] = 0
OS Information [IsVista] = 0
OS Information [IsWin2008] = 0
OS Information [IsWin7] = 0
OS Information [IsWin8] = 1
OS Information [IsWin2008R2x64] = 0
OS Information [IsMCE] = 0
OS Information [IsServer] = 0
OS Information [Service Pack] = 0
OS Information [x64] = 1
Operation System was Windows x64
Rtlupd [GetRtlupdForPackage] = 1
Rtlupd version [C:\SWTOOLS\DRIVERS\AUDIO\Vista64\RtlUpd64.exe] = 2.8.0.6
Rtkupd version [\] =
Current use Rtlupd version [C:\SWTOOLS\DRIVERS\AUDIO\Vista64\RtlUpd64.exe] = 2.8.0.6
Default Path [RtkAudioDir] = C:\Program Files (x86)\Realtek\Audio
Default Path [RtkAudioDir x64] = C:\Program Files\Realtek\Audio
Default Path [RtlTempDir] = C:\Program Files (x86)\Realtek\Audio\Drivers
Default Path [RtkHDADrvDir] = C:\Program Files (x86)\Realtek\Audio\Drivers\Vista64
Default Path [RtkHDMIDrvDir] = C:\Program Files (x86)\Realtek\Audio\Drivers\HDMI\XP2K
Default Path [RtlPFHDADir] = C:\Program Files\Realtek\Audio\HDA
Default Registry key [Installer Base Key] = SOFTWARE\Realtek\Audio\Installer
Current model : Lenovo
Current driver version = 6.0.1.6710 x64 Edition
Realtek HD Audio Driver Vista64 Directory Exist .
Dolby4.Page ( PCEE4 ) Application Directory Exist
ADCTL - Lenovo - Reg CmdUtil - Application Directory Exist
Status - OnMoveData
Status - ProgramFiles_Installing
delete C:\Program Files (x86)\Realtek\Audio\Drivers\Vista64
Copy Realtek HD Audio Driver from Vista64 Directory
Copy ADCTL.exe from Source-ADCTL Directory
Run RtlUpd64.exe : C:\Program Files (x86)\Realtek\Audio\Drivers\RtlUpd64.exe --- > -s -cb -nrg2709 (TRUE)
Status - ProgramFiles_Installed
Install Realtek HD Audio Audio Driver
Run RtlUpd64.exe : C:\Program Files (x86)\Realtek\Audio\Drivers\RtlUpd64.exe --- > -u -s -fi -nrg2709 (TRUE)
-->Realtek HD Audio - SetupAPI result LAAW_PARAMETERS.nLaunchResult = -4
Register C:\windows\system32\RtkAPO64.dll in Vista system .
Status - OnFirstUIAfter
Installer - OnEnd
di mauri1974 » 25/02/14 13:58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 8 x64
Ran by Otto on 25/02/2014 at 13.51.33,06
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F15655CF-A85B-B770-22DF-48D010880FD6}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F15655CF-A85B-B770-22DF-48D010880FD6}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F15655CF-A85B-B770-22DF-48D010880FD6}
~~~ Files
~~~ Folders
~~~ FireFox
Successfully deleted the following from C:\Users\Otto\AppData\Roaming\mozilla\firefox\profiles\m0x7ahq8.default-1387107677864\prefs.js
user_pref("extensions.BQ_hOi.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\
user_pref("extensions.wZkVeTbL.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf
Emptied folder: C:\Users\Otto\AppData\Roaming\mozilla\firefox\profiles\m0x7ahq8.default-1387107677864\minidumps [2 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25/02/2014 at 13.55.26,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
di FDACCC » 25/02/14 14:04
"Tipicamente non impiega più di 10 minuti
Su pc molto infetti il tempo di scansione può raddoppiare facilmente"
di mauri1974 » 25/02/14 15:02
ComboFix 14-02-24.02 - Otto 25/02/2014 14.23.19.1.2 - x64
Microsoft Windows 8 6.2.9200.0.1252.39.1040.18.3948.2215 [GMT 1:00]
Eseguito da: c:\users\Otto\Downloads\ComboFix.exe
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
[i] ADS - windows: deleted 0 bytes in 1 streams. [/i]
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\efjaofigpmcdifbmbadeocdcbecagjco
c:\users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\efjaofigpmcdifbmbadeocdcbecagjco\2.1\background.html
c:\users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\efjaofigpmcdifbmbadeocdcbecagjco\2.1\content.js
c:\users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\efjaofigpmcdifbmbadeocdcbecagjco\2.1\lsdb.js
c:\users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\efjaofigpmcdifbmbadeocdcbecagjco\2.1\manifest.json
c:\users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\efjaofigpmcdifbmbadeocdcbecagjco\2.1\N0YJV9eI.js
c:\users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\paceidfaiinlplbgaehedekgkcefpnhn
c:\users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\paceidfaiinlplbgaehedekgkcefpnhn\5.4_0\background.html
c:\users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\paceidfaiinlplbgaehedekgkcefpnhn\5.4_0\content.js
c:\users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\paceidfaiinlplbgaehedekgkcefpnhn\5.4_0\lsdb.js
c:\users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\paceidfaiinlplbgaehedekgkcefpnhn\5.4_0\manifest.json
c:\users\Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\paceidfaiinlplbgaehedekgkcefpnhn\5.4_0\RjjPpd.js
c:\users\Otto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_efjaofigpmcdifbmbadeocdcbecagjco_0.localstorage-journal
c:\users\Otto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_efjaofigpmcdifbmbadeocdcbecagjco_0.localstorage
c:\users\Otto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_paceidfaiinlplbgaehedekgkcefpnhn_0.localstorage-journal
c:\users\Otto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_paceidfaiinlplbgaehedekgkcefpnhn_0.localstorage
c:\users\Otto\AppData\Local\Google\Chrome\User Data\Default\preferences
c:\users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\m0x7ahq8.default-1387107677864\extensions\hty2uixr@alco-my.org
c:\users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\m0x7ahq8.default-1387107677864\extensions\hty2uixr@alco-my.org\bootstrap.js
c:\users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\m0x7ahq8.default-1387107677864\extensions\hty2uixr@alco-my.org\chrome.manifest
c:\users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\m0x7ahq8.default-1387107677864\extensions\hty2uixr@alco-my.org\content\bg.js
c:\users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\m0x7ahq8.default-1387107677864\extensions\hty2uixr@alco-my.org\install.rdf
c:\users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\m0x7ahq8.default-1387107677864\extensions\yozikjp@azslfjr.edu
c:\users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\m0x7ahq8.default-1387107677864\extensions\yozikjp@azslfjr.edu\bootstrap.js
c:\users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\m0x7ahq8.default-1387107677864\extensions\yozikjp@azslfjr.edu\chrome.manifest
c:\users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\m0x7ahq8.default-1387107677864\extensions\yozikjp@azslfjr.edu\content\bg.js
c:\users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\m0x7ahq8.default-1387107677864\extensions\yozikjp@azslfjr.edu\install.rdf
.
.
((((((((((((((((((((((((( Files Creati Da 2014-01-25 al 2014-02-25 )))))))))))))))))))))))))))))))))))
.
.
2014-02-25 13:38 . 2014-02-25 13:39 -------- d-----w- c:\users\Otto\AppData\Local\temp
2014-02-25 13:38 . 2014-02-25 13:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-24 19:51 . 2014-02-06 09:01 10536864 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3122A09E-F865-43C5-B9E7-0C219DC8D018}\mpengine.dll
2014-02-24 14:21 . 2014-02-24 14:21 -------- d-----w- c:\windows\ERUNT
2014-02-24 13:56 . 2014-02-25 13:11 -------- d-----w- C:\AdwCleaner
2014-02-22 19:25 . 2014-02-22 19:25 255664 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10234.bin
2014-02-21 15:10 . 2014-02-21 15:10 -------- d-----w- c:\programdata\savingtuoyou
2014-02-12 20:58 . 2013-12-04 23:43 583680 ----a-w- c:\windows\system32\msdrm.dll
2014-02-12 20:58 . 2013-12-04 23:37 451072 ----a-w- c:\windows\SysWow64\msdrm.dll
2014-02-12 19:51 . 2013-11-01 05:53 2232664 ----a-w- c:\windows\system32\drivers\tcpip.sys
2014-02-12 19:51 . 2013-11-25 23:17 83968 ----a-w- c:\windows\system32\drivers\hidclass.sys
2014-02-12 19:48 . 2013-11-20 00:15 3842560 ----a-w- c:\windows\system32\d2d1.dll
2014-02-12 19:48 . 2014-01-12 23:30 2238976 ----a-w- c:\windows\system32\d3d10warp.dll
2014-02-12 19:48 . 2013-11-19 23:57 3288576 ----a-w- c:\windows\SysWow64\d2d1.dll
2014-02-12 19:48 . 2014-01-12 23:30 2032640 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2014-02-07 20:30 . 2014-02-21 15:10 -------- d-----w- c:\programdata\baf8ad8b7a82d7b4
2014-02-07 20:30 . 2014-02-07 20:30 -------- d-----w- c:\programdata\PPTChecckier
2014-02-07 20:30 . 2014-02-07 20:30 -------- d-----w- c:\programdata\paceidfaiinlplbgaehedekgkcefpnhn
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-25 13:04 . 2013-06-10 07:29 88567024 ----a-w- c:\windows\system32\MRT.exe
2014-02-24 13:00 . 2013-06-08 09:41 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2014-02-23 18:00 . 2013-06-08 09:41 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2014-02-17 22:03 . 2013-11-13 19:12 78304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-17 22:03 . 2013-11-13 19:12 694240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-01-19 07:33 . 2013-06-28 16:06 270496 ------w- c:\windows\system32\MpSigStub.exe
2013-12-18 20:09 . 2014-01-26 07:05 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-12-07 06:37 . 2014-01-15 12:59 688640 ----a-w- c:\windows\system32\WSShared.dll
2013-12-07 06:37 . 2014-01-15 12:59 163840 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-07 05:15 . 2014-01-15 12:59 562688 ----a-w- c:\windows\SysWow64\WSShared.dll
2013-12-07 05:15 . 2014-01-15 12:59 124928 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{F15655CF-A85B-B770-22DF-48D010880FD6}]
2014-02-21 15:10 427008 ----a-w- c:\programdata\savingtuoyou\QmOuHW.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-03 19604072]
"IncrediMail"="c:\program files (x86)\IncrediMail\bin\IncMail.exe" [2013-06-28 444840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"331BigDog"="c:\program files (x86)\USB Camera\VM331STI.EXE" [2012-08-30 548864]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\users\Otto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Ritaglio schermata e avvio di OneNote 2007.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2012-8-17 1346936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R4 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S2 BcmBtRSupport;Bluetooth Radio Control Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]
S2 FPLService;TrueSuiteService;c:\program files\Lenovo Fingerprint Reader\TrueSuiteService.exe;c:\program files\Lenovo Fingerprint Reader\TrueSuiteService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 Lenovo System Agent Service;Lenovo System Agent Service;c:\program files\lenovo\SystemAgent\SystemAgentService.exe;c:\program files\lenovo\SystemAgent\SystemAgentService.exe [x]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [x]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [x]
S2 LENOVO.TVTVCAM;ThinkVantage Virtual Camera Controller;c:\program files\Lenovo\Communications Utility\vcamsvc.exe;c:\program files\Lenovo\Communications Utility\vcamsvc.exe [x]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [x]
S2 LnvHotSpotSvc;LnvMHService;c:\program files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe;c:\program files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [x]
S2 LocationTaskManager;Location Task Manager;c:\program files (x86)\Lenovo\LocationAware\loctaskmgr.exe;c:\program files (x86)\Lenovo\LocationAware\loctaskmgr.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NitroDriverReadSpool2;NitroPDFDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe;c:\program files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [x]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE;c:\windows\SysWOW64\NLSSRV32.EXE [x]
S2 Power Manager DBC Service;Lenovo Settings Power Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 BthLEEnum;Driver Bluetooth a basso consumo;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 IntcDAud;Audio Intel(R) per schermi;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 TrueService;TrueAPI Service component;c:\program files\Common Files\AuthenTec\TrueService.exe;c:\program files\Common Files\AuthenTec\TrueService.exe [x]
S3 vm331avs;Digital Camera 1;c:\windows\System32\Drivers\vm331avs.sys;c:\windows\SYSNATIVE\Drivers\vm331avs.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-04 19:45 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2013-09-05 14:04 215416 ----a-w- c:\program files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll
.
Contenuto della cartella 'Scheduled Tasks'
.
2014-02-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-10 15:06]
.
2014-02-25 c:\windows\Tasks\find-a-deal Update.job
- c:\program files (x86)\findAdeal\fadupdate.exe [2013-11-24 13:28]
.
2014-02-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-10 09:23]
.
2014-02-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-10 09:23]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5B13DB39-154C-5114-E6D7-753F8D0278C6}]
2014-02-07 20:30 475136 ----a-w- c:\programdata\PPTChecckier\42lG.x64.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F15655CF-A85B-B770-22DF-48D010880FD6}]
2014-02-21 15:10 475136 ----a-w- c:\programdata\savingtuoyou\QmOuHW.x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2012-07-20 373760]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-08-20 13192848]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-08-26 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-26 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-08-26 441152]
"LnvMobHotspotClient"="c:\program files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe" [2012-08-20 1010784]
"LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2012-08-13 564320]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-27 2184520]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-18 767312]
.
------- Scansione supplementare -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.it/
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
IE: E&sporta in Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\m0x7ahq8.default-1387107677864\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
AddRemove-Bubble Dock - c:\users\Otto\AppData\Roaming\Nosibay\Bubble Dock\Uninstall Bubble Dock.exe
AddRemove-lollipop_12091330 - c:\users\otto\appdata\local\lollipop\lollipop_12091330.bat
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Ora fine scansione: 2014-02-25 14:59:20
ComboFix-quarantined-files.txt 2014-02-25 13:59
.
Pre-Run: 257.283.833.856 byte disponibili
Post-Run: 259.979.767.808 byte disponibili
.
- - End Of File - - D327557118866F4F773D49F2BBCAB36B
di mauri1974 » 25/02/14 15:05
di FDACCC » 25/02/14 15:24
| Info x rippare film, sw e formati Autore: MarioLombardi |
Forum: Audio/Video e masterizzazione Risposte: 1 |
Visitano il forum: Nessuno e 27 ospiti