HijackThis.exe

emydebbo · 7 Dicembre 2013

Salve a tutti e grazie dell'attenzione.
Volevo chiedere un parere riguardo alla scansione di hijackthis per sapere, da chi è più esperto di me, quali posso essere virus e come eliminarli.
Ecco quanto risultato dalla scansione:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18.53.37, on 07/12/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\ibmpmsvc.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\svchost.exe
c:\Programmi\Microsoft Security Client\MsMpEng.exe
C:\windows\System32\svchost.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\spoolsv.exe
C:\windows\Explorer.EXE
C:\Programmi\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\windows\system32\acs.exe
C:\Programmi\Java\jre7\bin\jqs.exe
C:\Programmi\Google\Update\GoogleUpdate.exe
C:\windows\Installer\MSI77.tmp
C:\Documents and Settings\All Users\Dati applicazioni\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\windows\System32\svchost.exe
C:\Programmi\File comuni\Lenovo\tvt_reg_monitor_svc.exe
C:\windows\system32\TpKmpSVC.exe
C:\Programmi\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
C:\Programmi\Lenovo\Rescue and Recovery\rrpservice.exe
C:\Programmi\Lenovo\Rescue and Recovery\rrservice.exe
C:\Programmi\File comuni\Lenovo\Scheduler\tvtsched.exe
C:\Programmi\Lenovo\Rescue and Recovery\UpdateMonitor.exe
C:\Programmi\ThinkPad\Utilities\PWMDBSVC.exe
C:\Programmi\ThinkPad\Utilities\PWMEWSVC.exe
C:\Programmi\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
C:\Programmi\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Programmi\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Programmi\Brother\Brmfcmon\BrMfcWnd.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\Programmi\Microsoft ActiveSync\wcescomm.exe
C:\Programmi\Brother\Brmfcmon\BrMfcmon.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Programmi\TuneUp Utilities 2013\TUAutoReactivator32.exe
C:\Programmi\Microsoft Office\Office12\OUTLOOK.EXE
C:\windows\system32\ctfmon.exe
C:\Programmi\Microsoft\BingBar\7.2.241.0\SeaPort.exe
C:\Programmi\TuneUp Utilities 2013\TUAutoReactivator32.exe
C:\Documents and Settings\PC\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\PC\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\PC\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\PC\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\PC\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\PC\Desktop\HijackThis.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Open FVD Suite Toolbar - {2B171655-A69C-5c18-B693-6CB5DC269D44} - C:\Programmi\FVD Suite\addons\IE\FVDToolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre7\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre7\bin\jp2ssv.dll
O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Programmi\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O3 - Toolbar: FVD Suite Toolbar - {2B171655-A69C-5c18-B693-6CB5DC269D41} - C:\Programmi\FVD Suite\addons\IE\FVDToolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [BrMfcWnd] C:\Programmi\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programmi\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Open FVD Suite Toolbar - {2B171655-A69C-5c18-B693-6CB5DC269D43} - C:\Programmi\FVD Suite\addons\IE\FVDToolbar.dll (HKCU)
O9 - Extra 'Tools' menuitem: Open FVD Suite Toolbar - {2B171655-A69C-5c18-B693-6CB5DC269D43} - C:\Programmi\FVD Suite\addons\IE\FVDToolbar.dll (HKCU)
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Programmi\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Atheros Configuration Service (acs) - Atheros - C:\windows\system32\acs.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Programmi\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Lenovo. - C:\windows\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Programmi\Java\jre7\bin\jqs.exe
O23 - Service: Power Manager DBC Service - Unknown owner - C:\Programmi\ThinkPad\Utilities\PWMDBSVC.exe
O23 - Service: Cisco EnergyWise Enabler (PwmEWSvc) - Lenovo Group Limited - C:\Programmi\ThinkPad\Utilities\PWMEWSVC.exe
O23 - Service: SolidConverterPDFReadSpool (SCPDFReadSpool) - Solid Documents, LLC - C:\windows\Installer\MSI77.tmp
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Dati applicazioni\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Programmi\Skype\Updater\Updater.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Programmi\File comuni\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\windows\System32\TPHDEXLG.exe
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\windows\system32\TpKmpSVC.exe
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Programmi\Lenovo\Client Security Solution\tvttcsd.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Programmi\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
O23 - Service: TVT Backup Protection Service - Unknown owner - C:\Programmi\Lenovo\Rescue and Recovery\rrpservice.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Programmi\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Programmi\File comuni\Lenovo\Scheduler\tvtsched.exe
O23 - Service: TVT Windows Update Monitor (TVT_UpdateMonitor) - Lenovo Group Limited - C:\Programmi\Lenovo\Rescue and Recovery\UpdateMonitor.exe

--
End of file - 7793 bytes

Davide72 · 7 Dicembre 2013

a parte il consiglio di disttavare skype dall' avvio automatico nonchè il relativo plugin skipe per browser....dal log non risultano voci sospette

emydebbo · 8 Dicembre 2013

Ciao,
grazie per la risposta: strano perche il pc va una schifezza e tutto da venerdi che ho scaricato delle cose, e mi ha riempito di virus, alcuni dei quali sono riuscito a toglierli, ma non tutti: aartemis continua ad aprirsi con Crome, FireFox ed Explorer.
Saluti.

Davide72 · 8 Dicembre 2013

prova con questo Downloading AdwCleaner salvalo sul desktop e avvialo, tenendo i browser chiusi , clicca su SCAN attendi il termine e poi clicca su CLEAN alla fine della pulizia si aprirà un log.txt a popup, salvalo sul desktop

riavvia il pc, eposta quel log

- - - Updated - - -

anche questo http://www.majorgeeks.com/mg/get/junkware_removal_tool,1.html salvalo sul desktop, disattiva momentaneamente il tuo antivirus , avvia jrt e attendi il termine della pulitura e posta il log che verrà salvato sul desktop

emydebbo · 8 Dicembre 2013

Ciao,
ok scarico questi due programmi e ti faccio sapere: grazie per l aiuto: non so se c entra, ma non mi dice che l hard disk esterno che non e formattato, e mi dice di formattarlo: io ho quasi 500 gb di dati e questo mi preoccupa anche di piu del pc: puo essere causato da questi virus?
Grazie e saluti.

Davide72 · 8 Dicembre 2013

se l' hdd esterno non è formattato , si vede che ha la funzione autorun , quindi devi formattarlo in ntfs ...
però prima di eseguire il backup bisogna essere sicuri che l' hdd locale sia pulito da virus...

- - - Updated - - -

disinstalla tuneup utilty....usa il Cleaner e la guida su come ottimizzare win7

emydebbo · 8 Dicembre 2013

Ciao,
l hard disk non me lo fa piu aprire, questo è il problema: Perche disistallare TuneUp? Ti posto i due log:
Grazie e saluti.

# AdwCleaner v3.014 - Report created 08/12/2013 at 15:14:08
# Updated 01/12/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : PC - PC-F2LAE5SXZPYF
# Running from : C:\Documents and Settings\PC\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Found : C:\Documents and Settings\PC\Dati applicazioni\Mozilla\Firefox\Profiles\6g7icn6l.default\Extensions\ecbbcf@kfbugrzo.edu
Folder Found : C:\Documents and Settings\PC\Dati applicazioni\Mozilla\Firefox\Profiles\6g7icn6l.default\Extensions\ecbbcf@kfbugrzo.edu
Folder Found : C:\Documents and Settings\PC\Dati applicazioni\Mozilla\Firefox\Profiles\6g7icn6l.default\Extensions\ecbbcf@kfbugrzo.edu
Folder Found : C:\Documents and Settings\PC\Dati applicazioni\Mozilla\Firefox\Profiles\6g7icn6l.default\Extensions\ie0bhkw@scjchtuuao.com
Folder Found : C:\Documents and Settings\PC\Dati applicazioni\Mozilla\Firefox\Profiles\6g7icn6l.default\Extensions\ie0bhkw@scjchtuuao.com
Folder Found : C:\Documents and Settings\PC\Dati applicazioni\Mozilla\Firefox\Profiles\6g7icn6l.default\Extensions\ie0bhkw@scjchtuuao.com
Folder Found : C:\Documents and Settings\PC\Dati applicazioni\Mozilla\Firefox\Profiles\6g7icn6l.default\Extensions\isw6vwph@dkd-.com
Folder Found : C:\Documents and Settings\PC\Dati applicazioni\Mozilla\Firefox\Profiles\6g7icn6l.default\Extensions\isw6vwph@dkd-.com
Folder Found : C:\Documents and Settings\PC\Dati applicazioni\Mozilla\Firefox\Profiles\6g7icn6l.default\Extensions\isw6vwph@dkd-.com
Folder Found : C:\Documents and Settings\PC\Dati applicazioni\Mozilla\Firefox\Profiles\6g7icn6l.default\Extensions\jzdase@ouaifcf.org
Folder Found : C:\Documents and Settings\PC\Dati applicazioni\Mozilla\Firefox\Profiles\6g7icn6l.default\Extensions\jzdase@ouaifcf.org
Folder Found : C:\Documents and Settings\PC\Dati applicazioni\Mozilla\Firefox\Profiles\6g7icn6l.default\Extensions\jzdase@ouaifcf.org
Folder Found : C:\Documents and Settings\PC\Dati applicazioni\Mozilla\Firefox\Profiles\6g7icn6l.default\Extensions\z.8ufr@ueaayaueee.net
Folder Found : C:\Documents and Settings\PC\Dati applicazioni\Mozilla\Firefox\Profiles\6g7icn6l.default\Extensions\z.8ufr@ueaayaueee.net
Folder Found : C:\Documents and Settings\PC\Dati applicazioni\Mozilla\Firefox\Profiles\6g7icn6l.default\Extensions\z.8ufr@ueaayaueee.net
Folder Found C:\Documents and Settings\All Users\Dati applicazioni\QuickSet
Folder Found C:\Documents and Settings\All Users\Dati applicazioni\surfo and keepp
Folder Found C:\Documents and Settings\All Users\Dati applicazioni\surrf and KoeEp
Folder Found C:\Documents and Settings\All Users\Dati applicazioni\sUrrf and, keep
Folder Found C:\Documents and Settings\All Users\Dati applicazioni\YoutubeAdblocker
Folder Found C:\Documents and Settings\PC\Dati applicazioni\Nosibay
Folder Found C:\Documents and Settings\PC\Dati applicazioni\OpenCandy
Folder Found C:\Documents and Settings\PC\Dati applicazioni\Toolbar4
Folder Found C:\Programmi\myfree codec
Folder Found C:\Programmi\Nosibay
Folder Found C:\Programmi\surfo and keepp
Folder Found C:\Programmi\surrf and KoeEp
Folder Found C:\Programmi\sUrrf and, keep
Folder Found C:\Programmi\YoutubeAdblocker

***** [ Shortcuts ] *****

Shortcut Found : C:\Documents and Settings\PC\Desktop\Google Chrome.lnk ( hxxp://aartemis.com/?type=sc&ts=1386361693&from=wpc&uid=FUJITSUXMHV2080AH_NT28T5C2AM9AT5C2AM9AX )
Shortcut Found : C:\Documents and Settings\PC\Desktop\Internet Explorer.lnk ( hxxp://aartemis.com/?type=sc&ts=1386361693&from=wpc&uid=FUJITSUXMHV2080AH_NT28T5C2AM9AT5C2AM9AX )
Shortcut Found : C:\Documents and Settings\PC\Desktop\Mozilla Firefox.lnk ( hxxp://aartemis.com/?type=sc&ts=1386361693&from=wpc&uid=FUJITSUXMHV2080AH_NT28T5C2AM9AT5C2AM9AX )
Shortcut Found : C:\Documents and Settings\All Users\Menu Avvio\Programmi\Mozilla Firefox.lnk ( hxxp://aartemis.com/?type=sc&ts=1386361693&from=wpc&uid=FUJITSUXMHV2080AH_NT28T5C2AM9AT5C2AM9AX )
Shortcut Found : C:\Documents and Settings\PC\Menu Avvio\Programmi\Internet Explorer.lnk ( hxxp://aartemis.com/?type=sc&ts=1386361693&from=wpc&uid=FUJITSUXMHV2080AH_NT28T5C2AM9AT5C2AM9AX )
Shortcut Found : C:\Documents and Settings\PC\Menu Avvio\Programmi\Google Chrome\Google Chrome.lnk ( hxxp://aartemis.com/?type=sc&ts=1386361693&from=wpc&uid=FUJITSUXMHV2080AH_NT28T5C2AM9AT5C2AM9AX )
Shortcut Found : C:\Documents and Settings\PC\Menu Avvio\Programmi\Accessori\Utilità di sistema\Internet Explorer (nessun componente aggiuntivo).lnk ( hxxp://aartemis.com/?type=sc&ts=1386361693&from=wpc&uid=FUJITSUXMHV2080AH_NT28T5C2AM9AT5C2AM9AX )
Shortcut Found : C:\Documents and Settings\PC\Dati applicazioni\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( hxxp://aartemis.com/?type=sc&ts=1386361693&from=wpc&uid=FUJITSUXMHV2080AH_NT28T5C2AM9AT5C2AM9AX )

***** [ Registry ] *****

Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\chrome.exe\shell\open\command [(Default)] - "C:\Documents and Settings\PC\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe" hxxp://aartemis.com/?type=sc&ts=1386361693&from=wpc&uid=FUJITSUXMHV2080AH_NT28T5C2AM9AT5C2AM9AX
Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command [(Default)] - C:\Programmi\Mozilla Firefox\firefox.exe hxxp://aartemis.com/?type=sc&ts=1386361693&from=wpc&uid=FUJITSUXMHV2080AH_NT28T5C2AM9AT5C2AM9AX
Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Programmi\Internet Explorer\iexplore.exe hxxp://aartemis.com/?type=sc&ts=1386361693&from=wpc&uid=FUJITSUXMHV2080AH_NT28T5C2AM9AT5C2AM9AX
Key Found : HKCU\Software\AppDataLow\SProtector
Key Found : HKCU\Software\FLEXnet
Key Found : HKCU\Software\Iminent
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyFreeCodec
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{23AF19F7-1D5B-442C-B14C-3D1081953C94}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{327C2873-E90D-4C37-AA9D-10AC9BABA46C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{23AF19F7-1D5B-442C-B14C-3D1081953C94}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{327C2873-E90D-4C37-AA9D-10AC9BABA46C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Nosibay
Key Found : HKLM\Software\aartemisSoftware
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
Key Found : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
Key Found : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
Key Found : HKLM\SOFTWARE\Classes\FVDToolbar.CTBShow
Key Found : HKLM\SOFTWARE\Classes\FVDToolbar.CTBShow.1
Key Found : HKLM\SOFTWARE\Classes\FVDToolbar.CToolbarShower
Key Found : HKLM\SOFTWARE\Classes\FVDToolbar.CToolbarShower.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Found : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Found : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Found : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Found : HKLM\Software\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CNXT_MODEM_PCI_VEN_8086&DEV_24C6&SUBSYS_05591014
Key Found : HKLM\Software\SProtector
Key Found : HKLM\Software\TENCENT

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v10.0.2 (it)

-\\ Google Chrome v

[ File : C:\Documents and Settings\PC\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [13773 octets] - [08/12/2013 15:14:08]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [13834 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Microsoft Windows XP x86
Ran by PC on 08/12/2013 at 15.35.09,15
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08/12/2013 at 16.03.00,65
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Davide72 · 8 Dicembre 2013

ripeti la procedura di adwcleaner (con i browser chiusi)clicca su SCAN attendi il termine della scansione e poi clicca su CLEAN attendi il termine della pulizia
e conferma con ok ai seguenti messaggi e riavvia il pc
posta di nuovo il log che troverai sul desktop

tuneup inizialmente non te ne accorgi, poi in seguito noterai dei rallentamenti ed errori nel sistema, consiglio di rimuoverlo...è solo strategia commerciale , non promette niente

emydebbo · 8 Dicembre 2013

Ciao,
ecco il log, e ho anche disinstallato TuneUp. Sto facendo chkdsk /r da cmd per l hard disk, ha trovato degli errori, speriamo che riesce a riavviarlo, altrimenti sono rovinato.
Grazie e saluti.

# AdwCleaner v3.014 - Report created 08/12/2013 at 17:22:17# Updated 01/12/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : PC - PC-F2LAE5SXZPYF
# Running from : C:\Documents and Settings\PC\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v10.0.2 (it)

-\\ Google Chrome v

[ File : C:\Documents and Settings\PC\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [13915 octets] - [08/12/2013 15:14:08]
AdwCleaner[R1].txt - [959 octets] - [08/12/2013 15:21:54]
AdwCleaner[R2].txt - [1078 octets] - [08/12/2013 17:20:15]
AdwCleaner[S0].txt - [11607 octets] - [08/12/2013 15:15:35]
AdwCleaner[S1].txt - [1019 octets] - [08/12/2013 15:23:27]
AdwCleaner[S2].txt - [1001 octets] - [08/12/2013 17:22:17]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1061 octets] ##########

Davide72 · 8 Dicembre 2013

ripeti ancora adw cleaner clicca su scan attendi la fine e poi clicca su report (si aprirà un log ) postalo

- - - Updated - - -

scusa mà di quale hdd stai facendo il checkdisk,

emydebbo · 8 Dicembre 2013

Ciao,
eccolo: dell hard disk esterno
Grazie e saluti.

# AdwCleaner v3.014 - Report created 08/12/2013 at 18:31:50
# Updated 01/12/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : PC - PC-F2LAE5SXZPYF
# Running from : C:\Documents and Settings\PC\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v10.0.2 (it)

[ File : C:\Documents and Settings\PC\Dati applicazioni\Mozilla\Firefox\Profiles\6g7icn6l.default\prefs.js ]

-\\ Google Chrome v

[ File : C:\Documents and Settings\PC\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [13915 octets] - [08/12/2013 15:14:08]
AdwCleaner[R1].txt - [959 octets] - [08/12/2013 15:21:54]
AdwCleaner[R2].txt - [1078 octets] - [08/12/2013 17:20:15]
AdwCleaner[R3].txt - [993 octets] - [08/12/2013 18:31:50]
AdwCleaner[S0].txt - [11607 octets] - [08/12/2013 15:15:35]
AdwCleaner[S1].txt - [1019 octets] - [08/12/2013 15:23:27]
AdwCleaner[S2].txt - [1141 octets] - [08/12/2013 17:22:17]

########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [1233 octets] ##########

Davide72 · 8 Dicembre 2013

ottimo...ciao:ciaociao:

emydebbo · 8 Dicembre 2013

Ciao,
quindi adesso è pulito il pc?
Grazie e saluti.

Davide72 · 8 Dicembre 2013

dal log di adwcleaner si....puoi sempre fare ulteriori scansioni col malwarebyte free

emydebbo · 8 Dicembre 2013

Ciao,
ok grazie.
Saluti.

HijackThis.exe

emydebbo

Nuovo Utente

Davide72

Ospite

emydebbo

Nuovo Utente

Davide72

Ospite

emydebbo

Nuovo Utente

Davide72

Ospite

emydebbo

Nuovo Utente

Davide72

Ospite

emydebbo

Nuovo Utente

Davide72

Ospite

emydebbo

Nuovo Utente

Davide72

Ospite

emydebbo

Nuovo Utente

Davide72

Ospite

emydebbo

Nuovo Utente