Valutazione 4.87/ 5 (100.00%) 5838 voti

Condividi:        

Rimozione conduit

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: kadosh, Luke57

Rimozione conduit

Postdi gora » 02/04/14 20:03

Buonasera :)
scaricando programmi dal web, come a molti pirla capita, mi sono beccato il classico adaware di turno che introduce toolbar, cambia la pagina iniziale dei browser ecc: conduit :P
Ho disinstallato il programma e usato adwcleaner per sistemare i browser, e per firefox il problema sembra risolto.
Aprendo chrome, ho notato però che la pagina iniziale è ancora la search di conduit, e quindi temo di non aver risolto il problema.
E' solo rimasta la pagina iniziale o anche qualche altro residuo?
Ho letto che manda dati in giro, non vorrei rimanesse attivo in background anche magari navigando con firefox. Come faccio a controllare/risolvere il problema?
Grazie mille a chi vorrà aiutarmi :)
gora
Utente Junior
 
Post: 28
Iscritto il: 11/09/11 20:14

Sponsor
 

Re: Rimozione conduit

Postdi shel » 03/04/14 20:57

ciao gora allega il log di adwcleaner poi fai questa scansione

scarica OTL
Metti la spunta su SCAN ALL USERS.
Sotto output spunta minimal output
Clicca sulla freccettina di File Age e seleziona 60 Days
Metti la spunta a LOP Check and Purity Check.
A fine scansione OTL produrrà due file di log (OTL.txt ed Extras.txt)
Postalo nel forum
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: Rimozione conduit

Postdi Mazit » 04/04/14 13:50

questo è il miglior tutorial che spiega come rimuover conduit definitivamente http://www.come-eliminare.com/conduit-search/

Immagine
Mazit
Newbie
 
Post: 1
Iscritto il: 04/04/14 13:46

Re: Rimozione conduit

Postdi gora » 06/04/14 19:42

Grazie mille ad entrambi per i consigli :)
ho seguito i consigli di Mazit, e il problema sembra risolto :)
Inoltre per sicurezza ho fatto anche i passi consigliati da shel, questi sono i report:

Report OTL:

Report "Extras":

OTL Extras logfile created on: 06/04/2014 19.04.20 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\admin\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

1015,17 Mb Total Physical Memory | 455,61 Mb Available Physical Memory | 44,88% Memory free
2,38 Gb Paging File | 1,80 Gb Available in Paging File | 75,48% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 72,06 Gb Total Space | 18,11 Gb Free Space | 25,13% Space Free | Partition Type: NTFS
Drive D: | 72,05 Gb Total Space | 71,99 Gb Free Space | 99,91% Space Free | Partition Type: NTFS

Computer Name: IGOR | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-1937419065-3020280299-1285230153-1005\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programmi\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programmi\Windows Live\Messenger\wlcsdk.exe" = C:\Programmi\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Programmi\Windows Live\Messenger\msnmsgr.exe" = C:\Programmi\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Programmi\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programmi\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programmi\Windows Live\Messenger\wlcsdk.exe" = C:\Programmi\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Programmi\Windows Live\Messenger\msnmsgr.exe" = C:\Programmi\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Programmi\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programmi\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Programmi\Skype\Phone\Skype.exe" = C:\Programmi\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Programmi\Microsoft Office\Office12\ONENOTE.EXE" = C:\Programmi\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Programmi\LibreOffice 4\program\soffice.bin" = C:\Programmi\LibreOffice 4\program\soffice.bin:*:Enabled:LibreOffice
"C:\Xilinx\14.7\ISE_DS\ISE\bin\nt\_fpga_editor.exe" = C:\Xilinx\14.7\ISE_DS\ISE\bin\nt\_fpga_editor.exe:*:Enabled:FPGA_EDITOR -- ()
"C:\Xilinx\14.7\ISE_DS\ISE\bin\nt\unwrapped\isimgui.exe" = C:\Xilinx\14.7\ISE_DS\ISE\bin\nt\unwrapped\isimgui.exe:*:Enabled:isimgui -- ()
"C:\Programmi\Wondershare\MobileGo for Android\MobileGoService.exe" = C:\Programmi\Wondershare\MobileGo for Android\MobileGoService.exe:*:Enabled:MobileGo Device Listen Service -- (Wondershare)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
" ISE WebPACK 14.7" = ISE WebPACK 14.7 (C:\Xilinx\14.7\ISE_DS)
"{03F15CFC-BA7D-48B8-AA16-7F152BA27547}" = OpenOffice 4.0.1
"{19F5658D-92E8-4A08-8657-D38ABB1574B2}" = Asus ACPI Driver
"{1E04C795-7359-4E05-8A0E-5644F777AA08}_is1" = Wondershare MobileGo for Android ( Version 4.3.0 )
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Strumento di caricamento di Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2682CFF5-D807-48F1-AC86-34A1654877EE}" = Windows Live Toolbar
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 51
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{34A08914-7A33-4040-A959-1577BF5AFF8A}" = Microsoft Works
"{350C9410-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{38E5A3B1-ADF1-47E0-8024-76310A30EB36}" = LiveUpdate
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = ASUS USB2.0 UVC VGA WebCam
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3FB39BED-37C8-4E60-8E02-315B8C2B07E3}" = USB2.0 UVC Camera Device
"{42146067-CB25-4560-8DA1-EBE8AFC37147}" = Windows Live Family Safety
"{47BACF74-5A07-48BD-BADB-A769550F0F5A}" = FontResizer
"{49C77D21-F91F-4296-B7DF-19C5FF51AF4D}" = Windows Live Call
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate for Eee PC
"{5AE2BE5E-930A-481C-817E-C373E8910C8A}" = Windows Live Messenger
"{6333FC29-BFE5-4024-AC78-958A1A7555D1}" = EeeSplendid
"{6F695BCF-9BDC-48AB-8D46-D57CFAD7A248}" = Assistente per l'accesso a Windows Live
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{78EA81C3-5E56-4F9F-96C7-696226794E2D}" = Windows Live Mail
"{88F08F98-12BC-4613-81A2-8F9B88CFC73E}" = Super Hybrid Engine
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8CC64E4E-DD74-421D-B3E9-90044732D1EF}" = Oracle VM VirtualBox 4.3.10
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0010-0410-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Italian) 12
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-0020-0410-0000-0000000FF1CE}" = Pacchetto di compatibilità per Office System 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{95120000-00AF-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Italian)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A6280CE4-04F4-46B8-B0A3-703EC252AD17}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A973AD04-558F-4810-9B1B-0664C930490B}" = Raccolta foto di Windows Live
"{A9F87795-BD95-4C25-97A7-027B2117EF41}" = Ansoft Designer 2.2 SV
"{AC76BA86-7AD7-1040-7B44-A81000000003}" = Adobe Reader 8.1.0 - Italiano
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C72CA49A-9237-4810-8449-45DA3BD26D64}" = EzMessenger
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D806E63B-0C11-4061-8DA9-1E980FB9A9EB}" = Data Sync
"{E171E280-0BAE-4460-9F47-CA96D17828B6}" = Windows Live Essentials
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EF321705-AE33-4E6E-ACEA-18EDF7F24144}" = Windows Live Sync
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"4nec2_is1" = 4nec2 full version 5.8.14
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"Dia" = Dia (remove only)
"Digilent Software" = Digilent Software
"Eee Docking_is1" = Eee Docking 1.3.6.0
"Git_is1" = Git version 1.9.0-preview20140217
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ie8" = Windows Internet Explorer 8
"Matlab R2012b" = MATLAB R2012b
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 28.0 (x86 it)" = Mozilla Firefox 28.0 (x86 it)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MTI ModelSim PE Student Edition 10.3 Deinstall Key" = ModelSim PE Student Edition 10.3
"Notepad++" = Notepad++
"POP Peeper" = POP Peeper
"Sublime Text 2_is1" = Sublime Text 2.0.2
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR gestione archivi
"winusb0200" = Microsoft WinUsb 2.0
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 13/03/2014 4.18.19 | Computer Name = IGOR | Source = Application Hang | ID = 1002
Description = Applicazione in stallo explorer.exe, versione 6.0.2900.5512, modulo
in stallo hungapp, versione 0.0.0.0, indirizzo stallo 0x00000000.

Error - 14/03/2014 8.23.36 | Computer Name = IGOR | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore asacpisvr.exe, versione 6.1.1.1008,
modulo che ha provocato l'errore asacpisvr.exe, versione 6.1.1.1008, indirizzo
errore 0x000075e5.

Error - 18/03/2014 5.19.56 | Computer Name = IGOR | Source = Application Hang | ID = 1002
Description = Applicazione in stallo explorer.exe, versione 6.0.2900.5512, modulo
in stallo hungapp, versione 0.0.0.0, indirizzo stallo 0x00000000.

Error - 21/03/2014 8.36.01 | Computer Name = IGOR | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore asacpisvr.exe, versione 6.1.1.1008,
modulo che ha provocato l'errore asacpisvr.exe, versione 6.1.1.1008, indirizzo
errore 0x000075e5.

Error - 24/03/2014 5.57.21 | Computer Name = IGOR | Source = Application Hang | ID = 1002
Description = Applicazione in stallo explorer.exe, versione 6.0.2900.5512, modulo
in stallo hungapp, versione 0.0.0.0, indirizzo stallo 0x00000000.

Error - 25/03/2014 7.10.35 | Computer Name = IGOR | Source = Application Hang | ID = 1002
Description = Applicazione in stallo explorer.exe, versione 6.0.2900.5512, modulo
in stallo hungapp, versione 0.0.0.0, indirizzo stallo 0x00000000.

Error - 26/03/2014 17.35.45 | Computer Name = IGOR | Source = Application Hang | ID = 1002
Description = Applicazione in stallo explorer.exe, versione 6.0.2900.5512, modulo
in stallo hungapp, versione 0.0.0.0, indirizzo stallo 0x00000000.

Error - 27/03/2014 9.01.34 | Computer Name = IGOR | Source = Application Hang | ID = 1002
Description = Applicazione in stallo notepad++.exe, versione 5.5.0.0, modulo in
stallo hungapp, versione 0.0.0.0, indirizzo stallo 0x00000000.

Error - 28/03/2014 6.50.38 | Computer Name = IGOR | Source = Application Hang | ID = 1002
Description = Applicazione in stallo explorer.exe, versione 6.0.2900.5512, modulo
in stallo hungapp, versione 0.0.0.0, indirizzo stallo 0x00000000.

Error - 02/04/2014 10.45.31 | Computer Name = IGOR | Source = Application Hang | ID = 1002
Description = Applicazione in stallo explorer.exe, versione 6.0.2900.5512, modulo
in stallo hungapp, versione 0.0.0.0, indirizzo stallo 0x00000000.

[ System Events ]
Error - 04/04/2014 7.32.48 | Computer Name = IGOR | Source = PSched | ID = 14103
Description = QoS [Scheda {431A969E-68B4-448C-BB7D-39989DA11866}]. Il driver della
scheda di rete non ha potuto eseguire la query per OID_GEN_LINK_SPEED.

Error - 04/04/2014 7.32.48 | Computer Name = IGOR | Source = Dhcp | ID = 1000
Description = Il computer ha perso il lease dell'indirizzo IP 158.110.224.154 della
scheda
di rete con indirizzo 1C4BD62D562F.

Error - 05/04/2014 6.28.53 | Computer Name = IGOR | Source = PSched | ID = 14103
Description = QoS [Scheda {431A969E-68B4-448C-BB7D-39989DA11866}]. Il driver della
scheda di rete non ha potuto eseguire la query per OID_GEN_LINK_SPEED.

Error - 05/04/2014 6.53.38 | Computer Name = IGOR | Source = PSched | ID = 14103
Description = QoS [Scheda {431A969E-68B4-448C-BB7D-39989DA11866}]. Il driver della
scheda di rete non ha potuto eseguire la query per OID_GEN_LINK_SPEED.

Error - 05/04/2014 15.04.47 | Computer Name = IGOR | Source = PSched | ID = 14103
Description = QoS [Scheda {431A969E-68B4-448C-BB7D-39989DA11866}]. Il driver della
scheda di rete non ha potuto eseguire la query per OID_GEN_LINK_SPEED.

Error - 06/04/2014 7.14.47 | Computer Name = IGOR | Source = PSched | ID = 14103
Description = QoS [Scheda {431A969E-68B4-448C-BB7D-39989DA11866}]. Il driver della
scheda di rete non ha potuto eseguire la query per OID_GEN_LINK_SPEED.

Error - 06/04/2014 7.57.48 | Computer Name = IGOR | Source = PSched | ID = 14103
Description = QoS [Scheda {431A969E-68B4-448C-BB7D-39989DA11866}]. Il driver della
scheda di rete non ha potuto eseguire la query per OID_GEN_LINK_SPEED.

Error - 06/04/2014 7.58.51 | Computer Name = IGOR | Source = Service Control Manager | ID = 7034
Description = Interruzione imprevista del servizio MBAMScheduler. Questo evento
si è già verificato 1 volta(e).

Error - 06/04/2014 8.05.46 | Computer Name = IGOR | Source = Service Control Manager | ID = 7011
Description = Timout (30000 millisecondi) durante l'attesa della risposta alla transazione
dal servizio MBAMService.

Error - 06/04/2014 14.13.33 | Computer Name = IGOR | Source = PSched | ID = 14103
Description = QoS [Scheda {431A969E-68B4-448C-BB7D-39989DA11866}]. Il driver della
scheda di rete non ha potuto eseguire la query per OID_GEN_LINK_SPEED.


< End of report >
gora
Utente Junior
 
Post: 28
Iscritto il: 11/09/11 20:14

Re: Rimozione conduit

Postdi gora » 06/04/14 19:43

Report "OTL":

OTL logfile created on: 06/04/2014 19.04.20 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\admin\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

1015,17 Mb Total Physical Memory | 455,61 Mb Available Physical Memory | 44,88% Memory free
2,38 Gb Paging File | 1,80 Gb Available in Paging File | 75,48% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 72,06 Gb Total Space | 18,11 Gb Free Space | 25,13% Space Free | Partition Type: NTFS
Drive D: | 72,05 Gb Total Space | 71,99 Gb Free Space | 99,91% Space Free | Partition Type: NTFS

Computer Name: IGOR | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\admin\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programmi\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programmi\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programmi\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Programmi\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Programmi\POP Peeper\POPPeeper.exe (Mortal Universe)
PRC - C:\Programmi\ASUS\LiveUpdate\LiveUpdate.exe ()
PRC - C:\Programmi\EeePC\ACPI\AsAcpiSvr.exe (ASUSTeK Computer Inc.)
PRC - C:\Programmi\EeePC\ACPI\AsTray.exe (ASUSTeK Computer Inc.)
PRC - C:\Programmi\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (ASUSTeK Computer Inc.)
PRC - C:\Programmi\EeePC\ACPI\AsEPCMon.exe (ASUSTeK Computer Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Programmi\AVAST Software\Avast\defs\14040600\algo.dll ()
MOD - C:\Programmi\Mozilla Firefox\mozjs.dll ()
MOD - C:\Programmi\AVAST Software\Avast\libcef.dll ()
MOD - C:\Programmi\Git\git-cheetah\git_shell_ext.dll ()
MOD - C:\Programmi\ASUS\LiveUpdate\LiveUpdate.exe ()
MOD - C:\Programmi\ASUS\LiveUpdate\Enumeration.dll ()
MOD - C:\Programmi\ASUS\LiveUpdate\Parser.dll ()
MOD - C:\Programmi\ASUS\LiveUpdate\ClientSocket.dll ()
MOD - C:\Programmi\WinRAR\RarExt.dll ()


========== Services (SafeList) ==========

SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (MozillaMaintenance) -- C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (avast! Antivirus) -- C:\Programmi\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (JavaQuickStarterService) -- C:\Programmi\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (rpcapd) -- C:\Programmi\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (odserv) -- C:\Programmi\File comuni\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (BTWUSB) -- System32\Drivers\btwusb.sys File not found
DRV - (btwhid) -- system32\DRIVERS\btwhid.sys File not found
DRV - (BTWDNDIS) -- system32\DRIVERS\btwdndis.sys File not found
DRV - (BTDriver) -- system32\DRIVERS\btport.sys File not found
DRV - (btaudio) -- system32\drivers\btaudio.sys File not found
DRV - (androidusb) -- C:\WINDOWS\system32\drivers\wsadb.sys (Google Inc)
DRV - (dg_ssudbus) -- C:\WINDOWS\system32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (VBoxDrv) -- C:\WINDOWS\system32\drivers\VBoxDrv.sys (Oracle Corporation)
DRV - (VBoxNetAdp) -- C:\WINDOWS\system32\drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV - (VBoxNetFlt) -- C:\WINDOWS\system32\drivers\VBoxNetFlt.sys (Oracle Corporation)
DRV - (VBoxUSBMon) -- C:\WINDOWS\system32\drivers\VBoxUSBMon.sys (Oracle Corporation)
DRV - (aswSnx) -- C:\WINDOWS\system32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswSP.sys (AVAST Software)
DRV - (aswVmm) -- C:\WINDOWS\System32\drivers\aswVmm.sys ()
DRV - (aswMonFlt) -- C:\WINDOWS\system32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswRvrt) -- C:\WINDOWS\System32\drivers\aswRvrt.sys ()
DRV - (WinDriver6) -- C:\WINDOWS\system32\drivers\windrvr6.sys (Jungo)
DRV - (XilinxPC4Driver) -- C:\WINDOWS\system32\drivers\xpc4drvr.sys (Xilinx, Inc.)
DRV - (NPF) -- C:\WINDOWS\system32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (WinUSB) -- C:\WINDOWS\system32\drivers\winusb.sys (Microsoft Corporation)
DRV - (RT80x86) -- C:\WINDOWS\system32\drivers\rt2860.sys (Ralink Technology, Corp.)
DRV - (dmodusb) -- C:\WINDOWS\system32\drivers\dmodusb.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (AR5416) -- C:\WINDOWS\system32\drivers\athw.sys (Atheros Communications, Inc.)
DRV - (SNP2UVC) -- C:\WINDOWS\system32\drivers\snp2uvc.sys ()
DRV - (L1c) -- C:\WINDOWS\system32\drivers\l1c51x86.sys (Atheros Communications, Inc.)
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (uvclf) -- C:\WINDOWS\system32\drivers\uvclf.sys (GenesysLogic Technologies, Inc.)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (AsusACPI) -- C:\WINDOWS\system32\drivers\ASUSACPI.SYS (ASUSTeK Computer Inc.)
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1937419065-3020280299-1285230153-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
IE - HKU\S-1-5-21-1937419065-3020280299-1285230153-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://it.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1937419065-3020280299-1285230153-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it
IE - HKU\S-1-5-21-1937419065-3020280299-1285230153-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 66 6D 73 05 0F 51 CF 01 [binary data]
IE - HKU\S-1-5-21-1937419065-3020280299-1285230153-1005\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1937419065-3020280299-1285230153-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-1937419065-3020280299-1285230153-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Programmi\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Programmi\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Programmi\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programmi\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programmi\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Programmi\AVAST Software\Avast\WebRep\FF [2014/03/26 11.30.06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Programmi\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Programmi\Mozilla Firefox\plugins

[2014/03/17 19.28.11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Dati applicazioni\Mozilla\Extensions
[2014/04/05 22.34.46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Dati applicazioni\Mozilla\Firefox\Profiles\osfte35r.default-1396729538718\extensions
[2014/03/29 14.53.16 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\browser\extensions
[2014/03/29 15.04.57 | 000,000,000 | ---D | M] (Default) -- C:\Programmi\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com
CHR - plugin: Error reading preferences file
CHR - Extension: Documenti Google = C:\Documents and Settings\admin\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Documents and Settings\admin\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\admin\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Ricerca Google = C:\Documents and Settings\admin\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Documents and Settings\admin\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Documents and Settings\admin\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2008/04/14 14.00.00 | 000,000,768 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Supporto di collegamento per Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Guida per l'accesso a Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [AsusACPIServer] C:\Programmi\EeePC\ACPI\AsAcpiSvr.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusEPCMonitor] C:\Programmi\EeePC\ACPI\AsEPCMon.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusTray] C:\Programmi\EeePC\ACPI\AsTray.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Programmi\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [LiveUpdate] C:\Programmi\Asus\LiveUpdate\LiveUpdate.exe ()
O4 - HKLM..\Run: [SynAsusAcpi] C:\Programmi\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4 - HKU\S-1-5-21-1937419065-3020280299-1285230153-1005..\Run: [POP Peeper] C:\Programmi\POP Peeper\POPPeeper.exe (Mortal Universe)
O4 - Startup: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\ SuperHybridEngine.lnk = C:\Programmi\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (ASUSTeK Computer Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1937419065-3020280299-1285230153-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{431A969E-68B4-448C-BB7D-39989DA11866}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programmi\File comuni\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\File comuni\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\admin\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\admin\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/08/25 11.37.18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 60 Days ==========

[2014/04/05 22.47.18 | 000,107,736 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/04/05 22.46.24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Malwarebytes
[2014/04/05 22.44.15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\admin\Desktop\OTL.exe
[2014/04/05 22.38.01 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\admin\IECompatCache
[2014/04/05 21.11.32 | 000,000,000 | R--D | C] -- C:\Documents and Settings\admin\Menu Avvio\Programmi\Strumenti di amministrazione
[2014/04/03 14.01.24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Oracle VM VirtualBox
[2014/04/02 22.44.12 | 000,034,792 | ---- | C] (Google Inc) -- C:\WINDOWS\System32\drivers\wsadb.sys
[2014/04/02 22.44.11 | 001,461,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WdfCoInstaller01009.dll
[2014/04/02 22.44.11 | 000,851,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WinUSBCoInstaller2.dll
[2014/04/02 22.39.59 | 000,080,184 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\WINDOWS\System32\drivers\ssudbus.sys
[2014/04/02 22.29.53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Impostazioni locali\Dati applicazioni\Wondershare
[2014/04/02 22.29.48 | 000,000,000 | ---D | C] -- C:\Programmi\Common Files
[2014/04/02 22.29.20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Wondershare
[2014/04/02 22.29.00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dati applicazioni\Wondershare
[2014/04/02 22.28.59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\.android
[2014/04/02 22.28.58 | 000,000,000 | ---D | C] -- C:\Programmi\Wondershare
[2014/04/02 21.27.38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Impostazioni locali\Dati applicazioni\Identities
[2014/04/01 17.04.30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\.dia
[2014/04/01 17.04.08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Dia
[2014/04/01 17.03.19 | 000,000,000 | ---D | C] -- C:\Programmi\Dia
[2014/03/29 20.13.00 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\admin\Recent
[2014/03/29 14.53.16 | 000,000,000 | ---D | C] -- C:\Programmi\Mozilla Firefox
[2014/03/28 12.53.36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data
[2014/03/28 12.52.21 | 000,026,240 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\System32\drivers\dmodusb.sys
[2014/03/28 12.52.13 | 000,000,000 | ---D | C] -- C:\Programmi\File comuni\Digilent
[2014/03/26 23.22.35 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/03/26 22.31.12 | 000,000,000 | ---D | C] -- C:\Programmi\Jotzey
[2014/03/26 20.23.04 | 000,126,752 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\drivers\VBoxNetFlt.sys
[2014/03/26 20.23.00 | 000,174,880 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\VBoxNetFltNobj.dll
[2014/03/26 11.31.36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dati applicazioni\AVAST Software
[2014/03/26 11.30.59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Avast
[2014/03/26 11.30.10 | 000,776,976 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2014/03/26 11.30.10 | 000,411,552 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2014/03/26 11.30.10 | 000,057,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2014/03/26 11.30.09 | 000,067,824 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2014/03/26 11.30.09 | 000,054,832 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2014/03/26 11.30.07 | 000,271,264 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2014/03/26 11.30.03 | 000,043,152 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/03/26 11.29.16 | 000,000,000 | ---D | C] -- C:\Programmi\AVAST Software
[2014/03/26 09.51.18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dati applicazioni\Subversion
[2014/03/26 09.51.05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Documenti\MATLAB
[2014/03/26 09.50.16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dati applicazioni\MathWorks
[2014/03/25 18.31.19 | 000,407,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSHFLXGD.OCX
[2014/03/25 18.31.19 | 000,203,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\RICHTX32.OCX
[2014/03/25 17.09.00 | 000,000,000 | ---D | C] -- C:\Programmi\MATLAB
[2014/03/25 10.15.43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Impostazioni locali\Dati applicazioni\Temp
[2014/03/25 10.05.19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MRT
[2014/03/23 23.10.14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dati applicazioni\OpenOffice
[2014/03/23 23.08.49 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\OpenOffice 4.0.1
[2014/03/23 23.06.50 | 000,000,000 | ---D | C] -- C:\Programmi\OpenOffice 4
[2014/03/22 13.14.49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Notepad++
[2014/03/22 13.14.49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Menu Avvio\Programmi\Notepad++
[2014/03/22 13.14.44 | 000,000,000 | ---D | C] -- C:\Programmi\Notepad++
[2014/03/22 13.14.44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dati applicazioni\Notepad++
[2014/03/19 16.21.51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Xilinx
[2014/03/19 16.17.38 | 000,000,000 | ---D | C] -- C:\.Xilinx
[2014/03/19 16.00.36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Menu Avvio\Programmi\Digilent
[2014/03/19 16.00.36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\.cse
[2014/03/19 16.00.11 | 000,000,000 | ---D | C] -- C:\Programmi\Digilent
[2014/03/19 16.00.08 | 000,016,000 | ---- | C] (Xilinx, Inc.) -- C:\WINDOWS\System32\drivers\xpc4drvr.sys
[2014/03/19 15.59.48 | 000,195,968 | ---- | C] (Jungo) -- C:\WINDOWS\System32\drivers\windrvr6.sys
[2014/03/19 15.59.34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\WinPcap
[2014/03/19 15.59.32 | 000,000,000 | ---D | C] -- C:\Programmi\WinPcap
[2014/03/19 15.59.11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dati applicazioni\Xilinx
[2014/03/18 18.08.44 | 000,000,000 | ---D | C] -- C:\Xilinx
[2014/03/18 15.57.50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dati applicazioni\Download Manager
[2014/03/18 15.57.07 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2014/03/17 21.27.52 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014/03/17 21.27.52 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2014/03/17 21.24.28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Documenti\Download
[2014/03/17 21.23.09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\ModelSim PE Student Edition 10.3
[2014/03/17 19.47.35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Desktop\Installer
[2014/03/17 19.28.03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Impostazioni locali\Dati applicazioni\Mozilla
[2014/03/17 19.28.03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dati applicazioni\Mozilla
[2014/03/17 19.27.43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Mozilla
[2014/03/17 19.27.42 | 000,000,000 | ---D | C] -- C:\Programmi\Mozilla Maintenance Service
[2014/03/17 15.38.56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Documenti\Ansoft
[2014/03/12 12.46.04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\workspace_eclipse
[2014/03/12 12.21.12 | 000,000,000 | ---D | C] -- C:\Modeltech_pe_edu_10.3
[2014/03/12 12.19.01 | 000,327,168 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe
[2014/03/11 10.54.35 | 000,244,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Msflxgrd.ocx
[2014/03/11 10.54.35 | 000,209,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Tabctl32.ocx
[2014/03/11 10.54.35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\4nec2
[2014/03/11 10.54.25 | 000,000,000 | ---D | C] -- C:\4nec2
[2014/03/10 23.01.49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Git
[2014/03/10 23.01.00 | 000,000,000 | ---D | C] -- C:\Programmi\Git
[2014/03/10 22.57.37 | 000,000,000 | ---D | C] -- C:\Programmi\Ansoft
[2014/03/10 22.57.35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Ansoft
[2014/03/08 23.08.09 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2014/03/07 14.00.11 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xp_eos.exe
[2014/03/07 14.00.11 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xp_eos.exe
[2014/03/07 13.57.38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Impostazioni locali\Dati applicazioni\Sun
[2014/03/06 10.42.46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Sun
[2014/03/06 10.42.44 | 000,000,000 | ---D | C] -- C:\Programmi\File comuni\Java
[2014/03/06 10.42.38 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2014/03/06 10.42.38 | 000,145,408 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2014/03/06 10.42.22 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2014/03/06 10.42.22 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2014/03/06 10.42.22 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2014/03/06 10.42.22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Java
[2014/03/06 10.41.30 | 000,000,000 | ---D | C] -- C:\Programmi\Java
[2014/03/06 10.39.38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dati applicazioni\Sun
[2014/02/28 22.48.57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\VirtualBox VMs
[2014/02/28 22.45.31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\.VirtualBox
[2014/02/28 22.38.53 | 000,204,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\drivers\VBoxDrv.sys
[2014/02/28 22.37.40 | 000,000,000 | ---D | C] -- C:\Programmi\Oracle
[2014/02/28 22.32.16 | 000,104,736 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\drivers\VBoxUSBMon.sys
[2014/02/25 20.21.34 | 000,116,512 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\drivers\VBoxNetAdp.sys
[2014/02/25 11.38.08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2014/02/25 11.38.01 | 000,000,000 | ---D | C] -- C:\Programmi\MSBuild
[2014/02/25 11.37.58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2014/02/25 11.37.47 | 000,000,000 | ---D | C] -- C:\Programmi\Reference Assemblies
[2014/02/25 11.36.58 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2014/02/25 11.36.58 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2014/02/25 11.36.58 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2014/02/25 11.36.57 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2014/02/25 11.36.56 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2014/02/25 11.36.56 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2014/02/24 22.20.37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dati applicazioni\LibreOffice
[2014/02/24 22.12.44 | 000,000,000 | ---D | C] -- C:\Programmi\LibreOffice 4
[2014/02/24 13.24.53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dati applicazioni\Sublime Text 2
[2014/02/24 13.23.32 | 000,000,000 | ---D | C] -- C:\Programmi\Gnumeric
[2014/02/24 11.44.03 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidparse.sys
[2014/02/24 11.44.03 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2014/02/24 11.42.42 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
[2014/02/24 11.42.30 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2014/02/24 11.42.29 | 000,123,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbvideo.sys
[2014/02/24 11.38.49 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2014/02/24 11.38.18 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2014/02/24 11.38.18 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2014/02/24 11.38.14 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2014/02/24 11.38.10 | 011,113,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2014/02/24 11.38.09 | 002,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2014/02/24 11.38.09 | 000,522,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2014/02/24 11.36.35 | 000,032,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2014/02/24 11.36.35 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbd.sys
[2014/02/24 11.32.11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2014/02/24 11.31.56 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2014/02/23 14.15.56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dati applicazioni\WinRAR
[2014/02/23 14.07.30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dati applicazioni\POP Peeper
[2014/02/23 14.06.43 | 000,000,000 | ---D | C] -- C:\Programmi\POP Peeper
[2014/02/23 14.06.43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Menu Avvio\Programmi\POP Peeper
[2014/02/22 18.44.59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\AVAST Software
[2014/02/22 18.35.52 | 000,000,000 | ---D | C] -- C:\cygwin
[2014/02/22 18.35.16 | 000,000,000 | ---D | C] -- C:\Programmi\Sublime Text 2
[2014/02/22 18.34.40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\WinRAR
[2014/02/22 18.34.40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Menu Avvio\Programmi\WinRAR
[2014/02/22 18.34.10 | 000,000,000 | ---D | C] -- C:\Programmi\WinRAR
[2014/02/22 18.28.13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Desktop\UNI
[2014/02/22 18.28.13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Desktop\test
[2014/02/22 18.27.41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Desktop\altro
[2014/02/22 18.15.21 | 000,000,000 | ---D | C] -- C:\Programmi\CCleaner
[2014/02/22 18.14.18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Documenti\Downloads
[2014/02/22 18.09.28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Google Chrome
[2014/02/22 18.07.40 | 000,000,000 | ---D | C] -- C:\Programmi\Google
[2014/02/22 18.07.40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Impostazioni locali\Dati applicazioni\Google
[2014/02/22 18.07.20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Impostazioni locali\Dati applicazioni\Deployment
[2014/02/22 18.05.45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dati applicazioni\Macromedia
[2014/02/22 18.05.41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dati applicazioni\Adobe
[2014/02/22 18.05.40 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\admin\PrivacIE
[2014/02/22 12.44.06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2014/02/22 11.20.48 | 000,000,000 | --SD | C] -- C:\Documents and Settings\admin\Dati applicazioni\Microsoft
[2014/02/22 11.20.48 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\admin\SendTo
[2014/02/22 11.20.48 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\admin\Dati applicazioni
[2014/02/22 11.20.48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\admin\Preferiti
[2014/02/22 11.20.48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\admin\Documenti\Musica
[2014/02/22 11.20.48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\admin\Menu Avvio
[2014/02/22 11.20.48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\admin\Documenti\Immagini
[2014/02/22 11.20.48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\admin\Menu Avvio\Programmi\Esecuzione automatica
[2014/02/22 11.20.48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\admin\Documenti
[2014/02/22 11.20.48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\admin\Menu Avvio\Programmi\Accessori
[2014/02/22 11.20.48 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\admin\IETldCache
[2014/02/22 11.20.48 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\admin\Cookies
[2014/02/22 11.20.48 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\admin\Risorse di stampa
[2014/02/22 11.20.48 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\admin\Risorse di rete
[2014/02/22 11.20.48 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\admin\Modelli
[2014/02/22 11.20.48 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\admin\Impostazioni locali
[2014/02/22 11.20.48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Documenti\My Videos
[2014/02/22 11.20.48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Documenti\My Pictures
[2014/02/22 11.20.48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Documenti\My Office
[2014/02/22 11.20.48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Documenti\My Music
[2014/02/22 11.20.48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Documenti\My Ebooks
[2014/02/22 11.20.48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Impostazioni locali\Dati applicazioni\Microsoft Help
[2014/02/22 11.20.48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Impostazioni locali\Dati applicazioni\Microsoft
[2014/02/22 11.20.48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dati applicazioni\InstallShield
[2014/02/22 11.20.48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Dati applicazioni\Identities
[2014/02/22 11.20.48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Desktop
[2014/02/22 11.20.48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Impostazioni locali\Dati applicazioni\Adobe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 60 Days ==========

[2014/04/06 18.29.03 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/04/06 14.06.14 | 000,107,736 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/04/06 14.05.19 | 000,000,354 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014/04/06 14.04.45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/04/05 22.44.23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\Desktop\OTL.exe
[2014/04/03 14.01.25 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Oracle VM VirtualBox.lnk
[2014/04/03 11.09.35 | 001,060,855 | ---- | M] () -- C:\Documents and Settings\admin\Desktop\Dispensa_APS_2_3.pdf
[2014/04/02 22.47.38 | 000,008,016 | ---- | M] () -- C:\Documents and Settings\admin\Documenti\cc_20140402_224734.reg
[2014/04/02 22.45.50 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_wsadb_01009.Wdf
[2014/04/02 22.45.40 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WinUSB_01009.Wdf
[2014/04/02 22.45.22 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2014/04/02 22.45.22 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2014/04/02 22.44.12 | 000,851,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WinUSBCoInstaller2.dll
[2014/04/02 22.44.12 | 000,034,792 | ---- | M] (Google Inc) -- C:\WINDOWS\System32\drivers\wsadb.sys
[2014/04/02 22.44.11 | 001,461,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WdfCoInstaller01009.dll
[2014/04/02 22.44.11 | 000,080,184 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\WINDOWS\System32\drivers\ssudbus.sys
[2014/04/02 09.46.30 | 000,001,995 | ---- | M] () -- C:\Documents and Settings\admin\Impostazioni locali\Dati applicazioni\recently-used.xbel
[2014/03/31 21.52.43 | 000,001,128 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/03/31 21.52.43 | 000,001,124 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/03/31 12.43.58 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/03/26 22.54.28 | 000,015,340 | ---- | M] () -- C:\Documents and Settings\admin\Documenti\cc_20140326_215420.reg
[2014/03/26 20.24.40 | 000,204,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\drivers\VBoxDrv.sys
[2014/03/26 20.23.06 | 000,116,512 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\drivers\VBoxNetAdp.sys
[2014/03/26 20.23.04 | 000,126,752 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\drivers\VBoxNetFlt.sys
[2014/03/26 20.23.04 | 000,104,736 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\drivers\VBoxUSBMon.sys
[2014/03/26 20.23.00 | 000,174,880 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\VBoxNetFltNobj.dll
[2014/03/26 11.30.04 | 000,776,976 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2014/03/26 11.30.04 | 000,411,552 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2014/03/26 11.30.04 | 000,180,760 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014/03/26 11.30.04 | 000,067,824 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2014/03/26 11.30.04 | 000,057,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2014/03/26 11.30.04 | 000,054,832 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2014/03/26 11.30.04 | 000,049,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014/03/26 11.30.03 | 000,271,264 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2014/03/26 11.30.03 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/03/26 09.53.50 | 000,000,871 | ---- | M] () -- C:\Documents and Settings\admin\Desktop\Collegamento a MATLAB.lnk
[2014/03/25 10.07.57 | 000,480,216 | ---- | M] () -- C:\WINDOWS\System32\perfh010.dat
[2014/03/25 10.07.57 | 000,433,470 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014/03/25 10.07.57 | 000,080,526 | ---- | M] () -- C:\WINDOWS\System32\perfc010.dat
[2014/03/25 10.07.57 | 000,068,426 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014/03/24 09.47.03 | 000,213,672 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014/03/23 22.28.43 | 000,010,234 | ---- | M] () -- C:\Documents and Settings\admin\Documenti\cc_20140323_212824.reg
[2014/03/22 11.20.59 | 000,010,534 | ---- | M] () -- C:\Documents and Settings\admin\_viminfo
[2014/03/21 18.29.31 | 000,000,138 | ---- | M] () -- C:\Documents and Settings\admin\.gitconfig
[2014/03/19 15.59.34 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\-1
[2014/03/18 17.37.18 | 000,040,780 | ---- | M] () -- C:\Documents and Settings\admin\Desktop\single_stub.adsn
[2014/03/17 21.27.52 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014/03/17 21.27.52 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2014/03/17 19.27.44 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2014/03/16 13.53.02 | 3234,840,576 | R--- | M] () -- C:\Documents and Settings\admin\Desktop\kali-linux-1.0.6-i386.iso
[2014/03/08 23.08.18 | 000,000,216 | ---- | M] () -- C:\WINDOWS\tasks\Notifica di interruzione del servizio per Microsoft Windows XP - Mensile.job
[2014/03/06 11.12.33 | 729,808,896 | ---- | M] () -- C:\Documents and Settings\admin\Desktop\lubuntu-13.10-desktop-i386.iso
[2014/03/06 10.41.55 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2014/03/06 10.41.47 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2014/03/06 10.41.47 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2014/03/06 10.41.46 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2014/03/06 10.41.46 | 000,145,408 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2014/03/02 23.53.46 | 000,013,016 | ---- | M] () -- C:\Documents and Settings\admin\Documenti\cc_20140302_225342.reg
[2014/02/27 01.28.40 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xp_eos.exe
[2014/02/27 01.28.40 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xp_eos.exe
[2014/02/24 17.26.00 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2014/02/24 17.26.00 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2014/02/24 13.45.23 | 000,920,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2014/02/24 13.45.21 | 000,759,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2014/02/24 13.45.20 | 001,216,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2014/02/24 13.45.19 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2014/02/24 13.45.19 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2014/02/24 13.45.19 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2014/02/24 13.45.19 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[2014/02/24 13.45.19 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2014/02/24 13.45.18 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2014/02/24 13.45.17 | 006,022,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2014/02/24 13.45.10 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2014/02/24 13.45.10 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2014/02/24 13.45.10 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2014/02/24 13.45.10 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2014/02/24 13.45.09 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2014/02/24 13.45.09 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[2014/02/24 13.45.09 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2014/02/24 13.45.09 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2014/02/24 13.45.09 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2014/02/24 13.45.08 | 002,006,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2014/02/24 13.45.08 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2014/02/24 13.45.08 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2014/02/24 13.45.06 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2014/02/24 13.45.06 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2014/02/24 13.45.05 | 011,113,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2014/02/24 13.45.00 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2014/02/24 13.44.59 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2014/02/24 13.44.59 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2014/02/24 13.44.59 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\corpol.dll
[2014/02/24 13.44.59 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\corpol.dll
[2014/02/24 12.55.56 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2014/02/24 11.32.22 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2014/02/23 19.43.32 | 000,038,250 | ---- | M] () -- C:\Documents and Settings\admin\Documenti\cc_20140223_184327.reg
[2014/02/22 11.20.08 | 000,000,068 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2014/02/22 11.16.40 | 000,005,208 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2014/02/07 08.36.38 | 001,879,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2014/02/07 08.36.38 | 001,879,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/04/03 14.14.01 | 3234,840,576 | R--- | C] () -- C:\Documents and Settings\admin\Desktop\kali-linux-1.0.6-i386.iso
[2014/04/03 14.01.25 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Oracle VM VirtualBox.lnk
[2014/04/03 11.09.35 | 001,060,855 | ---- | C] () -- C:\Documents and Settings\admin\Desktop\Dispensa_APS_2_3.pdf
[2014/04/02 22.47.37 | 000,008,016 | ---- | C] () -- C:\Documents and Settings\admin\Documenti\cc_20140402_224734.reg
[2014/04/02 22.45.50 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_wsadb_01009.Wdf
[2014/04/02 22.45.40 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WinUSB_01009.Wdf
[2014/04/02 22.45.22 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2014/04/02 22.45.21 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2014/04/02 09.46.30 | 000,001,995 | ---- | C] () -- C:\Documents and Settings\admin\Impostazioni locali\Dati applicazioni\recently-used.xbel
[2014/03/26 22.54.26 | 000,015,340 | ---- | C] () -- C:\Documents and Settings\admin\Documenti\cc_20140326_215420.reg
[2014/03/26 11.30.30 | 000,000,354 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014/03/26 11.30.10 | 000,180,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014/03/26 11.30.10 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014/03/26 09.53.50 | 000,000,871 | ---- | C] () -- C:\Documents and Settings\admin\Desktop\Collegamento a MATLAB.lnk
[2014/03/25 18.31.06 | 000,645,120 | ---- | C] () -- C:\WINDOWS\System32\config.gms
[2014/03/23 22.28.41 | 000,010,234 | ---- | C] () -- C:\Documents and Settings\admin\Documenti\cc_20140323_212824.reg
[2014/03/21 18.29.31 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\admin\.gitconfig
[2014/03/21 17.36.12 | 000,010,534 | ---- | C] () -- C:\Documents and Settings\admin\_viminfo
[2014/03/19 15.59.33 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\-1
[2014/03/18 17.37.18 | 000,040,780 | ---- | C] () -- C:\Documents and Settings\admin\Desktop\single_stub.adsn
[2014/03/17 21.27.53 | 000,000,978 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/03/17 19.27.44 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Mozilla Firefox.lnk
[2014/03/17 19.27.44 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2014/03/08 23.08.16 | 000,000,216 | ---- | C] () -- C:\WINDOWS\tasks\Notifica di interruzione del servizio per Microsoft Windows XP - Mensile.job
[2014/03/06 10.56.25 | 729,808,896 | ---- | C] () -- C:\Documents and Settings\admin\Desktop\lubuntu-13.10-desktop-i386.iso
[2014/03/02 23.53.45 | 000,013,016 | ---- | C] () -- C:\Documents and Settings\admin\Documenti\cc_20140302_225342.reg
[2014/02/24 11.35.21 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2014/02/24 11.35.21 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2014/02/23 19.43.29 | 000,038,250 | ---- | C] () -- C:\Documents and Settings\admin\Documenti\cc_20140223_184327.reg
[2014/02/22 18.35.19 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Sublime Text 2.lnk
[2014/02/22 18.07.43 | 000,001,128 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/22 18.07.43 | 000,001,124 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/22 11.20.48 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\admin\Menu Avvio\Programmi\Assistenza remota.lnk
[2014/02/22 11.20.48 | 000,000,783 | ---- | C] () -- C:\Documents and Settings\admin\Menu Avvio\Programmi\Internet Explorer.lnk
[2014/02/22 11.20.48 | 000,000,768 | ---- | C] () -- C:\Documents and Settings\admin\Menu Avvio\Programmi\Windows Media Player.lnk
[2014/02/22 11.20.48 | 000,000,718 | ---- | C] () -- C:\Documents and Settings\admin\Menu Avvio\Programmi\Outlook Express.lnk

========== ZeroAccess Check ==========

[2009/08/25 13.48.24 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009/03/03 01.10.18 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 12.51.43 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 14.00.00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2014/03/26 11.31.36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dati applicazioni\AVAST Software
[2014/02/24 22.20.37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dati applicazioni\LibreOffice
[2014/03/22 18.59.41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dati applicazioni\Notepad++
[2014/03/23 23.10.14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dati applicazioni\OpenOffice
[2014/04/06 20.13.42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dati applicazioni\POP Peeper
[2014/02/24 13.24.53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dati applicazioni\Sublime Text 2
[2014/03/26 09.51.18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dati applicazioni\Subversion
[2014/04/02 22.29.00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dati applicazioni\Wondershare
[2014/03/20 11.29.09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Dati applicazioni\Xilinx
[2014/03/26 11.28.30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\AVAST Software
[2009/08/25 13.08.16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Ralink Driver

========== Purity Check ==========

< End of report >

Il report di adwcleaner non lo posso mettere perchè avevo già usato questo programma prima di chiedervi aiuto, quindi il nuovo log è praticamente vuoto.
Tutto a posto in questi log?
gora
Utente Junior
 
Post: 28
Iscritto il: 11/09/11 20:14

Re: Rimozione conduit

Postdi FDACCC » 20/04/14 17:29

Ciao Scusa il ritardo.

Riscontri ancora problemi?
FDACCC
Utente Senior
 
Post: 170
Iscritto il: 20/12/13 10:16

Re: Rimozione conduit

Postdi gora » 20/04/14 21:29

Nessun problema nè per il ritardo nè per il pc :)
I log sono puliti? :)
gora
Utente Junior
 
Post: 28
Iscritto il: 11/09/11 20:14

Rimozione youtube accelerator

Postdi karch6 » 26/02/16 21:53

Buonasera,
qualcuno sa aiutarmi per rimuovere "youtube accelerator" dal mio pc?
Grazie mille
karch6
Utente Junior
 
Post: 13
Iscritto il: 03/02/13 21:56

Re: Rimozione conduit

Postdi shel » 26/02/16 22:40

ciao karch6 scarica adwcleaner

clicca su scan e poi su ''clean'' conferma con OK le varie finestre che ti compariranno.

alla fine clicca su Report e allega il contenuto

Fai questa scansione per verificare meglio lo stato del pc:
Scarica FRST sul desktop: (è obligatorio)
http://www.bleepingcomputer.com/downloa ... scan-tool/
Avvialo e clicca Esegui.

Sulla finestra che ti compare clicca SI.

Clicca Scan.

Aspetta pazientemente la fine della scansione.

Posta i 2 log log che rilascia sul desktop (FRST.txt e Addition.txt)
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56


Torna a Sicurezza e Privacy


Topic correlati a "Rimozione conduit":


Chi c’è in linea

Visitano il forum: Nessuno e 4 ospiti