Log Adwcleaner
# AdwCleaner v2.305 - Logfile creato il 15/07/2013 alle 18:55:28
# Aggiornamento 11/07/2013 by Xplode
# Sistema Operativo : Microsoft Windows XP Service Pack 3 (32 bits)
# Utente : Andre - ANDREA
# Modalità Avvio : Modalità Normale
# Eseguito da : C:\Documents and Settings\Andre\Documenti\Download\adwcleaner.exe
# Opzioni [Elimina]
***** [Servizi] *****
***** [File / Cartelle] *****
Cartella Eliminato : C:\Documents and Settings\Andre\Dati applicazioni\Mozilla\Firefox\Profiles\84zxqa2j.default-1369575814953\extensions\staged
Cartella Eliminato : C:\Documents and Settings\Andre\Dati applicazioni\pdfforge
Cartella Eliminato : C:\Documents and Settings\Andre\Dati applicazioni\PriceGong
Cartella Eliminato : C:\Documents and Settings\Andre\Impostazioni locali\Dati applicazioni\Conduit
Cartella Eliminato : C:\Documents and Settings\Andre\Impostazioni locali\Dati applicazioni\SoftwareUpdater
Cartella Eliminato : C:\Documents and Settings\Andre\Impostazioni locali\Dati applicazioni\uTorrentBar_IT
Cartella Eliminato : C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\uTorrentBar_IT
Cartella Eliminato : C:\Programmi\Conduit
Cartella Eliminato : C:\Programmi\uTorrentBar_IT
***** [Registro] *****
Chiave Eliminata : HKCU\Software\APN PIP
Chiave Eliminata : HKCU\Software\AppDataLow\Software\Conduit
Chiave Eliminata : HKCU\Software\Conduit
Chiave Eliminata : HKCU\Software\ConduitSearchScopes
Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{854145C6-B95A-408D-BE86-367DC393A219}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Chiave Eliminata : HKCU\Software\PIP
Chiave Eliminata : HKCU\Software\PriceGong
Chiave Eliminata : HKCU\Software\SmartBar
Chiave Eliminata : HKCU\Software\Softonic
Chiave Eliminata : HKCU\Software\uTorrentBar_IT
Chiave Eliminata : HKCU\Toolbar
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{854145C6-B95A-408D-BE86-367DC393A219}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Toolbar.CT2851640
Chiave Eliminata : HKLM\Software\Conduit
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5F69DAFD-3591-43DC-8F09-614EE5A4A65E}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AE5D60CF-012B-478F-B3D5-6EC059BA752A}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Freemake Video Converter_is1
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{854145C6-B95A-408D-BE86-367DC393A219}
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Freemake Video Converter_is1
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_IT Toolbar
Chiave Eliminata : HKLM\Software\PIP
Chiave Eliminata : HKLM\Software\uTorrentBar_IT
Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}]
Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}]
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}]
***** [Browser Internet] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Registro Pulito.
-\\ Mozilla Firefox v22.0 (it)
File : C:\Documents and Settings\Andre\Dati applicazioni\Mozilla\Firefox\Profiles\84zxqa2j.default-1369575814953\prefs.js
[OK] File Pulito.
*************************
AdwCleaner[S1].txt - [4523 octets] - [15/07/2013 18:55:28]
########## EOF - C:\AdwCleaner[S1].txt - [4583 octets] ##########
LOG HJT dopo passaggio con ADWLogfile of Trend Micro HijackThis v2.0.4
Scan saved at 19.05.36, on 15/07/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Programmi\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Programmi\File comuni\Portrait Displays\Plugins\AM\dtsslsrv.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\I-Storm USB ADSL Modem\CnxDslTb.exe
C:\Programmi\File comuni\Portrait Displays\Shared\DTSRVC.exe
C:\Documents and Settings\All Users\Dati applicazioni\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmi\Microsoft Security Client\msseces.exe
C:\Programmi\Wireless Keyboard Driver\LedStatusApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Programmi\QuickTime\QTTask.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Internet Download Manager\IDMan.exe
C:\Programmi\Megatec\UPSilon 2000\Monw32.exe
C:\WINDOWS\twain_32\S6U12BX\WATCH.exe
C:\Programmi\Canon\IJPLM\IJPLMSVC.EXE
C:\Programmi\Java\jre7\bin\jqs.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmi\CyberLink\Shared files\RichVideo.exe
C:\Programmi\Megatec\UPSilon 2000\RupsMon.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Megatec\UPSilon 2000\USBMate.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\Internet Download Manager\IEMonitor.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.uominiecitta.blogspot.it/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Programmi\Internet Download Manager\IDMIECC.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programmi\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: PXCIEaddin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - C:\Programmi\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre7\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programmi\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: PDFXChange 4.0 IE Plugin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - C:\Programmi\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll
O4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Programmi\I-Storm USB ADSL Modem\CnxDslTb.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Programmi\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Programmi\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [MDS_Menu] "C:\Programmi\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe" "C:\Programmi\CyberLink\MediaShow4" UpdateWithCreateOnce "Software\CyberLink\MediaShow\4.1"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Programmi\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Programmi\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePPShortCut] "C:\Programmi\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Programmi\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Programmi\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Programmi\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Programmi\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe" "C:\Programmi\CyberLink\Blu-ray Disc Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [Gtwatch] C:\WINDOWS\gtwatch.exe
O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice
O4 - HKLM\..\Run: [MSC] "c:\Programmi\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [WIRELESS-KB-LED-STATUS] C:\Programmi\Wireless Keyboard Driver\LedStatusApp.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Programmi\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-21-1993962763-413027322-725345543-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Rupsmon Daemon.lnk = ?
O4 - Global Startup: Watch.lnk = C:\WINDOWS\twain_32\S6U12BX\WATCH.exe
O8 - Extra context menu item: Scarica con IDM - C:\Programmi\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Scarica tutti i link con IDM - C:\Programmi\Internet Download Manager\IEGetAll.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{1612BBFF-EA65-421D-AAD7-7626EDB292B7}: NameServer = 8.8.8.8,213.133.224.5
O17 - HKLM\System\CCS\Services\Tcpip\..\{1BBEA530-CA1C-4ABA-B2DC-36A97A5B75F9}: NameServer = 78.47.115.195,78.47.115.198
O17 - HKLM\System\CCS\Services\Tcpip\..\{A2F66648-D989-4399-967D-95974C35AE10}: NameServer = 85.37.17.13 85.38.28.81
O17 - HKLM\System\CCS\Services\Tcpip\..\{A666D120-4645-4E4B-98D4-B96AFBEC8A91}: NameServer = 78.47.115.195,78.47.115.198
O17 - HKLM\System\CCS\Services\Tcpip\..\{C27CDFE9-705D-49CA-A927-1AFF3A64641C}: NameServer = 78.47.115.195,78.47.115.198
O17 - HKLM\System\CCS\Services\Tcpip\..\{CC07B38A-4B44-43F8-AAF6-8FB3408ED0D4}: NameServer = 78.47.115.195,78.47.115.198
O17 - HKLM\System\CS1\Services\Tcpip\..\{1612BBFF-EA65-421D-AAD7-7626EDB292B7}: NameServer = 8.8.8.8,213.133.224.5
O17 - HKLM\System\CS2\Services\Tcpip\..\{1612BBFF-EA65-421D-AAD7-7626EDB292B7}: NameServer = 8.8.8.8,213.133.224.5
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Asset Management Daemon - Unknown owner - C:\Programmi\File comuni\Portrait Displays\Plugins\AM\dtsslsrv.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Programmi\File comuni\Portrait Displays\Shared\DTSRVC.exe
O23 - Service: Freemake Improver - Freemake - C:\Documents and Settings\All Users\Dati applicazioni\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Programmi\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Programmi\Java\jre7\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: LiveUpSC - Unknown owner - C:\Documents and Settings\Andre\Impostazioni locali\Dati applicazioni\SoftwareUpdater\SoftwareUpdService.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Programmi\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmi\CyberLink\Shared files\RichVideo.exe
O23 - Service: Rupsmon - Mega System Technologies, Inc. - C:\Programmi\Megatec\UPSilon 2000\RupsMon.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Programmi\Skype\Updater\Updater.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Programmi\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBMate - Mega Corp. - C:\Programmi\Megatec\UPSilon 2000\USBMate.exe
--
End of file - 12028 bytes
