Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Pulizia e migliorie Notepad lento

Pulizia e migliorie Notepad lento Opzioni
Topic Precedente · Topic Sucessivo
zapek
Inviato: Friday, March 07, 2014 9:53:45 AM
Rank: Member

Iscritto dal : 12/15/2013
Posts: 11
Ciao a tutti,
mio fratello mi ha richiesto una pulizia ed un miglioramento del suo notepad.
Io ho effettuato un controllo con Hjjackthis, poi ho passato Malawarebytes, Adwcleaner e JRT infine ho rifatto Hjjackthis: Vi posto in sequenza tutti i log, (anche se forse il primo hjjacklog temo sia andato perso e forse lo ho sovrascritto accidentalmente, ma non sono capace di accertarlo, percio vi posto i due log anche se temo siano uguali, sob.
Gentilmente mi potete dire se ci sono voci che posso eliminare; e anche che migliorie posso fare (tipo agg Java o explorer o eliminazione o sostituzione avast antivirus con qualcosa di meglio ecc.) e dove e come farle ed anche migliorare un po' la velocita' operativa che mi sembra un po' lenta anche se e' la prima volta che uso un computer con windows Vista e forse e' normale che vada cosi'.
Ringrazio anticipatamente per aiuti e consigli che mi darete, ciaoo.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22.35.12, on 06/03/2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16533)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\FilmFanatic\bar\1.bin\pabrmon.exe
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Windows\system32\wuauclt.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {796b75f6-6187-47e2-8f1f-c16e059e6e19} - C:\Program Files\FilmFanatic\bar\1.bin\paSrcAs.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Toolbar BHO - {631acb68-57c3-48af-9cc5-fcec0837ffd3} - C:\PROGRA~1\FILMFA~2\bar\1.bin\pabar.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Search Assistant BHO - {d5e9b421-c309-41de-9014-800a2adcdeb0} - C:\Program Files\FilmFanatic\bar\1.bin\paSrcAs.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: FilmFanatic - {0b84b4b4-8af8-4f1f-91fe-074a666f6425} - C:\Program Files\FilmFanatic\bar\1.bin\pabar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [FilmFanatic Browser Plugin Loader] C:\PROGRA~1\FILMFA~2\bar\1.bin\pabrmon.exe
O4 - HKLM\..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: FilmFanatic Service (FilmFanaticService) - FilmFanatic - C:\PROGRA~1\FILMFA~2\bar\1.bin\pabarsvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Servizio Vodafone Mobile Broadband (VmbService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe

--
End of file - 4357 bytes


Malwarebytes Anti-Malware (Prova) 1.75.0.1300
www.malwarebytes.org

Versione database: v2014.03.06.09

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Paolo :: NOTE-PAOLO [amministratore]

Protezione: Attivata

06/03/2014 22.50.53
mbam-log-2014-03-06 (22-50-53).txt

Tipo di scansione: Scansione completa (C:\|D:\|)
Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File di sistema | Euristica/Extra | Euristica/Shuriken | PUP | PUM
Opzioni di scansione disattivate: P2P
Elementi esaminati: 326766
Tempo impiegato: 1 ore, 45 minuti, 12 secondi

Processi rilevati in memoria: 1
C:\Program Files\FilmFanatic\bar\1.bin\pabrmon.exe (PUP.Optional.MindSpark) -> 2424 -> Verrà eliminato al riavvio.

Moduli di memoria rilevati: 0
(non sono stati rilevati elementi nocivi)

Chiavi di registro rilevate: 0
(non sono stati rilevati elementi nocivi)

Valori di registro rilevati: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|FilmFanatic Browser Plugin Loader (PUP.Optional.MindSpark) -> Dati: C:\PROGRA~1\FILMFA~2\bar\1.bin\pabrmon.exe -> Spostato in quarantena ed eliminato con successo.

Voci rilevate nei dati di registro: 0
(non sono stati rilevati elementi nocivi)

Cartelle rilevate: 0
(non sono stati rilevati elementi nocivi)

File rilevati: 15
D:\SAVE\Users\Lory.Portatile\AppData\Local\Temp\nsnCF11.tmp\Install.dll (Adware.Seekmo) -> Spostato in quarantena ed eliminato con successo.
D:\SAVE\Users\Lory.Portatile\AppData\Local\Temp\nsnCF11.tmp\Resource.dll (Adware.ClickPotato) -> Spostato in quarantena ed eliminato con successo.
D:\SAVE\Users\Lory.Portatile\AppData\Local\Temp\nsnCF11.tmp\Setup.dll (Adware.Seekmo) -> Spostato in quarantena ed eliminato con successo.
D:\SAVE\Users\Lory.Portatile\AppData\Local\Temp\nsr550F.tmp\Install.dll (Adware.Seekmo) -> Spostato in quarantena ed eliminato con successo.
D:\SAVE\Users\Lory.Portatile\AppData\Local\Temp\nsr550F.tmp\LaunchHelp.dll (Adware.Seekmo) -> Spostato in quarantena ed eliminato con successo.
D:\SAVE\Users\Lory.Portatile\AppData\Local\Temp\nsr550F.tmp\Resource.dll (Adware.ClickPotato) -> Spostato in quarantena ed eliminato con successo.
D:\SAVE\Users\Lory.Portatile\AppData\Local\Temp\nsr550F.tmp\Setup.dll (Adware.Seekmo) -> Spostato in quarantena ed eliminato con successo.
D:\SAVE\Users\Paolo\AppData\Local\Temp\err.log4218532 (Spyware.Passwords.XGen) -> Spostato in quarantena ed eliminato con successo.
D:\SAVE\Users\Paolo\AppData\Local\Temp\err.log4217596 (Spyware.Passwords.XGen) -> Spostato in quarantena ed eliminato con successo.
D:\SAVE\Users\Paolo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\36eb75d6-6afa04a6 (Spyware.Passwords.XGen) -> Spostato in quarantena ed eliminato con successo.
D:\SAVE\Users\Paolo\AppData\Roaming\desktop.ini (Rootkit.0access) -> Spostato in quarantena ed eliminato con successo.
D:\SAVE\Users\Paolo\AppData\Roaming\ntuser.dat (VirTool.Obfuscator) -> Spostato in quarantena ed eliminato con successo.
D:\SAVE\Users\Paolo\AppData\Roaming\Adobe\plugs\err.log4255364 (Spyware.Passwords.XGen) -> Spostato in quarantena ed eliminato con successo.
D:\SAVE\Users\Paolo\AppData\Roaming\xmvmmdhcwo2gsngm1ssjp1fqvhvpjkyh2\svcnost.exe (Trojan.Banker) -> Spostato in quarantena ed eliminato con successo.
C:\Program Files\FilmFanatic\bar\1.bin\pabrmon.exe (PUP.Optional.MindSpark) -> Verrà eliminato al riavvio.

(fine)


# AdwCleaner v3.020 - Report created 07/03/2014 at 08:53:10
# Updated 27/02/2014 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : Paolo - NOTE-PAOLO
# Running from : C:\Users\Paolo\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : FilmFanaticService

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\FilmFanatic
Folder Deleted : C:\Program Files\FilmFanaticEI
Folder Deleted : C:\Users\Paolo\AppData\LocalLow\FilmFanatic
Folder Deleted : C:\Users\Paolo\AppData\LocalLow\FilmFanaticEI

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [paffxtbr@FilmFanatic.com]
Key Deleted : HKLM\SOFTWARE\Classes\FilmFanatic.DynamicBarButton
Key Deleted : HKLM\SOFTWARE\Classes\FilmFanatic.DynamicBarButton.1
Key Deleted : HKLM\SOFTWARE\Classes\FilmFanatic.FeedManager
Key Deleted : HKLM\SOFTWARE\Classes\FilmFanatic.FeedManager.1
Key Deleted : HKLM\SOFTWARE\Classes\FilmFanatic.HTMLMenu
Key Deleted : HKLM\SOFTWARE\Classes\FilmFanatic.HTMLMenu.1
Key Deleted : HKLM\SOFTWARE\Classes\FilmFanatic.HTMLPanel
Key Deleted : HKLM\SOFTWARE\Classes\FilmFanatic.HTMLPanel.1
Key Deleted : HKLM\SOFTWARE\Classes\FilmFanatic.MultipleButton
Key Deleted : HKLM\SOFTWARE\Classes\FilmFanatic.MultipleButton.1
Key Deleted : HKLM\SOFTWARE\Classes\FilmFanatic.PseudoTransparentPlugin
Key Deleted : HKLM\SOFTWARE\Classes\FilmFanatic.PseudoTransparentPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\FilmFanatic.Radio
Key Deleted : HKLM\SOFTWARE\Classes\FilmFanatic.Radio.1
Key Deleted : HKLM\SOFTWARE\Classes\FilmFanatic.RadioSettings
Key Deleted : HKLM\SOFTWARE\Classes\FilmFanatic.RadioSettings.1
Key Deleted : HKLM\SOFTWARE\Classes\FilmFanatic.ScriptButton
Key Deleted : HKLM\SOFTWARE\Classes\FilmFanatic.ScriptButton.1
Key Deleted : HKLM\SOFTWARE\Classes\FilmFanatic.SettingsPlugin
Key Deleted : HKLM\SOFTWARE\Classes\FilmFanatic.SettingsPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\FilmFanatic.ThirdPartyInstaller
Key Deleted : HKLM\SOFTWARE\Classes\FilmFanatic.ThirdPartyInstaller.1
Key Deleted : HKLM\SOFTWARE\Classes\FilmFanatic.UrlAlertButton
Key Deleted : HKLM\SOFTWARE\Classes\FilmFanatic.UrlAlertButton.1
Key Deleted : HKLM\SOFTWARE\Classes\FilmFanatic.XMLSessionPlugin
Key Deleted : HKLM\SOFTWARE\Classes\FilmFanatic.XMLSessionPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@FilmFanatic.com/Plugin
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{07D09E63-294F-4AA3-AB44-E61331AEC6A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0B84B4B4-8AF8-4F1F-91FE-074A666F6425}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{12659BAB-1B90-4FBB-97CF-DB2D3475DC38}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1DA22A28-324D-4DD4-B2DC-66A3CEBF447F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2F38D624-AC5D-4096-88CC-A58D2AC806E1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{37A2255C-D173-4B54-A455-13DE1DDA9F44}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3E9BE71D-A3FA-4224-AB29-2602ACD577FF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C2743F0-A2E2-41A0-9E65-798943109F42}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5CE76F81-AF51-4AAD-8D83-5A28E163530E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{631ACB68-57C3-48AF-9CC5-FCEC0837FFD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{796B75F6-6187-47E2-8F1F-C16E059E6E19}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7F4A94DC-2191-4EE3-9F0B-C8A12199D22C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{93FC722B-AB04-4CE2-B1A5-5B6889A72830}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9549F17F-105D-4802-96CB-6113ACC2CB53}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99B340F7-76E0-44AB-9948-B95A1B475D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A876A1C1-D9F6-4562-8DBC-D98B61B3F281}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF51ACFA-1320-4087-A9F8-0ACE3F2BD0C8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BDE564F7-15C9-4C39-A5BA-6AD66A289997}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D5E9B421-C309-41DE-9014-800A2ADCDEB0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DBB38792-EDA6-4557-999B-1974290253A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EDEC5CDC-B714-4B45-9B66-C370451A74F9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EFBF47AA-3C29-4C00-9225-6001E6A0B1AC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1BE14FE1-3175-4324-A77B-33FE5CB7A6ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C990ECA-72D6-4E65-A35B-A08C1DF79E6E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC65300A-DC43-4D86-B153-E59CF6E74216}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{335FDF69-47E2-4099-8B85-F743014942C5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3E5B610B-F82D-42FD-AA36-10B0C103BDD5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{80154DB4-DC3D-41D7-A5DA-3B63549377A4}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{83AFB8A1-DFD5-4103-B5F7-52F2F114D188}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{864D5A22-9C34-48F6-9385-2E1EAF5F8C33}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{95C0D70C-E5ED-4618-AECC-E11066F86960}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9F5FEDB2-90BB-43E9-BECD-69758C60B00A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B04A9E6A-C9C5-4A2F-ADF9-B69BAC127A14}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BF893C5B-8433-4209-8BEB-6584510FE686}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E9594C59-AA17-4E5B-B9A5-3B4B023B9A2E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{631ACB68-57C3-48AF-9CC5-FCEC0837FFD3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5E9B421-C309-41DE-9014-800A2ADCDEB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0B84B4B4-8AF8-4F1F-91FE-074A666F6425}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4C2743F0-A2E2-41A0-9E65-798943109F42}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{631ACB68-57C3-48AF-9CC5-FCEC0837FFD3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D5E9B421-C309-41DE-9014-800A2ADCDEB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0B84B4B4-8AF8-4F1F-91FE-074A666F6425}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{631ACB68-57C3-48AF-9CC5-FCEC0837FFD3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D5E9B421-C309-41DE-9014-800A2ADCDEB0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07D09E63-294F-4AA3-AB44-E61331AEC6A3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1DA22A28-324D-4DD4-B2DC-66A3CEBF447F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2F38D624-AC5D-4096-88CC-A58D2AC806E1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{37A2255C-D173-4B54-A455-13DE1DDA9F44}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E9BE71D-A3FA-4224-AB29-2602ACD577FF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4C2743F0-A2E2-41A0-9E65-798943109F42}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A876A1C1-D9F6-4562-8DBC-D98B61B3F281}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C990ECA-72D6-4E65-A35B-A08C1DF79E6E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99B340F7-76E0-44AB-9948-B95A1B475D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B5CCB33F-6C0A-418A-8AF1-10C35BBD579A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F5BFAD3A-D783-4AD7-98AA-D8F082626F8D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FC65300A-DC43-4D86-B153-E59CF6E74216}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{23088CF8-EAF8-4BB3-A251-9BA61557AC75}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{23088CF8-EAF8-4BB3-A251-9BA61557AC75}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0B84B4B4-8AF8-4F1F-91FE-074A666F6425}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{0B84B4B4-8AF8-4F1F-91FE-074A666F6425}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{796B75F6-6187-47E2-8F1F-C16E059E6E19}]
Key Deleted : HKCU\Software\FLEXnet
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\FilmFanatic
Key Deleted : HKLM\Software\FilmFanatic

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16533


*************************





~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07/03/2014 at 9.16.15,50
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9.42.39, on 07/03/2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16533)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\Windows\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO DI RETE')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Servizio Vodafone Mobile Broadband (VmbService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe

--
End of file - 4418 bytes
Torna in alto
 
Sponsor
Inviato: Friday, March 07, 2014 9:53:45 AM

 
Torna in alto
 
Utenti presenti in questo topic
Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Pulizia e migliorie Notepad lento


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.