Sera giza, ho fatto come mi hai detto ma niente da fare ,quando faccio una scansione con Adwclenar mi trova 7 anomalie,e quando vado x cancellare si blocca a metà percorso e non riparte più ,o provato anche Combifix ma niente da fare ecco i log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Professional x86
Ran by PEPPE (Administrator) on 21/12/2017 at 17:37:52,79
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 11
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Users\PEPPE\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg (Folder)
Successfully deleted: C:\Users\PEPPE\AppData\Roaming\lavasoft\web companion (Folder)
Successfully deleted: C:\Users\PEPPE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0P2P00NS (Temporary Internet Files Folder)
Successfully deleted: C:\Users\PEPPE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KWSAHH5E (Temporary Internet Files Folder)
Successfully deleted: C:\Users\PEPPE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QY8X1H0Z (Temporary Internet Files Folder)
Successfully deleted: C:\Users\PEPPE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SE0RQ1FT (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0P2P00NS (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KWSAHH5E (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QY8X1H0Z (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SE0RQ1FT (Temporary Internet Files Folder)
Registry: 3
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21/12/2017 at 17:40:42,12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# AdwCleaner 7.0.5.0 - Logfile created on Thu Dec 21 16:45:05 2017
# Updated on 2017/29/11 by Malwarebytes
# Database: 12-19-2017.1
# Running on Windows 7 Professional (X86)
# Mode: scan
# Support:
https://www.malwarebytes.com/support***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
PUP.Optional.Legacy, C:\Users\PEPPE\AppData\Roaming\Mozilla\Firefox\Profiles\NETFckTy.default\searchplugins\bing-lavasoft.xml
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-2191147258-1497115902-3003199858-1000\Software\Lavasoft\Web Companion
PUP.Optional.Legacy, [Key] - HKCU\Software\Lavasoft\Web Companion
PUP.Adware.Heuristic, [Data] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2ab95b32-8821-4e8d-9638-cff7b082ba5b} | DisplayName []
PUP.Adware.Heuristic, [Data] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2ab95b32-8821-4e8d-9638-cff7b082ba5b} | DisplayIcon []
***** [ Firefox (and derivatives) ] *****
PUP.Optional.Legacy, Plugin found: Honey - Honey Science Corporation
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries.
*************************
C:/AdwCleaner/AdwCleaner[C10].txt - [4211 B] - [2017/1/24 20:37:42]
C:/AdwCleaner/AdwCleaner[C11].txt - [2935 B] - [2017/2/1 18:9:54]
C:/AdwCleaner/AdwCleaner[C12].txt - [3128 B] - [2017/2/1 21:26:11]
C:/AdwCleaner/AdwCleaner[C13].txt - [3227 B] - [2017/2/2 0:8:56]
C:/AdwCleaner/AdwCleaner[C14].txt - [3119 B] - [2017/3/5 21:32:16]
C:/AdwCleaner/AdwCleaner[C15].txt - [3265 B] - [2017/3/14 15:29:3]
C:/AdwCleaner/AdwCleaner[C16].txt - [3411 B] - [2017/3/16 21:27:13]
C:/AdwCleaner/AdwCleaner[C17].txt - [3557 B] - [2017/3/22 20:23:36]
C:/AdwCleaner/AdwCleaner[C18].txt - [3827 B] - [2017/3/30 14:14:8]
C:/AdwCleaner/AdwCleaner[C19].txt - [3849 B] - [2017/4/3 18:43:12]
C:/AdwCleaner/AdwCleaner[C1].txt - [1532 B] - [2016/4/29 22:35:28]
C:/AdwCleaner/AdwCleaner[C20].txt - [4035 B] - [2017/4/6 18:47:44]
C:/AdwCleaner/AdwCleaner[C21].txt - [4141 B] - [2017/4/10 20:5:5]
C:/AdwCleaner/AdwCleaner[C22].txt - [4287 B] - [2017/4/18 11:10:37]
C:/AdwCleaner/AdwCleaner[C23].txt - [4433 B] - [2017/4/20 13:47:54]
C:/AdwCleaner/AdwCleaner[C24].txt - [5104 B] - [2017/4/21 14:35:24]
C:/AdwCleaner/AdwCleaner[C25].txt - [4795 B] - [2017/4/21 20:59:42]
C:/AdwCleaner/AdwCleaner[C26].txt - [4995 B] - [2017/4/29 7:36:4]
C:/AdwCleaner/AdwCleaner[C27].txt - [5017 B] - [2017/5/2 11:36:35]
C:/AdwCleaner/AdwCleaner[C28].txt - [5163 B] - [2017/5/5 19:39:53]
C:/AdwCleaner/AdwCleaner[C29].txt - [5309 B] - [2017/5/9 17:53:11]
C:/AdwCleaner/AdwCleaner[C2].txt - [4637 B] - [2016/11/25 18:5:50]
C:/AdwCleaner/AdwCleaner[C30].txt - [8347 B] - [2017/5/13 13:8:49]
C:/AdwCleaner/AdwCleaner[C31].txt - [5919 B] - [2017/7/7 15:45:21]
C:/AdwCleaner/AdwCleaner[C3].txt - [3199 B] - [2016/12/4 22:8:5]
C:/AdwCleaner/AdwCleaner[C4].txt - [3343 B] - [2016/12/13 14:49:25]
C:/AdwCleaner/AdwCleaner[C5].txt - [2065 B] - [2016/12/22 14:49:50]
C:/AdwCleaner/AdwCleaner[C6].txt - [3631 B] - [2016/12/30 11:47:11]
C:/AdwCleaner/AdwCleaner[C7].txt - [3775 B] - [2017/1/4 14:9:28]
C:/AdwCleaner/AdwCleaner[C8].txt - [3919 B] - [2017/1/6 14:10:58]
C:/AdwCleaner/AdwCleaner[C9].txt - [2686 B] - [2017/1/17 17:50:14]
C:/AdwCleaner/AdwCleaner[S10].txt - [2817 B] - [2017/1/17 17:49:28]
C:/AdwCleaner/AdwCleaner[S11].txt - [4355 B] - [2017/1/24 20:36:57]
C:/AdwCleaner/AdwCleaner[S12].txt - [3101 B] - [2017/2/1 18:8:58]
C:/AdwCleaner/AdwCleaner[S13].txt - [3257 B] - [2017/2/1 21:25:23]
C:/AdwCleaner/AdwCleaner[S14].txt - [3393 B] - [2017/2/2 0:4:37]
C:/AdwCleaner/AdwCleaner[S15].txt - [3303 B] - [2017/3/5 21:31:55]
C:/AdwCleaner/AdwCleaner[S16].txt - [3449 B] - [2017/3/14 15:28:30]
C:/AdwCleaner/AdwCleaner[S17].txt - [3595 B] - [2017/3/16 21:26:23]
C:/AdwCleaner/AdwCleaner[S18].txt - [3741 B] - [2017/3/22 20:23:2]
C:/AdwCleaner/AdwCleaner[S19].txt - [3963 B] - [2017/3/30 14:12:54]
C:/AdwCleaner/AdwCleaner[S1].txt - [1324 B] - [2016/4/29 22:34:5]
C:/AdwCleaner/AdwCleaner[S20].txt - [4033 B] - [2017/4/3 18:38:28]
C:/AdwCleaner/AdwCleaner[S21].txt - [4178 B] - [2017/4/6 18:47:6]
C:/AdwCleaner/AdwCleaner[S22].txt - [4325 B] - [2017/4/10 20:3:54]
C:/AdwCleaner/AdwCleaner[S23].txt - [4471 B] - [2017/4/18 11:3:39]
C:/AdwCleaner/AdwCleaner[S24].txt - [4617 B] - [2017/4/20 13:46:28]
C:/AdwCleaner/AdwCleaner[S25].txt - [5122 B] - [2017/4/21 14:34:39]
C:/AdwCleaner/AdwCleaner[S26].txt - [4937 B] - [2017/4/21 20:57:34]
C:/AdwCleaner/AdwCleaner[S27].txt - [5131 B] - [2017/4/29 7:35:28]
C:/AdwCleaner/AdwCleaner[S28].txt - [5201 B] - [2017/5/2 11:34:57]
C:/AdwCleaner/AdwCleaner[S29].txt - [5347 B] - [2017/5/5 19:33:52]
C:/AdwCleaner/AdwCleaner[S2].txt - [4452 B] - [2016/11/25 18:1:54]
C:/AdwCleaner/AdwCleaner[S30].txt - [5493 B] - [2017/5/9 17:51:55]
C:/AdwCleaner/AdwCleaner[S31].txt - [5637 B] - [2017/5/12 10:40:0]
C:/AdwCleaner/AdwCleaner[S32].txt - [8288 B] - [2017/5/13 13:7:35]
C:/AdwCleaner/AdwCleaner[S33].txt - [5856 B] - [2017/5/17 13:44:33]
C:/AdwCleaner/AdwCleaner[S34].txt - [6158 B] - [2017/5/23 17:38:5]
C:/AdwCleaner/AdwCleaner[S35].txt - [6231 B] - [2017/5/29 18:38:27]
C:/AdwCleaner/AdwCleaner[S36].txt - [6304 B] - [2017/6/16 21:14:59]
C:/AdwCleaner/AdwCleaner[S37].txt - [6377 B] - [2017/6/21 21:18:6]
C:/AdwCleaner/AdwCleaner[S38].txt - [6450 B] - [2017/6/28 18:14:7]
C:/AdwCleaner/AdwCleaner[S39].txt - [6410 B] - [2017/7/7 15:45:5]
C:/AdwCleaner/AdwCleaner[S3].txt - [4771 B] - [2016/11/25 18:4:40]
C:/AdwCleaner/AdwCleaner[S4].txt - [3344 B] - [2016/12/4 22:5:45]
C:/AdwCleaner/AdwCleaner[S5].txt - [3488 B] - [2016/12/13 14:48:23]
C:/AdwCleaner/AdwCleaner[S6].txt - [2232 B] - [2016/12/22 14:49:15]
C:/AdwCleaner/AdwCleaner[S7].txt - [3776 B] - [2016/12/30 11:44:15]
C:/AdwCleaner/AdwCleaner[S8].txt - [3920 B] - [2017/1/4 14:8:45]
C:/AdwCleaner/AdwCleaner[S9].txt - [4064 B] - [2017/1/6 14:10:11]
########## EOF - C:\AdwCleaner\AdwCleaner[S39].txt ##########
ComboFix 17-12-11.01 - PEPPE 21/12/2017 17:56:36.3.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.39.1040.18.2047.1186 [GMT 1:00]
Eseguito da: c:\users\PEPPE\Desktop\combofix-17-5-4-1.exe
AV: Avast Antivirus *Disabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
FW: Avast Antivirus *Disabled* {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
SP: Avast Antivirus *Disabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
SP: Spybot - Search and Destroy *Disabled/Outdated* {A16C3F68-9280-E053-1818-342707FECF4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Creati Da 2017-11-21 al 2017-12-21 )))))))))))))))))))))))))))))))))))
.
.
2017-12-21 11:28 . 2015-03-12 02:43 65536 ----a-w- c:\windows\system32\ux003ci.dll
2017-12-21 11:28 . 2015-03-12 02:43 18432 ----a-w- c:\windows\system32\ux003lm.dll
2017-12-21 11:28 . 2015-02-04 04:41 158016 ----a-w- c:\windows\system32\ux003ci.exe
2017-12-19 18:52 . 2017-12-19 20:09 -------- d-----w- c:\users\PEPPE\AppData\Local\Thunderbird
2017-12-19 18:52 . 2017-12-19 18:52 -------- d-----w- c:\users\PEPPE\AppData\Roaming\Thunderbird
2017-12-19 18:52 . 2017-12-19 20:09 -------- d-----w- c:\program files\Mozilla Thunderbird
2017-12-17 11:12 . 2017-12-17 11:12 -------- d-----w- c:\program files\7-Zip
2017-12-17 10:27 . 2017-12-17 10:27 -------- d-----w- c:\users\PEPPE\AppData\Local\Lavasoft
2017-12-17 10:27 . 2017-12-21 16:39 -------- d-----w- c:\users\PEPPE\AppData\Roaming\Lavasoft
2017-12-17 10:25 . 2017-12-17 10:25 -------- d-----w- c:\program files\Common Files\IObit
2017-12-17 10:25 . 2017-12-17 10:25 -------- d-----w- c:\program files\IObit
2017-12-11 19:31 . 2017-12-11 19:31 -------- d-----w- c:\users\PEPPE\AppData\Local\Macromedia
2017-12-11 16:42 . 2017-12-11 16:42 -------- d-----w- c:\program files\WondershareUpdate
2017-12-11 16:42 . 2017-12-11 16:42 -------- d-----w- C:\Wondershare Video Converter Ultimate
2017-12-11 16:41 . 2017-12-11 16:41 -------- d-----w- c:\programdata\GraphicsType
2017-12-11 16:27 . 2017-12-11 16:32 -------- d-----w- c:\users\PEPPE\AppData\Local\Mozilla
2017-12-08 07:48 . 2017-12-08 07:50 -------- d-----w- c:\users\PEPPE\AppData\Local\WhatsApp
2017-12-07 20:19 . 2017-12-07 20:19 -------- d-----w- c:\program files\STPViewer
2017-12-07 20:04 . 2017-12-07 20:04 -------- d-----w- c:\users\PEPPE\AppData\Roaming\IsolatedStorage
2017-12-07 20:04 . 2017-12-07 20:04 -------- d-----w- c:\programdata\IsolatedStorage
2017-12-07 20:03 . 2017-12-07 20:03 -------- d-----w- C:\Spacekace
2017-12-07 11:41 . 2017-12-07 11:41 -------- d-----w- c:\program files\Common Files\Java
2017-12-07 11:40 . 2017-12-07 11:40 95808 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2017-12-07 11:39 . 2017-12-07 11:39 -------- d-----w- c:\programdata\Oracle
2017-12-07 11:39 . 2017-12-07 11:39 -------- d-----w- c:\program files\Java
2017-12-07 11:33 . 2017-12-13 07:58 803328 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2017-12-07 11:33 . 2017-12-13 07:58 144896 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2017-12-06 14:02 . 2017-12-06 14:02 -------- d-----w- c:\program files\Common Files\Avast Software
2017-12-01 10:08 . 2017-12-01 10:08 -------- d-----w- c:\programdata\SWCUTemp
2017-12-01 10:06 . 2017-12-01 10:06 -------- d-----w- c:\users\PEPPE\AppData\Local\Skype
2017-12-01 10:05 . 2017-12-01 10:05 -------- d-----w- c:\program files\Common Files\Skype
2017-12-01 10:01 . 2017-11-17 04:15 2402816 ----a-w- c:\windows\system32\win32k.sys
2017-12-01 10:01 . 2017-10-16 22:46 953344 ----a-w- c:\windows\system32\gpedit.dll
2017-12-01 10:01 . 2017-10-12 00:14 247808 ----a-w- c:\windows\system32\drivers\rdbss.sys
2017-11-28 19:26 . 2017-11-28 19:26 -------- d-----w- c:\users\PEPPE\AppData\Roaming\Aiseesoft Studio
2017-11-28 19:26 . 2017-11-28 19:26 -------- d-----w- c:\program files\Aiseesoft Studio
2017-11-21 22:21 . 2017-11-22 18:52 -------- d-----w- c:\users\PEPPE\AppData\Roaming\NCH Software
2017-11-21 22:21 . 2017-11-21 22:21 -------- d-----w- c:\programdata\NCH Software
2017-11-21 22:21 . 2017-11-21 22:21 -------- d-----w- c:\program files\NCH Software
2017-11-21 22:16 . 2017-11-24 23:51 -------- d-----w- c:\users\PEPPE\AppData\Roaming\PhotoScape
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-12-21 16:13 . 2017-10-19 19:00 59896 ----a-w- c:\windows\system32\drivers\mbae.sys
2017-12-18 15:20 . 2017-10-19 15:57 130448288 -c--a-w- c:\windows\system32\MRT-KB890830.exe
2017-11-15 14:02 . 2017-08-01 10:50 388760 ----a-w- c:\windows\system32\drivers\aswSP.sys
2017-11-15 14:01 . 2017-08-01 10:50 298360 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2017-11-15 14:01 . 2017-08-01 10:50 150848 ----a-w- c:\windows\system32\drivers\aswStm.sys
2017-11-15 14:01 . 2017-11-15 14:02 157176 ----a-w- c:\windows\system32\drivers\aswArPot.sys
2017-11-15 14:01 . 2017-08-01 10:50 70864 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2017-11-15 14:01 . 2017-08-01 10:50 124952 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2017-11-15 14:01 . 2017-08-01 10:50 99560 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2017-11-15 14:01 . 2017-08-01 10:50 42848 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2017-11-15 14:01 . 2017-11-15 14:02 305328 ----a-w- c:\windows\system32\aswBoot.exe
2017-11-15 14:01 . 2017-08-01 10:50 783136 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2017-11-15 14:01 . 2017-10-23 09:17 420024 ----a-w- c:\windows\system32\drivers\aswNetSec.sys
2017-11-15 14:01 . 2017-08-01 10:50 50376 ----a-w- c:\windows\system32\drivers\aswbunivx.sys
2017-11-15 14:01 . 2017-08-01 10:50 276728 ----a-w- c:\windows\system32\drivers\aswblogx.sys
2017-11-15 14:01 . 2017-08-01 10:50 255616 ----a-w- c:\windows\system32\drivers\aswbidsdriverx.sys
2017-11-15 14:01 . 2017-08-01 10:50 157408 ----a-w- c:\windows\system32\drivers\aswbidshx.sys
2017-11-13 10:42 . 2017-11-13 10:42 143664 ------w- c:\windows\system32\SecUPDUtilSvc.exe
2017-11-13 07:49 . 2017-11-13 07:49 17472 ----a-w- c:\windows\system32\drivers\GUBootStartup.sys
2017-10-29 15:20 . 2016-04-23 13:51 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2017-10-28 16:45 . 2017-10-28 16:45 42104 ----a-w- c:\windows\system32\drivers\nvvad32v.sys
2017-10-28 16:43 . 2017-10-28 16:43 63280 ----a-w- c:\windows\system32\drivers\point32.sys
2017-10-28 16:43 . 2017-10-28 16:43 44328 ----a-w- c:\windows\system32\drivers\nuidfltr.sys
2017-10-28 16:43 . 2017-10-28 16:43 1637776 ----a-w- c:\windows\system32\wdfcoinstaller01011.dll
2017-10-28 16:36 . 2017-10-28 16:36 321504 ----a-w- c:\windows\system32\drivers\yk62x86.sys
2017-10-28 16:35 . 2017-10-28 16:35 4261224 ----a-w- c:\windows\system32\drivers\lvuvc.sys
2017-10-28 16:35 . 2017-10-28 16:35 542568 ----a-w- c:\windows\system32\LVUI2.dll
2017-10-28 16:35 . 2017-10-28 16:35 538472 ----a-w- c:\windows\system32\LVUI2RC.dll
2017-10-28 16:35 . 2017-10-28 16:35 305000 ----a-w- c:\windows\system32\lvcodec2.dll
2017-10-28 16:35 . 2017-10-28 16:35 198504 ----a-w- c:\windows\system32\lvci1351823.dll
2017-10-28 16:35 . 2017-10-28 16:35 10919784 ----a-w- c:\windows\system32\LogiDPP.dll
2017-10-28 16:35 . 2017-10-28 16:35 338136 ----a-w- c:\windows\system32\DevManagerCore.dll
2017-10-28 16:35 . 2017-10-28 16:35 103272 ----a-w- c:\windows\system32\LogiDPPApp.exe
2017-10-28 16:35 . 2017-10-28 16:35 106296 ----a-w- c:\windows\system32\drivers\jraid.sys
2017-10-28 16:33 . 2017-10-28 16:33 13216 ----a-w- c:\windows\system32\drivers\ASACPI.sys
2017-10-28 16:27 . 2017-10-28 16:27 912248 ----a-w- c:\windows\system32\nvdispgenco3234201.dll
2017-10-28 16:27 . 2017-10-28 16:27 1060216 ----a-w- c:\windows\system32\nvdispco3234201.dll
2017-10-28 16:27 . 2017-10-28 16:27 10711488 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2017-10-28 16:27 . 2009-07-13 22:09 16128720 ----a-w- c:\windows\system32\nvwgf2um.dll
2017-10-28 16:27 . 2017-10-28 16:27 11270656 ----a-w- c:\windows\system32\nvopencl.dll
2017-10-28 16:27 . 2017-10-28 16:27 24208440 ----a-w- c:\windows\system32\nvoglv32.dll
2017-10-28 16:27 . 2017-10-28 16:27 913856 ----a-w- c:\windows\system32\NvIFR.dll
2017-10-28 16:27 . 2017-10-28 16:27 876480 ----a-w- c:\windows\system32\NvFBC.dll
2017-10-28 16:27 . 2009-06-10 21:19 14497712 ----a-w- c:\windows\system32\nvd3dum.dll
2017-10-28 16:27 . 2017-10-28 16:27 3995192 ----a-w- c:\windows\system32\nvcuvid.dll
2017-10-28 16:27 . 2017-10-28 16:27 11208312 ----a-w- c:\windows\system32\nvcuda.dll
2017-10-28 16:27 . 2017-10-28 16:26 15301056 ----a-w- c:\windows\system32\nvcompiler.dll
2017-10-28 16:26 . 2015-02-19 22:43 2822384 ----a-w- c:\windows\system32\nvapi.dll
2017-10-28 16:26 . 2017-10-28 16:26 47504 ----a-w- c:\windows\system32\drivers\btcusb.sys
2017-10-28 16:26 . 2017-10-28 16:26 21496 ----a-w- c:\windows\system32\btinstall.dll
2017-10-28 16:21 . 2017-10-28 16:21 23840 ----a-w- c:\windows\system32\drivers\HWiNFO32.SYS
2017-10-23 09:16 . 2017-10-23 09:16 36104 ----a-w- c:\windows\system32\drivers\aswNetNd6.sys
2017-10-18 02:25 . 2017-11-15 14:19 3072 ----a-w- c:\windows\system32\drivers\it-IT\usbehci.sys.mui
2017-10-18 02:24 . 2017-11-15 14:19 25088 ----a-w- c:\windows\system32\drivers\it-IT\usbport.sys.mui
2017-10-18 02:21 . 2017-11-15 14:19 11776 ----a-w- c:\windows\system32\drivers\it-IT\usbhub.sys.mui
2017-10-18 02:16 . 2017-11-15 14:14 114408 ----a-w- c:\windows\system32\CompatTelRunner.exe
2017-10-18 02:11 . 2017-11-15 14:14 488448 ----a-w- c:\windows\system32\aeinv.dll
2017-10-18 01:55 . 2017-11-15 14:19 259584 ----a-w- c:\windows\system32\drivers\usbhub.sys
2017-10-18 01:55 . 2017-11-15 14:19 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2017-10-18 01:55 . 2017-11-15 14:19 285696 ----a-w- c:\windows\system32\drivers\usbport.sys
2017-10-18 01:55 . 2017-11-15 14:19 46592 ----a-w- c:\windows\system32\drivers\usbehci.sys
2017-10-18 01:55 . 2017-11-15 14:19 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2017-10-18 01:55 . 2017-11-15 14:19 24576 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2017-10-18 01:55 . 2017-11-15 14:19 6016 ----a-w- c:\windows\system32\drivers\usbd.sys
2017-10-16 22:49 . 2017-11-15 14:19 1213672 ----a-w- c:\windows\system32\drivers\ntfs.sys
2017-10-16 21:55 . 2017-11-15 14:19 339968 ----a-w- c:\windows\system32\msexcl40.dll
2017-10-15 22:04 . 2017-11-15 14:14 313184 ----a-w- c:\windows\system32\centel.dll
2017-10-12 00:40 . 2017-11-15 14:19 308456 ----a-w- c:\windows\system32\atmfd.dll
2017-10-12 00:37 . 2017-11-15 14:19 12574208 ----a-w- c:\windows\system32\wmploc.DLL
2017-10-12 00:37 . 2017-11-15 14:19 1549824 ----a-w- c:\windows\system32\tquery.dll
2017-10-12 00:37 . 2017-11-15 14:19 111104 ----a-w- c:\windows\system32\t2embed.dll
2017-10-12 00:37 . 2017-11-15 14:19 1363968 ----a-w- c:\windows\system32\Query.dll
2017-10-12 00:37 . 2017-11-15 14:19 1400320 ----a-w- c:\windows\system32\mssrch.dll
2017-10-12 00:37 . 2017-11-15 14:19 666624 ----a-w- c:\windows\system32\mssvp.dll
2017-10-12 00:37 . 2017-11-15 14:19 337408 ----a-w- c:\windows\system32\mssph.dll
2017-10-12 00:37 . 2017-11-15 14:19 197120 ----a-w- c:\windows\system32\mssphtb.dll
2017-10-12 00:37 . 2017-11-15 14:19 104448 ----a-w- c:\windows\system32\mssitlb.dll
2017-10-12 00:37 . 2017-11-15 14:19 59392 ----a-w- c:\windows\system32\msscntrs.dll
2017-10-12 00:37 . 2017-11-15 14:19 34816 ----a-w- c:\windows\system32\mssprxy.dll
2017-10-12 00:37 . 2017-11-15 14:19 26112 ----a-w- c:\windows\system32\lpk.dll
2017-10-12 00:37 . 2017-11-15 14:19 70656 ----a-w- c:\windows\system32\fontsub.dll
2017-10-12 00:37 . 2017-11-15 14:19 10240 ----a-w- c:\windows\system32\dciman32.dll
2017-10-12 00:26 . 2017-11-15 14:19 427520 ----a-w- c:\windows\system32\SearchIndexer.exe
2017-10-12 00:26 . 2017-11-15 14:19 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2017-10-12 00:25 . 2017-11-15 14:19 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2017-10-12 00:25 . 2017-11-15 14:19 9728 ----a-w- c:\windows\system32\msshooks.dll
2017-10-12 00:24 . 2017-11-15 14:19 4096 ----a-w- c:\windows\system32\msdxm.ocx
2017-10-12 00:24 . 2017-11-15 14:19 4096 ----a-w- c:\windows\system32\dxmasf.dll
2017-10-12 00:24 . 2017-11-15 14:19 8192 ----a-w- c:\windows\system32\spwmp.dll
2017-10-12 00:16 . 2017-11-15 14:19 34304 ----a-w- c:\windows\system32\atmlib.dll
2017-10-12 00:14 . 2017-11-15 14:19 86528 ----a-w- c:\windows\system32\drivers\luafv.sys
2017-10-07 15:32 . 2017-08-01 10:50 70864 ----a-w- c:\windows\system32\drivers\asw579c043194b9e7db.tmp
2017-10-07 15:32 . 2017-08-01 10:50 499560 ----a-w- c:\windows\system32\drivers\asw1df2eeab101d711c.tmp
2017-10-07 15:32 . 2017-08-01 10:50 297840 ----a-w- c:\windows\system32\drivers\asw134c30296b114dbb.tmp
2017-10-07 15:32 . 2017-08-01 10:50 149824 ----a-w- c:\windows\system32\drivers\aswe8b04c6fea927789.tmp
2017-10-07 15:32 . 2017-08-01 10:50 124952 ----a-w- c:\windows\system32\drivers\asw218176b6921b8bbb.tmp
2017-10-07 15:32 . 2017-08-01 10:50 99560 ----a-w- c:\windows\system32\drivers\aswa4629a0c3b14e933.tmp
2017-10-07 15:32 . 2017-08-01 10:50 42856 ----a-w- c:\windows\system32\drivers\asw55da4c690becc253.tmp
2017-10-07 15:31 . 2017-08-01 10:50 777952 ----a-w- c:\windows\system32\drivers\asw49c4944199a21387.tmp
2017-10-07 15:31 . 2017-08-21 09:55 409096 ----a-w- c:\windows\system32\drivers\asw21726d4b7f8c1285.tmp
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00asw]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2017-11-15 14:01 1396816 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2015-08-26 2312824]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvLaunch.exe" [2017-11-15 253344]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2015-07-02 20:20 63944 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux9"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
@="Service"
.
R0 SamRegistry;SamRegistry;c:\windows\system32\drivers\SamRegistry.sys [x]
R2 AGSService;Adobe Genuine Software Integrity Service;c:\program files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-08-23 2257016]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2017-11-15 150848]
R2 IObitUnSvr;IObit Uninstaller Service;c:\program files\IObit\IObit Uninstaller\IUService.exe [2017-06-14 206112]
R2 SamsungUPDUtilSvc;Samsung UPD Utility Service;c:\windows\system32\SecUPDUtilSvc.exe [2017-11-13 143664]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2016-09-21 4088608]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2016-11-24 235984]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2015-02-18 315488]
R2 UMVPFSrv;UMVPFSrv;c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
R2 WsAppService;Wondershare Application Framework Service;c:\program files\Wondershare\WAF\2.4.3.227\WsAppService.exe [2017-06-21 492768]
R3 aswbIDSAgent;aswbIDSAgent;c:\program files\AVAST Software\Avast\aswidsagent.exe [2017-11-15 5904136]
R3 aswHwid;aswHwid;c:\windows\system32\drivers\aswHwid.sys [2017-11-15 42848]
R3 BthAudioHF;Servizio Audio vivavoce Bluetooth;c:\windows\system32\DRIVERS\BthAudioHF.sys [2009-12-21 43008]
R3 BthAvrcp;Profilo Bluetooth AVRCP;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
R3 csr_a2dp;Profilo Bluetooth AV;c:\windows\system32\drivers\bthav.sys [2009-12-21 61952]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2009-07-23 112128]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [2009-07-23 100736]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2017-11-07 104960]
R3 MBAMService;Malwarebytes Service;c:\program files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-11-01 4563920]
R3 miniusb;FrameManager Display Adapter;c:\windows\system32\drivers\sam_miniusb.sys [x]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2017-10-28 42104]
R3 nvvhci;NVVHCI Enumerator Service;c:\windows\system32\DRIVERS\nvvhci.sys [2017-08-18 50112]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 SamFilterWddm;SamFilterWddm;c:\windows\system32\drivers\SamFilterWddm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 usbrndis6;Scheda RNDIS6 USB;c:\windows\system32\DRIVERS\usb80236.sys [2013-02-12 15872]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2016-04-23 1343400]
R3 WsDrvInst;Wondershare Driver Install Service;c:\program files\Wondershare\Wondershare Video Converter Ultimate\Transfer\DriverInstall.exe [2017-11-15 89088]
S0 aswbidsh;aswbidsh;c:\windows\system32\drivers\aswbidshx.sys [2017-11-15 157408]
S0 aswblog;aswblog;c:\windows\system32\drivers\aswblogx.sys [2017-11-15 276728]
S0 aswbuniv;aswbuniv;c:\windows\system32\drivers\aswbunivx.sys [2017-11-15 50376]
S0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2017-11-15 70864]
S0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2017-11-15 298360]
S0 EUBAKUP;EUBAKUP;c:\windows\system32\drivers\eubakup.sys [2016-12-06 56824]
S0 EUBKMON;EUBKMON;c:\windows\system32\drivers\EUBKMON.sys [2016-12-06 46584]
S1 aswArPot;aswArPot;c:\windows\system32\drivers\aswArPot.sys [2017-11-15 157176]
S1 aswbidsdriver;aswbidsdriver;c:\windows\system32\drivers\aswbidsdriverx.sys [2017-11-15 255616]
S1 aswNetSec;aswNetSec;c:\windows\system32\drivers\aswNetSec.sys [2017-11-15 420024]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2017-11-15 783136]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2017-11-15 388760]
S1 EUDSKACS;EUDSKACS;c:\windows\system32\drivers\eudskacs.sys [2016-12-06 20984]
S1 EUFDDISK;EUFDDISK;c:\windows\system32\drivers\EuFdDisk.sys [2016-12-06 195576]
S1 GUBootStartup;GUBootStartup;c:\windows\System32\drivers\GUBootStartup.sys [2017-11-13 17472]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2017-10-28 23840]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2017-11-15 124952]
S2 avast! Firewall;Avast Firewall Service;c:\program files\AVAST Software\Avast\afwServ.exe [2017-11-15 332368]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 EaseUS Agent;Servizio EaseUS Agent;c:\program files\EaseUS\Todo Backup\bin\Agent.exe [2016-12-06 39616]
S2 HFGService;Handsfree Headset Service;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 Samsung Network Fax Server;Samsung Network Fax Server;c:\windows\system32\spool\drivers\w32x86\3\NetFaxServer.exe [2013-02-05 378416]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2014-08-18 5120]
S3 aswNetNd6;Avast Firewall NDIS6 Helper;c:\windows\system32\DRIVERS\aswNetNd6.sys [2017-10-23 36104]
S3 IUFileFilter;IUFileFilter;c:\program files\IObit\IObit Uninstaller\drivers\win7_x86\IUFileFilter.sys [2017-06-06 20368]
S3 IURegProcessFilter;IURegProcessFilter;c:\program files\IObit\IObit Uninstaller\drivers\win7_x86\IURegProcessFilter.sys [2017-09-28 20336]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\Drivers\LEqdUsb.Sys [2015-06-18 52368]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\Drivers\LHidEqd.Sys [2015-06-18 20240]
S3 REN2CAP_DRIVER;Hear;c:\windows\system32\drivers\ren2cap.sys [2012-01-05 39048]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2017-10-28 321504]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
utcsvc REG_MULTI_SZ DiagTrack
bthaudiosvc REG_MULTI_SZ HFGService
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2017-12-11 17:23 1538904 ----a-w- c:\program files\Google\Chrome\Application\63.0.3239.84\Installer\chrmstp.exe
.
.
------- Scansione supplementare -------
.
uStart Page =
www.google.comuInternet Settings,ProxyServer = %20:80
uInternet Settings,ProxyOverride = hxxp://fritz.box
Trusted Zone: com\*.Wondershare
Trusted Zone: localhost
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\PEPPE\AppData\Roaming\Mozilla\Firefox\Profiles\NETFckTy.default\
FF - prefs.js: browser.search.selectedEngine - Bing®
FF - prefs.js: browser.startup.homepage - about:home
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Ora fine scansione: 2017-12-21 18:06:00
ComboFix-quarantined-files.txt 2017-12-21 17:05
.
Pre-Run: 259.460.550.656 byte disponibili
Post-Run: 259.069.186.048 byte disponibili
.
- - End Of File - - CE4601E382DC1F62E59AFF30B1FD9FF3
A36C5E4F47E84449FF07ED3517B43A31
Rkill 2.9.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/Copyright 2008-2017 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.htmlProgram started at: 12/21/2017 06:11:23 PM in x86 mode.
Windows Version: Windows 7 Professional Service Pack 1
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* Windows Defender Disabled
[HKLM\SOFTWARE\Policies\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.
* HOSTS file entries found:
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
20 out of 15626 HOSTS entries shown.
Please review HOSTS file for further entries.
Program finished at: 12/21/2017 06:11:36 PM
Execution time: 0 hours(s), 0 minute(s), and 13 seconds(s)