Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

pup optional legacy Opzioni
sal11
Inviato: Monday, December 16, 2019 7:37:57 PM
Rank: Newbie

Iscritto dal : 12/16/2019
Posts: 7
Ho w 7 32 bit. Adwcleaner non riesce a rimuovere pup optional legacy, malwarebytes non me lo segnala, Ho provato con innumerevoli programmi. Ho fatto scansione con kaspersky total security e non mi segnala nulla, nonché varie scansioni on line, con microsoft safety scanner, f secure, eseet, trend micro etc
Sponsor
Inviato: Monday, December 16, 2019 7:37:57 PM

 
fax71ita
Inviato: Monday, December 16, 2019 8:04:06 PM

Rank: AiutAmico

Iscritto dal : 4/23/2010
Posts: 3,838
ciao

prova le scansioni in modalita' provvisoria.

Dovrebbe bastare malwarebytes e adwcleaner

sal11
Inviato: Monday, December 16, 2019 8:06:10 PM
Rank: Newbie

Iscritto dal : 12/16/2019
Posts: 7
già fatto
wolfestein
Inviato: Monday, December 16, 2019 10:08:42 PM

Rank: AiutAmico

Iscritto dal : 2/15/2009
Posts: 15,955
Prova a fare le scansioni in modalità provvisoria.
Hai provato con Hitman Pro?
https://filehippo.com/it/download_hitmanpro/
sal11
Inviato: Tuesday, December 17, 2019 5:39:11 PM
Rank: Newbie

Iscritto dal : 12/16/2019
Posts: 7
ma di cosa potrebbe trattarsi? Non lo rimuovo
cbbusto
Inviato: Tuesday, December 17, 2019 6:36:03 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
sal11 ha scritto:
ma di cosa potrebbe trattarsi? Non lo rimuovo


E un programma potenzialmente indesiderato, porta pubblicità e ti dirotta verso altri siti.
Solitamente Malwarebites o ADWcleaner riescono a rimuoverlo, fai come hanno detto gli altri amici, poi fare una scansione con JRT che riesce a rimuovere altro:
Scarica Junkware Removal Tool sul desktop.
http://junkware-removal-tool.it.uptodown.com/download
Il download dovrebbe partire entro 5 secondi
Disattiva temporaneamente l'antivirus per evitare potenziali conflitti.
Doppio click su JRT

Lo strumento si aprirà e avvierà la scansione del sistema.
Devi avere pazienza in quanto questo tool può richiedere del tempo per completare la scansione .
Al termine, un log (JRT.txt) viene salvato sul desktop e si aprirà automaticamente.
sal11
Inviato: Tuesday, December 17, 2019 7:35:18 PM
Rank: Newbie

Iscritto dal : 12/16/2019
Posts: 7
Questo il log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Home Premium x86
Ran by Utente (Limited) on 17/12/2019 at 19:32:25,20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 10

Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Windows\wininit.ini (File)
Successfully deleted: C:\Users\Utente\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UVCK7K8X (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Utente\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VXQ6VR55 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Utente\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WHKGWM4Z (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Utente\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WR92IFRP (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UVCK7K8X (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VXQ6VR55 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WHKGWM4Z (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WR92IFRP (Temporary Internet Files Folder)



Registry: 3

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EF293C5A-9F37-49FD-91C4-2B867063FC54} (Registry Value)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9F904093-6E18-4536-BF5F-B03689CF00F0} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{EF293C5A-9F37-49FD-91C4-2B867063FC54} (Registry Value)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17/12/2019 at 19:33:52,05
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fax71ita
Inviato: Tuesday, December 17, 2019 9:15:37 PM

Rank: AiutAmico

Iscritto dal : 4/23/2010
Posts: 3,838
puoi postare il log di ADWcleaner?

esegui il programma come amministratore(fai tasto dx sull'icona ed "esegui come amministratore

sal11
Inviato: Tuesday, December 17, 2019 9:39:42 PM
Rank: Newbie

Iscritto dal : 12/16/2019
Posts: 7
# -------------------------------
# Malwarebytes AdwCleaner 8.0.0.0
# -------------------------------
# Build: 11-21-2019
# Database: 2019-12-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-17-2019
# Duration: 00:00:09
# OS: Windows 7 Home Premium
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted Bing Search Engine

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1273 octets] - [14/07/2018 22:41:04]
AdwCleaner[C00].txt - [1439 octets] - [14/07/2018 22:42:34]
AdwCleaner[S01].txt - [1379 octets] - [09/02/2019 09:24:24]
AdwCleaner[S02].txt - [1440 octets] - [09/02/2019 09:34:40]
AdwCleaner[S03].txt - [1501 octets] - [09/02/2019 09:35:14]
AdwCleaner[S04].txt - [1562 octets] - [09/02/2019 16:04:59]
AdwCleaner[S05].txt - [1637 octets] - [26/03/2019 17:03:52]
AdwCleaner[C05].txt - [1803 octets] - [26/03/2019 17:04:22]
AdwCleaner[S06].txt - [1759 octets] - [26/04/2019 18:10:59]
AdwCleaner[C06].txt - [1925 octets] - [26/04/2019 18:11:14]
AdwCleaner[S07].txt - [1881 octets] - [12/05/2019 12:48:57]
AdwCleaner[C07].txt - [2047 octets] - [12/05/2019 12:49:28]
AdwCleaner[S08].txt - [2035 octets] - [14/06/2019 18:47:55]
AdwCleaner[C08].txt - [2181 octets] - [14/06/2019 18:48:14]
AdwCleaner[S09].txt - [2111 octets] - [18/06/2019 15:31:58]
AdwCleaner[S10].txt - [2172 octets] - [20/06/2019 10:23:07]
AdwCleaner[C10].txt - [2358 octets] - [20/06/2019 10:23:41]
AdwCleaner[S11].txt - [2294 octets] - [23/06/2019 11:32:46]
AdwCleaner[S12].txt - [2369 octets] - [26/06/2019 16:25:03]
AdwCleaner[C12].txt - [2535 octets] - [26/06/2019 16:25:16]
AdwCleaner[S13].txt - [2491 octets] - [28/06/2019 15:38:34]
AdwCleaner[C13].txt - [2657 octets] - [28/06/2019 15:38:53]
AdwCleaner[S14].txt - [2613 octets] - [04/07/2019 12:21:21]
AdwCleaner[C14].txt - [2779 octets] - [04/07/2019 12:21:43]
AdwCleaner[S15].txt - [2735 octets] - [10/07/2019 19:43:11]
AdwCleaner[C15].txt - [2901 octets] - [10/07/2019 19:43:33]
AdwCleaner[S16].txt - [2857 octets] - [20/07/2019 08:06:42]
AdwCleaner[C16].txt - [3023 octets] - [20/07/2019 08:06:57]
AdwCleaner[S17].txt - [3041 octets] - [25/07/2019 16:10:26]
AdwCleaner[C17].txt - [3229 octets] - [25/07/2019 16:10:58]
AdwCleaner[S18].txt - [3163 octets] - [28/07/2019 09:46:30]
AdwCleaner[C18].txt - [3351 octets] - [28/07/2019 09:49:38]
AdwCleaner[S19].txt - [3299 octets] - [05/08/2019 11:31:23]
AdwCleaner[C19].txt - [3467 octets] - [05/08/2019 11:31:53]
AdwCleaner[S20].txt - [3421 octets] - [10/08/2019 09:10:18]
AdwCleaner[C20].txt - [3589 octets] - [10/08/2019 09:10:49]
AdwCleaner[S21].txt - [3543 octets] - [16/08/2019 11:33:46]
AdwCleaner[C21].txt - [3711 octets] - [16/08/2019 11:34:07]
AdwCleaner[S22].txt - [3651 octets] - [16/08/2019 11:41:06]
AdwCleaner[C22].txt - [3839 octets] - [16/08/2019 11:41:28]
AdwCleaner[S23].txt - [3787 octets] - [17/08/2019 12:54:54]
AdwCleaner[C23].txt - [3955 octets] - [17/08/2019 12:55:10]
AdwCleaner[S24].txt - [3909 octets] - [23/08/2019 03:05:39]
AdwCleaner[C24].txt - [4077 octets] - [23/08/2019 03:05:58]
AdwCleaner[S25].txt - [4017 octets] - [23/08/2019 03:09:09]
AdwCleaner[C25].txt - [4205 octets] - [23/08/2019 03:09:41]
AdwCleaner[S26].txt - [4153 octets] - [24/08/2019 01:17:31]
AdwCleaner[C26].txt - [4321 octets] - [24/08/2019 01:18:00]
AdwCleaner[S27].txt - [4275 octets] - [24/08/2019 01:25:30]
AdwCleaner[C27].txt - [4443 octets] - [24/08/2019 01:25:56]
AdwCleaner[S28].txt - [4383 octets] - [24/08/2019 01:29:39]
AdwCleaner[C28].txt - [4571 octets] - [24/08/2019 01:29:56]
AdwCleaner[S29].txt - [4519 octets] - [24/08/2019 09:09:24]
AdwCleaner[C29].txt - [4687 octets] - [24/08/2019 09:09:41]
AdwCleaner[S30].txt - [4641 octets] - [29/08/2019 15:01:58]
AdwCleaner[C30].txt - [4809 octets] - [29/08/2019 15:02:39]
AdwCleaner[S31].txt - [4749 octets] - [29/08/2019 15:07:28]
AdwCleaner[S32].txt - [4824 octets] - [03/09/2019 08:56:02]
AdwCleaner[C32].txt - [4992 octets] - [03/09/2019 08:56:21]
AdwCleaner_Debug.log - [223833 octets] - [09/09/2019 18:10:55]
AdwCleaner[S33].txt - [5008 octets] - [09/09/2019 18:11:29]
AdwCleaner[C33].txt - [5176 octets] - [09/09/2019 18:11:44]
AdwCleaner[S34].txt - [5131 octets] - [18/09/2019 18:11:40]
AdwCleaner[C34].txt - [5299 octets] - [18/09/2019 18:11:55]
AdwCleaner[S35].txt - [5253 octets] - [20/09/2019 02:49:24]
AdwCleaner[C35].txt - [5421 octets] - [20/09/2019 03:05:30]
AdwCleaner[S36].txt - [5375 octets] - [20/09/2019 08:40:17]
AdwCleaner[C36].txt - [5543 octets] - [20/09/2019 08:40:27]
AdwCleaner[S37].txt - [5497 octets] - [20/09/2019 08:47:49]
AdwCleaner[S38].txt - [5558 octets] - [20/09/2019 11:42:25]
AdwCleaner[S39].txt - [5737 octets] - [08/10/2019 12:21:02]
AdwCleaner[C39].txt - [5865 octets] - [08/10/2019 12:21:26]
AdwCleaner[S40].txt - [5741 octets] - [08/10/2019 12:27:38]
AdwCleaner[S41].txt - [5802 octets] - [08/10/2019 20:11:42]
AdwCleaner[S42].txt - [5863 octets] - [08/10/2019 20:24:12]
AdwCleaner[C42].txt - [6031 octets] - [08/10/2019 20:24:25]
AdwCleaner[S43].txt - [5985 octets] - [08/10/2019 20:27:23]
AdwCleaner[S44].txt - [6047 octets] - [09/10/2019 15:28:25]
AdwCleaner[C44].txt - [6215 octets] - [09/10/2019 15:28:49]
AdwCleaner[S45].txt - [6169 octets] - [09/10/2019 15:36:45]
AdwCleaner[S46].txt - [6230 octets] - [10/10/2019 15:08:14]
AdwCleaner[S47].txt - [6291 octets] - [11/10/2019 10:31:16]
AdwCleaner[S48].txt - [6352 octets] - [11/10/2019 10:35:15]
AdwCleaner[S49].txt - [6413 octets] - [11/10/2019 10:36:06]
AdwCleaner[C49].txt - [6581 octets] - [11/10/2019 10:36:20]
AdwCleaner[S50].txt - [6521 octets] - [11/10/2019 10:36:59]
AdwCleaner[S51].txt - [6582 octets] - [11/10/2019 10:50:19]
AdwCleaner[S52].txt - [6657 octets] - [11/10/2019 11:42:46]
AdwCleaner[S53].txt - [6718 octets] - [11/10/2019 11:45:04]
AdwCleaner[S54].txt - [6779 octets] - [16/10/2019 16:06:23]
AdwCleaner[S55].txt - [6840 octets] - [27/10/2019 18:28:49]
AdwCleaner[S56].txt - [6901 octets] - [05/11/2019 13:44:50]
AdwCleaner[C56].txt - [7069 octets] - [05/11/2019 13:45:20]
AdwCleaner[S57].txt - [7023 octets] - [10/11/2019 15:48:05]
AdwCleaner[S58].txt - [8044 octets] - [24/11/2019 16:25:26]
AdwCleaner[C58].txt - [7992 octets] - [24/11/2019 16:25:45]
AdwCleaner[S59].txt - [7206 octets] - [24/11/2019 16:30:10]
AdwCleaner[S60].txt - [7267 octets] - [26/11/2019 17:39:55]
AdwCleaner[S61].txt - [7328 octets] - [29/11/2019 12:14:36]
AdwCleaner[S62].txt - [7389 octets] - [04/12/2019 16:40:41]
AdwCleaner[S63].txt - [7450 octets] - [04/12/2019 17:44:44]
AdwCleaner[S64].txt - [7511 octets] - [04/12/2019 18:36:47]
AdwCleaner[S65].txt - [7572 octets] - [13/12/2019 13:15:03]
AdwCleaner[S66].txt - [7633 octets] - [17/12/2019 17:33:18]
AdwCleaner[C66].txt - [7801 octets] - [17/12/2019 17:33:29]
AdwCleaner[S67].txt - [7755 octets] - [17/12/2019 19:07:56]
AdwCleaner[S68].txt - [7816 octets] - [17/12/2019 19:28:46]
AdwCleaner[C68].txt - [7984 octets] - [17/12/2019 19:28:55]
AdwCleaner[S69].txt - [7938 octets] - [17/12/2019 21:34:16]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C69].txt ##########
sal11
Inviato: Tuesday, December 17, 2019 9:45:37 PM
Rank: Newbie

Iscritto dal : 12/16/2019
Posts: 7
Adw cleaner dice sempre di aver rimosso il pup, ma alla scansione successiva esso si ripresenta
sal11
Inviato: Sunday, December 22, 2019 5:04:42 PM
Rank: Newbie

Iscritto dal : 12/16/2019
Posts: 7
Questo è il log di combofix
ComboFix 19-11-04.01 - Utente 22/12/2019 16:40:41.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.39.1040.18.1977.306 [GMT 1:00]
Eseguito da: c:\users\Utente\Downloads\ComboFix.exe
AV: Avast Antivirus *Disabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
FW: Avast Antivirus *Enabled* {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
SP: Avast Antivirus *Disabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Creato nuovo punto di ripristino
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Utente\AppData\Roaming\Yahoo
c:\users\Utente\AppData\Roaming\Yahoo\search.xml
c:\users\Utente\Documents\~WRL0005.tmp
c:\users\Utente\Documents\~WRL0006.tmp
c:\users\Utente\Documents\~WRL0007.tmp
c:\users\Utente\Documents\~WRL0561.tmp
c:\users\Utente\Documents\~WRL0807.tmp
c:\users\Utente\Documents\~WRL2155.tmp
c:\users\Utente\Documents\~WRL2481.tmp
c:\users\Utente\Documents\~WRL3070.tmp
c:\users\Utente\Documents\~WRL3202.tmp
c:\windows\msdownld.tmp
c:\windows\system32\%SYSTE~1
c:\windows\system32\%SYSTE~1\system32\config\systemprofile\AppData\Local\Avg\log\fmwlight\%systemroot%\system32\config\systemprofile\AppData\Local\Avg\log\fmwlight\light.log
c:\windows\system32\%SYSTE~1\system32\config\systemprofile\AppData\Local\Avg\log\fmwlight\%systemroot%\system32\config\systemprofile\AppData\Local\Avg\log\fmwlight\light.log.lock
.
.
((((((((((((((((((((((((( Files Creati Da 2019-11-22 al 2019-12-22 )))))))))))))))))))))))))))))))))))
.
.
2019-12-22 15:51 . 2019-12-22 15:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2019-12-22 10:09 . 2019-12-22 10:09 -------- d-----w- c:\users\Utente\AppData\Roaming\AVAST Software
2019-12-22 10:01 . 2019-12-22 10:16 -------- d-----w- c:\program files\AVAST Software
2019-12-20 14:58 . 2019-12-20 14:58 60232 ------w- c:\windows\system32\drivers\EnigmaFileMonDriver.sys
2019-12-20 12:11 . 2019-12-20 12:12 -------- d-----w- c:\programdata\ProductData
2019-12-20 12:10 . 2019-12-20 12:10 -------- d-----w- c:\programdata\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2019-12-20 11:19 . 2019-12-07 03:18 11954232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F34BA261-294D-4868-A2CC-8F1BB1AB9814}\mpengine.dll
2019-12-17 17:27 . 2019-12-17 17:27 -------- d-----w- c:\users\Utente\AppData\Local\cache
2019-12-17 17:12 . 2019-12-17 22:24 129056 ----a-w- c:\windows\system32\drivers\mbae.sys
2019-12-17 15:37 . 2019-12-17 16:00 -------- d-----w- c:\programdata\HitmanPro
2019-12-11 12:25 . 2019-11-15 01:58 123904 ----a-w- c:\windows\system32\poqexec.exe
2019-12-05 16:22 . 2019-12-05 16:22 -------- d-----w- c:\program files\Common Files\Java
2019-12-05 16:22 . 2019-12-05 16:22 112696 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2019-12-05 16:21 . 2019-12-05 16:21 -------- d-----w- c:\program files\Java
2019-12-05 16:21 . 2019-12-05 16:21 -------- d-----w- c:\program files\Common Files\Oracle
2019-11-30 08:46 . 2019-12-21 17:01 -------- d-----w- c:\program files\Common Files\AV
2019-11-30 08:43 . 2019-12-20 17:35 -------- d-----w- c:\programdata\Kaspersky Lab
2019-11-25 15:36 . 2019-11-25 15:36 -------- d-----w- c:\programdata\Xerox
2019-11-25 15:28 . 2019-11-25 15:28 -------- d-----w- c:\program files\Lexmark
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2019-12-17 16:06 . 2016-10-19 17:33 842296 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2019-12-17 16:06 . 2016-10-19 17:33 175160 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2019-12-15 14:49 . 2019-10-09 13:23 69801720 ----a-w- c:\users\Utente\AppData\Roaming\Microsoft\Skype for Desktop\Skype-Setup.exe
2019-12-11 23:12 . 2017-10-11 00:24 127229528 -c--a-w- c:\windows\system32\MRT-KB890830.exe
2019-11-28 03:42 . 2019-12-11 12:29 5120 ----a-w- c:\windows\system32\drivers\it-IT\srv.sys.mui
2019-11-12 21:03 . 2016-10-17 21:46 613944 ------w- c:\windows\system32\MpSigStub.exe
2019-11-05 21:29 . 2019-11-15 17:33 164064 ----a-w- c:\windows\system32\drivers\msrpc.sys
2019-11-05 21:29 . 2019-11-15 17:33 106936 ----a-w- c:\windows\system32\consent.exe
2019-11-05 21:25 . 2019-11-15 17:33 266752 ----a-w- c:\windows\system32\upnphost.dll
2019-11-05 21:25 . 2019-11-15 17:33 628224 ----a-w- c:\windows\system32\usp10.dll
2019-11-05 21:25 . 2019-11-15 17:33 83968 ----a-w- c:\windows\system32\userenv.dll
2019-11-05 21:25 . 2019-11-15 17:33 573440 ----a-w- c:\windows\system32\netlogon.dll
2019-11-05 21:25 . 2019-11-15 17:32 175104 ----a-w- c:\windows\system32\netcorehc.dll
2019-11-05 21:25 . 2019-11-15 17:32 337408 ----a-w- c:\windows\system32\msihnd.dll
2019-11-05 21:25 . 2019-11-15 17:32 25600 ----a-w- c:\windows\system32\msimsg.dll
2019-11-05 21:25 . 2019-11-15 17:32 2368000 ----a-w- c:\windows\system32\msi.dll
2019-11-05 21:25 . 2019-11-15 17:32 4608 ----a-w- c:\windows\system32\msimg32.dll
2019-11-05 21:25 . 2019-11-15 17:33 46080 ----a-w- c:\windows\system32\mf3216.dll
2019-11-05 21:25 . 2019-11-15 17:33 502784 ----a-w- c:\windows\system32\iphlpsvc.dll
2019-11-05 21:24 . 2019-11-15 17:33 1005056 ----a-w- c:\windows\system32\cryptui.dll
2019-11-05 21:24 . 2019-11-15 17:33 88576 ----a-w- c:\windows\system32\AxInstSv.dll
2019-11-05 21:24 . 2019-11-15 17:32 1806848 ----a-w- c:\windows\system32\authui.dll
2019-11-05 21:24 . 2019-11-15 17:32 47104 ----a-w- c:\windows\system32\appinfo.dll
2019-11-05 21:12 . 2019-11-15 17:33 1312256 ----a-w- c:\windows\system32\msjet40.dll
2019-11-05 21:03 . 2019-11-15 17:33 23552 ----a-w- c:\windows\system32\upnpcont.exe
2019-11-05 21:03 . 2019-11-15 17:33 45056 ----a-w- c:\windows\system32\udhisapi.dll
2019-11-05 20:57 . 2019-11-15 17:33 57856 ----a-w- c:\windows\system32\AxInstUI.exe
2019-11-05 20:57 . 2019-11-15 17:32 73216 ----a-w- c:\windows\system32\msiexec.exe
2019-11-05 19:43 . 2019-11-15 17:33 1251840 ----a-w- c:\windows\system32\DWrite.dll
2019-11-05 19:43 . 2019-11-15 17:33 910336 ----a-w- c:\windows\system32\FntCache.dll
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00asw]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2019-12-22 10:04 1494408 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Smart Cleaning"="c:\program files\CCleaner\CCleaner.exe" [2019-10-14 18458752]
"Skype for Desktop"="c:\program files\Microsoft\Skype for Desktop\Skype.exe" [2019-12-13 91503464]
"AvastBrowserAutoLaunch_DD887D5B221C8B4B59C42D246BB625A6"="c:\program files\AVAST Software\Browser\Application\AvastBrowser.exe" [2019-11-04 1850312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"XeroxEndeavorBackgroundTask"="xrWCbgnd.dll" [2009-07-14 53760]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2019-10-05 645648]
"YouCam Service7"="c:\program files\CyberLink\YouCam7\YouCamService7.exe" [2016-11-25 466712]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 170520]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 171032]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvLaunch.exe" [2019-12-22 232840]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 avast;Servizio Avast Browser Update (avast);c:\program files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2019-12-22 202392]
R3 avastm;Servizio Avast Browser Update (avastm);c:\program files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2019-12-22 202392]
R3 AvastSecureBrowserElevationService;Avast Secure Browser Elevation Service;c:\program files\AVAST Software\Browser\Application\77.2.2152.121\elevation_service.exe [2019-11-04 970088]
R3 GoogleChromeElevationService;Google Chrome Elevation Service;c:\program files\Google\Chrome\Application\79.0.3945.88\elevation_service.exe [2019-12-14 959984]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2019-11-19 104960]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S0 aswbidsh;aswbidsh;c:\windows\system32\drivers\aswbidsh.sys [2019-12-22 169408]
S0 aswbuniv;aswbuniv;c:\windows\system32\drivers\aswbuniv.sys [2019-12-22 59368]
S0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2019-12-22 73312]
S0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2019-12-22 277408]
S1 aswArPot;aswArPot;c:\windows\system32\drivers\aswArPot.sys [2019-12-22 174712]
S1 aswbidsdriver;aswbidsdriver;c:\windows\system32\drivers\aswbidsdriver.sys [2019-12-22 224008]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2019-12-22 41200]
S1 aswNetSec;aswNetSec;c:\windows\system32\drivers\aswNetSec.sys [2019-12-22 411088]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2019-12-22 691528]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2019-12-22 394856]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2019-12-22 145048]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2019-12-22 176760]
S2 avast! Firewall;Avast Firewall Service;c:\program files\AVAST Software\Avast\afwServ.exe [2019-12-22 373928]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S3 aswbIDSAgent;aswbIDSAgent;c:\program files\AVAST Software\Avast\aswidsagent.exe [2019-12-22 5106064]
S3 aswNetNd6;Avast Firewall NDIS6 Helper;c:\windows\system32\DRIVERS\aswNetNd6.sys [2019-12-22 36104]
S3 CLMirrorDriver;CLMirrorDriver;c:\windows\system32\DRIVERS\CLMirrorDriver.sys [2015-05-20 21264]
S3 clwvd7;CyberLink WebCam Virtual Driver 7.0 Service;c:\windows\system32\DRIVERS\clwvd7.sys [2016-06-02 43800]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [2009-07-13 50688]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
utcsvc REG_MULTI_SZ DiagTrack
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2019-12-19 18:41 1924080 ----a-w- c:\program files\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2019-05-03 02:33 328240 ----a-w- c:\program files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A8504530-742B-42BC-895D-2BAD6406F698}]
2019-12-22 10:19 3068704 ----a-w- c:\program files\AVAST Software\Browser\Application\77.2.2152.121\Installer\chrmstp.exe
.
.
------- Scansione supplementare -------
.
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Utente\AppData\Roaming\Mozilla\Firefox\Profiles\t7hc6nip.default-release-1569191586928\
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
Toolbar-Locked - (no file)
HKU-Default-Run-ZoneAlarm Windows 10 Upgrader - c:\programdata\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_32_0_0_303_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_32_0_0_303_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Ora fine scansione: 2019-12-22 16:55:24
ComboFix-quarantined-files.txt 2019-12-22 15:55
.
Pre-Run: 355.751.227.392 byte disponibili
Post-Run: 355.776.299.008 byte disponibili
.
- - End Of File - - 69CE4FC0E3F317710024349C247301CF
A36C5E4F47E84449FF07ED3517B43A31
Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.