Salve a tutti!!!!!!
Spero che qualcuno mi aiuti per questa "piccola verifica".
Ho effettuato, insieme a mia sorella, una scansione completa del sistema con Malwarebytes Anti-malware Free Edition.
Il Pc è un portatile HP Pavilion G6 1130 SL con s.o, Windows 7 Home premium Service Pack 1, con Avast versione 9.0.12.08, Cc Cleaner Free Edition
versione 4.01.4151 Browser utilizzati per la connessione internet: Internet Explorer versione 11 e Chrome.
Vi allego qui il log per avere la vs. opinione in merito:
Malwarebytes Anti-Malware
www.malwarebytes.orgData scansione: 27/06/2014
Ora scansione: 15:52:31
File di log: Log scansione malwarebytes 27-06-2014.txt
Amministratore: Si
Versione: 2.00.2.1012
Database malware: v2014.06.27.05
Database rootkit: v2014.06.23.02
Licenza: Free
Protezione da malware: Disattivata
Protezione da siti web nocivi: Disattivata
Self-protection: Disattivata
SO: Windows 7 Service Pack 1
CPU: x64
File system: NTFS
Utente: Gloriana
Tipo di scansione: Scansione elementi nocivi
Risultati: Completata
Elementi analizzati: 266264
Tempo impiegato: 9 min, 18 sec
Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Disattivata
Heuristics: Attivata
PUP: Attivata
PUM: Attivata
Processi: 1
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, 1508, Elimina al riavvio, [96dbdaa3770444f26423ef6c748dce32]
Moduli: 0
(No malicious items detected)
Chiavi di registro: 4
PUP.Optional.IePluginService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginServices, Spostato in quarantena, [96dbdaa3770444f26423ef6c748dce32],
PUP.Optional.Skytech.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\sweet-page uninstaller, Spostato in quarantena, [95dce19c5625f442b6f5bad05aa717e9],
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\sweet-pageSoftware, Spostato in quarantena, [68092a53a2d9d56132a065959e65e51b],
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WindowsProtectManger, Spostato in quarantena, [8ee380fde8932511f46f7539f111738d],
Valori di registro: 6
PUP.Optional.VBates, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}, Spostato in quarantena, [95dcf08d5c1f58de468f153743bf0ef2],
PUP.Optional.VBates, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{21EAF666-26B3-4A3C-ABD0-CA2F5A326744}, C:\Program Files\V-bates\Firefox, Spostato in quarantena, [95dcf08d5c1f58de468f153743bf0ef2]
PUP.Optional.VBates, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{21EAF666-26B3-4A3C-ABD0-CA2F5A326744}, C:\Program Files\V-bates\Firefox, Spostato in quarantena, [95dcf08d5c1f58de468f153743bf0ef2]
PUP.Optional.VBates, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}, Spostato in quarantena, [4e2387f6700bfc3a70654606ed15a060],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SupTab\SEARCH~2.DLL, Spostato in quarantena, [b4bd7d00daa1c96d25308922976bd22e]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SupTab\SEARCH~1.DLL, Spostato in quarantena, [f37e91ecfd7e261056ffa407f50d619f]
Dati di registro: 6
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe
http://www.sweet-page.com/?type=sc&ts=1402564694&from=smt&uid=HitachiXHTS547550A9E384_J2160051GDR77DGDR77DX, Buono: (iexplore.exe), Cattivo (C:\Program Files\Internet Explorer\iexplore.exe
http://www.sweet-page.com/?type=sc&ts=1402564694&from=smt&uid=HitachiXHTS547550A9E384_J2160051GDR77DGDR77DX),Sostituito,[026f601d62190333980abdccfc085ba5]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL,
http://www.sweet-page.com/web/?type=ds&ts=1402564694&from=smt&uid=HitachiXHTS547550A9E384_J2160051GDR77DGDR77DX&q={searchTerms}, Buono: (http://www.google.com), Cattivo (http://www.sweet-page.com/web/?type=ds&ts=1402564694&from=smt&uid=HitachiXHTS547550A9E384_J2160051GDR77DGDR77DX&q={searchTerms}),Sostituito,[b3be730ab9c25fd7e6be0b7ec341ec14]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page,
http://www.sweet-page.com/web/?type=ds&ts=1402564694&from=smt&uid=HitachiXHTS547550A9E384_J2160051GDR77DGDR77DX&q={searchTerms}, Buono: (www.google.com), Cattivo (http://www.sweet-page.com/web/?type=ds&ts=1402564694&from=smt&uid=HitachiXHTS547550A9E384_J2160051GDR77DGDR77DX&q={searchTerms}),Sostituito,[d59c235aafccd1655d24730bff05d030]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe
http://www.sweet-page.com/?type=sc&ts=1402564694&from=smt&uid=HitachiXHTS547550A9E384_J2160051GDR77DGDR77DX, Buono: (iexplore.exe), Cattivo (C:\Program Files\Internet Explorer\iexplore.exe
http://www.sweet-page.com/?type=sc&ts=1402564694&from=smt&uid=HitachiXHTS547550A9E384_J2160051GDR77DGDR77DX),Sostituito,[3b3667163a41bb7b3c665336e222a35d]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL,
http://www.sweet-page.com/web/?type=ds&ts=1402564694&from=smt&uid=HitachiXHTS547550A9E384_J2160051GDR77DGDR77DX&q={searchTerms}, Buono: (http://www.google.com), Cattivo (http://www.sweet-page.com/web/?type=ds&ts=1402564694&from=smt&uid=HitachiXHTS547550A9E384_J2160051GDR77DGDR77DX&q={searchTerms}),Sostituito,[640dc5b8accfb87ef2b20782c53f44bc]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page,
http://www.sweet-page.com/web/?type=ds&ts=1402564694&from=smt&uid=HitachiXHTS547550A9E384_J2160051GDR77DGDR77DX&q={searchTerms}, Buono: (www.google.com), Cattivo (http://www.sweet-page.com/web/?type=ds&ts=1402564694&from=smt&uid=HitachiXHTS547550A9E384_J2160051GDR77DGDR77DX&q={searchTerms}),Sostituito,[1859abd2dc9f6acc3948c7b7a85cdb25]
Cartelle: 5
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, Elimina al riavvio, [4829b8c5611aeb4b7fc75158cb37f709],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, Spostato in quarantena, [4829b8c5611aeb4b7fc75158cb37f709],
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger, Spostato in quarantena, [e28f65184a31013529c404a5f111f010],
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\log, Spostato in quarantena, [e28f65184a31013529c404a5f111f010],
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\update, Spostato in quarantena, [e28f65184a31013529c404a5f111f010],
File: 7
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, Elimina al riavvio, [96dbdaa3770444f26423ef6c748dce32],
PUP.Optional.Skytech.A, C:\Users\Gloriana\AppData\Roaming\sweet-page\UninstallManager.exe, Spostato in quarantena, [95dce19c5625f442b6f5bad05aa717e9],
PUP.Optional.InstallCore, C:\Users\Gloriana\Downloads\songr.exe, Spostato in quarantena, [ff72d4a9b2c95adc11d9116ad13311ef],
PUP.Optional.QuickStart.A, C:\Users\Gloriana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage, Spostato in quarantena, [1a57146902791e184bf4f31263a1e818],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update\conf, Spostato in quarantena, [4829b8c5611aeb4b7fc75158cb37f709],
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\log\wprotectmanager_2014-06-12[11-19-04-496].log, Spostato in quarantena, [e28f65184a31013529c404a5f111f010],
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\update\conf, Spostato in quarantena, [e28f65184a31013529c404a5f111f010],
Settori fisici: 0
(No malicious items detected)
(end)
Quali sono le voci che costituiscono un'effettiva minaccia al sistema?
Grazie a chiunque mi aiuterà!!!!!!
