Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Invasione di brani di pubblicità e apertura di pagine non richieste. RISOLTO

Invasione di brani di pubblicità e apertura di pagine non richieste. RISOLTO Opzioni
Topic Precedente · Topic Sucessivo
tramp
Inviato: Thursday, December 18, 2014 10:54:27 AM

Rank: AiutAmico

Iscritto dal : 7/19/2009
Posts: 101
Salve amici

Qui sotto, l'inizio di questa storia:
http://forum.aiutamici.com/yaf_postst94876_Invasione-di-pubblicit224-e-apertura-applicazioni-non-richieste.aspx

Come consigliato nel topic sopra, apro qui un nuovo post, e riporto qui sotto 5 log relativi alle operazioni già suggeritemi.
Posto qui sotto in copia perché ho trovato difficoltà con wikisend.

Qualcuno dei 'super' gentilissimi instancabili mi aiuta? Pray grazie!!!

n.b.: il log di hijackthis si è interrotto durante la greazione, ha mandato un avviso di cui non ho capito nulla, poi è ripartito. Ma mi sembra estremamente breve rispetto ad altri che ho visto qui...


[tramp]------------------>>> 1 - Qui sotto: malwarebytes


<?xml version="1.0" encoding="UTF-8"?>

-<mbam-log>


-<header>

<date>2014/12/16 11:07:36 +0100</date>

<logfile>mbam-log-2014-12-16 (11-07-34).xml</logfile>

<isadmin>yes</isadmin>

</header>


-<engine>

<version>2.00.4.1028</version>

<malware-database>v2014.12.16.02</malware-database>

<rootkit-database>v2014.12.14.01</rootkit-database>

<license>trial</license>

<file-protection>enabled</file-protection>

<web-protection>enabled</web-protection>

<self-protection>enabled</self-protection>

</engine>


-<system>

<osversion>Windows 7 Service Pack 1</osversion>

<arch>x64</arch>

<username>User</username>

<filesys>NTFS</filesys>

</system>


-<summary>

<type>threat</type>

<result>completed</result>

<objects>313363</objects>

<time>581</time>

<processes>0</processes>

<modules>0</modules>

<keys>0</keys>

<values>0</values>

<datas>0</datas>

<folders>0</folders>

<files>0</files>

<sectors>0</sectors>

</summary>


-<options>

<memory>enabled</memory>

<startup>enabled</startup>

<filesystem>enabled</filesystem>

<archives>enabled</archives>

<rootkits>enabled</rootkits>

<deeprootkit>disabled</deeprootkit>

<heuristics>enabled</heuristics>

<pup>enabled</pup>

<pum>enabled</pum>

</options>

<items> </items>

</mbam-log>




[tramp]------------------>>> 2 - Qui sotto: ADWcleaner


# AdwCleaner v4.105 - Rapporto creato 16/12/2014 in 11:30:57
# Aggiornato 08/12/2014 di Xplode
# Database : 2014-12-13.4 [Live]
# Sistema operativo : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nome utente : User - USER-PC
# In esecuzione da : C:\Users\User\Downloads\adwcleaner_4.105.exe
# Opzione : Scansiona

***** [ Servizi ] *****


***** [ File / Cartelle ] *****


***** [ Compiti ] *****


***** [ Collegamenti ] *****


***** [ Registro ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v34.0.5 (x86 it)


*************************

AdwCleaner[R0].txt - [1519 octets] - [16/12/2014 07:08:56]
AdwCleaner[R1].txt - [888 octets] - [16/12/2014 11:28:44]
AdwCleaner[R2].txt - [746 octets] - [16/12/2014 11:30:57]
AdwCleaner[S0].txt - [1593 octets] - [16/12/2014 07:10:45]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [865 octets] ##########



[tramp]------------------>>> 3 - Qui sotto: JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Home Premium x64
Ran by User on 16/12/2014 at 18:25:16,50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ FireFox

Emptied folder: C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\4akm70ul.default\minidumps [15 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16/12/2014 at 18:29:26,53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



[tramp]------------------>>> 4 - Qui sotto: OTL

OTL logfile created on: 16/12/2014 18:34:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17501)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

4,00 Gb Total Physical Memory | 2,81 Gb Available Physical Memory | 70,30% Memory free
8,00 Gb Paging File | 6,38 Gb Available in Paging File | 79,76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 418,37 Gb Free Space | 89,84% Space Free | Partition Type: NTFS

Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - C:\Users\User\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\LibreOffice 4\program\soffice.exe (The Document Foundation)
PRC - C:\Program Files (x86)\LibreOffice 4\program\soffice.bin (The Document Foundation)
PRC - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Windows\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\LibreOffice 4\program\python3.dll ()
MOD - C:\Program Files (x86)\LibreOffice 4\program\libxslt.dll ()
MOD - C:\Program Files (x86)\LibreOffice 4\program\libxml2.dll ()
MOD - C:\Program Files (x86)\LibreOffice 4\program\glew32.dll ()
MOD - C:\Program Files (x86)\LibreOffice 4\program\python-core-3.3.3\lib\_socket.pyd ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\c4c26f1f33a5e1db0ca84721a1a0974e\WindowsFormsIntegration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\b35194c98055b5c429f5f95a358dac19\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\4f396f344b534b906bfd1776362fff67\System.ServiceModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\0343efc2e90ed96778bfe07c578998d9\System.IdentityModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\a56ef7fb16af2600d5d926352cdd7ead\System.Transactions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\b8c8995c9d1c2b232a48ae3613dbf47d\System.Runtime.DurableInstancing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\35d58a4c31a309a0396e629304acbcab\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\fc1881837ac65088fc33fc91ec1b536a\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\87ec0a137819cae5fb587cbf59618f8e\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\046fc34e33c8a8bd43caf93791514566\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\1a2786fdc688c6e83ec15e110b33746f\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\cc082640510b78e6a0f699bbbaf8eab5\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\d8e09d0ff482a09afc9bdc407e4cfd08\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\53187eb0a4eb555b2ddc0e922bd7eea7\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d6d58d8a2343199405d3bfc4853983a5\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\41d712743eb9b947d166a7580a93bf74\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\f96568c9ba7ab7d0569bdfd8320e49c6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\9a0ba418fa6398a66c87d469cea21737\System.Data.Linq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\f3ca136ba36eb7a113e1b3547374a14b\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\23604c40a06ab02f873e82d15e47ba16\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6783353a6277418227e5b0e5a043049e\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\95422454854dfd70c528fa2911f53f90\System.Numerics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\f014b1f34734c93956924e68c67ecb55\mscorlib.ni.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (Avira.OE.ServiceHost) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (Avira Operations GmbH & Co. KG)
SRV - (TeamViewer9) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV:64bit: - (TrueSight) -- C:\Windows\SysNative\drivers\TrueSight.sys ()
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (mbamchameleon) -- C:\Windows\SysNative\drivers\mbamchameleon.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (netr7364) -- C:\Windows\SysNative\drivers\netr7364.sys (Ralink Technology, Corp.)
DRV:64bit: - (e1express) -- C:\Windows\SysNative\drivers\e1e6032e.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (PAC207) -- C:\Windows\SysNative\drivers\PFC027.SYS (PixArt Imaging Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-1617115937-3692857732-2375686277-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/it-it/?ocid=iehp
IE - HKU\S-1-5-21-1617115937-3692857732-2375686277-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it
IE - HKU\S-1-5-21-1617115937-3692857732-2375686277-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A1 CB E6 85 5B E6 CF 01 [binary data]
IE - HKU\S-1-5-21-1617115937-3692857732-2375686277-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1617115937-3692857732-2375686277-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1617115937-3692857732-2375686277-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.startup.homepage: "http://mail.tiscali.it/"
FF - prefs.js..extensions.enabledAddons: %7B8d43d421-1dc6-47bf-a788-198db71fb00f%7D:0.42
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:34.0.5
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2014/10/12 22:24:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions
[2014/12/13 22:58:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\4akm70ul.default\extensions
[2014/12/13 22:58:49 | 000,000,000 | ---D | M] ("FoxxIt-B") -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\4akm70ul.default\extensions\{8d43d421-1dc6-47bf-a788-198db71fb00f}
[2014/12/12 10:22:40 | 000,000,000 | ---D | M] (Avira Browser Safety) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\4akm70ul.default\extensions\abs@avira.com
[2014/12/13 22:31:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles4akm70ul.default\extensions
[2014/12/13 22:31:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles4akm70ul.default\extensions\staged
[2014/12/09 11:10:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014/12/09 11:10:07 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:64bit: - HKLM..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Avira Operations GmbH & Co. KG)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F3568F56-71F4-468F-98BB-D9E41559DBF0}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\System32\Userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (bj.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 60 Days ==========

[2014/12/16 18:25:15 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/12/16 09:28:27 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\CrashDumps
[2014/12/16 07:16:07 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2014/12/16 07:08:40 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/12/16 06:46:29 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/12/16 06:46:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/12/16 06:46:03 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/12/16 06:46:03 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/12/16 06:46:03 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/12/16 06:46:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/12/16 06:46:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/12/16 06:45:11 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Programs
[2014/12/13 22:31:55 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\WebTest
[2014/12/10 08:10:30 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2014/12/10 08:10:27 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/12/10 08:10:27 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/12/10 08:10:27 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/12/10 08:10:27 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/12/10 08:10:27 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/12/10 08:10:26 | 000,718,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/12/10 08:10:26 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/12/10 08:10:26 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/12/10 08:10:26 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/12/10 08:10:25 | 002,052,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/12/10 08:10:25 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/12/10 08:10:25 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/12/10 08:10:24 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/12/10 08:10:24 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/12/10 08:10:24 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/12/10 08:10:24 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/12/10 08:10:24 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/12/10 08:10:24 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/12/10 08:10:24 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/12/10 08:10:23 | 002,125,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/12/10 08:10:23 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/12/10 08:10:23 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/12/10 08:10:22 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/12/10 08:10:21 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/12/10 08:10:21 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/12/10 08:10:21 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/12/10 08:10:21 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/12/10 08:10:21 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/12/10 08:10:20 | 006,039,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/12/10 08:10:20 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/12/10 08:10:20 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/12/10 08:10:20 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/12/10 08:10:19 | 000,580,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/12/10 08:10:19 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/12/10 08:10:19 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/12/09 11:10:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/12/01 11:06:41 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\MigWiz
[2014/11/29 12:28:38 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\ELISA BOTTICINI
[2014/11/29 12:28:21 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Nuova cartella
[2014/11/23 08:48:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2014/11/23 08:48:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trust
[2014/11/23 08:48:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trust
[2014/11/23 08:48:36 | 000,000,000 | ---D | C] -- C:\Windows\PixArt
[2014/11/23 08:48:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PAC207
[2014/11/23 08:48:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2014/11/23 08:48:13 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2014/11/20 11:59:08 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\sun
[2014/11/20 11:56:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3
[2014/11/17 17:15:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2014/11/14 15:48:59 | 000,000,000 | -HSD | C] -- C:\Users\User\AppData\Local\EmieUserList
[2014/11/14 15:48:59 | 000,000,000 | -HSD | C] -- C:\Users\User\AppData\Local\EmieSiteList
[2014/11/14 15:48:59 | 000,000,000 | -HSD | C] -- C:\Users\User\AppData\Local\EmieBrowserModeList
[2014/11/14 15:04:28 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/11/14 15:04:28 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2014/11/14 15:04:28 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2014/11/14 15:04:28 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2014/11/14 15:04:28 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2014/11/14 15:02:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/11/14 15:02:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/11/14 15:02:28 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10K.DLL
[2014/11/14 15:02:28 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10K.DLL
[2014/11/14 15:02:28 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
[2014/11/14 15:02:28 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
[2014/11/14 15:02:28 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEng.dll
[2014/11/14 15:02:28 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2014/11/14 15:02:28 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDump.dll
[2014/11/14 15:02:24 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2014/11/14 15:02:18 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014/11/14 15:02:18 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014/11/14 15:02:17 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2014/11/10 20:13:14 | 000,875,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr110.dll
[2014/11/10 20:13:14 | 000,535,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp110.dll
[2014/11/10 20:13:14 | 000,252,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vccorlib110.dll
[2014/10/19 13:59:11 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014/10/19 13:59:11 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/10/19 09:55:58 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE
[2014/10/19 09:51:05 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2014/10/19 09:51:01 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2014/10/19 09:51:01 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2014/10/19 09:51:01 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014/10/19 09:51:00 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2014/10/19 09:51:00 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/10/19 09:51:00 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014/10/19 09:51:00 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/10/19 09:51:00 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2014/10/19 09:51:00 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2014/10/19 09:51:00 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2014/10/19 09:51:00 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014/10/19 09:51:00 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2014/10/19 09:51:00 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/10/19 09:51:00 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2014/10/19 09:51:00 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2014/10/19 09:51:00 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2014/10/19 09:51:00 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2014/10/19 09:51:00 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2014/10/19 09:51:00 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2014/10/19 09:51:00 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2014/10/19 09:51:00 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014/10/19 09:50:59 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2014/10/19 09:50:59 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2014/10/19 09:50:59 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014/10/19 09:50:59 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2014/10/19 09:50:59 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/10/19 09:50:59 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2014/10/19 09:50:59 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2014/10/19 09:50:59 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2014/10/19 09:50:59 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/10/19 09:50:59 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2014/10/19 09:50:59 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2014/10/19 09:50:59 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014/10/19 09:50:59 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2014/10/19 09:50:59 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2014/10/19 09:50:59 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2014/10/19 09:50:59 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2014/10/19 09:50:59 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014/10/19 09:50:58 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/10/19 09:50:58 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2014/10/19 09:50:58 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014/10/19 09:50:58 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2014/10/19 09:50:58 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2014/10/19 09:50:58 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014/10/19 09:50:14 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2014/10/19 09:50:14 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2014/10/19 09:50:14 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
[2014/10/19 09:50:13 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
[2014/10/19 09:49:27 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/10/19 09:49:27 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/10/19 09:49:27 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/10/19 09:49:27 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/10/19 09:49:27 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/10/19 09:49:27 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/10/19 09:49:27 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/10/19 09:49:27 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/10/19 09:49:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/10/19 09:49:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/10/19 09:49:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/10/19 09:49:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/10/19 09:49:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2014/10/19 09:49:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2014/10/19 09:49:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/10/19 09:49:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/10/19 09:49:27 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/10/19 09:49:27 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/10/19 09:49:26 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2014/10/19 09:49:26 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2014/10/19 09:49:26 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2014/10/19 09:49:26 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2014/10/19 09:49:26 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2014/10/19 09:49:26 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2014/10/19 09:49:26 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2014/10/19 09:49:26 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2014/10/19 09:49:26 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2014/10/19 09:49:26 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2014/10/19 09:49:26 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2014/10/19 09:49:26 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2014/10/19 09:49:26 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2014/10/19 09:49:26 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2014/10/19 09:49:26 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2014/10/19 09:49:26 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2014/10/19 09:49:26 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2014/10/19 09:49:26 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2014/10/19 09:48:03 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2014/10/19 09:48:03 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2014/10/18 16:32:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2014/10/18 16:32:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat

========== Files - Modified Within 60 Days ==========

[2014/12/16 18:18:48 | 000,020,448 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/12/16 18:18:48 | 000,020,448 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/12/16 18:14:46 | 001,541,382 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/12/16 18:14:46 | 000,698,332 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2014/12/16 18:14:46 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/12/16 18:14:46 | 000,127,558 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2014/12/16 18:14:46 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/12/16 18:12:58 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/12/16 18:10:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/12/16 18:10:20 | 3220,676,608 | -HS- | M] () -- C:\hiberfil.sys
[2014/12/16 12:07:01 | 000,000,978 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/12/16 10:57:15 | 000,001,106 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/12/16 07:16:09 | 000,035,064 | ---- | M] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2014/12/14 22:57:45 | 000,014,764 | ---- | M] () -- C:\Users\User\Desktop\Rubrica - collegamento.lnk
[2014/12/13 22:35:51 | 000,002,094 | ---- | M] () -- C:\Users\User\Desktop\Profilo di Avira Free Antivirus Selezione manuale.LNK
[2014/12/10 18:57:37 | 000,001,133 | ---- | M] () -- C:\Users\Public\Desktop\Avira.lnk
[2014/12/09 20:07:09 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/12/09 20:07:09 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/12/03 10:17:17 | 000,013,769 | ---- | M] () -- C:\Users\User\Desktop\PW - collegamento (2).lnk
[2014/11/27 15:47:30 | 000,007,605 | ---- | M] () -- C:\Users\User\AppData\Local\Resmon.ResmonCfg
[2014/11/23 09:00:26 | 000,921,632 | ---- | M] () -- C:\PA207.DAT
[2014/11/22 04:06:11 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/11/22 03:50:39 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/11/22 03:50:10 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/11/22 03:49:54 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/11/22 03:48:20 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/11/22 03:40:41 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/11/22 03:37:10 | 000,633,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/11/22 03:35:43 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/11/22 03:35:29 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/11/22 03:34:51 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/11/22 03:34:07 | 006,039,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/11/22 03:26:31 | 000,968,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/11/22 03:22:40 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/11/22 03:14:16 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/11/22 03:09:12 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/11/22 03:08:06 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/11/22 03:07:17 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/11/22 03:06:32 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/11/22 03:05:02 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/11/22 03:05:01 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/11/22 02:58:54 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/11/22 02:56:40 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/11/22 02:55:16 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/11/22 02:54:30 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/11/22 02:49:29 | 000,718,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/11/22 02:49:28 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/11/22 02:47:10 | 001,359,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/11/22 02:46:58 | 002,125,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/11/22 02:40:04 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/11/22 02:36:14 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/11/22 02:35:24 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/11/22 02:22:49 | 002,052,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/11/22 02:21:57 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/11/22 02:03:42 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/11/22 01:54:44 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/11/21 06:14:22 | 000,063,704 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/11/21 06:14:12 | 000,093,400 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/11/21 06:14:08 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/11/20 14:36:44 | 000,291,408 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/11/20 11:56:36 | 000,001,476 | ---- | M] () -- C:\Users\Public\Desktop\LibreOffice 4.3.lnk
[2014/11/17 17:15:07 | 000,001,166 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[2014/11/11 04:09:06 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2014/11/10 20:13:14 | 000,875,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr110.dll
[2014/11/10 20:13:14 | 000,535,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp110.dll
[2014/11/10 20:13:14 | 000,252,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\vccorlib110.dll
[2014/10/25 02:57:59 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014/10/25 02:32:37 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014/10/19 09:51:05 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2014/10/19 09:51:01 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2014/10/19 09:51:01 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2014/10/19 09:51:01 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014/10/19 09:51:00 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2014/10/19 09:51:00 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/10/19 09:51:00 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014/10/19 09:51:00 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/10/19 09:51:00 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2014/10/19 09:51:00 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2014/10/19 09:51:00 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2014/10/19 09:51:00 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014/10/19 09:51:00 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2014/10/19 09:51:00 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/10/19 09:51:00 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2014/10/19 09:51:00 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2014/10/19 09:51:00 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2014/10/19 09:51:00 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2014/10/19 09:51:00 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2014/10/19 09:51:00 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2014/10/19 09:51:00 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2014/10/19 09:51:00 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/10/19 09:51:00 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014/10/19 09:50:59 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2014/10/19 09:50:59 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2014/10/19 09:50:59 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014/10/19 09:50:59 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2014/10/19 09:50:59 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/10/19 09:50:59 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2014/10/19 09:50:59 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2014/10/19 09:50:59 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2014/10/19 09:50:59 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/10/19 09:50:59 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2014/10/19 09:50:59 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2014/10/19 09:50:59 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014/10/19 09:50:59 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2014/10/19 09:50:59 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2014/10/19 09:50:59 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2014/10/19 09:50:59 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2014/10/19 09:50:59 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2014/10/19 09:50:59 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014/10/19 09:50:58 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/10/19 09:50:58 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2014/10/19 09:50:58 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014/10/19 09:50:58 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2014/10/19 09:50:58 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2014/10/19 09:50:58 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014/10/19 09:50:14 | 001,732,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2014/10/19 09:50:14 | 000,878,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2014/10/19 09:50:14 | 000,859,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
[2014/10/19 09:50:13 | 000,619,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
[2014/10/19 09:49:27 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/10/19 09:49:27 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/10/19 09:49:27 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/10/19 09:49:27 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/10/19 09:49:27 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/10/19 09:49:27 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/10/19 09:49:27 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/10/19 09:49:27 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/10/19 09:49:27 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/10/19 09:49:27 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/10/19 09:49:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/10/19 09:49:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/10/19 09:49:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2014/10/19 09:49:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2014/10/19 09:49:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/10/19 09:49:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/10/19 09:49:27 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/10/19 09:49:27 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/10/19 09:49:26 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2014/10/19 09:49:26 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2014/10/19 09:49:26 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2014/10/19 09:49:26 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2014/10/19 09:49:26 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2014/10/19 09:49:26 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2014/10/19 09:49:26 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2014/10/19 09:49:26 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2014/10/19 09:49:26 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2014/10/19 09:49:26 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2014/10/19 09:49:26 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2014/10/19 09:49:26 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2014/10/19 09:49:26 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2014/10/19 09:49:26 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2014/10/19 09:49:26 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2014/10/19 09:49:26 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2014/10/19 09:49:26 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2014/10/19 09:49:26 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2014/10/19 09:48:03 | 001,887,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2014/10/19 09:48:03 | 001,505,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2014/10/18 03:05:23 | 000,861,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll

========== Files Created - No Company Name ==========

[2014/12/16 07:16:09 | 000,035,064 | ---- | C] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2014/12/16 06:46:06 | 000,001,106 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/12/14 22:57:45 | 000,014,764 | ---- | C] () -- C:\Users\User\Desktop\Rubrica - collegamento.lnk
[2014/12/13 22:35:51 | 000,002,094 | ---- | C] () -- C:\Users\User\Desktop\Profilo di Avira Free Antivirus Selezione manuale.LNK
[2014/12/03 10:17:17 | 000,013,769 | ---- | C] () -- C:\Users\User\Desktop\PW - collegamento (2).lnk
[2014/11/27 15:47:25 | 000,007,605 | ---- | C] () -- C:\Users\User\AppData\Local\Resmon.ResmonCfg
[2014/11/23 09:00:26 | 000,921,632 | ---- | C] () -- C:\PA207.DAT
[2014/11/20 11:56:36 | 000,001,476 | ---- | C] () -- C:\Users\Public\Desktop\LibreOffice 4.3.lnk
[2014/11/17 17:15:07 | 000,001,178 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
[2014/11/17 17:15:07 | 000,001,166 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[2014/11/14 18:38:46 | 000,001,133 | ---- | C] () -- C:\Users\Public\Desktop\Avira.lnk
[2014/10/19 09:51:00 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/10/19 09:50:59 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/25 03:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 03:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/10/13 07:25:54 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\LibreOffice
[2014/12/13 22:31:55 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\WebTest

========== Purity Check ==========



< End of report >



[tramp]------------------>>> 5 - Qui sotto: Hijackthis

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 10:30:14, on 18/12/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)

FIREFOX: 34.0.5 (x86 it)
Boot mode: Normal

Running processes:
C:\Windows\PixArt\PAC207\Monitor.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\User\AppData\Local\Temp\Rar$EXa0.302\HijackThisPortable\HijackThisPortable.exe
C:\Users\User\AppData\Local\Temp\Rar$EXa0.637\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Pianificatore (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6784 bytes
Torna in alto
 
Sponsor
Inviato: Thursday, December 18, 2014 10:54:27 AM

 
Torna in alto
 
cbbusto
Inviato: Thursday, December 18, 2014 3:31:36 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Le varie scansioni non hanno rilevato niente il log di HJT è completo ma è tutto a posto, non hai detto se il problema delle pagine pubblicitarie continua.
Vai in gestione motori di ricerca e controlla fra i vari motori se c'è qualche voce che non conosci e la elimini, io proverei ad eliminare bing search e metti google come predefinito, controlla anche che la home page dei browser sia la tua ed eventualmente correggi.
Per bloccare la pubblicità dovresti installare AdBlockPlus in Firefox lo trovi qui:
https://addons.mozilla.org/it/firefox/addon/adblock-plus/
clic su Add to Firefox una volta installato riavvia il browser, vediamo cosa succede.
Eventualmente potresti provare un ripristino di firefox, vai sul menu Aiuto/Risoluzione dei problemi e poi clic su Ripristina Firefox. Altra soluzione potrebbe esere quella di fare un Ripristino configurazione del sistema ad una data antecedente l'apparire del problema, sempre che ci sia. Per ora non ho altre soluzioni.
Fai sapere se ci sono migliorie. Ciao
Torna in alto
 
tramp
Inviato: Thursday, December 18, 2014 10:53:36 PM

Rank: AiutAmico

Iscritto dal : 7/19/2009
Posts: 101
Aggiornamento post intervento di ripristino di firefox:
Sembra andato tutto a posto dopo il ripristino di firefox; prima ho aggiunto AdBlockPlus; ma se prima nel menu dei motori di ricerca avevo soltanto Googlke e Avira Safesearch, ora quest'ultimo è sparito, mentre ne sono arrivati 5 o 6... io voglio soltanto google! Se clicco dx su uno degli indesiderati, l'unica voce plausibile sembrerebbe 'rimuovi dalla barra degli strumenti', ma mi rimuove tutto il menu... che fare?

cbbusto ha scritto:
Le varie scansioni non hanno rilevato niente il log di HJT è completo ma è tutto a posto, non hai detto se il problema delle pagine pubblicitarie continua.
Sì, continua tutto come prima. L'invasione ha tre caratteristiche:
- parole con doppia sottolineatura, che linkano a siti e spezzoni di siti improbabili;
- spezzoni di pagine pubblicitarie tipo e-bay o simili;
- pagine pop-up con proposta di aggiornamenti di applicazioni come flash e simili.
Su questo forum stranamente appare solo il primo tipo di disturbo; su un forum che modero, appaiono tutti insieme, tanto che per leggere un post riga per riga devo usare il cursore laterale.
cbbusto ha scritto:
Vai in gestione motori di ricerca e controlla fra i vari motori se c'è qualche voce che non conosci e la elimini, io proverei ad eliminare bing search e metti google come predefinito, controlla anche che la home page dei browser sia la tua ed eventualmente correggi.
Ora ho soltanto google predefinito e Avira safe search, che non riesco a cancellare (avira è il mio antivirus, ma safe search non lo avevo mai visto prima; come lo tolgo di lì?
cbbusto ha scritto:
Per bloccare la pubblicità dovresti installare AdBlockPlus in Firefox lo trovi qui:
https://addons.mozilla.org/it/firefox/addon/adblock-plus/
clic su Add to Firefox una volta installato riavvia il browser, vediamo cosa succede.

Ok lo faccio e ti faccio sapere.
cbbusto ha scritto:
Eventualmente potresti provare un ripristino di firefox, vai sul menu Aiuto/Risoluzione dei problemi e poi clic su Ripristina Firefox.
ok, mai fatto prima, ma lo faccio.
cbbusto ha scritto:
Altra soluzione potrebbe esere quella di fare un Ripristino configurazione del sistema ad una data antecedente l'apparire del problema, sempre che ci sia. Per ora non ho altre soluzioni.
Su win7 non so come si fa; se non riesco cerco e/o chiedo qui...
cbbusto ha scritto:
Fai sapere se ci sono migliorie. Ciao

Ma certo, figurati se mollo... Anxious
Torna in alto
 
cbbusto
Inviato: Friday, December 19, 2014 12:11:08 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Per rimuovere un motore di ricerca, in gestione motori clicca solla voce che vuoi eliminare, alla destra della finestra clicca su rimuovi e il motore sparisce, non rimuove nient'altro l'antivirus rimane.
Visto che è sistemato il ripristino configurazione del sistema non occorre.
Comunque la procedura la trovi qui:
http://windows.microsoft.com/it-it/windows7/products/features/system-restore
Ciao
Torna in alto
 
tramp
Inviato: Saturday, December 20, 2014 5:02:15 PM

Rank: AiutAmico

Iscritto dal : 7/19/2009
Posts: 101
Grazie!
Torna in alto
 
Utenti presenti in questo topic
Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Invasione di brani di pubblicità e apertura di pagine non richieste. RISOLTO


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.