Ciao a tutti! Da più di due settimane il mio pc era diventato inutilizzabile... navigazione in internet lentissima, pubblicità che si lanciavano da sole etc.. Leggendo in internet ho scoperto che questo malfunzionamento era probabilmente dovuto alla presenza di malware sul mio pc e che il modo migliore per risolvere il problema era quello di affidarsi al lavoro di pulizia di Combo fix.
Ho quindi proceduto in questo modo, disattivando dapprima il mio antivirus (kasperky).
Al termine della procedura, ho salvato il log (che non so leggere ne interpretare) ed ho spento il pc.
In seguito, riaccendendo il pc ho notato la stessa lentezza e lo stesso problema delle pagine pubblicitarie che si aprono da sole navigando con Internet Explorer.
A questo punto non so piu che fare e chiedo perciò il vostro aiuto, allegando il log !!
Vorrei anche chiedervi se devo riattivare il mio antivirus e disinstallare Combo fix.
Grazie a tutti!!!!
ComboFix 15-04-28.01 - Martina 01/05/2015 21:43:15.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.39.1040.18.2039.805 [GMT 2:00]
Eseguito da: c:\users\Martina\Downloads\ComboFix.exe
AV: Kaspersky Internet Security *Enabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
FW: Kaspersky Internet Security *Enabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
SP: Kaspersky Internet Security *Enabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\broowSeandshop
c:\program files\broowSeandshop\PAxkJIZ0LIEHd3.dat
c:\program files\broowSeandshop\PAxkJIZ0LIEHd3.dll
c:\program files\broowSeandshop\PAxkJIZ0LIEHd3.tlb
c:\program files\LyricsMonkey
c:\program files\Nosibay\Bubble Dock\extensions\axSUrfmatch.dll
c:\program files\offerappp
c:\program files\offerappp\1DMINjstNmmdhK.dat
c:\program files\offerappp\1DMINjstNmmdhK.dll
c:\program files\offerappp\1DMINjstNmmdhK.tlb
c:\program files\XingHaoLyrics
c:\programdata\364344374278242019
c:\programdata\364344374278242019\c82ba59a4fab6da91d6f387afa2ec55e.ini
c:\programdata\364344374278242019\cba7e870448052ac1d6f387afa2ec55e.ini
c:\programdata\364344374278242019\d7285e57b7aa30501d6f387afa2ec55e.ini
c:\programdata\364344374278242019\f91231144eed79311d6f387afa2ec55e.ini
c:\programdata\BrowserDefender
c:\programdata\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl
c:\programdata\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings
c:\programdata\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm
c:\programdata\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00
c:\programdata\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01
c:\programdata\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02
c:\programdata\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03
c:\programdata\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10
c:\programdata\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11
c:\programdata\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12
c:\programdata\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13
c:\programdata\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20
c:\programdata\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21
c:\programdata\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22
c:\programdata\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23
c:\users\Martina\AppData\Local\EoRezo
c:\users\Martina\AppData\Local\EoRezo\eorezo\1.10\eorezo.cyl
c:\users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\{29894827-74FC-425B-965F-555B734ADF10}.xps
c:\users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\{29A7F9BC-4562-4ED5-9039-EDE371B1F23C}.xps
c:\users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\{2A63FE1E-BD8D-4190-96F4-F9A258F5277E}.xps
c:\users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\{411253FB-575E-447A-9C91-4D257965AFBB}.xps
c:\users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\{4EA5CC13-5502-4D79-A062-46BE9A95AD04}.xps
c:\users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\{56DAE79C-B398-4D8E-A918-F698A5962488}.xps
c:\users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\{69F2069E-D499-4B67-AE2F-1CBE02060BA3}.xps
c:\users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\{7636FAB1-0D2A-49A1-BACD-5983B0DC4EBA}.xps
c:\users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\{76C25BB5-616C-4B75-A6BA-110DB5FB8ECD}.xps
c:\users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\{95BCF0DD-032B-42B3-A769-F85026423C01}.xps
c:\users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\{A3006AA0-A760-4264-9B78-44C8692AFB8D}.xps
c:\users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\{B006D101-64D0-44CD-9B32-C8CFED098980}.xps
c:\users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\{BD4E8973-8036-4EEF-AA7D-49B656340704}.xps
c:\users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\{C2047AD3-497B-4BC8-95AF-005225E5CD14}.xps
c:\users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\{C9B53280-B8AD-47E6-958E-C0EFCBEE936A}.xps
c:\users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\{D0168779-B59F-4F82-8309-D4636B28CE03}.xps
c:\users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\{E8D50D5E-16A0-4CBA-A002-A5E532E067A1}.xps
c:\users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\{E99A2280-920C-4A48-8FE7-B17CDE6B69E5}.xps
c:\users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\{EF173455-6184-42EA-A93C-873D8BF71FC8}.xps
c:\users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\{F4C8F8FC-B6B3-4FAD-B64E-9387932F9D4F}.xps
c:\users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\{F761D84F-A5F0-4A3E-89F2-16670007E60E}.xps
c:\users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\{F77A9E40-A3D1-49AE-88A9-18B4E9DCEE9E}.xps
c:\users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\{FB12211D-71F1-4887-BC93-7571627969F7}.xps
c:\users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\{FD4CAD14-D140-494E-AD60-BFD481A18FDC}.xps
c:\windows\system32\pt
c:\windows\system32\pt\AuthFWSnapIn.Resources.dll
c:\windows\system32\pt\AuthFWWizFwk.Resources.dll
c:\windows\system32\pt\Narrator.resources.dll
.
.
((((((((((((((((((((((((( Files Creati Da 2015-04-01 al 2015-05-01 )))))))))))))))))))))))))))))))))))
.
.
2015-05-01 20:07 . 2015-05-01 20:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-05-01 19:27 . 2015-05-01 19:27 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B7E85745-FB9F-4685-800D-B9AB762F8280}\offreg.dll
2015-04-29 20:43 . 2015-04-29 20:43 -------- d-----w- c:\program files\Enigma Software Group
2015-04-28 05:29 . 2015-05-01 18:57 -------- d-----w- C:\AdwCleaner
2015-04-19 09:32 . 2015-04-19 09:32 -------- d-----w- c:\users\Martina\AppData\Local\ElevatedDiagnostics
2015-04-17 20:17 . 2015-04-17 20:25 -------- d-----w- c:\program files\Team Liquid Streams
2015-04-17 20:16 . 2015-04-17 20:23 -------- d-----w- c:\program files\buYfast
2015-04-16 19:56 . 2015-04-16 19:56 -------- d-----w- c:\programdata\shopshop
2015-04-16 19:35 . 2015-04-16 19:35 -------- d-----w- c:\program files\LibrarySystem
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-18 17:35 . 2013-09-27 19:08 778416 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-04-18 17:35 . 2013-01-20 12:59 142512 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-02-24 03:23 . 2013-01-20 18:02 246920 ------w- c:\windows\system32\MpSigStub.exe
2015-02-16 04:21 . 2015-03-14 20:55 9041640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B7E85745-FB9F-4685-800D-B9AB762F8280}\mpengine.dll
2015-02-04 02:54 . 2015-02-22 09:48 482304 ----a-w- c:\windows\system32\generaltel.dll
2015-02-04 02:53 . 2015-02-22 09:48 621056 ----a-w- c:\windows\system32\invagent.dll
2015-02-04 02:53 . 2015-02-22 09:48 325632 ----a-w- c:\windows\system32\devinv.dll
2015-02-04 02:53 . 2015-02-22 09:48 767488 ----a-w- c:\windows\system32\appraiser.dll
2015-02-04 02:53 . 2015-02-22 09:48 202752 ----a-w- c:\windows\system32\aepdu.dll
2015-02-04 02:53 . 2015-02-22 09:48 159744 ----a-w- c:\windows\system32\aepic.dll
2015-02-04 02:49 . 2015-02-22 09:48 886784 ----a-w- c:\windows\system32\aeinv.dll
2013-08-19 18:29 . 2013-08-19 18:29 51992 ----a-w- c:\program files\WBDesktop.Updater.1.0.0.16.exe
2013-07-29 11:30 . 2013-07-29 11:30 51992 ----a-w- c:\program files\WDesktop.Updater.exe
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2011-03-04 2741616]
"nvhlpr"="c:\users\Martina\AppData\Local\ContextTrue\nvhlpr.exe" [2014-07-11 601584]
"cnthlpr"="c:\users\Martina\AppData\Local\ContextTrue\cnthlpr.exe" [2014-07-11 601584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2015-02-13 60712]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-11 287800]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2012-10-04 115032]
"MobileBroadband"="c:\program files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe" [2011-04-19 408576]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-02-21 1183744]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2014-01-17 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-02-13 157480]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-12-19 1022152]
.
c:\users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Monitora avvisi inchiostro - HP Officejet 4620 series.lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Officejet 4620 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN28T2104S05RT;CONNECTION=USB;MONITOR=1; [2009-7-14 44544]
superoptimizersetup.lnk - c:\programdata\{950e0269-9fe7-a6ca-950e-e02699fe09a6}\superoptimizersetup.exe /startup [2014-3-16 5838864]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 4a84c76f;LibrarySystem;c:\windows\system32\rundll32.exe [2009-07-14 44544]
R2 WebCake Desktop Updater;WebCake Desktop Updater;c:\program files\WBDesktop.Updater.1.0.0.16.exe [2013-08-19 51992]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2011-04-18 102784]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [2009-11-04 101120]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-01-12 102912]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-20 77184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2013-01-20 1343400]
R4 klflt;klflt;c:\windows\system32\DRIVERS\klflt.sys [2014-08-24 94304]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2014-08-24 25696]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys [2013-04-12 14432]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys [2013-05-14 45024]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys [2014-08-24 144992]
S2 VmbService;Servizio Vodafone Mobile Broadband;c:\program files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [2011-04-19 9216]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-01-12 227896]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2011-04-18 348160]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2011-04-18 72832]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys [2014-08-24 25184]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2014-08-24 25696]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-03-04 11:29 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-05-01 18:21 988488 ----a-w- c:\program files\Google\Chrome\Application\42.0.2311.135\Installer\chrmstp.exe
.
Contenuto della cartella 'Scheduled Tasks'
.
2015-05-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-27 17:35]
.
2014-04-15 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2013-01-20 12:34]
.
2014-04-15 c:\windows\Tasks\AutoKMSDaily.job
- c:\windows\AutoKMS\AutoKMS.exe [2013-01-20 12:34]
.
2015-05-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-08-20 10:18]
.
2015-02-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-08-20 10:18]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
mStart Page = hxxp://www.istartsurf.com/?type=hp&ts=1 ... S_5LZ8S75J
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://feed.snapdo.com/?publisher=Bundl ... type=ds&q={searchTerms}&installDate=01/06/2013
IE: Aggiungi ad Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ie_banner_deny.htm
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: I&nvia a OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.133.11.210 83.224.65.106
FF - ProfilePath - c:\users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\kmbxrztk.default\
FF - prefs.js: browser.startup.homepage -
FF - prefs.js: network.proxy.type - 2
FF - ExtSQL: !HIDDEN! 2013-01-29 22:05; smartwebprinting@hp.com; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - ExtSQL: !HIDDEN! 2013-01-29 22:05; smartwebprinting@hp.com; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - ExtSQL: !HIDDEN! 2013-05-02 21:21; {5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}; c:\program files\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
FF - ExtSQL: !HIDDEN! 2013-07-27 21:59; plugin@getwebcake.com; c:\users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\kmbxrztk.default\extensions\plugin@getwebcake.com.xpi
FF - ExtSQL: !HIDDEN! 2013-08-10 19:06; bubbledock@nosibay.com; c:\program files\Nosibay\Bubble Dock\extensions\FFSurfMatch
FF - ExtSQL: !HIDDEN! 2013-08-10 19:06; {906000a4-88d9-4d52-b209-7a772970d91f}; c:\users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\kmbxrztk.default\extensions\{906000a4-88d9-4d52-b209-7a772970d91f}
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
BHO-{0fabff6a-2f1e-402c-a64b-2d69ba97ee57} - c:\program files\broowSeandshop\PAxkJIZ0LIEHd3.dll
BHO-{895e6424-ee20-4ef8-9cf7-d0b03a3ac901} - c:\program files\offerappp\1DMINjstNmmdhK.dll
HKCU-Run-framei - c:\users\Martina\AppData\Local\ContextTrue\framei.exe
HKLM-Run-tuto4pc_it_11 - (no file)
AddRemove-DealPly - c:\program files\DealPly\uninst.exe
AddRemove-Desk 365 - c:\program files\Desk 365\eUninstall.exe
AddRemove-LSI Soft Modem - c:\windows\agrsmdel
AddRemove-WsysControl - c:\programdata\eSafe\eGdpSvc.exe
AddRemove-{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} - c:\programdata\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe
AddRemove-{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} - c:\users\Martina\AppData\Local\SwvUpdater\Updater.exe
AddRemove-{BDA14B0B-4672-3ABF-B189-A5958FE3A42F} - c:\program files\offerappp\1DMINjstNmmdhK.exe
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Ora fine scansione: 2015-05-02 02:48:49
ComboFix-quarantined-files.txt 2015-05-02 00:48
.
Pre-Run: 28.267.286.528 byte disponibili
Post-Run: 32.847.798.272 byte disponibili
.
- - End Of File - - 694F3D5E571524EF7BC2968AF655E80B
A36C5E4F47E84449FF07ED3517B43A31
Registrazione
