Condividi:        

DNSChanger + comparsa di pagine pornografiche

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

Re: DNSChanger + comparsa di pagine pornografiche

Postdi goldie » 18/03/15 09:42

grazie delle indicazioni. proverò al più presto
goldie
Newbie
 
Post: 8
Iscritto il: 02/02/15 16:54

Sponsor
 

Re: DNSChanger + comparsa di pagine pornografiche

Postdi goldie » 19/03/15 16:40

salve a tutti, ho girato a mio padre le istruzioni (viviamo in città diverse e ho sottomano il suo pc solo nel fine settimana), e questo è il messaggio che mi ha mandato stamattina:

"ora sembra che i siti porno e la polizia non ci siano più, ma c'è un altro problema con internet: mi funziona solo gmail e facebook come apro un altro sito entra immediatamente in funzione seektoexplore.com che mi invia a un sito di piscine e non si schioda di lì."

ho provato a guardare tra i vari topic, ma questo seektoexplore mi sembra una novità. nel link che mi avete girato qualche post fa, vicky67 parlava di infezione del router: potrebbe essere questo il caso?

grazie per il supporto
goldie
Newbie
 
Post: 8
Iscritto il: 02/02/15 16:54

Re: DNSChanger + comparsa di pagine pornografiche

Postdi nikita75 » 22/03/15 09:42

scaricati Malwarebytes ed effettua una scansione profonda .- Ti verra rilasciato un file di testo > copia e incolla e pubblicalo sul forum

https://it.malwarebytes.org/
"La teoria è quando si sa tutto e niente funziona. La pratica è quando tutto funziona e nessuno sa il perché. Noi abbiamo messo insieme la teoria e la pratica: non c'è niente che funzioni e nessuno sa il perché" Albert Einstein
Immagine
Avatar utente
nikita75
Utente Senior
 
Post: 5401
Iscritto il: 31/07/09 13:36
Località: Alberobello (Bari )

Re: DNSChanger + comparsa di pagine pornografiche

Postdi rino86 » 24/03/15 14:44

Ho un problema con dns changer. Ho fatto una scansione con combofix, accetto suggerimenti. Grazie per l'attenzione.
ComboFix 15-03-23.01 - Rino 24/03/2015 14:26:06.7.4 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.39.1040.18.3493.1498 [GMT 1:00]
Eseguito da: c:\users\Rino\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Rino\AppData\Local\temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\Rino\AppData\Roaming\SpeedRunnersLog.txt
c:\windows\msdownld.tmp
c:\windows\TEMP\logishrd\LVPrcInj01.dll
.
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_WiseBootAssistant
.
.
((((((((((((((((((((((((( Files Creati Da 2015-02-24 al 2015-03-24 )))))))))))))))))))))))))))))))))))
.
.
2015-03-24 13:32 . 2015-03-24 13:35 -------- d-----w- c:\users\Rino\AppData\Local\temp
2015-03-24 13:32 . 2015-03-24 13:32 -------- d-----w- c:\users\TEMP\AppData\Local\temp
2015-03-24 13:32 . 2015-03-24 13:32 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-03-24 13:32 . 2015-03-24 13:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-03-24 12:47 . 2015-03-24 13:13 114904 ----a-w- c:\windows\system32\drivers\7A14342A.sys
2015-03-18 12:54 . 2015-03-18 12:54 114904 ----a-w- c:\windows\system32\drivers\7B676495.sys
2015-03-17 18:03 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2015-03-17 15:32 . 2015-03-17 15:32 -------- d-----w- c:\users\Rino\AppData\Roaming\Awesomium
2015-03-17 15:31 . 2015-03-17 15:31 -------- d-----w- c:\programdata\Hi-Rez Studios
2015-03-17 15:31 . 2015-03-17 15:31 -------- d-----w- c:\program files\Hi-Rez Studios
2015-03-13 12:00 . 2015-02-03 03:12 171520 ----a-w- c:\windows\system32\ubpm.dll
2015-03-13 11:59 . 2015-02-03 03:12 179200 ----a-w- c:\windows\system32\wintrust.dll
2015-03-08 10:27 . 2015-03-08 12:56 114904 ----a-w- c:\windows\system32\drivers\415C6703.sys
2015-03-07 11:41 . 2015-03-07 13:10 114904 ----a-w- c:\windows\system32\drivers\101A5150.sys
2015-03-06 16:23 . 2015-03-06 16:23 -------- d-----w- c:\program files\gravitysensation.com
2015-02-27 11:40 . 2015-03-05 09:41 37896 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2015-02-27 11:38 . 2015-02-27 11:38 -------- d-----w- c:\users\Rino\AppData\Roaming\Avira
2015-02-27 11:36 . 2015-03-05 09:41 136216 ----a-w- c:\windows\system32\drivers\avipbb.sys
2015-02-27 11:36 . 2014-11-24 09:23 37352 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2015-02-27 11:36 . 2015-03-05 09:41 105864 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2015-02-27 11:32 . 2015-02-27 11:36 -------- d-----w- c:\programdata\Avira
2015-02-27 11:32 . 2015-02-27 11:36 -------- d-----w- c:\program files\Avira
2015-02-27 11:32 . 2015-02-27 11:32 -------- d-----w- c:\programdata\Package Cache
2015-02-27 11:28 . 2010-06-02 03:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2015-02-27 11:28 . 2010-06-02 03:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2015-02-27 11:28 . 2010-05-26 10:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2015-02-27 11:28 . 2010-05-26 10:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2015-02-27 11:28 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2015-02-27 11:27 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2015-02-27 11:26 . 2014-06-27 23:14 6081224 -c--a-w- c:\program files\Common Files\Windows Live\.cache\8c79fee31cf925d06\onedrivesetup.exe
2015-02-27 11:13 . 2015-01-29 09:49 9041640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{98F25B6F-95D8-4EEC-A2A2-D11EB075B1D5}\mpengine.dll
2015-02-23 13:08 . 2015-01-09 02:48 76800 ----a-w- c:\windows\system32\wdi.dll
2015-02-23 13:08 . 2015-01-09 02:48 635904 ----a-w- c:\windows\system32\perftrack.dll
2015-02-23 13:08 . 2015-01-09 02:48 27136 ----a-w- c:\windows\system32\powertracker.dll
2015-02-23 13:01 . 2015-03-23 19:23 -------- d-----w- c:\windows\ComodoVirtualDrives
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-03-24 13:34 . 2014-09-20 13:43 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-02-22 12:27 . 2015-02-22 12:27 348160 ----a-w- c:\windows\system32\msvcr71.dll
2015-02-22 12:27 . 2015-02-22 12:27 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2015-02-22 12:27 . 2015-02-22 12:27 1060864 ----a-w- c:\windows\system32\mfc71.dll
2015-02-17 15:27 . 2015-02-17 15:27 77528 ----a-w- c:\windows\system32\RtNicProp32.dll
2015-02-17 15:27 . 2015-02-17 15:27 679128 ----a-w- c:\windows\system32\drivers\Rt86win7.sys
2015-02-17 15:27 . 2014-06-26 22:23 102104 ----a-w- c:\windows\system32\RTNUninst32.dll
2015-02-17 15:04 . 2015-02-17 15:04 1202848 ----a-w- c:\windows\system32\FM20.DLL
2015-02-12 18:57 . 2015-02-12 18:57 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2015-02-05 17:05 . 2014-07-06 11:24 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-02-05 17:05 . 2014-07-06 11:24 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-02-04 02:54 . 2015-02-11 13:07 482304 ----a-w- c:\windows\system32\generaltel.dll
2015-02-04 02:53 . 2015-02-11 13:07 621056 ----a-w- c:\windows\system32\invagent.dll
2015-02-04 02:53 . 2015-02-11 13:07 325632 ----a-w- c:\windows\system32\devinv.dll
2015-02-04 02:53 . 2015-02-11 13:07 767488 ----a-w- c:\windows\system32\appraiser.dll
2015-02-04 02:53 . 2015-02-11 13:07 202752 ----a-w- c:\windows\system32\aepdu.dll
2015-02-04 02:53 . 2015-02-11 13:07 159744 ----a-w- c:\windows\system32\aepic.dll
2015-02-04 02:49 . 2015-02-11 13:07 886784 ----a-w- c:\windows\system32\aeinv.dll
2015-02-01 09:03 . 2015-02-01 09:03 114904 ----a-w- c:\windows\system32\drivers\79A97811.sys
2015-01-28 13:06 . 2015-01-28 12:58 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-01-27 23:36 . 2015-02-11 13:07 1167520 ----a-w- c:\windows\system32\aitstatic.exe
2015-01-20 11:41 . 2015-01-20 11:41 114904 ----a-w- c:\windows\system32\drivers\168C478D.sys
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2015-02-27 11:26 223432 ----a-w- c:\users\Rino\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2015-02-27 11:26 223432 ----a-w- c:\users\Rino\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2015-02-27 11:26 223432 ----a-w- c:\users\Rino\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\COSDriveIconOverlay]
@="{5FDACB62-6B7B-4116-9403-C5E0D3852A57}"
[HKEY_CLASSES_ROOT\CLSID\{5FDACB62-6B7B-4116-9403-C5E0D3852A57}]
2014-10-07 11:14 6153920 ----a-w- c:\program files\COMODO\COMMON\ShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\COSSyncItemInSyncIconOverlay]
@="{68F287EF-DA6D-4595-AF52-90FF6CE52AFE}"
[HKEY_CLASSES_ROOT\CLSID\{68F287EF-DA6D-4595-AF52-90FF6CE52AFE}]
2014-10-07 11:14 6153920 ----a-w- c:\program files\COMODO\COMMON\ShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\COSSyncItemModifiedIconOverlay]
@="{AE67D273-7253-4236-B55E-D40055B305D6}"
[HKEY_CLASSES_ROOT\CLSID\{AE67D273-7253-4236-B55E-D40055B305D6}]
2014-10-07 11:14 6153920 ----a-w- c:\program files\COMODO\COMMON\ShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\COSSyncItemNewIconOverlay]
@="{022F23E9-DA0F-4A86-A728-CAF6150C0B63}"
[HKEY_CLASSES_ROOT\CLSID\{022F23E9-DA0F-4A86-A728-CAF6150C0B63}]
2014-10-07 11:14 6153920 ----a-w- c:\program files\COMODO\COMMON\ShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\COSSyncItemUnsynchronizedIconOverlay]
@="{4D7EE7CF-E7A1-45FE-8F80-3A37574918D7}"
[HKEY_CLASSES_ROOT\CLSID\{4D7EE7CF-E7A1-45FE-8F80-3A37574918D7}]
2014-10-07 11:14 6153920 ----a-w- c:\program files\COMODO\COMMON\ShellExtension.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Vid"="c:\program files\Logitech\Logitech Vid\vid.exe" [2009-07-16 5458704]
"COS"="c:\program files\COMODO\cCloud\cCloud.exe" [2014-09-03 6845104]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ScanRnServer"="c:\program files\Laryon\ScanRn\ScanRnServer.exe" [2014-10-26 834560]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"Avira Systray"="c:\program files\Avira\My Avira\Avira.OE.Systray.exe" [2015-02-12 127792]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2015-03-19 704512]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2014-06-29 280576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2014-11-28 591576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 16:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
2000-01-01 00:00 6667992 ----a-w- c:\program files\Realtek\Audio\HDA\RtkNGUI.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2014-07-24 16:26 21650016 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
2010-11-11 11:55 159472 ----a-w- c:\program files\Zune\ZuneLauncher.exe
.
R2 oftzsvc;Offertz Service; [x]
R2 oftzupd;Offertz Upd; [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2014-04-03 315008]
R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [2014-07-01 30504]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-02-20 102912]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [2014-10-22 13464]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2014-06-27 1343400]
S0 bdisk;COMODO Disk Raw Access Filter;c:\windows\system32\drivers\bdisk.sys [2014-10-07 78816]
S0 CBUfs;CBUfs;c:\windows\system32\drivers\CBUFS.sys [2014-10-07 278240]
S0 cbvd;COMODO Encrypted Virtual Disk;c:\windows\system32\DRIVERS\cbvd.sys [2014-10-07 572040]
S0 reparse;reparse;c:\windows\system32\DRIVERS\cbreparse.sys [2014-10-07 574368]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2014-11-24 37352]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2015-03-19 432888]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files\Avira\My Avira\Avira.OE.ServiceHost.exe [2015-02-12 184056]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
S2 COSService.exe;COMODO Online Storage Service;c:\program files\COMODO\COMMON\COSService.exe [2014-10-07 3087040]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files\Hi-Rez Studios\HiPatchService.exe [2015-03-12 9216]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe [2014-10-01 281488]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-02 458464]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-07 161560]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-21 1871160]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-21 969016]
S2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [2013-07-26 196624]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\PSIA.exe [2014-11-28 1363160]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [2014-11-28 765144]
S2 SynchronizationService.exe;COMODO BackUp Service;c:\program files\COMODO\COMMON\SynchronizationService.exe [2014-10-07 2796736]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-07 363800]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-11-21 23256]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2015-03-24 114904]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2014-11-21 51928]
S3 MEI;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\TeeDriver.sys [2013-12-09 86488]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_x86.sys [2014-11-28 16024]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2015-02-17 679128]
S3 vdbus;Virtual Disk Bus Enumerator;c:\windows\system32\DRIVERS\vdbus.sys [2014-10-07 718056]
.
.
Contenuto della cartella 'Scheduled Tasks'
.
2015-03-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-06 17:05]
.
2015-03-24 c:\windows\Tasks\Wise Care 365.job
- c:\program files\Wise\Wise Care 365\WiseTray.exe [2015-02-21 17:07]
.
2015-03-23 c:\windows\Tasks\Wise Turbo Checker.job
- c:\program files\Wise\Wise Care 365\WiseTurbo.exe [2015-02-21 16:49]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.com
mStart Page = about:blank
TCP: DhcpNameServer = 91.194.254.105 8.8.8.8
TCP: Interfaces\{6F98DAF5-03A2-49FA-A234-7A388D11ED59}: NameServer = 8.8.8.8
FF - ProfilePath - c:\users\Rino\AppData\Roaming\Mozilla\Firefox\Profiles\s271mslp.default-1418574013390\
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
ShellIconOverlayIdentifiers-{014F27E2-6D75-4E42-A0E9-2A2C68498AFA} - (no file)
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'Explorer.exe'(6960)
c:\program files\COMODO\COMMON\ShellExtension.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\system32\taskhost.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\windows\system32\msiexec.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Malwarebytes Anti-Malware\mbam.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\igfxEM.exe
c:\windows\system32\igfxHK.exe
c:\windows\system32\igfxTray.exe
c:\windows\system32\conhost.exe
c:\program files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Ora fine scansione: 2015-03-24 14:39:29 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2015-03-24 13:39
.
Pre-Run: 441.795.735.552 byte disponibili
Post-Run: 441.052.512.256 byte disponibili
.
- - End Of File - - E60138B16C10C76418425F7A3C015B9B
A36C5E4F47E84449FF07ED3517B43A31
rino86
Utente Junior
 
Post: 88
Iscritto il: 21/10/14 13:28

Precedente

Torna a Sicurezza e Privacy


Topic correlati a "DNSChanger + comparsa di pagine pornografiche":

consumo pagine web
Autore: nikita75
Forum: Software Windows
Risposte: 4

Chi c’è in linea

Visitano il forum: Nessuno e 8 ospiti