Chrome aiuto pubblicità si apre da sola Chiuso

Question

Ciao, non so più che fare con il mio computer...ho windows 7...chrome ed explorer ...ma uso sempre chrome...appena apro internet mi continuano ad aprirsi pagine pubblicitarie sia da explorer cme
Sia da chrome...ho fatto scansione con avg..due minacce eliminate...con malwarebytes.. eliminate anche qull...con OTl...mi sn usciti due report...nn so che fare!

Configurazione: iPhone / Safari 4.0

Casamarce · Answer

Ciao,
 hai un ad blocker? Qui per chrome: http://it.ccm.net/download/scaricare-102-google-chrome

Se la cosa continua prova a seguire queste guide : 
* http://it.ccm.net/faq/2203-come-togliere-awesomehp 
* http://it.ccm.net/faq/1767-ripristina-il-browser#q=resettare+browser&cur=1&url=%2F

Fammi sapere se hai risolto...
Ciau =)

lallina · Answer

devi scaricare chrome??perche' ce lo già....

l'embrouille 75 · Answer

Ciao,
Scarica l'applicazione AD BLOCK PLUS nel Google store .
Si il problema di pagina di pub e ancora presente, scarica ADW Cleaner=>
  https://it.ccm.net/download/scaricare-2337-adwcleaner

Avviarlo e scegliere l'opzione "Scan" poi "Delete".
Posta i report qui. 
Si tu hai ancora i report di Malware bytes,posta lo qui.
 
Ubuntu 13.04 Firefox 21/ Magela 3 Opera 12.15

lallina · Answer

allora AD BLOCK PLUS installato ma si aprono ancora pagine da explorer...
e da chrome anche!
comunque ho i report li ho di OTL...MALWAREBYTES E ADWCLEANER ma non so come postarli qui ... :))

lallina1 · Answer

OTL REPORT OTL logfile created on: 09/03/2014 15:03:50 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mamma e Papa\Downloads Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16798) Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy 1013,10 Mb Total Physical Memory | 184,66 Mb Available Physical Memory | 18,23% Memory free 1,99 Gb Paging File | 0,92 Gb Available in Paging File | 46,24% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 219,79 Gb Total Space | 142,73 Gb Free Space | 64,94% Space Free | Partition Type: NTFS Computer Name: CRISTIAN-PC | User Name: Cristian | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (SafeList) ==========/color PRC - C:\Users\Mamma e Papa\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Programmi\GrabRez\updateGrabRez.exe () PRC - C:\Programmi\GrabRez\bin\utilGrabRez.exe () PRC - C:\Programmi\WinZipper\winzipersvc.exe (Taiwan Shui Mu Chih Ching Technology Limited.) PRC - C:\ProgramData\WPM\wprotectmanager.exe (Cherished Technololgy LIMITED) PRC - C:\Programmi\lsm\LSM.exe (MS) PRC - C:\Programmi\Fortunitas\updateFortunitas.exe () PRC - C:\ProgramData\IePluginService\PluginService.exe (Cherished Technololgy LIMITED) PRC - C:\Programmi\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Programmi\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Programmi\AVG\AVG2013\avgnsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Programmi\AVG\AVG2013\avgemcx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation) PRC - C:\Programmi\lsm\aus.exe (MS) PRC - C:\Programmi\AVG\AVG2013\avgcsrvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Programmi\AVG\AVG2013\avgrsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Programmi\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Programmi\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Programmi\Zune\ZuneLauncher.exe (Microsoft Corporation) PRC - C:\Programmi\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.) PRC - C:\Programmi\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programmi\Launch Manager\dsiwmis.exe (Dritek System Inc.) PRC - C:\Programmi\Launch Manager\LMworker.exe (Dritek System Inc.) PRC - C:\Programmi\Launch Manager\LManager.exe (Dritek System Inc.) PRC - C:\Programmi\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) PRC - C:\Programmi\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.) PRC - C:\Programmi\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated) PRC - C:\Programmi\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated) PRC - C:\Programmi\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) PRC - C:\Programmi\Acer\Acer ePower Management\ePowerEvent.exe (Acer Incorporated) PRC - C:\Programmi\Acer\Acer VCM\RS_Service.exe (Acer Incorporated) PRC - C:\Programmi\Acer\Acer Updater\UpdaterService.exe (Acer Group) PRC - C:\Programmi\Acer\Registration\GREGsvc.exe (Acer Incorporated) PRC - C:\Programmi\Elantech\ETDCtrlHelper.exe (ELAN Microelectronic Corp.) PRC - C:\Programmi\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.) PRC - C:\Programmi\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Programmi\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) [color=#E56717]========== Modules (No Company Name) ==========/color MOD - C:\Programmi\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Programmi\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Programmi\Launch Manager\CdDirIo.dll () [color=#E56717]========== Services (SafeList) ==========/color SRV - (Update GrabRez) -- C:\Programmi\GrabRez\updateGrabRez.exe () SRV - (Util GrabRez) -- C:\Programmi\GrabRez\bin\utilGrabRez.exe () SRV - (winzipersvc) -- C:\Programmi\WinZipper\winzipersvc.exe (Taiwan Shui Mu Chih Ching Technology Limited.) SRV - (Wpm) -- C:\ProgramData\WPM\wprotectmanager.exe (Cherished Technololgy LIMITED) SRV - (Log S.M.) -- C:\Programmi\lsm\LSM.exe (MS) SRV - (Update Fortunitas) -- C:\Programmi\Fortunitas\updateFortunitas.exe () SRV - (IePluginService) -- C:\ProgramData\IePluginService\PluginService.exe (Cherished Technololgy LIMITED) SRV - (BackupStack) -- C:\Programmi\MyPC Backup\BackupStack.exe (Just Develop It) SRV - (avgwd) -- C:\Programmi\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (AUS) -- C:\Programmi\lsm\aus.exe (MS) SRV - (AVGIDSAgent) -- C:\Programmi\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.) SRV - (WinDefend) -- C:\Programmi\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (MBAMService) -- C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Programmi\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (SoftwareUpd) -- C:\Users\Cristian\AppData\Local\SoftwareUpdater\SoftwareUpdService.exe (SoftwareUpdService) SRV - (ZuneWlanCfgSvc) -- C:\Programmi\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation) SRV - (WMZuneComm) -- C:\Programmi\Zune\WMZuneComm.exe (Microsoft Corporation) SRV - (ZuneNetworkSvc) -- C:\Programmi\Zune\ZuneNss.exe (Microsoft Corporation) SRV - (wlidsvc) -- C:\Programmi\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (WMPNetworkSvc) -- C:\Programmi\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (DsiWMIService) -- C:\Programmi\Launch Manager\dsiwmis.exe (Dritek System Inc.) SRV - (ePowerSvc) -- C:\Programmi\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated) SRV - (RS_Service) -- C:\Programmi\Acer\Acer VCM\RS_Service.exe (Acer Incorporated) SRV - (Updater Service) -- C:\Programmi\Acer\Acer Updater\UpdaterService.exe (Acer Group) SRV - (GREGService) -- C:\Programmi\Acer\Registration\GREGsvc.exe (Acer Incorporated) SRV - (IAANTMON) -- C:\Programmi\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) [color=#E56717]========== Driver Services (SafeList) ==========/color DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o.) DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o.) DRV - (Avgrkx86) -- C:\Windows\System32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.) DRV - (Avglogx) -- C:\Windows\System32\drivers\avglogx.sys (AVG Technologies CZ, s.r.o.) DRV - (AVGIDSHX) -- C:\Windows\System32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o.) DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.) DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.) DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.) DRV - (ssadmdm) -- C:\Windows\System32\drivers\ssadmdm.sys (MCCI Corporation) DRV - (ssadbus) -- C:\Windows\System32\drivers\ssadbus.sys (MCCI Corporation) DRV - (ssadserd) -- C:\Windows\System32\drivers\ssadserd.sys (MCCI Corporation) DRV - (ssadmdfl) -- C:\Windows\System32\drivers\ssadmdfl.sys (MCCI Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (L1C) -- C:\Windows\System32\drivers\L1C62x86.sys (Atheros Communications, Inc.) DRV - (EUCR) -- C:\Windows\System32\drivers\EUCR6SK.sys (ENE Technology Inc.) DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation) DRV - (ewusbnet) -- C:\Windows\System32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.) DRV - (hwusbfake) -- C:\Windows\System32\drivers\ewusbfake.sys (Huawei Technologies Co., Ltd.) DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) [color=#E56717]========== Standard Registry (SafeList) ==========/color [color=#E56717]========== Internet Explorer ==========/color IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=1393009738&from=tugs&uid=HitachiXHTS545025B9A300_101010PBN204CSDDK12TX IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/webhp?gws_rd=ssl{searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/webhp?gws_rd=ssl{searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp.com/?type=hp&ts=1393009738&from=tugs&uid=HitachiXHTS545025B9A300_101010PBN204CSDDK12TX IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = https://search.safefinder.com/?st=ds&q={searchTerms}&installDate=06/04/2013 IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = https://www.google.com/webhp?gws_rd=ssl{searchTerms} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1086111630-753300148-929318756-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=1393009738&from=tugs&uid=HitachiXHTS545025B9A300_101010PBN204CSDDK12TX IE - HKU\S-1-5-21-1086111630-753300148-929318756-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://search.safefinder.com/?st=ds&q={searchTerms}&installDate=06/04/2013 IE - HKU\S-1-5-21-1086111630-753300148-929318756-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://search.safefinder.com/?st=ds&q={searchTerms}&installDate=06/04/2013 IE - HKU\S-1-5-21-1086111630-753300148-929318756-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [String data over 1000 bytes] IE - HKU\S-1-5-21-1086111630-753300148-929318756-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = https://search.safefinder.com/?st=ds&q={searchTerms}&installDate=06/04/2013 IE - HKU\S-1-5-21-1086111630-753300148-929318756-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://search.safefinder.com/?st=ds&q={searchTerms}&installDate=06/04/2013 IE - HKU\S-1-5-21-1086111630-753300148-929318756-1000\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found IE - HKU\S-1-5-21-1086111630-753300148-929318756-1000\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE - HKU\S-1-5-21-1086111630-753300148-929318756-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKU\S-1-5-21-1086111630-753300148-929318756-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = https://www.google.com/webhp?gws_rd=ssl{searchTerms} IE - HKU\S-1-5-21-1086111630-753300148-929318756-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1086111630-753300148-929318756-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-21-1086111630-753300148-929318756-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0410&m=aod260&r=27b50111r125l04c4ww35w4862u266 IE - HKU\S-1-5-21-1086111630-753300148-929318756-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://search.safefinder.com/?st=ds&q={searchTerms}&installDate=06/04/2013 IE - HKU\S-1-5-21-1086111630-753300148-929318756-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://search.safefinder.com/?st=ds&q={searchTerms}&installDate=06/04/2013 IE - HKU\S-1-5-21-1086111630-753300148-929318756-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.it/?gws_rd=ssl IE - HKU\S-1-5-21-1086111630-753300148-929318756-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = https://search.safefinder.com/?st=ds&q={searchTerms}&installDate=06/04/2013 IE - HKU\S-1-5-21-1086111630-753300148-929318756-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://search.safefinder.com/?st=ds&q={searchTerms}&installDate=06/04/2013 IE - HKU\S-1-5-21-1086111630-753300148-929318756-1001\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKU\S-1-5-21-1086111630-753300148-929318756-1001\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = https://search.safefinder.com/?st=ds&q={searchTerms}&installDate=06/04/2013 IE - HKU\S-1-5-21-1086111630-753300148-929318756-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKU\S-1-5-21-1086111630-753300148-929318756-1001\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = https://www.google.com/webhp?sourceid=ie7&gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW IE - HKU\S-1-5-21-1086111630-753300148-929318756-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW_itIT414 IE - HKU\S-1-5-21-1086111630-753300148-929318756-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========/color FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Cristian\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) [2013/07/16 12:16:54 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\extensions [color=#E56717]========== Chrome ==========/color CHR - default_search_provider: delta-homes (Enabled) CHR - default_search_provider: search_url = https://www.google.com/webhp?gws_rd=ssl{searchTerms} CHR - default_search_provider: suggest_url = , CHR - homepage: http://www.isearch123.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=HitachiXHTS545025B9A300_101010PBN204CSDDK12TX&ts=1393462027 CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\33.0.1750.146\pdf.dll CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Cristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: Windows Live Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Cristian\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - Extension: New Tab Page = C:\Users\Cristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\ CHR - Extension: DealPly = C:\Users\Cristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.9.7.9_0\ CHR - Extension: Lightning Newtab = C:\Users\Cristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\1.1.8.5_0\ CHR - Extension: MediaPlayerEnhance = C:\Users\Cristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\crossrider CHR - Extension: MediaPlayerEnhance = C:\Users\Cristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\ CHR - Extension: Skype Click to Call = C:\Users\Cristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.0.14735.1561_0\ CHR - Extension: Helper extension = C:\Users\Cristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nchpfiddbhbdnagofhkjlaiaejmkdcla\2.0_0\ CHR - Extension: Google Wallet = C:\Users\Cristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\ CHR - Extension: Extended Protection = C:\Users\Cristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo\1.4.1_0\ CHR - Extension: Quick Start = C:\Users\Cristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.5_0\ O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (IETabPage Class) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Programmi\SupTab\SupTab.dll (Thinknice Co. Limited) O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found. O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programmi\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Fortunitas) - {c6f3fc7b-d607-44ec-9caf-2a41d547137f} - C:\Programmi\Fortunitas\FortunitasBHO.dll (Fortunitas) O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-1086111630-753300148-929318756-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-21-1086111630-753300148-929318756-1000\..\Toolbar\WebBrowser: (no name) - {2C965F3F-8EFD-4BFC-A2C5-1672845FDBBF} - No CLSID value found. O3 - HKU\S-1-5-21-1086111630-753300148-929318756-1000\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found. O3 - HKU\S-1-5-21-1086111630-753300148-929318756-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKU\S-1-5-21-1086111630-753300148-929318756-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-21-1086111630-753300148-929318756-1001\..\Toolbar\WebBrowser: (no name) - {2C965F3F-8EFD-4BFC-A2C5-1672845FDBBF} - No CLSID value found. O3 - HKU\S-1-5-21-1086111630-753300148-929318756-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [Acer ePower Management] C:\Programmi\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [EgisUpdate] C:\Program Files\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [ETDWare] C:\Programmi\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.) O4 - HKLM..\Run: [IAAnotif] C:\Programmi\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [LManager] C:\Programmi\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [SuiteTray] C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) O4 - HKLM..\Run: [tuto4pc_it_8] File not found O4 - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1086111630-753300148-929318756-1000..\Run: [Facebook Update] C:\Users\Cristian\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKU\S-1-5-21-1086111630-753300148-929318756-1000..\Run: [NextLive] C:\Users\Cristian\AppData\Roaming\newnext.me\nengine.dll () O4 - HKU\S-1-5-21-1086111630-753300148-929318756-1000..\Run: [NTRedirect] C:\Users\Cristian\AppData\Roaming\BabSolution\Shared\enhancedNT.dll () O4 - HKU\S-1-5-21-1086111630-753300148-929318756-1001..\Run: [AVG-Secure-Search-Update_0913b] C:\Users\Mamma e Papa\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid bd5ac3fc03cb47d39011cd3c4ecc5c97-f21268d2230c48c7214d45009c1f96c808679e37 --CMPID 0913b File not found O4 - HKU\S-1-5-21-1086111630-753300148-929318756-1001..\Run: [BearShare] "C:\Program Files\BearShare Applications\BearShare\BearShare.exe" --lightmode File not found O4 - HKU\S-1-5-21-1086111630-753300148-929318756-1001..\Run: [Facebook Update] C:\Users\Mamma e Papa\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKU\S-1-5-21-1086111630-753300148-929318756-1001..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" File not found O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKU\.DEFAULT..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation) O4 - HKU\S-1-5-18..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - Startup: C:\Users\Cristian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Programmi\MyPC Backup\MyPC Backup.exe (MyPCBackup.com) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programmi\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programmi\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programmi\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programmi\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{35C67A1F-4B20-466C-903B-C07A8C320834}: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3A4BB6E8-2876-4F3F-9603-685FE9B5C794}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3A4BB6E8-2876-4F3F-9603-685FE9B5C794}: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4077E0E8-45D5-490A-95AE-09FA32B941A6}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4077E0E8-45D5-490A-95AE-09FA32B941A6}: NameServer = 8.8.8.8,8.8.4.4 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programmi\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programmi\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\Acer\Acer VCM\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programmi\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programmi\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{6fd0dbfe-185d-11e2-ad7b-1c750828b564}\Shell - "" = AutoRun O33 - MountPoints2\{6fd0dbfe-185d-11e2-ad7b-1c750828b564}\Shell\AutoRun\command - "" = D:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{81f588f4-1aae-11e2-b5e7-1c750828b564}\Shell - "" = AutoRun O33 - MountPoints2\{81f588f4-1aae-11e2-b5e7-1c750828b564}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a O33 - MountPoints2\{89db194e-366e-11e2-b571-1c750828b564}\Shell - "" = AutoRun O33 - MountPoints2\{89db194e-366e-11e2-b571-1c750828b564}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{a32a7ad7-1229-11e3-800f-1c750828b564}\Shell - "" = AutoRun O33 - MountPoints2\{a32a7ad7-1229-11e3-800f-1c750828b564}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{a32a7aee-1229-11e3-800f-1c750828b564}\Shell - "" = AutoRun O33 - MountPoints2\{a32a7aee-1229-11e3-800f-1c750828b564}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{d23805b0-588b-11e3-bf2d-1c750828b564}\Shell - "" = AutoRun O33 - MountPoints2\{d23805b0-588b-11e3-bf2d-1c750828b564}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{d4d135b3-5860-11e3-8614-1c750828b564}\Shell - "" = AutoRun O33 - MountPoints2\{d4d135b3-5860-11e3-8614-1c750828b564}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{d4d135d4-5860-11e3-8614-1c750828b564}\Shell - "" = AutoRun O33 - MountPoints2\{d4d135d4-5860-11e3-8614-1c750828b564}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\D\Shell - "" = AutoRun O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 60 Days ==========/color [2014/03/09 11:21:24 | 000,000,000 | ---D | C] -- C:\Users\Cristian\AppData\Roaming\Malwarebytes [2014/03/09 11:20:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2014/03/09 11:20:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2014/03/09 11:20:40 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2014/03/09 11:20:39 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2014/03/08 20:05:57 | 000,000,000 | ---D | C] -- C:\Users\Cristian\AppData\Local\{6793AC6D-C9FF-4DE4-990E-797C1CA75335} [2014/03/03 12:59:16 | 000,000,000 | ---D | C] -- C:\Users\Cristian\AppData\Local\{B1046C27-946D-422E-BCA8-88B12DC5FF20} [2014/03/02 18:32:06 | 000,000,000 | ---D | C] -- C:\Users\Cristian\AppData\Local\{A881BD22-95AF-4A0C-9544-E15F97B5EFF8} [2014/02/27 01:48:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper [2014/02/27 01:48:30 | 000,000,000 | ---D | C] -- C:\Users\Cristian\AppData\Roaming\WinZipper [2014/02/27 01:42:11 | 000,000,000 | ---D | C] -- C:\Users\Cristian\AppData\Local\{9ECF7E22-8724-4C0F-8EB9-F1B197371B2F} [2014/02/26 06:21:03 | 000,000,000 | ---D | C] -- C:\Windows\Migration [2014/02/25 12:52:16 | 000,000,000 | ---D | C] -- C:\Users\Cristian\AppData\Local\{F3D97F80-0B89-44E9-82FF-B49EE9F40916} [2014/02/23 19:42:34 | 000,052,920 | ---- | C] (StdLib) -- C:\Windows\System32\drivers\wStLibG.sys [2014/02/22 00:59:34 | 000,000,000 | ---D | C] -- C:\Users\Cristian\AppData\Local\BeamriseUninstall [2014/02/22 00:55:36 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2014/02/22 00:51:49 | 000,000,000 | ---D | C] -- C:\Users\Cristian\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl [2014/02/22 00:50:31 | 000,000,000 | ---D | C] -- C:\Program Files\GrabRez [2014/02/22 00:47:03 | 000,000,000 | ---D | C] -- C:\Program Files\hdvidcodec.com [2014/02/21 20:16:30 | 000,000,000 | ---D | C] -- C:\Users\Cristian\.android [2014/02/21 20:16:20 | 000,000,000 | ---D | C] -- C:\Users\Cristian\AppData\Local\cache [2014/02/21 20:15:30 | 000,000,000 | ---D | C] -- C:\Users\Cristian\AppData\Roaming\newnext.me [2014/02/21 20:15:29 | 000,000,000 | ---D | C] -- C:\Program Files\Fortunitas [2014/02/21 20:15:21 | 000,000,000 | ---D | C] -- C:\Users\Cristian\AppData\Local\genienext [2014/02/21 20:14:55 | 000,000,000 | ---D | C] -- C:\Users\Cristian\Documents\Mobogenie [2014/02/21 20:14:55 | 000,000,000 | ---D | C] -- C:\Users\Cristian\AppData\Local\Mobogenie [2014/02/21 20:14:40 | 000,000,000 | ---D | C] -- C:\Users\Cristian\AppData\Local\SwvUpdater [2014/02/21 20:12:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue [2014/02/21 20:12:10 | 000,000,000 | ---D | C] -- C:\ProgramData\IePluginService [2014/02/21 20:11:34 | 000,000,000 | ---D | C] -- C:\Users\Cristian\AppData\Roaming\SupTab [2014/02/21 20:11:18 | 000,000,000 | ---D | C] -- C:\Users\Cristian\AppData\Roaming\Uniblue [2014/02/21 20:11:18 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue [2014/02/21 20:11:12 | 000,000,000 | ---D | C] -- C:\Program Files\SupTab [2014/02/21 20:10:53 | 000,000,000 | ---D | C] -- C:\Users\Cristian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup [2014/02/21 20:10:49 | 000,000,000 | ---D | C] -- C:\ProgramData\WPM [2014/02/21 20:10:35 | 000,000,000 | ---D | C] -- C:\Program Files\MyPC Backup [2014/02/21 20:10:26 | 000,000,000 | ---D | C] -- C:\Program Files\MediaPlayerEnhance [2014/02/21 20:09:46 | 000,000,000 | ---D | C] -- C:\Program Files\Mobogenie [2014/02/21 20:09:36 | 000,000,000 | ---D | C] -- C:\Users\Cristian\AppData\Roaming\awesomehp [2014/02/21 20:07:00 | 000,000,000 | ---D | C] -- C:\Users\Cristian\AppData\Local\SearchProtect [2014/02/18 13:25:58 | 000,000,000 | ---D | C] -- C:\Users\Cristian\AppData\Local\{3D07C38A-B49E-4D0F-9BA4-10A92DEB8398} [2014/02/15 19:24:49 | 000,000,000 | ---D | C] -- C:\Users\Cristian\AppData\Local\{6D256F54-DC42-4AD6-9ECC-97B95F03D362} [2014/02/14 13:17:00 | 000,000,000 | ---D | C] -- C:\Users\Cristian\AppData\Local\{AA2E7E1E-9A95-455C-A0DE-8CC7118DAE4F} [2014/02/13 03:07:27 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2014/02/13 03:07:19 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2014/02/13 03:07:07 | 002,877,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2014/02/13 03:07:01 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2014/02/13 03:06:53 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2014/02/13 03:06:46 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2014/02/13 03:06:37 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2014/02/13 03:06:36 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2014/02/13 03:06:36 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2014/02/13 03:06:35 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2014/02/13 03:06:35 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2014/02/13 02:25:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll [2014/02/13 02:25:16 | 001,987,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2014/02/13 02:25:15 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2014/02/13 02:25:12 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe [2014/02/13 02:25:12 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe [2014/02/13 02:25:12 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe [2014/02/13 02:25:12 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe [2014/02/13 02:25:11 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll [2014/02/13 02:25:11 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll [2014/02/13 02:25:11 | 000,390,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll [2014/02/13 02:25:11 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll [2014/02/13 02:25:11 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll [2014/02/11 14:43:47 | 000,000,000 | ---D | C] -- C:\Users\Cristian\AppData\Local\{F92DE543-CFDB-482E-A722-0DA689A4FB7B} [2014/02/08 19:52:47 | 000,000,000 | ---D | C] -- C:\Users\Cristian\AppData\Local\{F1A015EF-7656-43D7-8100-A816AD0FA10A} [2014/02/08 14:19:41 | 000,000,000 | ---D | C] -- C:\Users\Cristian\AppData\Local\{A2FC1813-59B5-4F08-B713-5498D3E2CA45} [2014/02/06 19:23:19 | 000,000,000 | ---D | C] -- C:\Users\Cristian\AppData\Local\{4DDCA226-D7D4-4A6E-AD4F-2F0EBF38D3A4} [2014/02/06 14:16:20 | 000,000,000 | ---D | C] -- C:\Users\Cristian\AppData\Local\{6C0B67E2-3491-495C-97C6-4F34F3C6F528} [2014/01/22 20:22:09 | 000,000,000 | ---D | C] -- C:\Users\Cristian\AppData\Local\{4615C4CF-DEF5-4E8E-9618-5A7914584875} [2014/01/18 19:13:50 | 000,000,000 | ---D | C] -- C:\Users\Cristian\AppData\Local\{85068573-E701-4817-B84F-E56C0E5F3FBD} [2014/01/16 01:50:30 | 002,349,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2014/01/16 01:50:26 | 000,240,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys [2014/01/16 01:50:19 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys [2014/01/16 01:50:18 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys [2014/01/11 19:46:19 | 000,000,000 | ---D | C] -- C:\Users\Cristian\AppData\Local\{CA65F0B2-46FE-4BA0-B0B6-26D0A007B187} [2014/01/10 15:28:45 | 000,000,000 | ---D | C] -- C:\Users\Cristian\AppData\Local\{D0755AA3-B23A-4521-AF36-C64FBBC6F206} [2014/01/09 12:47:11 | 000,000,000 | ---D | C] -- C:\Users\Cristian\AppData\Local\{86E2284A-5D68-48F2-AA2B-2BE90050F3CC} [color=#E56717]========== Files - Modified Within 60 Days ==========/color [2014/03/09 15:09:15 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014/03/09 15:09:15 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014/03/09 15:03:00 | 000,000,368 | ---- | M] () -- C:\Windows\tasks\AmiUpdXp.job [2014/03/09 15:01:10 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014/03/09 15:01:05 | 000,003,114 | ---- | M] () -- C:\Windows\tasks\MediaPlayerEnhance-chromeinstaller.job [2014/03/09 15:01:05 | 000,002,388 | ---- | M] () -- C:\Windows\tasks\MediaPlayerEnhance-firefoxinstaller.job [2014/03/09 15:01:05 | 000,001,556 | ---- | M] () -- C:\Windows\tasks\MediaPlayerEnhance-codedownloader.job [2014/03/09 15:01:05 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\SpeedUpMyPC Startup.job [2014/03/09 15:00:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014/03/09 15:00:40 | 796,733,440 | -HS- | M] () -- C:\hiberfil.sys [2014/03/09 14:33:07 | 000,001,138 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014/03/09 14:10:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1086111630-753300148-929318756-1000UA.job [2014/03/09 14:10:00 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1086111630-753300148-929318756-1000Core.job [2014/03/09 14:07:07 | 000,001,206 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1086111630-753300148-929318756-1001UA.job [2014/03/09 14:00:00 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\SpeedUpMyPC Maintenance.job [2014/03/09 11:20:51 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2014/03/08 21:01:17 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2014/03/08 21:01:17 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2014/03/08 20:07:00 | 000,001,184 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1086111630-753300148-929318756-1001Core.job [2014/02/28 20:11:33 | 000,744,268 | ---- | M] () -- C:\Windows\System32\perfh010.dat [2014/02/28 20:11:33 | 000,657,096 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2014/02/28 20:11:33 | 000,148,888 | ---- | M] () -- C:\Windows\System32\perfc010.dat [2014/02/28 20:11:33 | 000,123,566 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2014/02/23 19:42:34 | 000,052,920 | ---- | M] (StdLib) -- C:\Windows\System32\drivers\wStLibG.sys [2014/02/21 20:20:54 | 000,001,358 | ---- | M] () -- C:\Windows\tasks\MediaPlayerEnhance-enabler.job [2014/02/21 20:14:43 | 000,001,919 | ---- | M] () -- C:\Users\Cristian\Desktop\Sync Folder.lnk [2014/02/21 20:10:58 | 000,001,059 | ---- | M] () -- C:\Users\Cristian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk [2014/02/21 20:10:57 | 000,001,049 | ---- | M] () -- C:\Users\Cristian\Desktop\MyPC Backup.lnk [2014/02/21 20:09:26 | 000,002,421 | ---- | M] () -- C:\Users\Cristian\Desktop\Google Chrome.lnk [2014/02/21 20:07:10 | 000,000,000 | ---- | M] () -- C:\end [2014/02/01 08:58:43 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2014/02/01 08:57:39 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2014/02/01 08:57:35 | 000,493,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2014/02/01 08:57:20 | 002,877,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2014/02/01 08:57:20 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2014/02/01 08:57:16 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2014/02/01 08:57:16 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2014/02/01 08:57:16 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2014/02/01 08:57:16 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2014/02/01 08:34:53 | 002,706,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2014/02/01 07:38:03 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2014/01/16 20:45:50 | 000,268,144 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [color=#E56717]========== Files Created - No Company Name ==========/color [2014/03/09 11:20:51 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2014/02/21 20:17:54 | 000,001,358 | ---- | C] () -- C:\Windows\tasks\MediaPlayerEnhance-enabler.job [2014/02/21 20:16:37 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\SpeedUpMyPC Maintenance.job [2014/02/21 20:15:53 | 000,001,556 | ---- | C] () -- C:\Windows\tasks\MediaPlayerEnhance-codedownloader.job [2014/02/21 20:14:53 | 000,000,266 | ---- | C] () -- C:\Windows\tasks\SpeedUpMyPC Startup.job [2014/02/21 20:14:52 | 000,000,368 | ---- | C] () -- C:\Windows\tasks\AmiUpdXp.job [2014/02/21 20:14:43 | 000,001,919 | ---- | C] () -- C:\Users\Cristian\Desktop\Sync Folder.lnk [2014/02/21 20:12:11 | 000,002,388 | ---- | C] () -- C:\Windows\tasks\MediaPlayerEnhance-firefoxinstaller.job [2014/02/21 20:10:58 | 000,001,059 | ---- | C] () -- C:\Users\Cristian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk [2014/02/21 20:10:57 | 000,001,049 | ---- | C] () -- C:\Users\Cristian\Desktop\MyPC Backup.lnk [2014/02/21 20:10:44 | 000,003,114 | ---- | C] () -- C:\Windows\tasks\MediaPlayerEnhance-chromeinstaller.job [2013/11/25 20:57:20 | 000,000,317 | ---- | C] () -- C:\Windows\wininit.ini [2013/09/10 18:23:00 | 000,268,144 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2013/02/07 13:58:06 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI [2010/05/19 10:26:45 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe [color=#E56717]========== ZeroAccess Check ==========/color [2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========/color [2013/08/25 20:11:21 | 000,000,000 | ---D | M] -- C:\Users\Cristian\AppData\Roaming\AVG2013 [2014/02/21 20:09:42 | 000,000,000 | ---D | M] -- C:\Users\Cristian\AppData\Roaming\awesomehp [2013/07/16 12:17:40 | 000,000,000 | ---D | M] -- C:\Users\Cristian\AppData\Roaming\BabSolution [2012/05/03 12:58:08 | 000,000,000 | ---D | M] -- C:\Users\Cristian\AppData\Roaming\Babylon [2013/03/16 15:06:27 | 000,000,000 | ---D | M] -- C:\Users\Cristian\AppData\Roaming\DealPly [2013/07/16 16:28:41 | 000,000,000 | ---D | M] -- C:\Users\Cristian\AppData\Roaming\eIntaller [2014/02/22 00:51:49 | 000,000,000 | ---D | M] -- C:\Users\Cristian\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl [2013/09/07 11:46:12 | 000,000,000 | ---D | M] -- C:\Users\Cristian\AppData\Roaming\Liteon [2013/08/22 11:21:09 | 000,000,000 | ---D | M] -- C:\Users\Cristian\AppData\Roaming\Movdap [2014/03/03 12:58:55 | 000,000,000 | ---D | M] -- C:\Users\Cristian\AppData\Roaming\newnext.me [2014/02/21 20:11:34 | 000,000,000 | ---D | M] -- C:\Users\Cristian\AppData\Roaming\SupTab [2013/08/25 20:09:44 | 000,000,000 | ---D | M] -- C:\Users\Cristian\AppData\Roaming\TuneUp Software [2014/02/21 20:11:18 | 000,000,000 | ---D | M] -- C:\Users\Cristian\AppData\Roaming\Uniblue [2013/08/12 01:47:15 | 000,000,000 | ---D | M] -- C:\Users\Cristian\AppData\Roaming\Web Cake [2012/12/05 20:48:45 | 000,000,000 | ---D | M] -- C:\Users\Cristian\AppData\Roaming\Windows Live Writer [2014/02/27 01:48:30 | 000,000,000 | ---D | M] -- C:\Users\Cristian\AppData\Roaming\WinZipper [2013/09/15 12:19:12 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software [2013/09/15 12:19:12 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software [2013/08/25 20:11:45 | 000,000,000 | ---D | M] -- C:\Users\Mamma e Papa\AppData\Roaming\AVG2013 [2013/07/16 17:42:53 | 000,000,000 | ---D | M] -- C:\Users\Mamma e Papa\AppData\Roaming\Iminent [color=#E56717]========== Purity Check ==========/color [color=#E56717]========== Alternate Data Streams ==========/color @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:AD022376 < End of report > OTL Extras logfile created on: 09/03/2014 15:03:50 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mamma e Papa\Downloads Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16798) Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy 1013,10 Mb Total Physical Memory | 184,66 Mb Available Physical Memory | 18,23% Memory free 1,99 Gb Paging File | 0,92 Gb Available in Paging File | 46,24% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 219,79 Gb Total Space | 142,73 Gb Free Space | 64,94% Space Free | Partition Type: NTFS Computer Name: CRISTIAN-PC | User Name: Cristian | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========/color [color=#E56717]========== File Associations ==========/color [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [color=#E56717]========== Shell Spawning ==========/color [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========/color [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========/color [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========/color [color=#E56717]========== Vista Active Open Ports Exception List ==========/color [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{5AF3A097-92F6-4E72-A2B2-CBBBA8816503}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{73FE17C1-2A00-4FAD-A20C-9F21182A8BFE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{7A703F27-9987-4B81-88D3-8FD80C5F1D94}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{9ADC8C70-9DF6-47A0-B04E-7CBF93B92077}" = lport=2869 | protocol=6 | dir=in | app=system | [color=#E56717]========== Vista Active Application Exception List ==========/color [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{095FEC9E-2FE0-4ECF-973E-7B6A767A44C5}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{0F98A621-0B38-4280-9777-116F96B3DA3F}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe | "{2DFC4E68-07EB-4C71-B41E-C86A026C6E5A}" = dir=in | app=c:\program files\acer\acer vcm\vc.exe | "{36FF173B-3F10-4F06-8CAD-B9B2923631DC}" = protocol=6 | dir=in | app=c:\users\cristian\appdata\local\beamrise\application\31.0.1650.7639\services\windows-x86-skypekit.exe | "{4148C01F-D9A3-4579-B81C-15F896C0D0A9}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{45B89B65-538D-43E8-94A4-EC540F7AAE18}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{54BB17DA-F7CE-4920-8436-1489279FE618}" = dir=in | app=c:\users\cristian\appdata\local\facebook\video\skype\facebookvideocalling.exe | "{5F6629CA-0952-4611-95EC-629D35824C41}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe | "{7761C8A9-1A03-4EC0-89E9-E5B84F428C88}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe | "{7BCF97BA-0603-4467-A5DB-A61B15B59B18}" = protocol=6 | dir=in | app=c:\users\cristian\appdata\local\beamrise\application\31.0.1650.

l'embrouille 75 · Answer

Ciao,
Posta i report di Maleware e di ADW,i tuoi navigatori sono pieni di adware.

l'embrouille 75 · Answer

Re,
Non hai cancellato  niente !
Deve rifare la scansione con ADW Clicca su scan  quando e finito  clicca su delete
Posta i report qui

l'embrouille 75 · Answer

Re,
Dopo questo,riavia Malware bytes,aggiornalo,e fa una scansione rapida
 Una volta che la scansione è completata, selezionare tutto poi clic su Cancella (Se viene richiesto di riavviare il PC, accettare!)
Posta i report.
 
Ubuntu 13.04 Firefox 21/ Magela 3 Opera 12.15

lallina · Answer

ecco i report di malwarebytes

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.03.12.13

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16844
Mamma e Papa :: CRISTIAN-PC [limited]

Protection: Enabled

13/03/2014 14:00:05
mbam-log-2014-03-13 (14-00-05).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 159159
Time elapsed: 17 minute(s), 18 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 23
HKLM\SYSTEM\CurrentControlSet\Services\Update GrabRez (PUP.Optional.GrabRez.A) -> Delete on reboot.
HKLM\SYSTEM\CurrentControlSet\Services\Update Fortunitas (PUP.Optional.Fortunitas.A) -> Delete on reboot.
HKLM\SYSTEM\CurrentControlSet\Services\Util GrabRez (PUP.Optional.GrabRez.A) -> Delete on reboot.
HKCR\CLSID\{c6f3fc7b-d607-44ec-9caf-2a41d547137f} (PUP.Optional.Fortunitas.A) -> Delete on reboot.
HKCR\TypeLib\{eff4f283-3c8b-4a01-8297-ddc839210b86} (PUP.Optional.Fortunitas.A) -> Delete on reboot.
HKCR\Interface\{94F1FD29-FDC2-4BF9-B008-AFB0452634E6} (PUP.Optional.Fortunitas.A) -> Delete on reboot.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C6F3FC7B-D607-44EC-9CAF-2A41D547137F} (PUP.Optional.Fortunitas.A) -> Delete on reboot.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C6F3FC7B-D607-44EC-9CAF-2A41D547137F} (PUP.Optional.Fortunitas.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C6F3FC7B-D607-44EC-9CAF-2A41D547137F} (PUP.Optional.Fortunitas.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} (PUP.Optional.QuickShare.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MediaPlayerEnhance (PUP.Optional.MediaPlayerEnhance.A) -> Delete on reboot.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GrabRez (PUP.Optional.GrabRez.A) -> Delete on reboot.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Quarantined and deleted successfully.
HKCU\Software\Iminent (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCU\Software\AppDataLow\Software\Crossrider (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
HKCU\Software\AppDataLow\Software\MediaPlayerEnhance (PUP.Optional.MediaPlayerEnhance.A) -> Quarantined and deleted successfully.
HKCU\Software\AppDataLow\Software\PriceGong (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
HKCU\Software\InstalledBrowserExtensions\installdaddy (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\BPROTECTSETTINGS (PUP.Optional.BProtector.A) -> Quarantined and deleted successfully.
HKLM\Software\awesomehpSoftware (PUP.Optional.Awesomehp.A) -> Delete on reboot.
HKLM\Software\Fortunitas (PUP.Optional.Fortunitas.A) -> Delete on reboot.
HKLM\Software\GrabRez (PUP.Optional.GrabRez.A) -> Delete on reboot.
HKLM\Software\MediaPlayerEnhance (PUP.Optional.MediaPlayerEnhance.A) -> Delete on reboot.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 4
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page (PUP.Optional.Snapdo) -> Bad: (http://feed.snap.do/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=IT&userid=0d593339-7a7b-480f-8d51-822a6aacfe36&searchtype=ds&q={searchTerms}&installDate=06/04/2013) Good: (http://www.google.com) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (PUP.Optional.Snapdo) -> Bad: (http://feed.snap.do/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=IT&userid=0d593339-7a7b-480f-8d51-822a6aacfe36&searchtype=ds&q={searchTerms}&installDate=06/04/2013) Good: (http://www.google.com) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (PUP.Optional.Snapdo) -> Bad: (http://feed.snap.do/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=IT&userid=0d593339-7a7b-480f-8d51-822a6aacfe36&searchtype=ds&q={searchTerms}&installDate=06/04/2013) Good: (http://www.google.com) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|SearchAssistant (PUP.Optional.Snapdo) -> Bad: (http://feed.snap.do/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=IT&userid=0d593339-7a7b-480f-8d51-822a6aacfe36&searchtype=ds&q={searchTerms}&installDate=06/04/2013) Good: (http://www.google.com) -> Quarantined and repaired successfully.

Folders Detected: 16
C:\Program Files\MediaPlayerEnhance (PUP.Optional.MediaPlayerEnhance.A) -> Delete on reboot.
C:\Program Files\GrabRez (PUP.Optional.GrabRez.A) -> Delete on reboot.
C:\Program Files\GrabRez\bin (PUP.Optional.GrabRez.A) -> Delete on reboot.
C:\Program Files\GrabRez\bin\plugins (PUP.Optional.GrabRez.A) -> Delete on reboot.
C:\Program Files\GrabRez\bin\TEMP (PUP.Optional.GrabRez.A) -> Delete on reboot.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0 (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\plugins (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\userCode (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\icons (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\icons\actions (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\js\api (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\js\lib (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\js\lib\popupResource (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.

Files Detected: 143
C:\Program Files\GrabRez\updateGrabRez.exe (PUP.Optional.GrabRez.A) -> Delete on reboot.
C:\Program Files\Fortunitas\updateFortunitas.exe (PUP.Optional.Fortunitas.A) -> Delete on reboot.
C:\Program Files\GrabRez\bin\utilGrabRez.exe (PUP.Optional.GrabRez.A) -> Delete on reboot.
C:\Program Files\Fortunitas\FortunitasBHO.dll (PUP.Optional.Fortunitas.A) -> Delete on reboot.
c:\users\cristian\appdata\local	emp\umbrella.exefc2b0a (PUP.Optional.Iminent) -> Delete on reboot.
c:\users\cristian\appdata\local	emp\becd44bd-1e34-479c-99bd-71ff1660d999\spidentifierimpl.exe (PUP.Optional.Conduit.A) -> Delete on reboot.
c:\users\cristian\appdata\local	emp\becd44bd-1e34-479c-99bd-71ff1660d999\software\fortunitassetup.exe (PUP.Optional.Fortunitas.A) -> Delete on reboot.
c:\users\cristian\appdata\local	emp\becd44bd-1e34-479c-99bd-71ff1660d999\software\launcher.exe (PUP.Optional.Amonetize) -> Delete on reboot.
c:\users\cristian\appdata\local	emp\becd44bd-1e34-479c-99bd-71ff1660d999\software\speedupmypc.exe (PUP.Optional.SpeedUpMyPC) -> Delete on reboot.
c:\users\cristian\appdata\local	emp\becd44bd-1e34-479c-99bd-71ff1660d999\software	ugs_awesomehp.exe (PUP.Optional.SkyTech.A) -> Delete on reboot.
c:\users\cristian\appdata\local	emp\bus1525\crxupdater_d.exe (PUP.Optional.CRX.A) -> Delete on reboot.
c:\users\cristian\appdata\local	emp\bus2912\crxupdater_d.exe (PUP.Optional.CRX.A) -> Delete on reboot.
c:\users\cristian\appdata\local	emp\bus3429\crxupdater_d.exe (PUP.Optional.CRX.A) -> Delete on reboot.
c:\users\cristian\appdata\local	emp\bus60d4\crxupdater_d.exe (PUP.Optional.CRX.A) -> Delete on reboot.
c:\users\cristian\appdata\local	emp\fullpackage_temp1393009667\package1.zip (PUP.Optional.SkyTech.A) -> Delete on reboot.
c:\users\cristian\appdata\local	emp\fullpackage_temp1393009667\qqbrowserframe.dll (PUP.Optional.SkyTech.A) -> Delete on reboot.
c:\users\cristian\appdata\local	emp\fullpackage_temp1393009667	mp\suptab.exe (PUP.Optional.SupTab.A) -> Delete on reboot.
c:\users\cristian\appdata\local	emp\fullpackage_temp1393009667	mp\wpm.exe (PUP.Optional.WpManager) -> Delete on reboot.
c:\users\cristian\appdata\local	emp\is-imvef.tmp\speedupmypc-standalone-setup.exe (PUP.Optional.SpeedUpMyPC) -> Delete on reboot.
c:\users\cristian\appdata\local	emp
ste6fb.tmp\iminentsetup.exe (PUP.Optional.Iminent.A) -> Delete on reboot.
c:\users\cristian\appdata\local	emp
sy1ec8.tmp	emp_file_after.tmp (PUP.Optional.MediaPlayerEnhance.A) -> Delete on reboot.
c:\users\cristian\appdata\local	emp\xxciggjbphjiu\parent.txt (PUP.Optional.BundleInstaller.A) -> Delete on reboot.
C:\Users\Mamma e Papa\Downloads\BearShareSetup-r698-w-bc (1).exe (PUP.Optional.MusicToolbar.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\Downloads\BearShareSetup-r698-w-bc.exe (PUP.Optional.MusicToolbar.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\Downloads\FlashPlayerSetup__3149_i82969879_il3.exe (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\Downloads\HDvid-codec-Chrome (1).exe (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\Downloads\HDvid-codec-Chrome (10).exe (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\Downloads\HDvid-codec-Chrome (2).exe (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\Downloads\HDvid-codec-Chrome (3).exe (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\Downloads\HDvid-codec-Chrome (4).exe (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\Downloads\HDvid-codec-Chrome (5).exe (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\Downloads\HDvid-codec-Chrome (6).exe (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\Downloads\HDvid-codec-Chrome (7).exe (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\Downloads\HDvid-codec-Chrome (8).exe (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\Downloads\HDvid-codec-Chrome (9).exe (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\Downloads\HDvid-codec-Chrome.exe (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\Downloads\hdvid_codec_chrome (1).exe (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\Downloads\hdvid_codec_chrome (2).exe (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\Downloads\hdvid_codec_chrome.exe (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\Downloads\install_setup.exe (PUP.Optional.ViddyHD.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\Downloads\Java.exe (PUP.Optional.BundleInstaller.NS) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\Downloads\SoftonicDownloader_per_avg-antivirus-free-2013.exe (PUP.Optional.Softonic) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\Downloads\SoftonicDownloader_per_spotify.exe (PUP.Optional.Softonic) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\Downloads\vlc-player (1).exe (PUP.Optional.Montiera) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\Downloads\vlc-player (2).exe (PUP.Optional.Montiera) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\Downloads\vlc-player (3).exe (PUP.Optional.Montiera) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\Downloads\vlc-player (4).exe (PUP.Optional.Montiera) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\Downloads\vlc-player (5).exe (PUP.Optional.Montiera) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\Downloads\vlc-player.exe (PUP.Optional.Montiera) -> Quarantined and deleted successfully.
C:\Program Files\MediaPlayerEnhance\background.html (PUP.Optional.MediaPlayerEnhance.A) -> Delete on reboot.
C:\Program Files\MediaPlayerEnhance\44150.crx (PUP.Optional.MediaPlayerEnhance.A) -> Delete on reboot.
C:\Program Files\MediaPlayerEnhance\44150.xpi (PUP.Optional.MediaPlayerEnhance.A) -> Delete on reboot.
C:\Program Files\MediaPlayerEnhance\MediaPlayerEnhance.ico (PUP.Optional.MediaPlayerEnhance.A) -> Delete on reboot.
C:\Program Files\MediaPlayerEnhance\Uninstall.exe (PUP.Optional.MediaPlayerEnhance.A) -> Delete on reboot.
C:\Program Files\MediaPlayerEnhance\utils.exe (PUP.Optional.MediaPlayerEnhance.A) -> Delete on reboot.
C:\Windows\Tasks\MediaPlayerEnhance-chromeinstaller.job (PUP.Optional.MediaPlayerEnhance.A) -> Delete on reboot.
C:\Windows\Tasks\MediaPlayerEnhance-codedownloader.job (PUP.Optional.MediaPlayerEnhance.A) -> Delete on reboot.
C:\Windows\Tasks\MediaPlayerEnhance-enabler.job (PUP.Optional.MediaPlayerEnhance.A) -> Delete on reboot.
C:\Windows\Tasks\MediaPlayerEnhance-firefoxinstaller.job (PUP.Optional.MediaPlayerEnhance.A) -> Delete on reboot.
C:\Program Files\GrabRez\GrabRez.ico (PUP.Optional.GrabRez.A) -> Delete on reboot.
C:\Program Files\GrabRez\7za.exe (PUP.Optional.GrabRez.A) -> Delete on reboot.
C:\Program Files\GrabRez\GrabRezUninstall.exe (PUP.Optional.GrabRez.A) -> Delete on reboot.
C:\Program Files\GrabRez\updateGrabRez.InstallState (PUP.Optional.GrabRez.A) -> Delete on reboot.
C:\Program Files\GrabRez\bin\FilterApp_C.exe (PUP.Optional.GrabRez.A) -> Delete on reboot.
C:\Program Files\GrabRez\bin\GrabRez.BrowserFilter.Helper.dll (PUP.Optional.GrabRez.A) -> Delete on reboot.
C:\Program Files\GrabRez\bin\GrabRez.BrowserFilter.Helper.dll.old.ef738383-f164-4129-bb12-c5661d87e088 (PUP.Optional.GrabRez.A) -> Delete on reboot.
C:\Program Files\GrabRez\bin\GrabRezBrowserFilter.exe (PUP.Optional.GrabRez.A) -> Delete on reboot.
C:\Program Files\GrabRez\bin\utilGrabRez.InstallState (PUP.Optional.GrabRez.A) -> Delete on reboot.
C:\Program Files\GrabRez\bin\plugins\GrabRez.BrowserFilter.dll (PUP.Optional.GrabRez.A) -> Delete on reboot.
C:\Program Files\GrabRez\bin\plugins\GrabRez.FFUpdate.dll (PUP.Optional.GrabRez.A) -> Delete on reboot.
C:\Program Files\GrabRez\bin\plugins\GrabRez.IEUpdate.dll (PUP.Optional.GrabRez.A) -> Delete on reboot.
C:\Program Files\GrabRez\bin\plugins\GrabRez.PurBrowseG.dll (PUP.Optional.GrabRez.A) -> Delete on reboot.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\background.html (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\chromeCoreFilesIndex.txt (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\crossriderManifest.json (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\manifest.json (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\popup.html (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\manifest.xml (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\plugins.json (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\plugins\102_dealply_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\plugins\103_intext_5_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\plugins\104_jollywallet_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\plugins\13_CrossriderAppUtils.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\plugins\14_CrossriderUtils.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\plugins\155_ibario_pops_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\plugins\177_crossriderDashboard.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\plugins\17_jQuery.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\plugins\182_openUrl.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\plugins\183_tabsWrapper.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\plugins\184_noproblemppc_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\plugins\190_pops_5_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\plugins\191_ciuvo_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\plugins\19_CHAppAPIWrapper.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\plugins\1_base.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\plugins\207_dbWrapper.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\plugins\21_debug.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\plugins\22_resources.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\plugins\230_revizer_ws_dynamic_b2b_2_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\plugins\233_revizer_p_dynamic_b2b_2_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\plugins\28_initializer.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\plugins\47_resources_background.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\plugins\4_jquery_1_7_1.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\plugins\64_appApiMessage.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\plugins\72_appApiValidation.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\plugins\78_CrossriderInfo.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\plugins\80_CHPopupAppAPI.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\plugins\91_monetizationLoader.js.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\plugins\93_superfish_no_coupons_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\plugins\97_resourceApiWrapper.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\userCode\background.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\extensionData\userCode\extension.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\icons\icon128.png (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\icons\icon16.png (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\icons\icon48.png (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\icons\actions\1.png (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\js\background.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\js\main.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\js\platformVersion.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\js\api\chrome.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\js\api\cookie.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\js\api\message.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\js\api\monitor.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\js\api\pageAction.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\js\api\pageActionBG.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\js\lib\app_api.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\js\lib\bg_app_api.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\js\lib\consts.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\js\lib\cookie_store.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\js\lib\crossriderAPI.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\js\lib\delegate.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\js\lib\events.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\js\lib\extensionDataStore.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\js\lib\installer.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\js\lib\logFile.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\js\lib\logging.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\js\lib\onBGDocumentLoad.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\js\libeports.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\js\lib\storageWrapper.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\js\lib\updateManager.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\js\lib\util.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\js\lib\xhr.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\js\lib\popupResource
ewPopup.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Mamma e Papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\js\lib\popupResource\popup.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.

(end)

lallina · Answer

ah e da quando sto facendo queste scansioni va piu' lento e si è spento  3 volte mentre lo usavo....e ora mi ha chiesto di reimpostare il browser predefinito ...e i ha cancellato adblock plus.....come mai??

l'embrouille 75 · Answer

Ciao,
Desinstalla completamente Chrome, e scarica la nuova versione qui=> https://it.ccm.net/download/scaricare-102-google-chrome
Quando ti chiedera se vuoi che se il browser preferito clicca OK
Dopo nell Google store,scarica l'app AD BLOCK PLUS.

lallina · Answer

ok ora lo faccio..ma malware lo tengo o lo cancello?e come antivirus va bene avg?

l'embrouille 75 · Answer

Ciao,
Si,Malware,lo tengo.Ogni tanto puoi fare una scansione per vedere si non hai adware
che viene inquinare il PC.
Purtroppo,quando scarica un programma ,deve ben leggere si non e niente di spuntato:
 Caselle come : Tool bar ,Estensione ,...Ect. Deve sempre rifiutare tutto quale che e proposta in supplemente .
Scaricare sempre su un sito ufficiale del progama desiderato .
Evitare di scaricare su  SOFTONIC .

Per AVG,tengolo aggiornato,non e male come free anti-virus.

l'embrouille 75 · Answer

Ciao,
Deve rifare una scabsione con ADW Cleaner,apri il programa,clicca su scan,quando il scan e finito clicca su delete.
Posta i report

lallina · Answer

Il problema é rimasto...x quanto riguarda explorer nn le apre più le pagine..ma su chrome sono raddoppiate....ho fatto e rifatto tt i passaggi elencati....ma niente!!...ma cavoliiiiiii :((( non posso neanke portarlo da un tecnico che purtroppo i cash mancano....nn so più a ki chiedere...e cs fare.. é super lento..più di prima...e ste pagine che si aprono ma tantissime...anche tre alla volta..o anche sopra la pagina che apro io...boh..

l'embrouille 75 · Answer

Ciao, 
Bene,allora proviamo di eliminare questo problema con COMBOFIX; 
:/!\Questo programa e molto potente,e deve seguire esattamente le modalita di uso /!\. 
La prima cosa da fare e di stampare le modalita qui=> https://www.bleepingcomputer.com/combofix/it/come-usare-combofix
Scarica il programma cliicando su il link fornito di questo sito.
/!\ Non toccare a niente durante la scansione /!\
Posta i report qui

l'embrouille 75 · Answer

Ciao,
Hai ancora problemi con le pagine di pub ???

lallina · Answer

ciao.....si...cioe' x il momento sembra meno...rispetto al solito...oggi solo 4...tra cui meet...groupon...giochi...ecc....ho provato a cercare il log ma nn c'è....non l'avro'salvato...che disastro!ahah

l'embrouille 75 · Answer

Ciao,
Riprova a fare le scansioni con ADW,e con Malwarebytes in questo ordine.
Posta i 2report qui dopo che avrai fatto tutto

Chrome aiuto pubblicità si apre da sola

19 risposte

Discussioni simili