Mi si aprono finestre indesiderate sia in google che un ezplorer

Chiuso
bruno - 27 gen 2015 alle 22:13
l'embrouille 75 Posti 5307 Data di registrazione lunedì 4 luglio 2011 Stato Membri Ultimo intervento giovedì 5 luglio 2018 - 28 gen 2015 alle 07:41
Ciao,
ho fatta la scansione con combo fix il risultato e questo


ComboFix 15-01-27.01 - Bruno 27/01/2015 21:51:13.1.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.39.1040.18.2047.1107 [GMT 1:00]
Eseguito da: c:\users\Bruno\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WTAKMZXM\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Creati Da 2014-12-27 al 2015-01-27 )))))))))))))))))))))))))))))))))))
.
.
2015-01-27 20:56 . 2015-01-27 20:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-01-27 11:31 . 2015-01-27 11:32 -------- d-----w- c:\program files\Google
2015-01-24 18:16 . 2015-01-24 18:16 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2015-01-24 07:17 . 2015-01-24 07:17 -------- d-----w- c:\programdata\Malwarebytes
2015-01-23 13:11 . 2015-01-23 13:11 -------- d-----w- c:\program files\7-Zip
2015-01-23 13:09 . 2015-01-23 13:18 -------- d-----w- c:\users\Bruno\AppData\Roaming\WTools
2015-01-23 13:09 . 2015-01-23 13:16 -------- d-----w- c:\users\Bruno\AppData\Roaming\Store
2015-01-23 13:08 . 2015-01-26 08:08 -------- d-----w- c:\program files\CandyBox
2015-01-23 08:25 . 2014-12-02 11:01 9054624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E1262601-A733-48E6-BC2E-924547FD2729}\mpengine.dll
2015-01-14 02:22 . 2014-12-12 05:11 3971512 ----a-w- c:\windows\system32\ntkrnlpa.exe
2015-01-14 02:22 . 2014-12-12 05:11 3916728 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-01-14 02:22 . 2014-12-19 01:34 116224 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2015-01-14 02:16 . 2014-12-06 03:50 242688 ----a-w- c:\windows\system32\nlasvc.dll
2015-01-14 01:56 . 2014-12-11 17:47 74240 ----a-w- c:\windows\system32\TSWbPrxy.exe
2015-01-14 01:56 . 2014-12-19 02:43 164864 ----a-w- c:\windows\system32\profsvc.dll
2015-01-13 08:20 . 2015-01-13 08:20 -------- d-----w- c:\programdata\Canneverbe Limited
2015-01-13 08:20 . 2015-01-13 08:20 -------- d-----w- c:\users\Bruno\AppData\Roaming\Canneverbe Limited
2015-01-13 08:19 . 2015-01-13 08:20 -------- d-----w- c:\program files\CDBurnerXP
2015-01-12 16:06 . 2015-01-12 16:49 -------- d-----w- c:\users\Bruno\AppData\Roaming\COWON
2015-01-12 09:52 . 2015-01-12 15:36 -------- d-----w- c:\users\Bruno\AppData\Roaming\NCH Software
2015-01-11 08:23 . 2015-01-11 08:23 -------- d-----w- c:\program files\MSXML 4.0
2015-01-10 12:51 . 2015-01-10 13:02 -------- d-----w- c:\users\Bruno\AppData\Roaming\U3
2015-01-06 14:39 . 2015-01-06 14:39 -------- d-----w- c:\programdata\eMule
2015-01-06 14:38 . 2015-01-06 14:55 -------- d-----w- c:\users\Bruno\AppData\Local\eMule
2015-01-06 14:38 . 2015-01-06 14:38 -------- d-----w- c:\program files\eMule
2014-12-30 18:27 . 2015-01-14 20:29 -------- d-----w- c:\users\Bruno\AppData\Roaming\tor
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-25 17:00 . 2014-07-11 11:30 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-01-25 17:00 . 2014-07-11 11:30 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-12-31 11:13 . 2014-07-10 13:11 249488 ------w- c:\windows\system32\MpSigStub.exe
2014-12-16 14:12 . 2014-12-16 14:12 82432 ----a-w- c:\users\Bruno\AppData\Roaming\Microsoft\MSXML2\msxml4r.dll
2014-12-16 14:12 . 2014-12-16 14:12 44544 ----a-w- c:\users\Bruno\AppData\Roaming\Microsoft\MSXML2\msxml4a.dll
2014-12-16 14:12 . 2014-12-16 14:12 1275392 ----a-w- c:\users\Bruno\AppData\Roaming\Microsoft\MSXML2\msxml4.dll
2014-12-13 03:33 . 2014-12-18 09:05 115712 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-08 17:19 . 2014-07-11 11:30 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-12-08 17:19 . 2014-07-11 11:30 423784 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-12-08 17:19 . 2014-07-11 11:30 91496 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-12-08 17:19 . 2014-07-11 11:30 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-12-08 17:19 . 2014-07-11 11:30 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-12-08 17:19 . 2014-07-11 11:30 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-12-08 17:19 . 2014-07-11 11:30 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-12-08 17:19 . 2014-07-11 11:30 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-12-08 17:19 . 2014-12-26 10:04 291352 ----a-w- c:\windows\system32\aswBoot.exe
2014-12-08 17:19 . 2014-12-08 17:19 43152 ----a-w- c:\windows\avastSS.scr
2014-12-04 07:39 . 2014-09-08 17:02 505416 ----a-w- c:\windows\system32\msvcp71.dll
2014-12-04 07:39 . 2014-09-08 17:02 353864 ----a-w- c:\windows\system32\msvcr71.dll
2014-11-22 02:20 . 2014-12-10 17:02 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-11-22 02:20 . 2014-12-10 17:02 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-11-22 02:07 . 2014-12-10 17:02 501248 ----a-w- c:\windows\system32\vbscript.dll
2014-11-22 02:07 . 2014-12-10 17:02 62464 ----a-w- c:\windows\system32\iesetup.dll
2014-11-22 02:06 . 2014-12-10 17:02 47616 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-11-22 02:05 . 2014-12-10 17:02 64000 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-11-22 01:55 . 2014-12-10 17:02 102912 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-11-22 01:54 . 2014-12-10 17:02 620032 ----a-w- c:\windows\system32\jscript9diag.dll
2014-11-22 01:48 . 2014-12-10 17:02 667648 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-22 01:40 . 2014-12-10 17:02 60416 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-22 01:29 . 2014-12-10 17:02 4299264 ----a-w- c:\windows\system32\jscript9.dll
2014-11-22 01:22 . 2014-12-10 17:02 2052096 ----a-w- c:\windows\system32\inetcpl.cpl
2014-11-22 01:21 . 2014-12-10 17:02 1155072 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-11-22 01:00 . 2014-12-10 17:02 1888256 ----a-w- c:\windows\system32\wininet.dll
2014-11-19 03:31 . 2014-11-19 03:31 1217192 ----a-w- c:\windows\system32\FM20.DLL
2014-11-11 02:44 . 2014-12-10 17:02 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-11-11 02:44 . 2014-11-19 09:54 186880 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 02:44 . 2014-11-19 09:54 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 01:32 . 2014-12-10 17:02 74752 ----a-w- c:\windows\system32\drivers\tdx.sys
2014-11-08 02:45 . 2014-12-10 17:00 2048 ----a-w- c:\windows\system32\tzres.dll
2014-10-30 01:45 . 2014-12-10 17:00 155136 ----a-w- c:\windows\system32\charmap.exe
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-12-08 17:19 723976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-01-23 5227112]
"NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-03-20 1797064]
"RealDownloader"="c:\program files\RealNetworks\RealDownloader\downloader2.exe" [2014-10-29 560192]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
RealPlayer Cloud Service UI.lnk - c:\program files\Real\RealPlayer\RPDS\Bin\rpsystray.exe [2014-9-8 824416]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-12-08 91496]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2014-04-03 315008]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-11-22 102912]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2014-07-11 1343400]
R4 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-10-26 39568]
R4 RealPlayerUpdateSvc;RealPlayer Update Service;c:\program files\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-10-30 31856]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-12-08 787800]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-12-08 423784]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-12-08 24184]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-12-08 70384]
S2 AUS;Auto Update Service;c:\program files\CandyBox\aus.exe [2014-07-14 286208]
S2 Log S.M.;Log Session Manager;c:\program files\CandyBox\cab.exe [2014-07-20 406528]
S2 RealPlayer Cloud Service;RealPlayer Cloud Service;c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [2014-12-04 1141848]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-03-04 411936]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [x]
.
.
--- Altri Servizi/Drivers In Memoria ---
.
*NewlyCreated* - MBAMSWISSARMY
*Deregistered* - NisDrv
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-01-27 11:32 1086280 ----a-w- c:\program files\Google\Chrome\Application\40.0.2214.93\Installer\chrmstp.exe
.
Contenuto della cartella 'Scheduled Tasks'
.
2015-01-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-11 17:00]
.
2015-01-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-01-27 11:31]
.
2015-01-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-01-27 11:31]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.libero.it/
mSearch Bar = https://www.google.com/?trackid=sp-006
mStart Page = https://www.google.com/?trackid=sp-006
TCP: DhcpNameServer = 192.168.1.1
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
HKLM-Run-NWEReboot - (no file)
MSConfigStartUp-FAHConsole - c:\program files\File Association Helper\FAHConsole.exe
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Ora fine scansione: 2015-01-27 21:58:01
ComboFix-quarantined-files.txt 2015-01-27 20:58
.
Pre-Run: 315.227.148.288 byte disponibili
Post-Run: 315.025.080.320 byte disponibili
.
- - End Of File - - 5684B21A018641B36DFC5221ACEDD3F3
A36C5E4F47E84449FF07ED3517B43A31








cosa posso fare?
grazie

1 risposta

l'embrouille 75 Posti 5307 Data di registrazione lunedì 4 luglio 2011 Stato Membri Ultimo intervento giovedì 5 luglio 2018 749
28 gen 2015 alle 07:41
Ciao,
Chi ti ha consigliato di utilisare Combofix per eliminare Malwares ????
Inizia la disinfezione con ADW =
Avvia il PC in modalita provisoria
* Scarica e salva sull desktop ADW Cleaner =>https://toolslib.net
* Chiudi tutti i programmi e browser internet aperti
* Fa doppio clic su "AdwCleaner.exe" per eseguirlo
* Fa clic sul pulsante "Scan" e attendi la fine del processo
* Fa clic sul pulsante "Clean" e segui le istruzioni
* Il programma chiuderà tutti i programmi aperti, quindi salva i tuoi dati e lavori in corso prima di continuare
* Se viene chiesto di avviare il PC, accetta
* Un report verrà aperto automaticamente, Copia/incolla il contenuto del file nella tua risposta
* Puoi trovare il file log in "C:\AdwCleaner\AdwCleaner[Sn].txt" (nel quale "n" è un numero).


Ubuntu 14.04 LTS Firefox / Magela 3 Opera 12.15