Pagine che si aprono in continuazione

WIOLET · 16 Febbraio 2015

Ciao a tutti, non sono brava in tecnologia, devo aver scaricato qualche "cavolata" e mi si aprono pagine di pubblicità strane oppure roba tipo euromillionar systema, ho scaricato yac yat, qualcosa del genere ma non mi è servito anzi secondo me l'ho scaricato da un sito sbagliato....quindi cosa devo fare per rimettere a posto tutto e far si che non si aprano piu pagine del "cavolo".....io come programma ho solo cleaner che uso..........per il resto aiutoooooooooooooo Uso windows 7.........grazie
Spero che possiate aiutarmi in maniera semplice perchè non sono molto "sveglia" in tecnologia grazie mille:grat:
se vi serve incollo il file di combofix.....ho provato a "imparare"qualcosa
ComboFix 15-02-16.01 - User 16/02/2015 15:42:45.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.39.1040.18.8136.5540 [GMT 1:00]
Eseguito da: c:\users\User\Downloads\ComboFix.exe
AV: Kaspersky Anti-Virus *Disabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
SP: Kaspersky Anti-Virus *Disabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\page
c:\programdata\page\page.ico
c:\programdata\page\page.URL
c:\windows\SysWow64\DEBUG.log
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_NPF
.
.
((((((((((((((((((((((((( Files Creati Da 2015-01-16 al 2015-02-16 )))))))))))))))))))))))))))))))))))
.
.
2015-02-16 13:51 . 2015-02-16 13:51 -------- d-----w- c:\windows\system32\log
2015-02-15 18:31 . 2015-02-16 13:48 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2015-02-13 08:07 . 2014-12-02 10:26 11870360 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B3878196-025B-42E3-8BE5-D93D16ACC9DD}\mpengine.dll
2015-02-11 17:22 . 2015-01-23 04:42 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2015-02-11 17:22 . 2015-01-23 04:41 6041600 ----a-w- c:\windows\system32\jscript9.dll
2015-02-11 17:22 . 2015-01-23 03:43 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2015-02-11 17:22 . 2015-01-23 03:17 4300800 ----a-w- c:\windows\SysWow64\jscript9.dll
2015-02-11 00:37 . 2015-01-13 03:10 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-02-10 19:22 . 2015-02-05 17:57 621384 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2015-02-03 21:03 . 2014-10-18 02:05 4121600 ----a-w- c:\windows\system32\mf.dll
2015-02-03 21:03 . 2014-10-18 01:33 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2015-02-03 19:34 . 2015-01-23 11:36 923936 ----a-w- c:\program files (x86)\Mozilla Firefox\uninstall\helper.exe
2015-02-03 19:34 . 2015-01-23 11:35 73840 ----a-w- c:\program files (x86)\Mozilla Firefox\wow_helper.exe
2015-02-03 19:34 . 2015-01-23 10:38 49776 ----a-w- c:\program files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2015-02-03 19:34 . 2015-01-23 10:37 220784 ----a-w- c:\program files (x86)\Mozilla Firefox\sandboxbroker.dll
2015-02-01 10:22 . 2015-02-01 10:22 -------- d-----w- c:\users\User\AppData\Roaming\dvdcss
2015-01-31 19:36 . 2015-01-31 19:42 -------- d-----w- c:\program files (x86)\Among The Sleep
2015-01-31 00:10 . 2015-01-31 00:10 -------- d-sh--w- c:\users\User\AppData\Local\EmieBrowserModeList
2015-01-31 00:09 . 2015-01-31 00:14 -------- d-----w- c:\program files\PDFCreator
2015-01-31 00:09 . 2015-01-22 15:14 114872 ----a-w- c:\windows\system32\pdfcmon.dll
2015-01-31 00:09 . 2015-01-31 00:10 -------- d-----w- c:\users\User\AppData\Roaming\Opera Software
2015-01-31 00:09 . 2015-01-31 00:10 -------- d-----w- c:\users\User\AppData\Local\Opera Software
2015-01-27 14:40 . 2015-02-05 21:01 16017040 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2015-01-27 14:40 . 2015-01-13 04:15 1540240 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2015-01-27 14:40 . 2015-01-10 08:07 1895240 ----a-w- c:\windows\system32\nvdispco6434725.dll
2015-01-27 14:40 . 2015-01-10 08:07 1556808 ----a-w- c:\windows\system32\nvdispgenco6434725.dll
2015-01-26 23:23 . 2015-01-26 23:23 14464 ----a-w- c:\windows\system32\drivers\wdcsam64.sys
2015-01-21 00:42 . 2015-01-21 00:42 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2015-01-20 23:56 . 2015-01-20 23:56 -------- d-----w- c:\program files (x86)\Common Files\Java
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-13 22:25 . 2014-09-02 15:40 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-13 22:25 . 2014-09-02 15:40 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-02-11 02:00 . 2014-09-02 16:13 116773704 ----a-w- c:\windows\system32\MRT.exe
2015-02-05 21:01 . 2014-09-02 15:09 74056 ----a-w- c:\windows\system32\OpenCL.dll
2015-02-05 21:01 . 2014-09-02 15:09 60560 ----a-w- c:\windows\SysWow64\OpenCL.dll
2015-02-05 21:01 . 2014-09-02 15:08 3299512 ----a-w- c:\windows\system32\nvapi64.dll
2015-02-05 21:01 . 2014-09-02 15:08 18575880 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-02-05 21:01 . 2014-09-02 15:08 14119744 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-02-05 19:07 . 2014-09-02 15:09 6861128 ----a-w- c:\windows\system32\nvcpl.dll
2015-02-05 19:07 . 2014-09-02 15:09 3517584 ----a-w- c:\windows\system32\nvsvc64.dll
2015-02-05 19:07 . 2014-09-02 15:09 935056 ----a-w- c:\windows\system32\nvvsvc.exe
2015-02-05 19:07 . 2014-09-02 15:09 62792 ----a-w- c:\windows\system32\nvshext.dll
2015-02-05 19:07 . 2014-09-02 15:09 2558792 ----a-w- c:\windows\system32\nvsvcr.dll
2015-02-05 19:06 . 2014-09-02 15:09 385168 ----a-w- c:\windows\system32\nvmctray.dll
2015-02-05 12:50 . 2014-09-02 15:09 4236870 ----a-w- c:\windows\system32\nvcoproc.bin
2015-01-20 23:56 . 2014-10-19 16:10 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-01-16 06:41 . 2014-09-02 15:09 1316184 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-01-16 06:41 . 2014-09-02 15:09 1278920 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-01-16 06:41 . 2014-09-02 15:09 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-01-16 06:41 . 2014-09-02 15:09 1514528 ----a-w- c:\windows\system32\nvspcap64.dll
2014-12-22 23:41 . 2010-11-21 03:27 298120 ------w- c:\windows\system32\MpSigStub.exe
2014-12-19 03:06 . 2015-01-14 09:43 210432 ----a-w- c:\windows\system32\profsvc.dll
2014-12-19 01:46 . 2015-01-14 09:43 141312 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2014-12-13 10:08 . 2014-12-28 08:53 1895056 ----a-w- c:\windows\system32\nvdispco6434709.dll
2014-12-13 10:08 . 2014-12-28 08:53 1556624 ----a-w- c:\windows\system32\nvdispgenco6434709.dll
2014-12-11 17:47 . 2015-01-14 09:43 87040 ----a-w- c:\windows\system32\TSWbPrxy.exe
2014-12-06 04:17 . 2015-01-14 09:43 303616 ----a-w- c:\windows\system32\nlasvc.dll
2014-12-06 03:50 . 2015-01-14 09:43 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll
2014-12-06 03:50 . 2015-01-14 09:43 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2014-11-22 10:46 . 2014-12-21 08:27 38032 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-11-22 10:46 . 2014-12-21 08:27 32400 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2014-11-22 10:46 . 2014-09-02 15:08 35472 ----a-w- c:\windows\system32\nvaudcap64v.dll
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2015-01-27 3619160]
"CCleaner"="c:\program files\CCleaner\CCleaner64.exe" [2015-01-20 7404312]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-01-20 7404312]
.
c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Monitora avvisi inchiostro - HP Deskjet 2050 J510 series.lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Deskjet 2050 J510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN07R2N0QB05D1;CONNECTION=USB;MONITOR=1; [2009-7-14 45568]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Driver dello switch Controller Host Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 klhk;klhk;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [x]
S2 AVP15.0.0;Servizio Kaspersky Anti-Virus 15.0.0;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe [x]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.exe [x]
S2 cbVSCService11;Cobian Backup 11 Servizio Volume Shadow Copy;c:\program files (x86)\Cobian Backup 11\cbVSCService11.exe;c:\program files (x86)\Cobian Backup 11\cbVSCService11.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [x]
S2 NETGEARGenieDaemon;NETGEARGenieDaemon;c:\program files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe;c:\program files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 iusb3hub;Driver hub Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Driver Controller Host estendibile Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 NPF;WinPcap Packet Driver (NPF);c:\windows\system32\drivers\NPF.sys;c:\windows\SYSNATIVE\drivers\NPF.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Altri Servizi/Drivers In Memoria ---
.
*NewlyCreated* - NPF
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-02-06 01:17 1086280 ----a-w- c:\program files (x86)\Google\Chrome\Application\40.0.2214.111\Installer\chrmstp.exe
.
Contenuto della cartella 'Scheduled Tasks'
.
2015-02-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-02 22:25]
.
2015-02-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-09-02 16:40]
.
2015-02-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-09-02 16:40]
.
.
--------- X64 Entries -----------
.
.
------- Scansione supplementare -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
TCP: Interfaces\{74B0123E-581E-41C2-9BD0-86433A6A65CD}: NameServer = 151.99.125.2,151.99.0.100
FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\xa2sie2c.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.it/?gws_rd=ssl
FF - user.js: plugin.state.npcontentblocker - 2
FF - user.js: network.http.spdy.enabled - false
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @DenieD: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @DenieD: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @DenieD: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @DenieD: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @DenieD: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @DenieD: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @DenieD: (A) (Users) @DenieD: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @DenieD: (A) (Users) @DenieD: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @DenieD: (Full) (Everyone)
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Ora fine scansione: 2015-02-16 15:49:06 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2015-02-16 14:49
.
Pre-Run: 87.063.191.552 byte disponibili
Post-Run: 86.585.872.384 byte disponibili
.
- - End Of File - - B3CC68D2326A8C09ED3CBDE4BCBCD62D
A36C5E4F47E84449FF07ED3517B43A31

Lele1990 · 17 Febbraio 2015

segui questa guida e dovresti essere apposto:
1 - allega il file "ComboFix-quarantined-files"
2 - scarica Thank you for downloading IObit Uninstaller from CNET Download.com avvialo e rimuovi Yet Another Cleaner (o Yac) alla richiesta di riavvio non farla e vai avanti con la rimozione
3 - scarica http://www.geekstogo.com/forum/files/download/398-otl-oldtimers-list-it/ avvialo e premi su "cleanup" si riavvierà rimuovendo "combofix"
4 - scarica https://toolslib.net/downloads/finish/1/ appena scaricato portalo sul desktop avvialo e premi su "scan" attendi la fine della scansione e successivamente premi "clean". Accetta tutte le varie richieste si riavvierà (è tutto normale serve ad eliminare le infezioni).
5 - scarica Malwarebytes: anti-Malware gratuito installalo mettilo in italiano (settings - general setting imposta italiano) successivamente vai su "rilevamento e protezione"a abilita la ricerca rootkit, infine aggiornalo ed esegui una scansione completa. Anche qui probabilmente ti chiederà il riavvio per eliminare le infezioni quindi acconsenti.

Attendo i log di Adwcleaner e Malwarebytes.

WIOLET · 19 Febbraio 2015

Eccomi scusa, il file di combo non è quello che ho già allegato sopra, cmq ho risolto con adwcleaner (qualcosa del genere), ma Malwarebytes: anti-Malware gratuito (visto che è in italiano) me lo scarico lo stesso perchè può sempre servire, grazie mille sei stato super gentile

Cerca

Pagine che si aprono in continuazione

WIOLET

Nuovo Utente

Lele1990

Utente Attivo

WIOLET

Nuovo Utente

Entra