Ho cambiato l'estensione ed i file torna con l'iconetta word ma aprendolo vedo tutti loghi strani:
]2º‹ƒ
¬Ÿ¹ (Y:fÿ-aä÷•]d9àúáüœ¿ÕÚÁ>í0LVaѹՆª¿¦ÒüX|;($&*µÝâø$Æ*û
¼™O<ÇbŒØ<Ufï ©•X\"Ïb
AÉ–JíšQS(úV±Ù
- - - Updated - - -
Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software
Scan Date: 15/01/2015
Scan Time: 16:08:58
Logfile:
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.01.15.09
Rootkit Database: v2015.01.14.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Sede
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 342417
Time Elapsed: 17 min, 58 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 3
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\PluginService.exe, 1536, , [d4e14bac6a1f75c1c1ba106816eb1de3]
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, 1576, , [3f76ee090b7e58de3d3e92e605fc768a]
PUP.Optional.WindowsMangerProtect.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, 1628, , [e4d132c500890e28782aea88d1324db3]
Modules: 0
(No malicious items detected)
Registry Keys: 21
PUP.Optional.IePluginService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginService, , [d4e14bac6a1f75c1c1ba106816eb1de3],
PUP.Optional.IePluginService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginServices, , [3f76ee090b7e58de3d3e92e605fc768a],
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, , [288d797eb7d254e243c85f90b44eaf51],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, , [833250a7c1c85fd7b3c3d8169a6826da],
PUP.Optional.Delta.A, HKLM\SOFTWARE\delta-homesSoftware, , [9d18797e9bee999d7e7570193bc824dc],
PUP.Optional.WPM.A, HKLM\SOFTWARE\supWindowsMangerProtect, , [d1e4688f9fead363a83dfced02021be5],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\supWPM, , [c4f142b5a9e0d75f12b8701405fe49b7],
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\webssearchesSoftware, , [0aab03f48207171ff6b31c8b8b78de22],
PUP.Optional.SecurityProtection.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\noajmlkipclmeolfcnflkjhijkigpfjh, , [546123d43752e056425f3f337a899967],
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [1f9694632960c2740d83a3327d87e51b],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\SUPDP, , [3283966198f1ec4a6335147040c36997],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\SUPTAB, , [4d68be396326270f8148661e0300f010],
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect, , [e4d132c500890e28782aea88d1324db3],
PUP.Optional.IEPluginServices.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\IePluginService, , [bcf98c6bd6b3b6808ff30b6b40c3de22],
PUP.Optional.IEPluginServices.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\IePluginServices, , [793c8b6c1b6ee3531cd63b3e917204fc],
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, , [fabb01f640492511738087f2fa0951af],
PUP.Optional.Softonic.A, HKU\S-1-5-21-1314798696-2289064642-857783464-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Softonic, , [e9cc16e18bfe6dc9c1a8a8cb59aa15eb],
PUP.Optional.MultiIE.A, HKU\S-1-5-21-1314798696-2289064642-857783464-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\DynConIE, , [5e57db1c84053501aea112d59b696799],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1314798696-2289064642-857783464-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [00b5de1930598babee01555e12f1e51b],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1314798696-2289064642-857783464-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [5c596592ea9f2511fc061ab059ab3cc4],
PUP.Optional.Qone8, HKU\S-1-5-21-1314798696-2289064642-857783464-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [6b4a4aada9e08da90a8534a18a7a669a],
Registry Values: 3
PUP.Optional.SupTab.A, HKLM\SOFTWARE\SUPDP|dir, C:\Program Files\SupTab, , [3283966198f1ec4a6335147040c36997]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\SUPTAB|ptid, tugs, , [4d68be396326270f8148661e0300f010]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1314798696-2289064642-857783464-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0H1K1J1N2U0R1O1F, , [5c596592ea9f2511fc061ab059ab3cc4]
Registry Data: 8
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files\Google\Chrome\Application\chrome.exe"
delta-homes, Good: (Chrome.exe), Bad: ("C:\Program Files\Google\Chrome\Application\chrome.exe"
delta-homes),,[a5108e69d0b9fb3b3524197e20e5f709]
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, "C:\Program Files\Internet Explorer\iexplore.exe"
delta-homes, Good: (iexplore.exe), Bad: ("C:\Program Files\Internet Explorer\iexplore.exe"
delta-homes),,[4c699a5d5f2a4ee80255d1c6d0354db3]
PUP.Optional.Delta.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://search.delta-homes.com/web/?type=ds&ts=1420024437&from=wpm12311&uid=ST3500418AS_9VMXWSKBXXXX9VMXWSKB&q={searchTerms}, Good: (
www.google.com), Bad: (http://search.delta-homes.com/web/?type=ds&ts=1420024437&from=wpm12311&uid=ST3500418AS_9VMXWSKBXXXX9VMXWSKB&q={searchTerms}),,[c8edf502b1d83006d678395e887dee12]
PUP.Optional.Delta.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page,
http://www.delta-homes.com/?type=hp&ts=1402597610&from=wpm0612&uid=ST3500418AS_9VMXWSKBXXXX9VMXWSKB, Good: (
www.google.com), Bad: (
http://www.delta-homes.com/?type=hp&ts=1402597610&from=wpm0612&uid=ST3500418AS_9VMXWSKBXXXX9VMXWSKB),,[3e77d225e5a451e51937a3f4f510738d]
PUP.Optional.Delta.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|CustomizeSearch, http://search.delta-homes.com/web/?type=ds&ts=1420024437&from=wpm12311&uid=ST3500418AS_9VMXWSKBXXXX9VMXWSKB&q={searchTerms}, Good: (
www.google.com), Bad: (http://search.delta-homes.com/web/?type=ds&ts=1420024437&from=wpm12311&uid=ST3500418AS_9VMXWSKBXXXX9VMXWSKB&q={searchTerms}),,[d4e16d8a5e2b0a2c490937603ec75ea2]
PUP.Optional.Delta.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://search.delta-homes.com/web/?type=ds&ts=1420024437&from=wpm12311&uid=ST3500418AS_9VMXWSKBXXXX9VMXWSKB&q={searchTerms}, Good: (
www.google.com), Bad: (http://search.delta-homes.com/web/?type=ds&ts=1420024437&from=wpm12311&uid=ST3500418AS_9VMXWSKBXXXX9VMXWSKB&q={searchTerms}),,[d9dc41b61475a78f6ee6f2a5e0256898]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[4a6b87707415cb6ba4a9ebabb055956b]
PUP.Optional.Delta.A, HKU\S-1-5-21-1314798696-2289064642-857783464-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://search.delta-homes.com/web/?type=ds&ts=1402597610&from=wpm0612&uid=ST3500418AS_9VMXWSKBXXXX9VMXWSKB&q={searchTerms}, Good: (
www.google.com), Bad: (http://search.delta-homes.com/web/?type=ds&ts=1402597610&from=wpm0612&uid=ST3500418AS_9VMXWSKBXXXX9VMXWSKB&q={searchTerms}),,[8530a94edfaaaa8c4708425540c5e61a]
Folders: 15
PUP.Optional.Meteoroids.A, C:\Users\Sede\AppData\Local\Meteoroids, , [dadbb0479fea72c43a36e0ab5fa40bf5],
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService, , [0fa66a8de6a3c274e30caa8fc53e758b],
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\update, , [0fa66a8de6a3c274e30caa8fc53e758b],
PUP.Optional.WebsSearches.A, C:\Users\Sede\AppData\Roaming\webssearches, , [62534fa83c4df6403c958ab315ee639d],
PUP.Optional.WebsSearches.A, C:\Users\Sede\AppData\Roaming\webssearches\images, , [62534fa83c4df6403c958ab315ee639d],
PUP.Optional.WebsSearches.A, C:\Users\Sede\AppData\Roaming\webssearches\log, , [62534fa83c4df6403c958ab315ee639d],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, , [377e06f1f4950036f3caaaa2659e649c],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, , [377e06f1f4950036f3caaaa2659e649c],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, , [9b1a02f5e3a65adc6cadfd529073817f],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, , [9b1a02f5e3a65adc6cadfd529073817f],
PUP.Optional.SupTab.A, C:\Program Files\SupTab, , [a90c4bac35544ee853d294c1cb389c64],
PUP.Optional.SecurityProtection.A, C:\Users\Sede\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh, , [6352b83f9ced191dc3ed41267a89e020],
PUP.Optional.SecurityProtection.A, C:\Users\Sede\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0, , [6352b83f9ced191dc3ed41267a89e020],
PUP.Optional.SecurityProtection.A, C:\Users\Sede\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\js, , [6352b83f9ced191dc3ed41267a89e020],
PUP.Optional.SecurityProtection.A, C:\Users\Sede\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\_metadata, , [6352b83f9ced191dc3ed41267a89e020],
Files: 29
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\PluginService.exe, , [d4e14bac6a1f75c1c1ba106816eb1de3],
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, , [3f76ee090b7e58de3d3e92e605fc768a],
Trojan.Miner, C:\Users\Sede\AppData\Roaming\abgx360\WmiPrv\libcurl-4.dll, , [82338e694d3cc96df7495f5d758dc838],
Trojan.Miner, C:\Users\Sede\AppData\Roaming\wincrt\m_bin\libcurl-4.dll, , [1b9a53a45534ea4cd66ac2fa5ca6d828],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\SupTab.dll, , [bafb3eb9f39685b1694c2d08d12f3ec2],
PUP.Optional.OpenCandy, C:\Users\Sede\Downloads\DTLite4491-0356.exe, , [54611dda9eeb3105dbac2894c1443bc5],
PUP.Adware.RelevantKnowledge, C:\Users\Sede\Downloads\MP3CutterPlusSetup.exe, , [7f3654a3e9a0bd79734b5923fa067d83],
PUP.Optional.Amonetize, C:\Users\Sede\Downloads\FreeAudioEditor.exe, , [cee713e41f6a2d097d70bdc1f3125ca4],
PUP.Optional.SecurityProtection.A, C:\Users\Sede\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx, , [486d36c1dcad33035848d69c976cac54],
PUP.Optional.Meteoroids.A, C:\Users\Sede\AppData\Local\Meteoroids\data2.dat, , [dadbb0479fea72c43a36e0ab5fa40bf5],
PUP.Optional.WindowsMangerProtect.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, , [e4d132c500890e28782aea88d1324db3],
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\update\conf, , [0fa66a8de6a3c274e30caa8fc53e758b],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update\conf, , [377e06f1f4950036f3caaaa2659e649c],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, , [9b1a02f5e3a65adc6cadfd529073817f],
PUP.Optional.SecurityProtection.A, C:\Users\Sede\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\background.html, , [6352b83f9ced191dc3ed41267a89e020],
PUP.Optional.SecurityProtection.A, C:\Users\Sede\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\icon128.png, , [6352b83f9ced191dc3ed41267a89e020],
PUP.Optional.SecurityProtection.A, C:\Users\Sede\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\manifest.json, , [6352b83f9ced191dc3ed41267a89e020],
PUP.Optional.SecurityProtection.A, C:\Users\Sede\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\js\background.js, , [6352b83f9ced191dc3ed41267a89e020],
PUP.Optional.SecurityProtection.A, C:\Users\Sede\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\js\background.JS.wwffxom, , [6352b83f9ced191dc3ed41267a89e020],
PUP.Optional.SecurityProtection.A, C:\Users\Sede\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\js\det.js, , [6352b83f9ced191dc3ed41267a89e020],
PUP.Optional.SecurityProtection.A, C:\Users\Sede\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\js\det.JS.wwffxom, , [6352b83f9ced191dc3ed41267a89e020],
PUP.Optional.SecurityProtection.A, C:\Users\Sede\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\js\inject.js, , [6352b83f9ced191dc3ed41267a89e020],
PUP.Optional.SecurityProtection.A, C:\Users\Sede\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\js\inject.JS.wwffxom, , [6352b83f9ced191dc3ed41267a89e020],
PUP.Optional.SecurityProtection.A, C:\Users\Sede\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\js\jquery-1.11.1.min.js, , [6352b83f9ced191dc3ed41267a89e020],
PUP.Optional.SecurityProtection.A, C:\Users\Sede\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\js\jquery-1.11.1.min.JS.wwffxom, , [6352b83f9ced191dc3ed41267a89e020],
PUP.Optional.SecurityProtection.A, C:\Users\Sede\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\js\urllist.js, , [6352b83f9ced191dc3ed41267a89e020],
PUP.Optional.SecurityProtection.A, C:\Users\Sede\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\js\urllist.JS.wwffxom, , [6352b83f9ced191dc3ed41267a89e020],
PUP.Optional.SecurityProtection.A, C:\Users\Sede\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\_metadata\computed_hashes.json, , [6352b83f9ced191dc3ed41267a89e020],
PUP.Optional.SecurityProtection.A, C:\Users\Sede\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\_metadata\verified_contents.json, , [6352b83f9ced191dc3ed41267a89e020],
Physical Sectors: 0
(No malicious items detected)
(end)
