cover Posted January 7, 2014 Share Posted January 7, 2014 Posso richiedervi un consiglio circa la segnalazione di alcuni malware da parte di malware antibytes prima di procedere alla rimozione degli stessi? Quote Link to comment Share on other sites More sharing options...
megthebest Posted January 7, 2014 Share Posted January 7, 2014 spara... ah fai un bel pasaggio anche con adwcleaner e combofix che è meglio Quote Link to comment Share on other sites More sharing options...
cover Posted January 7, 2014 Author Share Posted January 7, 2014 Ho già cancellato tutto quello che mi segnalava. Era robbaccia causata da quello che ha installato il tecnico. Malwarebytes Anti-Malware 1.75.0.1300 Malwarebytes : Free Anti-Malware Versione database: v2014.01.06.07 Windows 8 x64 NTFS Internet Explorer 11.0.9600.16476 Paolo :: NOTEBOOK [amministratore] 07/01/2014 17:31:06 MBAM-log-2014-01-07 (20-37-22).txt Tipo di scansione: Scansione completa (C:|) Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File di sistema | Euristica/Extra | Euristica/Shuriken | PUP | PUM Opzioni di scansione disattivate: P2P Elementi esaminati: 354040 Tempo impiegato: 1 ore, 6 minuti, 36 secondi Processi rilevati in memoria: 0 (non sono stati rilevati elementi nocivi) Moduli di memoria rilevati: 0 (non sono stati rilevati elementi nocivi) Chiavi di registro rilevate: 0 (non sono stati rilevati elementi nocivi) Valori di registro rilevati: 0 (non sono stati rilevati elementi nocivi) Voci rilevate nei dati di registro: 0 (non sono stati rilevati elementi nocivi) Cartelle rilevate: 2 C:UsersUtenteAppDataRoamingOpenCandy (PUP.Optional.OpenCandy) -> Nessuna azione intrapresa. C:UsersUtenteAppDataRoamingOpenCandy Quote Link to comment Share on other sites More sharing options...
cover Posted January 8, 2014 Author Share Posted January 8, 2014 incollo pure quello di hijackthis Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 01:48:06, on 08/01/2014 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.16384) Boot mode: Normal Running processes: C:Program Files (x86)Common FilesJavaJava Updatejusched.exe C:Program Files (x86)Mozilla Firefoxfirefox.exe C:UsersPaoloAppDataRoaminguTorrentuTorrent.exe C:Program Files (x86)Trend MicroHiJackThisHiJackThis.exe C:WindowsSysWOW64DllHost.exe R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = Bing R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = MSN Italia: Hotmail, Messenger, Skype, Windows Live, Outlook, internet explorer 10 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = MSN Italia: Hotmail, Messenger, Skype, Windows Live, Outlook, internet explorer 10 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = Bing R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = Bing R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = MSN Italia: Hotmail, Messenger, Skype, Windows Live, Outlook, internet explorer 10 R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch = R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64lank.htm R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:Program Files (x86)Microsoft OfficeOffice15OCHelper.dll O2 - BHO: Java? Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)Javajre7inssv.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:PROGRA~2MICROS~1Office15GROOVEEX.DLL O2 - BHO: Java? Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre7injp2ssv.dll O4 - HKLM..Run: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe" O4 - HKLM..Run: [sunJavaUpdateSched] "C:Program Files (x86)Common FilesJavaJava Updatejusched.exe" O4 - HKCU..Run: [uTorrent] "C:UsersPaoloAppDataRoaminguTorrentuTorrent.exe" /MINIMIZED O4 - Global Startup: WinZip Quick Pick.lnk = C:Program Files (x86)WinZipWZQKPICK.EXE O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:PROGRA~1MICROS~1Office15EXCEL.EXE/3000 O8 - Extra context menu item: I&nvia a OneNote - res://C:PROGRA~1MICROS~1Office15ONBttnIE.dll/105 O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:Program Files (x86)Microsoft OfficeOffice15ONBttnIE.dll O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:Program Files (x86)Microsoft OfficeOffice15ONBttnIE.dll O9 - Extra button: Lync - Chiamata con un clic - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:Program Files (x86)Microsoft OfficeOffice15OCHelper.dll O9 - Extra 'Tools' menuitem: Lync - Chiamata con un clic - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:Program Files (x86)Microsoft OfficeOffice15OCHelper.dll O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:Program Files (x86)Microsoft OfficeOffice15ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:Program Files (x86)Microsoft OfficeOffice15ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLMSystemCCSServicesTcpip..{A17128D7-8C8C-4250-9E87-9B3218CA9FC7}: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLMSystemCCSServicesTcpip..{B403CE52-8F4A-4CE3-8D81-9C7220B8DAD8}: NameServer = 8.8.8.8,8.8.4.4 O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:Program Files (x86)Microsoft OfficeOffice15MSOSB.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~2COMMON~1SkypeSKYPE4~1.DLL O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:Program Files (x86)Common FilesMicrosoft SharedOFFICE15MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%system32Alg.exe,-112 (ALG) - Unknown owner - C:WindowsSystem32alg.exe (file missing) O23 - Service: @oem5.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:Windowssystem32BtwRSupportService.exe (file missing) O23 - Service: @%SystemRoot%system32efssvc.dll,-100 (EFS) - Unknown owner - C:WindowsSystem32lsass.exe (file missing) O23 - Service: @%systemroot%system32fxsresm.dll,-118 (Fax) - Unknown owner - C:Windowssystem32fxssvc.exe (file missing) O23 - Service: @%SystemRoot%system32ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:Windowssystem32IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:Windowssystem32lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:WindowsSystem32msdtc.exe (file missing) O23 - Service: @C:Program Files (x86)NeroUpdateNASvc.exe,-200 (NAUpdate) - Nero AG - C:Program Files (x86)NeroUpdateNASvc.exe O23 - Service: @%SystemRoot%System32 etlogon.dll,-102 (Netlogon) - Unknown owner - C:Windowssystem32lsass.exe (file missing) O23 - Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) - Unknown owner - C:Windowssystem32locator.exe (file missing) O23 - Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) - Unknown owner - C:Windowssystem32lsass.exe (file missing) O23 - Service: Service KMSELDI - Unknown owner - C:Program FilesKMSpicoService_KMS.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:Program Files (x86)SkypeUpdaterUpdater.exe O23 - Service: @%SystemRoot%system32snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:WindowsSystem32snmptrap.exe (file missing) O23 - Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) - Unknown owner - C:WindowsSystem32spoolsv.exe (file missing) O23 - Service: @%SystemRoot%system32sppsvc.exe,-101 (sppsvc) - Unknown owner - C:Windowssystem32sppsvc.exe (file missing) O23 - Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:Windowssystem32UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%system32vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:Windowssystem32lsass.exe (file missing) O23 - Service: @%SystemRoot%system32vds.exe,-100 (vds) - Unknown owner - C:WindowsSystem32vds.exe (file missing) O23 - Service: @%systemroot%system32vssvc.exe,-102 (VSS) - Unknown owner - C:Windowssystem32vssvc.exe (file missing) O23 - Service: @%systemroot%system32wbengine.exe,-104 (wbengine) - Unknown owner - C:Windowssystem32wbengine.exe (file missing) O23 - Service: @%ProgramFiles%Windows DefenderMpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:Program Files (x86)Windows DefenderNisSrv.exe (file missing) O23 - Service: @%ProgramFiles%Windows DefenderMpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:Program Files (x86)Windows DefenderMsMpEng.exe (file missing) O23 - Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:Windowssystem32wbemWmiApSrv.exe (file missing) -- End of file - 8115 bytes Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.