Valutazione 4.87/ 5 (100.00%) 5838 voti

Condividi:        

pc infetto

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: Luke57, kadosh

pc infetto

Postdi vermulen » 06/09/19 12:25

Salve, sto cercando di ripulire il pc di mia nipote che ha 14 anni e nel tentativo di vedere film gratis e giocare si è presa un sacco di virus. Potete consigliarmi come procedere, vorrei evitare di portarlo in assistenza. Grazie
vermulen
Utente Junior
 
Post: 60
Iscritto il: 30/08/10 20:49

Sponsor
 

Re: pc infetto

Postdi fax71ita » 06/09/19 12:42

Ciao
Che sistema operativo stai usando?
Avatar utente
fax71ita
Utente Senior
 
Post: 1722
Iscritto il: 20/03/15 10:43
Località: Torino

Re: pc infetto

Postdi vermulen » 06/09/19 13:04

Windows 10 home
vermulen
Utente Junior
 
Post: 60
Iscritto il: 30/08/10 20:49

Re: pc infetto

Postdi fax71ita » 06/09/19 16:46

ciao devi fare le scansioni in modalita' provvisoria.

https://support.microsoft.com/it-it/hel ... -safe-mode

scarica malwarebytes free da qui: https://it.malwarebytes.com/ lo carichi sul desktop ed esegui la scansione in modalita' provvisoria

poi fai una scansione con windows defender gia' integrato nel sistema operativo
Avatar utente
fax71ita
Utente Senior
 
Post: 1722
Iscritto il: 20/03/15 10:43
Località: Torino

Re: pc infetto

Postdi vermulen » 06/09/19 18:33

Fatto, ma non noto differenze rilevanti. Come posso procedere?

Qui sotto il report di malwareytes

Malwarebytes
www.malwarebytes.com

-Dettagli log-
Data scansione: 06/09/19
Ora scansione: 18:29
File di log: 7f8408b1-d0c3-11e9-828d-000000000000.json

-Informazioni software-
Versione: 3.8.3.2965
Versione componenti: 1.0.613
Aggiorna versione pacchetto: 1.0.12355
Licenza: Trial

-Informazioni sistema-
SO: Windows 10 (Build 17134.885)
CPU: x64
File system: NTFS
Utente: MELISSA\mela

-Riepilogo scansione-
Tipo di scansione: Ricerca elementi nocivi
Scansione avviata da: Manuale
Risultati: Completata
Elementi analizzati: 329512
Minacce rilevate: 58
Minacce messe in quarantena: 0
Tempo impiegato: 14 min, 43 sec

-Opzioni di scansione-
Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Disattivata
Analisi euristica: Attivata
PUP: Rilevare
PUM: Rilevare

-Dettagli scansione-
Processo: 0
(Nessun elemento nocivo rilevato)

Modulo: 0
(Nessun elemento nocivo rilevato)

Chiave di registro: 0
(Nessun elemento nocivo rilevato)

Valore di registro: 1
PUP.Optional.MindSpark.Generic, HKU\S-1-5-21-180600902-499289748-1864043646-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|bidmloagildlhkkiabgfdhpgkmhmgjho, Nessuna azione intrapresa, [1770], [443121],1.0.12355

Dati di registro: 0
(Nessun elemento nocivo rilevato)

Flusso di dati: 0
(Nessun elemento nocivo rilevato)

Cartella: 8
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\_locales\en, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\_metadata, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\_locales, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\config, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\icons, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\js, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\USERS\MELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\BIDMLOAGILDLHKKIABGFDHPGKMHMGJHO, Nessuna azione intrapresa, [1770], [443121],1.0.12355

File: 49
PUP.Optional.MindSpark.Generic, C:\USERS\MELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\USERS\MELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\USERS\MELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\BIDMLOAGILDLHKKIABGFDHPGKMHMGJHO\13.894.15.54872_0\MANIFEST.JSON, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\config\config.json, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\icons\icon128.png, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\icons\icon16.png, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\icons\icon19disabled.png, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\icons\icon19on.png, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\icons\icon48.png, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\js\localStorageContentScript.js, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\js\ajax.js, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\js\babAPI.js, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\js\babClickHandler.js, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\js\babContentScript.js, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\js\babContentScriptAPI.js, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\js\background.js, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\js\browserUtils.js, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\js\chrome.js, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\js\contentScriptConnectionManager.js, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\js\dateTimeUtils.js, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\js\dlp.js, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\js\dlpHelper.js, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\js\extensionDetect.js, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\js\index.js, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\js\logger.js, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\js\meta.js, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\js\offerService.js, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\js\pageUtils.js, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\js\PartnerId.js, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\js\polyfill.js, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\js\product.js, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\js\remoteConfigLoader.js, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\js\splashPageRedirectHandler.js, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\js\storageUtils.js, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\js\TemplateParser.js, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\js\ul.js, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\js\urlFragmentActions.js, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\js\urlUtils.js, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\js\util.js, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\js\webtooltabAPI.js, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\js\webTooltabAPIProxy.js, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\_locales\en\messages.json, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\_metadata\verified_contents.json, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.MindSpark.Generic, C:\Users\mela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bidmloagildlhkkiabgfdhpgkmhmgjho\13.894.15.54872_0\ntpnew.html, Nessuna azione intrapresa, [1770], [443121],1.0.12355
PUP.Optional.SearchStartPage, C:\USERS\MELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Nessuna azione intrapresa, [362], [481847],1.0.12355
PUP.Optional.SearchStartPage, C:\USERS\MELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Nessuna azione intrapresa, [362], [481847],1.0.12355
PUP.Optional.SearchStartPage, C:\USERS\MELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Nessuna azione intrapresa, [362], [481847],1.0.12355
PUP.Optional.SearchStartPage, C:\USERS\MELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Nessuna azione intrapresa, [362], [481847],1.0.12355
PUP.Optional.SearchStartPage, C:\USERS\MELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Nessuna azione intrapresa, [362], [481847],1.0.12355

Settore fisico: 0
(Nessun elemento nocivo rilevato)

WMI: 0
(Nessun elemento nocivo rilevato)


(end)
vermulen
Utente Junior
 
Post: 60
Iscritto il: 30/08/10 20:49

Re: pc infetto

Postdi fax71ita » 06/09/19 18:41

ma li hai eliminati?

il report dice nessuna azione intrapresa.

cmq dopo fai una scansione anche con adwcleaner : https://it.malwarebytes.com/adwcleaner/
Avatar utente
fax71ita
Utente Senior
 
Post: 1722
Iscritto il: 20/03/15 10:43
Località: Torino

Re: pc infetto

Postdi vermulen » 07/09/19 10:50

# -------------------------------
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-05-2019
# Database: 2019-09-06.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 09-06-2019
# Duration: 00:01:22
# OS: Windows 10 Home
# Scanned: 35598
# Detected: 121


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

Adware.pokki C:\ProgramData\Pokki
Adware.pokki C:\Users\Public\Pokki
Adware.pokki C:\Users\mela\AppData\Local\Pokki
Adware.pokki C:\Windows\ServiceProfiles\LocalService\AppData\Local\Pokki
Adware.pokki C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Pokki
PUP.Optional.Legacy C:\Users\mela\AppData\Local\SweetLabs App Platform
PUP.Optional.Legacy C:\rei
PUP.Optional.Reimage C:\Program Files\Reimage

***** [ Files ] *****

Adware.pokki C:\Users\mela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
PUP.Optional.Booking C:\Users\mela\Favorites\Booking.com.url
PUP.Optional.Booking C:\Windows\ServiceProfiles\LocalService\Favorites\Booking.com.url
PUP.Optional.Booking C:\Windows\ServiceProfiles\NetworkService\Favorites\Booking.com.url
PUP.Optional.Legacy C:\Windows\System32\Tasks_Migrated\SweetLabs App Platform
PUP.Optional.PCAppStore C:\Users\mela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Optional.Legacy C:\Windows\System32\Tasks\SWEETLABS APP PLATFORM

***** [ Registry ] *****

Adware.pokki HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Adware.pokki HKCU\Software\Classes\Directory\shell\pokki
Adware.pokki HKCU\Software\Classes\Drive\shell\pokki
Adware.pokki HKCU\Software\Classes\lnkfile\shell\pokki
Adware.pokki HKCU\Software\Classes\pokki
Adware.pokki HKCU\Software\SweetLabs App Platform
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\auto.trovit.it
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\homepage-web.com
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\trovit.it
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{102AF7AA-659F-44A0-A71A-F19C4BA29B0B}
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SweetLabs App Platform
PUP.Optional.Reimage HKLM\Software\Reimage
PUP.Optional.SofTonicAssistant HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\it.softonic.com
PUP.Optional.SofTonicAssistant HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\softonic.com
PUP.Optional.SofTonicAssistant HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\the-sims-4.it.softonic.com
PUP.Optional.SofTonicAssistant HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\it.softonic.com
PUP.Optional.SofTonicAssistant HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\softonic.com
PUP.Optional.SofTonicAssistant HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\the-sims-4.it.softonic.com

***** [ Chromium (and derivatives) ] *****

PUP.Optional.Legacy Avira SafeSearch Plus
PUP.Optional.Legacy Avira SafeSearch Plus

***** [ Chromium URLs ] *****

PUP.Optional.Legacy Web Search

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

Preinstalled.ACERAOPFramework Folder C:\Program Files (x86)\ACER\AOP FRAMEWORK
Preinstalled.ACERAOPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|BacKGround Agent
Preinstalled.ACERAOPFramework Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4A37A114-702F-4055-A4B6-16571D4A5353}
Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Preinstalled.AcerCareCenter File C:\Users\Public\Desktop\Acer Care Center.lnk
Preinstalled.AcerCareCenter Folder C:\Program Files (x86)\ACER\CARE CENTER
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{59B2B028-BB29-4110-859B-DB43103D7F11}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{59B2B028-BB29-4110-859B-DB43103D7F11}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCAgent
Preinstalled.AcerCareCenter Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}
Preinstalled.AcerCareCenter Task C:\Windows\System32\Tasks\ACCAGENT
Preinstalled.AcerDocsOfficeAddIn Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{DCBF3379-246B-47E1-8173-639B63940838}
Preinstalled.AcerExplorerAgent Folder C:\Program Files\ACER\ACER EXPLORER AGENT
Preinstalled.AcerExplorerAgent Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}
Preinstalled.AcerPortal Folder C:\Program Files (x86)\ACER\ACER PORTAL
Preinstalled.AcerPortal Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}
Preinstalled.AcerPowerManagement Folder C:\Program Files\ACER\ACER POWER MANAGEMENT
Preinstalled.AcerQuickAccess Folder C:\Program Files\ACER\ACER QUICK ACCESS
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2CD2456B-66CA-4957-89AC-012889CA4DBD}
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Quick Access
Preinstalled.AcerQuickAccess Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}
Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\QUICK ACCESS
Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\FRAMEWORK
Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\PLUGIN\APPMONITOR
Preinstalled.AcerUEIPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12A718F2-2357-4D41-9E1F-18583A4745F7}
Preinstalled.AcerUEIPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{978724F6-1863-4DD5-9E66-FB77F5AB5613}
Preinstalled.AcerUpdater Folder C:\ProgramData\ACER\ACER UPDATER
Preinstalled.AcerabBox Registry HKLM\Software\Classes\CLSID\{5CCE71FA-9F61-4F24-9CD1-98D819B40D68}
Preinstalled.AcerabDocs File C:\Users\Public\Desktop\abDocs.lnk
Preinstalled.AcerabDocs Folder C:\Program Files (x86)\ACER\ABDOCS
Preinstalled.AcerabDocs Folder C:\Program Files (x86)\ACER\ABDOCS OFFICE ADDIN
Preinstalled.AcerabDocs Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ECC21B66-A5B5-48D3-9DDA-E91BE5714C20}
Preinstalled.AcerabDocs Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\abDocsDllLoader
Preinstalled.AcerabDocs Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|abDocsDllLoader
Preinstalled.AcerabDocs Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}
Preinstalled.AcerabDocs Task C:\Windows\System32\Tasks\ABDOCSDLLLOADER
Preinstalled.GatewayPowerManagement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A38FA786-1F0A-4723-BF5B-48C6A53020E3}
Preinstalled.GatewayPowerManagement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Management
Preinstalled.GatewayPowerManagement Task C:\Windows\System32\Tasks\POWER MANAGEMENT
Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Preinstalled.PackardBellPowerManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{91F52DE4-B789-42B0-9311-A349F10E5479}
Preinstalled.WildTangentGamesBundle File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - acer.lnk
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\ALOHA TRIPEAKS
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\FARM TO FORK COLLECTORS EDITION
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\GOVERNOR OF POKER 2 PREMIUM EDITION
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\JEWEL MATCH 3
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\KING ODDBALL
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\LUXOR EVOLVED
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\MAGIC ACADEMY
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\PEGGLE NIGHTS
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\PLANTS VS ZOMBIES - GAME OF THE YEAR
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\POLAR BOWLER 1ST FRAME
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\TRINKLIT SUPREME
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\ZUMAS REVENGE
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES\APP
Preinstalled.WildTangentGamesBundle Registry HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WTA-0bb2560f-9235-4659-9ce2-f44c8d328496
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WTA-21f7ce22-e03c-48ed-ba0a-c58bf748c0ba
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WTA-2378dc27-86d6-4174-aa22-9818455a43af
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WTA-23d1a08d-015f-43ba-b8dd-dc8b48673db6
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WTA-305acddf-23f5-49e4-881f-2fcd5631f260
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WTA-3b33ec20-a854-4d4a-9130-d4eae21ee741
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WTA-4d73941e-c07b-4b43-8fc4-af03be9830f7
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WTA-67a02e37-a343-4ee3-8c64-70e4c768f42b
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WTA-7b72cbf3-101c-445c-aa75-f822b85b5b14
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WTA-7e7ed723-2819-4f39-8dd0-aaf6b91ad185
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WTA-97600016-96dc-4824-bfd3-4fcbc6ffb6a0
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WTA-ad475397-4b51-442d-924c-326b4b8ee050
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WTA-c7dbc2ac-0a82-4161-bcd5-47d5a09f0b0f
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WTA-ebe0ddb7-191d-4454-88b6-cc5d939333be
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-acer-genres
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-acer-main
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer
Preinstalled.WildTangentGamesBundle Registry HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Sì ho eliminato tutto e anche qui con adwcleaner ho fatto lo stesso, ma vedo che ci sono ancora problemi. In particolare vedo apparire false notifiche di windows con pubblicità di ogni genere

AdwCleaner_Debug.log - [29095 octets] - [06/09/2019 21:02:53]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
vermulen
Utente Junior
 
Post: 60
Iscritto il: 30/08/10 20:49

Re: pc infetto

Postdi vermulen » 07/09/19 10:50

# -------------------------------
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-05-2019
# Database: 2019-09-06.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 09-06-2019
# Duration: 00:01:22
# OS: Windows 10 Home
# Scanned: 35598
# Detected: 121


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

Adware.pokki C:\ProgramData\Pokki
Adware.pokki C:\Users\Public\Pokki
Adware.pokki C:\Users\mela\AppData\Local\Pokki
Adware.pokki C:\Windows\ServiceProfiles\LocalService\AppData\Local\Pokki
Adware.pokki C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Pokki
PUP.Optional.Legacy C:\Users\mela\AppData\Local\SweetLabs App Platform
PUP.Optional.Legacy C:\rei
PUP.Optional.Reimage C:\Program Files\Reimage

***** [ Files ] *****

Adware.pokki C:\Users\mela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
PUP.Optional.Booking C:\Users\mela\Favorites\Booking.com.url
PUP.Optional.Booking C:\Windows\ServiceProfiles\LocalService\Favorites\Booking.com.url
PUP.Optional.Booking C:\Windows\ServiceProfiles\NetworkService\Favorites\Booking.com.url
PUP.Optional.Legacy C:\Windows\System32\Tasks_Migrated\SweetLabs App Platform
PUP.Optional.PCAppStore C:\Users\mela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Optional.Legacy C:\Windows\System32\Tasks\SWEETLABS APP PLATFORM

***** [ Registry ] *****

Adware.pokki HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Adware.pokki HKCU\Software\Classes\Directory\shell\pokki
Adware.pokki HKCU\Software\Classes\Drive\shell\pokki
Adware.pokki HKCU\Software\Classes\lnkfile\shell\pokki
Adware.pokki HKCU\Software\Classes\pokki
Adware.pokki HKCU\Software\SweetLabs App Platform
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\auto.trovit.it
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\homepage-web.com
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\trovit.it
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{102AF7AA-659F-44A0-A71A-F19C4BA29B0B}
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SweetLabs App Platform
PUP.Optional.Reimage HKLM\Software\Reimage
PUP.Optional.SofTonicAssistant HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\it.softonic.com
PUP.Optional.SofTonicAssistant HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\softonic.com
PUP.Optional.SofTonicAssistant HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\the-sims-4.it.softonic.com
PUP.Optional.SofTonicAssistant HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\it.softonic.com
PUP.Optional.SofTonicAssistant HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\softonic.com
PUP.Optional.SofTonicAssistant HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\the-sims-4.it.softonic.com

***** [ Chromium (and derivatives) ] *****

PUP.Optional.Legacy Avira SafeSearch Plus
PUP.Optional.Legacy Avira SafeSearch Plus

***** [ Chromium URLs ] *****

PUP.Optional.Legacy Web Search

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

Preinstalled.ACERAOPFramework Folder C:\Program Files (x86)\ACER\AOP FRAMEWORK
Preinstalled.ACERAOPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|BacKGround Agent
Preinstalled.ACERAOPFramework Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4A37A114-702F-4055-A4B6-16571D4A5353}
Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Preinstalled.AcerCareCenter File C:\Users\Public\Desktop\Acer Care Center.lnk
Preinstalled.AcerCareCenter Folder C:\Program Files (x86)\ACER\CARE CENTER
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{59B2B028-BB29-4110-859B-DB43103D7F11}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{59B2B028-BB29-4110-859B-DB43103D7F11}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCAgent
Preinstalled.AcerCareCenter Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}
Preinstalled.AcerCareCenter Task C:\Windows\System32\Tasks\ACCAGENT
Preinstalled.AcerDocsOfficeAddIn Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{DCBF3379-246B-47E1-8173-639B63940838}
Preinstalled.AcerExplorerAgent Folder C:\Program Files\ACER\ACER EXPLORER AGENT
Preinstalled.AcerExplorerAgent Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}
Preinstalled.AcerPortal Folder C:\Program Files (x86)\ACER\ACER PORTAL
Preinstalled.AcerPortal Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}
Preinstalled.AcerPowerManagement Folder C:\Program Files\ACER\ACER POWER MANAGEMENT
Preinstalled.AcerQuickAccess Folder C:\Program Files\ACER\ACER QUICK ACCESS
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2CD2456B-66CA-4957-89AC-012889CA4DBD}
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Quick Access
Preinstalled.AcerQuickAccess Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}
Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\QUICK ACCESS
Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\FRAMEWORK
Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\PLUGIN\APPMONITOR
Preinstalled.AcerUEIPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12A718F2-2357-4D41-9E1F-18583A4745F7}
Preinstalled.AcerUEIPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{978724F6-1863-4DD5-9E66-FB77F5AB5613}
Preinstalled.AcerUpdater Folder C:\ProgramData\ACER\ACER UPDATER
Preinstalled.AcerabBox Registry HKLM\Software\Classes\CLSID\{5CCE71FA-9F61-4F24-9CD1-98D819B40D68}
Preinstalled.AcerabDocs File C:\Users\Public\Desktop\abDocs.lnk
Preinstalled.AcerabDocs Folder C:\Program Files (x86)\ACER\ABDOCS
Preinstalled.AcerabDocs Folder C:\Program Files (x86)\ACER\ABDOCS OFFICE ADDIN
Preinstalled.AcerabDocs Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ECC21B66-A5B5-48D3-9DDA-E91BE5714C20}
Preinstalled.AcerabDocs Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\abDocsDllLoader
Preinstalled.AcerabDocs Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|abDocsDllLoader
Preinstalled.AcerabDocs Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}
Preinstalled.AcerabDocs Task C:\Windows\System32\Tasks\ABDOCSDLLLOADER
Preinstalled.GatewayPowerManagement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A38FA786-1F0A-4723-BF5B-48C6A53020E3}
Preinstalled.GatewayPowerManagement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Management
Preinstalled.GatewayPowerManagement Task C:\Windows\System32\Tasks\POWER MANAGEMENT
Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Preinstalled.PackardBellPowerManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{91F52DE4-B789-42B0-9311-A349F10E5479}
Preinstalled.WildTangentGamesBundle File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - acer.lnk
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\ALOHA TRIPEAKS
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\FARM TO FORK COLLECTORS EDITION
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\GOVERNOR OF POKER 2 PREMIUM EDITION
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\JEWEL MATCH 3
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\KING ODDBALL
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\LUXOR EVOLVED
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\MAGIC ACADEMY
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\PEGGLE NIGHTS
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\PLANTS VS ZOMBIES - GAME OF THE YEAR
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\POLAR BOWLER 1ST FRAME
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\TRINKLIT SUPREME
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\ZUMAS REVENGE
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES\APP
Preinstalled.WildTangentGamesBundle Registry HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WTA-0bb2560f-9235-4659-9ce2-f44c8d328496
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WTA-21f7ce22-e03c-48ed-ba0a-c58bf748c0ba
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WTA-2378dc27-86d6-4174-aa22-9818455a43af
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WTA-23d1a08d-015f-43ba-b8dd-dc8b48673db6
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WTA-305acddf-23f5-49e4-881f-2fcd5631f260
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WTA-3b33ec20-a854-4d4a-9130-d4eae21ee741
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WTA-4d73941e-c07b-4b43-8fc4-af03be9830f7
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WTA-67a02e37-a343-4ee3-8c64-70e4c768f42b
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WTA-7b72cbf3-101c-445c-aa75-f822b85b5b14
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WTA-7e7ed723-2819-4f39-8dd0-aaf6b91ad185
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WTA-97600016-96dc-4824-bfd3-4fcbc6ffb6a0
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WTA-ad475397-4b51-442d-924c-326b4b8ee050
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WTA-c7dbc2ac-0a82-4161-bcd5-47d5a09f0b0f
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WTA-ebe0ddb7-191d-4454-88b6-cc5d939333be
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-acer-genres
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-acer-main
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer
Preinstalled.WildTangentGamesBundle Registry HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Sì ho eliminato tutto e anche qui con adwcleaner ho fatto lo stesso, ma vedo che ci sono ancora problemi. In particolare vedo apparire false notifiche di windows con pubblicità di ogni genere

AdwCleaner_Debug.log - [29095 octets] - [06/09/2019 21:02:53]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
vermulen
Utente Junior
 
Post: 60
Iscritto il: 30/08/10 20:49

Re: pc infetto

Postdi vermulen » 07/09/19 10:52

Sì ho eliminato tutto e anche qui con adwcleaner ho fatto lo stesso, ma vedo che ci sono ancora problemi. In particolare vedo apparire false notifiche di windows con pubblicità di ogni genere
vermulen
Utente Junior
 
Post: 60
Iscritto il: 30/08/10 20:49

Re: pc infetto

Postdi fax71ita » 07/09/19 11:51

Ciao
Se neppure dopo le scansioni è migliorato
Devi reinstallare il sistema operativo.
Devi ripristinare alle impostazioni di fabbrica.

Salva prima foto video e documenti importanti perché verranno eliminati
Avatar utente
fax71ita
Utente Senior
 
Post: 1722
Iscritto il: 20/03/15 10:43
Località: Torino


Torna a Sicurezza e Privacy


Topic correlati a "pc infetto":


Chi c’è in linea

Visitano il forum: Nessuno e 8 ospiti