Valutazione 4.87/ 5 (100.00%) 5838 voti

Condividi:        

Apertura Google con due schede.Virus?

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: kadosh, Luke57

Apertura Google con due schede.Virus?

Postdi pepper70 » 04/02/13 15:15

Salve a tutti, da qualche giorno avviando Google Chrome si aprono contemporaneamente due schede.
In pratica due pagine Google gemelle, l'unica differenza è che nella prima scheda soltanto compare il simbolino del lucchetto. Sarà solo casualità ma da quando ho notato questo particolare il mio sistema è rallentato notevolmente, l' avvio è una tragedia, tempi biblici pur avendo hd quasi vuoto.Non vorrei ci fosse un virus visto che Microsoft essenzial non riusciva ad aggiornarsi.Nel dubbio l'ho disinstallato e ho messo su Avira, ho scansionato ance in modalità provvisoria e, pur non rilevando virus l'avvio è lentissimo.
Potreste gentilmente aiutarmi a capire? Il mio So è Xp Prof service pack 3. Grazie.
pepper70
Utente Senior
 
Post: 111
Iscritto il: 20/03/09 15:17

Sponsor
 

Re: Apertura Google con due schede.Virus?

Postdi pepper70 » 04/02/13 15:58

Salve, sperando di esservi d'aiuto posto il report di Combofix.
Ringrazio anticipatamente chiunque voglia dargli un'occhiata e farmi sapere in che modo procedere.
Ancora grazie e buon lavoro

Codice: Seleziona tutto
ComboFix 13-02-03.03 - Administrator 04/02/2013  15.33.44.1.1 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.39.1040.18.510.222 [GMT 1:00]
Eseguito da: c:\documents and settings\Administrator\Documenti\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
 * Creato nuovo punto di ripristino
.
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
.
(((((((((((((((((((((((((   Files Creati Da 2013-01-04 al 2013-02-04  )))))))))))))))))))))))))))))))))))
.
.
2013-02-01 17:18 . 2013-02-01 17:18   --------   d-----w-   c:\programmi\CCleaner
2013-01-31 16:20 . 2012-06-02 14:18   275696   ----a-w-   c:\windows\system32\mucltui.dll
2013-01-30 12:09 . 2013-01-30 12:09   --------   d-----w-   c:\documents and settings\Administrator\Dati applicazioni\Avira
2013-01-30 12:04 . 2013-01-30 12:04   --------   d-sh--w-   c:\documents and settings\LocalService\PrivacIE
2013-01-30 12:04 . 2013-01-30 12:04   --------   d-----r-   c:\documents and settings\LocalService\Preferiti
2013-01-30 12:02 . 2013-01-30 11:52   36552   ----a-w-   c:\windows\system32\drivers\avkmgr.sys
2013-01-30 12:02 . 2013-01-30 11:51   134336   ----a-w-   c:\windows\system32\drivers\avipbb.sys
2013-01-30 12:02 . 2013-01-30 11:51   83944   ----a-w-   c:\windows\system32\drivers\avgntflt.sys
2013-01-30 12:02 . 2013-01-30 12:02   --------   d-----w-   c:\programmi\Avira
2013-01-30 12:02 . 2013-01-30 12:02   --------   d-----w-   c:\documents and settings\All Users\Dati applicazioni\Avira
2013-01-30 12:01 . 2013-01-30 12:01   --------   d-sh--w-   c:\documents and settings\LocalService\IETldCache
2013-01-30 11:33 . 2013-01-30 11:33   --------   d-----w-   c:\windows\system32\KB905474
2013-01-30 11:13 . 2013-01-30 11:37   --------   d-----w-   c:\windows\ie8updates
2013-01-30 09:18 . 2012-11-01 12:17   521728   -c----w-   c:\windows\system32\dllcache\jsdbgui.dll
2013-01-30 09:18 . 2012-11-01 12:17   247808   -c----w-   c:\windows\system32\dllcache\ieproxy.dll
2013-01-30 09:18 . 2012-11-01 12:17   630272   -c----w-   c:\windows\system32\dllcache\msfeeds.dll
2013-01-30 09:18 . 2012-11-01 12:17   2000384   -c----w-   c:\windows\system32\dllcache\iertutil.dll
2013-01-30 09:18 . 2012-11-01 12:17   12800   -c----w-   c:\windows\system32\dllcache\xpshims.dll
2013-01-30 09:18 . 2012-11-01 12:17   743424   -c----w-   c:\windows\system32\dllcache\iedvtool.dll
2013-01-30 09:18 . 2012-11-01 12:17   55296   -c----w-   c:\windows\system32\dllcache\msfeedsbs.dll
2013-01-30 09:18 . 2012-11-01 12:17   11111424   -c----w-   c:\windows\system32\dllcache\ieframe.dll
2013-01-30 09:13 . 2008-06-14 17:32   272768   -c----w-   c:\windows\system32\dllcache\bthport.sys
2013-01-30 09:05 . 2011-07-15 13:29   456320   -c----w-   c:\windows\system32\dllcache\mrxsmb.sys
2013-01-30 09:05 . 2010-08-23 16:12   617472   -c----w-   c:\windows\system32\dllcache\comctl32.dll
2013-01-30 09:04 . 2010-09-18 06:53   953856   -c----w-   c:\windows\system32\dllcache\mfc40u.dll
2013-01-30 08:59 . 2009-11-21 15:54   471552   -c----w-   c:\windows\system32\dllcache\aclayers.dll
2013-01-30 08:53 . 2010-11-02 15:17   40960   -c----w-   c:\windows\system32\dllcache\ndproxy.sys
2013-01-30 08:52 . 2010-06-14 14:31   744448   -c----w-   c:\windows\system32\dllcache\helpsvc.exe
2013-01-30 08:44 . 2012-12-16 12:23   290560   -c----w-   c:\windows\system32\dllcache\atmfd.dll
2013-01-30 08:42 . 2008-05-08 14:02   203136   -c----w-   c:\windows\system32\dllcache\rmcast.sys
2013-01-30 08:41 . 2010-08-27 08:02   119808   -c----w-   c:\windows\system32\dllcache\t2embed.dll
2013-01-30 08:41 . 2009-10-15 16:29   81920   -c----w-   c:\windows\system32\dllcache\fontsub.dll
2013-01-30 08:40 . 2008-05-01 14:34   331776   -c----w-   c:\windows\system32\dllcache\msadce.dll
2013-01-30 08:39 . 2009-06-21 21:47   153088   -c----w-   c:\windows\system32\dllcache\triedit.dll
2013-01-30 08:33 . 2009-02-06 10:10   227840   -c----w-   c:\windows\system32\dllcache\wmiprvse.exe
2013-01-30 08:33 . 2009-03-06 14:19   286208   -c----w-   c:\windows\system32\dllcache\pdh.dll
2013-01-30 08:33 . 2009-02-09 11:22   111104   -c----w-   c:\windows\system32\dllcache\services.exe
2013-01-30 08:33 . 2009-02-09 10:51   401408   -c----w-   c:\windows\system32\dllcache\rpcss.dll
2013-01-30 08:33 . 2009-02-09 10:51   473600   -c----w-   c:\windows\system32\dllcache\fastprox.dll
2013-01-30 08:33 . 2009-02-09 10:51   683520   -c----w-   c:\windows\system32\dllcache\advapi32.dll
2013-01-30 08:33 . 2009-02-09 10:51   453120   -c----w-   c:\windows\system32\dllcache\wmiprvsd.dll
2013-01-30 08:25 . 2011-04-21 13:37   105472   -c----w-   c:\windows\system32\dllcache\mup.sys
2013-01-30 08:21 . 2010-02-12 10:03   293376   ------w-   c:\windows\system32\browserchoice.exe
2013-01-30 08:07 . 2012-05-28 18:17   536576   -c----w-   c:\windows\system32\dllcache\msado15.dll
2013-01-30 08:05 . 2010-06-18 13:36   3558912   -c----w-   c:\windows\system32\dllcache\moviemk.exe
2013-01-30 08:04 . 2012-07-04 14:05   139784   -c----w-   c:\windows\system32\dllcache\rdpwd.sys
2013-01-30 07:49 . 2010-12-09 15:15   739840   -c----w-   c:\windows\system32\dllcache\ntdll.dll
2013-01-30 07:49 . 2012-08-23 06:27   2152448   -c----w-   c:\windows\system32\dllcache\ntkrnlmp.exe
2013-01-30 07:49 . 2012-08-23 06:27   2196608   -c----w-   c:\windows\system32\dllcache\ntoskrnl.exe
2013-01-30 07:49 . 2012-08-23 06:27   2031104   -c----w-   c:\windows\system32\dllcache\ntkrpamp.exe
2013-01-30 07:49 . 2012-08-23 06:27   2073344   -c----w-   c:\windows\system32\dllcache\ntkrnlpa.exe
2013-01-30 07:47 . 2010-07-16 12:02   221696   -c----w-   c:\windows\system32\dllcache\wordpad.exe
2013-01-30 07:46 . 2011-07-08 14:02   10496   -c----w-   c:\windows\system32\dllcache\ndistapi.sys
2013-01-30 07:46 . 2012-01-11 19:06   3072   -c----w-   c:\windows\system32\dllcache\iacenc.dll
2013-01-30 07:46 . 2012-01-11 19:06   3072   ------w-   c:\windows\system32\iacenc.dll
2013-01-30 07:43 . 2010-10-11 14:59   45568   -c----w-   c:\windows\system32\dllcache\wab.exe
2013-01-30 07:41 . 2010-08-16 08:44   590848   -c----w-   c:\windows\system32\dllcache\rpcrt4.dll
2013-01-28 19:02 . 2013-01-30 19:20   --------   d-----w-   c:\windows\system32\NtmsData
2013-01-28 16:35 . 2008-04-13 18:14   294912   ------w-   c:\programmi\Windows Media Player\dlimport.exe
2013-01-28 16:34 . 2008-04-13 18:14   294912   -c----w-   c:\windows\system32\dllcache\dlimport.exe
2013-01-25 19:44 . 2013-01-25 19:44   --------   d-----w-   c:\documents and settings\Administrator\Dati applicazioni\Malwarebytes
2013-01-25 19:43 . 2013-01-25 19:43   --------   d-----w-   c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2013-01-25 19:43 . 2012-12-14 15:49   21104   ----a-w-   c:\windows\system32\drivers\mbam.sys
2013-01-25 19:43 . 2013-01-25 20:12   --------   d-----w-   c:\programmi\Malwarebytes' Anti-Malware
2013-01-24 19:34 . 2013-01-15 01:49   6991832   ------w-   c:\documents and settings\All Users\Dati applicazioni\Microsoft\Microsoft Antimalware\Definition Updates\{5BBC1F59-9C59-4F3D-B7D9-8DF1A61CEC42}\mpengine.dll
2013-01-19 18:21 . 2012-05-08 17:35   29528   ----a-w-   c:\windows\system32\SmartDefragBootTime.exe
2013-01-19 17:21 . 2010-11-26 17:02   14776   ----a-w-   c:\windows\system32\drivers\SmartDefragDriver.sys
2013-01-19 13:57 . 2013-01-14 16:25   23376   ----a-w-   c:\windows\system32\RegistryDefragBootTime.exe
2013-01-19 13:22 . 2013-01-19 13:22   --------   d-----w-   c:\documents and settings\Administrator\AppData
2013-01-19 13:19 . 2013-01-19 13:19   --------   d-----w-   c:\documents and settings\All Users\Dati applicazioni\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-01-19 13:19 . 2013-01-19 18:21   --------   d-----w-   c:\documents and settings\Administrator\Dati applicazioni\IObit
2013-01-19 13:19 . 2013-01-19 17:07   --------   d-----w-   c:\documents and settings\All Users\Dati applicazioni\IObit
2013-01-19 13:19 . 2013-01-20 21:19   --------   d-----w-   c:\programmi\IObit
2013-01-18 21:18 . 2012-05-31 10:25   237072   ------w-   c:\windows\system32\MpSigStub.exe
2013-01-18 20:36 . 2013-01-18 20:36   --------   d-----w-   c:\programmi\uTorrent
2013-01-18 20:33 . 2013-01-29 08:13   --------   d-----w-   c:\documents and settings\Administrator\Dati applicazioni\uTorrent
2013-01-18 20:10 . 2013-01-27 19:51   --------   d-----w-   c:\programmi\Microsoft Security Client
2013-01-18 19:41 . 2013-01-31 16:26   --------   d--h--w-   c:\windows\$hf_mig$
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-16 12:23 . 2004-08-19 12:00   290560   ----a-w-   c:\windows\system32\atmfd.dll
2012-11-13 11:55 . 2004-08-19 12:00   1866368   ----a-w-   c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((((((   Punti Reg Caricati   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 6"="c:\programmi\IObit\Advanced SystemCare 6\ASCTray.exe" [2013-01-14 491856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\programmi\Avira\AntiVir Desktop\avgnt.exe" [2013-01-30 384800]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-02-10 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-02-10 118784]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [19/01/2013 18.21.30 14776]
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [30/01/2013 13.02.34 36552]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\programmi\IObit\Advanced SystemCare 6\ASCService.exe [19/01/2013 14.19.09 465232]
R2 AntiVirSchedulerService;Avira Pianificatore;c:\programmi\Avira\AntiVir Desktop\sched.exe [30/01/2013 13.02.39 85280]
R2 MBAMScheduler;MBAMScheduler;c:\programmi\Malwarebytes' Anti-Malware\mbamscheduler.exe [25/01/2013 20.43.28 398184]
R2 MBAMService;MBAMService;c:\programmi\Malwarebytes' Anti-Malware\mbamservice.exe [25/01/2013 20.43.28 682344]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [25/01/2013 20.43.25 21104]
S3 i740;i740;c:\windows\system32\drivers\i740nt5.sys [14/12/2012 12.14.08 58592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-02 12:35   1607120   ----a-w-   c:\programmi\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
Contenuto della cartella 'Scheduled Tasks'
.
2013-02-01 c:\windows\Tasks\ASC6_PerformanceMonitor.job
- c:\programmi\IObit\Advanced SystemCare 6\Monitor.exe [2013-01-19 16:24]
.
2013-02-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2002-08-24 03:28]
.
2013-02-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2002-08-24 03:28]
.
2013-02-01 c:\windows\Tasks\SmartDefragUpdate.job
- c:\programmi\IObit\Smart Defrag 2\AutoUpdate.exe [2013-01-19 10:06]
.
2013-02-01 c:\windows\Tasks\SmartDefrag_Startup.job
- c:\programmi\IObit\Smart Defrag 2\SmartDefrag.exe [2013-01-19 14:11]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uInternet Settings,ProxyServer = tmg:8080
uInternet Settings,ProxyOverride = hxxp://www.update.microsoft.com;<local>
TCP: DhcpNameServer = 217.12.180.19 217.12.181.97
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-04 15:41
Windows 5.1.2600 Service Pack 3 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d8,0f,48,f3,74,27,e2,44,b9,75,27,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d8,0f,48,f3,74,27,e2,44,b9,75,27,\
.
[HKEY_USERS\S-1-5-21-725345543-436374069-2146997909-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,7f,2d,69,53,d3,ce,06,4d,85,10,5f,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,7f,2d,69,53,d3,ce,06,4d,85,10,5f,\
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'explorer.exe'(3140)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
.
Ora fine scansione: 2013-02-04  15:45:03
ComboFix-quarantined-files.txt  2013-02-04 14:44
.
Pre-Run: 31.973.777.408 byte disponibili
Post-Run: 31.940.825.088 byte disponibili
.
- - End Of File - - 332116F8FA288F902B7873B6B732585C


Moderazione: sposto nella sezione adatta.
pepper70
Utente Senior
 
Post: 111
Iscritto il: 20/03/09 15:17

Re: Apertura Google con due schede.Virus?

Postdi Luke57 » 06/02/13 08:26

Ciao, casualmente ho visto che hai chiesto assistenza anche a un altro forum; del tutto legittimo ma al fine di sovrapporre procedure e consigli, continua là e per adesso chiudo la discussione.
Luke57
Moderatore
 
Post: 6410
Iscritto il: 11/08/05 19:10


Torna a Sicurezza e Privacy


Topic correlati a "Apertura Google con due schede.Virus?":


Chi c’è in linea

Visitano il forum: Nessuno e 11 ospiti