limpid-sky
21-02-2017, 22:01
Salve,
causa programma non originale mi sono beccato un adware malware che ogni tanto mi fa apparire una pagina sul browser e nel frattempo chissą cosa fa.
Ho fatto una scansione con AdwCleaner e mi trovato il malware e rimosso alcune chiavi. Purtroppo perņ non ho risolto.
Avira mi ha segnalato il nome che č: DELFSNIF.DX.380
Posto il log del programma.
Potete aiutarmi?
# AdwCleaner v6.043 - Logfile created 19/02/2017 at 18:39:59
# Updated on 27/01/2017 by Malwarebytes
# Database : 2017-02-13.1 [Local]
# Operating System : Windows 7 Ultimate Service Pack 1 (X64)
# Username : gia - GIA-PC
# Running from : D:\AdwCleaner.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder deleted: C:\Users\gia\AppData\Roaming\Babylon
[-] Folder deleted: C:\Users\gia\AppData\Roaming\Hola
[-] Folder deleted: C:\Users\gia\AppData\Roaming\OpenCandy
[-] Folder deleted: C:\Program Files\Hola
[-] Folder deleted: C:\ProgramData\Babylon
[#] Folder deleted on reboot: C:\ProgramData\Application Data\Babylon
***** [ Files ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled Tasks ] *****
***** [ Registry ] *****
[-] Key deleted: HKCU\Software\a57dad8b73ded17
[-] Key deleted: HKLM\SOFTWARE\a57dad8b73ded17
[-] Key deleted: HKLM\SOFTWARE\Classes\Prod.cap
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Prod.cap
[-] Key deleted: HKU\.DEFAULT\Software\Hola
[-] Key deleted: HKU\S-1-5-21-3844927930-360923331-3243044632-1000\Software\BABSOLUTION
[-] Key deleted: HKU\S-1-5-21-3844927930-360923331-3243044632-1000\Software\Hola
[#] Key deleted on reboot: HKU\S-1-5-18\Software\Hola
[#] Key deleted on reboot: HKCU\Software\BABSOLUTION
[#] Key deleted on reboot: HKCU\Software\Hola
[#] Key deleted on reboot: [x64] HKCU\Software\BABSOLUTION
[#] Key deleted on reboot: [x64] HKCU\Software\Hola
[-] Key deleted: [x64] HKLM\SOFTWARE\Hola
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org
***** [ Web browsers ] *****
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1897 Bytes] - [19/02/2017 18:39:59]
C:\AdwCleaner\AdwCleaner[S0].txt - [2069 Bytes] - [19/02/2017 18:36:47]
C:\AdwCleaner\AdwCleaner[S1].txt - [2141 Bytes] - [19/02/2017 18:39:25]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2116 Bytes] ##########
causa programma non originale mi sono beccato un adware malware che ogni tanto mi fa apparire una pagina sul browser e nel frattempo chissą cosa fa.
Ho fatto una scansione con AdwCleaner e mi trovato il malware e rimosso alcune chiavi. Purtroppo perņ non ho risolto.
Avira mi ha segnalato il nome che č: DELFSNIF.DX.380
Posto il log del programma.
Potete aiutarmi?
# AdwCleaner v6.043 - Logfile created 19/02/2017 at 18:39:59
# Updated on 27/01/2017 by Malwarebytes
# Database : 2017-02-13.1 [Local]
# Operating System : Windows 7 Ultimate Service Pack 1 (X64)
# Username : gia - GIA-PC
# Running from : D:\AdwCleaner.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder deleted: C:\Users\gia\AppData\Roaming\Babylon
[-] Folder deleted: C:\Users\gia\AppData\Roaming\Hola
[-] Folder deleted: C:\Users\gia\AppData\Roaming\OpenCandy
[-] Folder deleted: C:\Program Files\Hola
[-] Folder deleted: C:\ProgramData\Babylon
[#] Folder deleted on reboot: C:\ProgramData\Application Data\Babylon
***** [ Files ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled Tasks ] *****
***** [ Registry ] *****
[-] Key deleted: HKCU\Software\a57dad8b73ded17
[-] Key deleted: HKLM\SOFTWARE\a57dad8b73ded17
[-] Key deleted: HKLM\SOFTWARE\Classes\Prod.cap
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Prod.cap
[-] Key deleted: HKU\.DEFAULT\Software\Hola
[-] Key deleted: HKU\S-1-5-21-3844927930-360923331-3243044632-1000\Software\BABSOLUTION
[-] Key deleted: HKU\S-1-5-21-3844927930-360923331-3243044632-1000\Software\Hola
[#] Key deleted on reboot: HKU\S-1-5-18\Software\Hola
[#] Key deleted on reboot: HKCU\Software\BABSOLUTION
[#] Key deleted on reboot: HKCU\Software\Hola
[#] Key deleted on reboot: [x64] HKCU\Software\BABSOLUTION
[#] Key deleted on reboot: [x64] HKCU\Software\Hola
[-] Key deleted: [x64] HKLM\SOFTWARE\Hola
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org
***** [ Web browsers ] *****
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1897 Bytes] - [19/02/2017 18:39:59]
C:\AdwCleaner\AdwCleaner[S0].txt - [2069 Bytes] - [19/02/2017 18:36:47]
C:\AdwCleaner\AdwCleaner[S1].txt - [2141 Bytes] - [19/02/2017 18:39:25]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2116 Bytes] ##########