Pagina 1 di 2 12 UltimaUltima
Risultati da 1 a 15 di 22
  1. #1
    L'avatar di micetta_18
    Specifiche del sistema

    Data Registrazione
    04-02-12
    Messaggi
    15
    Menzioni / Tag / Citazioni
    Problemi e Risposte

    Predefinito Durante la navigazione mi si aprono delle pagine di pubblicità!

    Ciao a tutti, da qualche giorno mi sono accorta che navigando mi si aprono delle pagine di pubblicità. Inoltre il pc è lento... Ho letto che questo problema è comune a molti, e ho iniziato a fare qualche controllino. Premetto che me ne intendo molto poco, ma ho usato hijackthis e malwarebytes e ora posto i risultati. Il mio antivirus, g data, non ha rilevato nulla, anzi, la scansione approfondita dura solo 15 minuti e mi pare molto strano. Neanche ad aware ha rilevato niente...

    Il log di hijackthis è stato fatto in modalità normale

    Codice:
    Logfile of Trend Micro HijackThis v2.0.4Scan saved at 22:58:27, on 04/02/2012
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal
    
    
    Running processes:
    C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    C:\Windows\AsScrPro.exe
    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    C:\Windows\vsnp2uvc.exe
    C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
    C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    C:\Program Files (x86)\G Data\TotalCare\AVKTray\AVKTray.exe
    C:\Program Files (x86)\G Data\TotalCare\Firewall\GDFirewallTray.exe
    C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
    C:\Users\Public\Documents\AppData\PoApp\PService.exe
    C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
    
    
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
    R3 - URLSearchHook: IncrediMail MediaBar Italiano 2 Toolbar - {c91fec63-9f25-400d-95e5-6cd334dd3cc1} - C:\Program Files (x86)\IncrediMail_MediaBar_Italiano_2\prxtbIncr.dll
    R3 - URLSearchHook: (no name) - {1d03a978-ac0c-4004-b9fd-9cf361c7bd3f} - (no file)
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\TotalCare\WebFilter\AvkWebIE.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
    O2 - BHO: Guida per l'accesso a Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
    O2 - BHO: G Data BankGuard - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G Data\AVKProxy\BanksafeBHO.dll
    O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O2 - BHO: IncrediMail MediaBar Italiano 2 - {c91fec63-9f25-400d-95e5-6cd334dd3cc1} - C:\Program Files (x86)\IncrediMail_MediaBar_Italiano_2\prxtbIncr.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: IncrediMail MediaBar Italiano 2 Toolbar - {c91fec63-9f25-400d-95e5-6cd334dd3cc1} - C:\Program Files (x86)\IncrediMail_MediaBar_Italiano_2\prxtbIncr.dll
    O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
    O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\TotalCare\WebFilter\AvkWebIE.dll
    O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
    O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
    O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
    O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\TotalCare\AVKTray\AVKTray.exe
    O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\TotalCare\Firewall\GDFirewallTray.exe
    O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
    O4 - HKLM\..\Run: [PosService] C:\Users\Public\Documents\AppData\PoApp\PLauncher.exe
    O4 - HKCU\..\Run: [Facebook Update] "C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
    O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
    O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
    O4 - Global Startup: FancyStart daemon.lnk = ?
    O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: I&nvia a OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O17 - HKLM\System\CCS\Services\Tcpip\..\{617D26AF-BF0E-4750-8C71-1462C3D21FD3}: NameServer = 176.31.229.24,176.31.229.25
    O17 - HKLM\System\CCS\Services\Tcpip\..\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 176.31.229.24,176.31.229.25
    O17 - HKLM\System\CCS\Services\Tcpip\..\{C0540C9F-086C-4992-AC0B-A38A8469F49B}: NameServer = 176.31.229.24,176.31.229.25
    O17 - HKLM\System\CS1\Services\Tcpip\..\{617D26AF-BF0E-4750-8C71-1462C3D21FD3}: NameServer = 176.31.229.24,176.31.229.25
    O17 - HKLM\System\CS2\Services\Tcpip\..\{617D26AF-BF0E-4750-8C71-1462C3D21FD3}: NameServer = 176.31.229.24,176.31.229.25
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
    O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
    O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    O23 - Service: Proxy G Data AntiVirus (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
    O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G Data\TotalCare\AVK\AVKService.exe
    O23 - Service: G Data Guardiano del file system (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G Data\TotalCare\AVK\AVKWCtlX64.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: G Data Backup Service (GDBackupSvc) - G Data Software AG - C:\Program Files (x86)\G Data\TotalCare\AVKBackup\AVKBackupService.exe
    O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G Data\TotalCare\Firewall\GDFwSvcx64.exe
    O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
    O23 - Service: G Data Tuner Service (GDTunerSvc) - G Data Software AG - C:\Program Files (x86)\G Data\TotalCare\AVKTuner\AVKTunerService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    O23 - Service: Pos Service (PowerOffer Service) - PowerOfferService - C:\Users\user\AppData\Local\PosService\Pos.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Serv Updater (ServUpdater) - ServiceUpd - C:\Users\user\AppData\Local\ServUpdater\ServiceUpd.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: TiMiniService - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
    O23 - Service: Intel(R) Turbo Boost Technology Monitor (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    
    
    --
    End of file - 15949 bytes

    Mentre quello di malwarebytes in modalità provvisoria

    Codice:
    Malwarebytes Anti-Malware 1.60.1.1000
    www.malwarebytes.org
    
    
    Versione database: v2012.02.04.03
    
    
    Windows 7 Service Pack 1 x64 NTFS (Modalità provvisoria)
    Internet Explorer 9.0.8112.16421
    user :: USER-PC [amministratore]
    
    
    04/02/2012 21:33:55
    mbam-log-2012-02-04 (21-33-55).txt
    
    
    Tipo di scansione: Scansione completa
    Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File system | Euristica/Extra | Euristica/Shuriken | PUP | PUM
    Opzioni di scansione disattivate: P2P
    Elementi esaminati: 347423
    Tempo impiegato: 45 minuti, 10 secondi
    
    
    Processi rilevati in memoria: 0
    (non sono stati rilevati elementi nocivi)
    
    
    Moduli di memoria rilevati: 0
    (non sono stati rilevati elementi nocivi)
    
    
    Chiavi di registro rilevate: 0
    (non sono stati rilevati elementi nocivi)
    
    
    Valori di registro rilevati: 0
    (non sono stati rilevati elementi nocivi)
    
    
    Voci rilevate nei dati di registro: 0
    (non sono stati rilevati elementi nocivi)
    
    
    Cartelle rilevate: 0
    (non sono stati rilevati elementi nocivi)
    
    
    File rilevati: 0
    (non sono stati rilevati elementi nocivi)
    
    
    (fine)
    qualcuno mi può aiutare, per favore? ricordate che sono un pò molto imbranata

    dimenticavo: uso google chrome come browser

  2.  
    Stanco della Pubblicità? Registrati

  3. #2
    L'avatar di tecnico24
    Specifiche del sistema

    Data Registrazione
    26-05-07
    Messaggi
    9,810
    Menzioni / Tag / Citazioni
    Problemi e Risposte

    Predefinito Re: Durante la navigazione mi si aprono delle pagine di pubblicità!

    Benvenuta nel forum.
    Il pc è infetto , segui questa procedura:

    Disattiva il ripristino configurazione di sistema.
    Avvia Hijackthis , clicca su Do a system scan only e spunta a sinistra su queste voci:

    O23 - Service: Serv Updater (ServUpdater) - ServiceUpd - C:\Users\user\AppData\Local\ServUpdater\ServiceUpd .exe

    O23 - Service: Pos Service (PowerOffer Service) - PowerOfferService - C:\Users\user\AppData\Local\PosService\Pos.exe

    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray

    O4 - HKCU\..\Run: [Facebook Update] "C:\Users\user\AppData\Local\Facebook\Update\Faceb ookUpdate.exe" /c /nocrashserver

    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll

    R3 - URLSearchHook: (no name) - {1d03a978-ac0c-4004-b9fd-9cf361c7bd3f} - (no file

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Search

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search


    clicca sotto sul pulsante Fix checked.

    Riavvia il pc in modalita provvisoria , avvia nuovamente Hijackthis , spunta tutte le 017 e clicca sotto su fix checked.

    Sempre da provvisoria , apri il prompt dei comandi e digita:

    netsh interface ipv4 reset

    Riavvia il pc.

  4. #3
    L'avatar di micetta_18
    Specifiche del sistema

    Data Registrazione
    04-02-12
    Messaggi
    15
    Menzioni / Tag / Citazioni
    Problemi e Risposte

    Predefinito Re: Durante la navigazione mi si aprono delle pagine di pubblicità!

    Citazione Originariamente Scritto da tecnico24 Visualizza Messaggio
    Benvenuta nel forum.
    Il pc è infetto , segui questa procedura:

    Disattiva il ripristino configurazione di sistema.
    il resto l'ho capito, ma questo non so come si faccia. scusa... e grazie per la disponibilità!

    ---------- Post added at 15:05 ---------- Previous post was at 14:35 ----------

    Sono riuscita a fare tutto, ma all'ultimo passaggio è uscito questo...


    http://wikisend.com/download/427378/Immagine.jpg


    e il problema resta...

  5. #4
    L'avatar di tecnico24
    Specifiche del sistema

    Data Registrazione
    26-05-07
    Messaggi
    9,810
    Menzioni / Tag / Citazioni
    Problemi e Risposte

    Predefinito Re: Durante la navigazione mi si aprono delle pagine di pubblicità!

    Ciao ,
    apri il prompt dei comandi e digita

    netsh int ip reset c:\resetlog.txt - Invio

    Per disattivare il ripristino :
    Start
    Pannello di controllo
    Sistema e sicurezza
    sistema
    Protezione sistema a sinistra
    Ripristino configurazione di sistema > configura e metti su disattiva protezione sistema.

    Riposta un nuovo log di Hijackthis.
    Le operazioni vanno fatte con il ripristino disattivato.

  6. #5
    L'avatar di micetta_18
    Specifiche del sistema

    Data Registrazione
    04-02-12
    Messaggi
    15
    Menzioni / Tag / Citazioni
    Problemi e Risposte

    Predefinito Re: Durante la navigazione mi si aprono delle pagine di pubblicità!

    ciao, grazie della pazienza

    dopo aver digitato (in modalità provvisoria e con il ripristino disattivato) questo è il risultato:

    http://www.freefilehosting.net/immagine2_1

    il log di hijackthis è questo:

    http://www.freefilehosting.net/immagine3_1

    Codice:
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
    R3 - URLSearchHook: IncrediMail MediaBar Italiano 2 Toolbar - {c91fec63-9f25-400d-95e5-6cd334dd3cc1} - C:\Program Files (x86)\IncrediMail_MediaBar_Italiano_2\prxtbIncr.dll
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\TotalCare\WebFilter\AvkWebIE.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
    O2 - BHO: Guida per l'accesso a Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
    O2 - BHO: G Data BankGuard - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G Data\AVKProxy\BanksafeBHO.dll
    O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O2 - BHO: IncrediMail MediaBar Italiano 2 - {c91fec63-9f25-400d-95e5-6cd334dd3cc1} - C:\Program Files (x86)\IncrediMail_MediaBar_Italiano_2\prxtbIncr.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: IncrediMail MediaBar Italiano 2 Toolbar - {c91fec63-9f25-400d-95e5-6cd334dd3cc1} - C:\Program Files (x86)\IncrediMail_MediaBar_Italiano_2\prxtbIncr.dll
    O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
    O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\TotalCare\WebFilter\AvkWebIE.dll
    O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
    O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
    O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
    O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\TotalCare\AVKTray\AVKTray.exe
    O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\TotalCare\Firewall\GDFirewallTray.exe
    O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
    O4 - HKLM\..\Run: [PosService] C:\Users\Public\Documents\AppData\PoApp\PLauncher.exe
    O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
    O4 - Global Startup: FancyStart daemon.lnk = ?
    O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: I&nvia a OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
    O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
    O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    O23 - Service: Proxy G Data AntiVirus (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
    O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G Data\TotalCare\AVK\AVKService.exe
    O23 - Service: G Data Guardiano del file system (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G Data\TotalCare\AVK\AVKWCtlX64.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: G Data Backup Service (GDBackupSvc) - G Data Software AG - C:\Program Files (x86)\G Data\TotalCare\AVKBackup\AVKBackupService.exe
    O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G Data\TotalCare\Firewall\GDFwSvcx64.exe
    O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
    O23 - Service: G Data Tuner Service (GDTunerSvc) - G Data Software AG - C:\Program Files (x86)\G Data\TotalCare\AVKTuner\AVKTunerService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    O23 - Service: Pos Service (PowerOffer Service) - PowerOfferService - C:\Users\user\AppData\Local\PosService\Pos.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Serv Updater (ServUpdater) - ServiceUpd - C:\Users\user\AppData\Local\ServUpdater\ServiceUpd.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: TiMiniService - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
    O23 - Service: Intel(R) Turbo Boost Technology Monitor (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    
    
    --
    End of file - 14658 bytes

  7. #6
    L'avatar di tecnico24
    Specifiche del sistema

    Data Registrazione
    26-05-07
    Messaggi
    9,810
    Menzioni / Tag / Citazioni
    Problemi e Risposte

    Predefinito Re: Durante la navigazione mi si aprono delle pagine di pubblicità!

    Ciao , le voci rimanenti da fixare in Hijackthis sono queste:

    O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll

    O3 - Toolbar: IncrediMail MediaBar Italiano 2 Toolbar - {c91fec63-9f25-400d-95e5-6cd334dd3cc1} - C:\Program Files (x86)\IncrediMail_MediaBar_Italiano_2\prxtbIncr.dl l

    O2 - BHO: IncrediMail MediaBar Italiano 2 - {c91fec63-9f25-400d-95e5-6cd334dd3cc1} - C:\Program Files (x86)\IncrediMail_MediaBar_Italiano_2\prxtbIncr.dl l

    O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll

    R3 - URLSearchHook: IncrediMail MediaBar Italiano 2 Toolbar - {c91fec63-9f25-400d-95e5-6cd334dd3cc1} - C:\Program Files (x86)\IncrediMail_MediaBar_Italiano_2\prxtbIncr.dl l


    Scarica The Avenger :
    Wikisend: free file sharing service
    Posizionalo sul desktop
    Avvialo , clicca su Ok al messaggio che ti appare.
    Nella finestra Input script here , inserisci queste righe in grassetto facendo copia | incolla :

    Folders to delete:
    C:\Users\user\AppData\Local\ServUpdater
    C:\Users\user\AppData\Local\PosService

    Registry values to delete:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run | PosService



    Togli la spunta da Scan for rootkit
    clicca su excute fino al riavvio del pc
    Posta il log generato da Avenger in formato .txt

    Avvia Hijackthis
    clicca sulla voce Open the Misc Tools section
    Clicca su Open ADS Spy
    Togli la spunta da Quick scan
    Clicca sotto a destra su Scan
    Attendi la scansione e rimuovi gli ADS rilevati ( selezionandoli tutti ) e cliccando su Remove Selected.

    Riesegui il comando :

    netsh int ip reset c:\resetlog.txt

    Stavolta però in modalità normale , riavviando ulteriormente il pc.
    Ultima modifica di tecnico24; 05-02-2012 alle 17:37

  8. #7
    L'avatar di micetta_18
    Specifiche del sistema

    Data Registrazione
    04-02-12
    Messaggi
    15
    Menzioni / Tag / Citazioni
    Problemi e Risposte

    Predefinito Re: Durante la navigazione mi si aprono delle pagine di pubblicità!

    Mi sa che più vado avanti, più c'è casino... dunque ho provato a fixare le voci di hijack, dimenticando di togliere il ripristino di configurazione, mi dava uno strano messaggio, l'ho tolto, ho rifatto e le voci sono scomparse.

    Avvio avenger, faccio tutto (sempre in modalità normale), non da problemi, ma nessun messaggio di log. boh?

    Riprendo hijack, sto bene attenta a fare tutto bene, ma questo è il risultato

    http://www.freefilehosting.net/immagine3_2

    Apro il promt, digito e...

    http://www.freefilehosting.net/immagine4

    questo è l'ultimo log di hijack

    Codice:
    Logfile of Trend Micro HijackThis v2.0.4Scan saved at 17:34:51, on 05/02/2012
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal
    
    
    Running processes:
    C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    C:\Windows\AsScrPro.exe
    C:\Windows\vsnp2uvc.exe
    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    C:\Program Files (x86)\G Data\TotalCare\AVKTray\AVKTray.exe
    C:\Program Files (x86)\G Data\TotalCare\Firewall\GDFirewallTray.exe
    C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
    C:\Users\Public\Documents\AppData\PoApp\PService.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
    C:\Windows\SysWOW64\DllHost.exe
    
    
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\TotalCare\WebFilter\AvkWebIE.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    O2 - BHO: Guida per l'accesso a Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
    O2 - BHO: G Data BankGuard - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G Data\AVKProxy\BanksafeBHO.dll
    O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\TotalCare\WebFilter\AvkWebIE.dll
    O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
    O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE
    mi vien da piangere! il problema c'è ancora!

  9. #8
    L'avatar di tecnico24
    Specifiche del sistema

    Data Registrazione
    26-05-07
    Messaggi
    9,810
    Menzioni / Tag / Citazioni
    Problemi e Risposte

    Predefinito Re: Durante la navigazione mi si aprono delle pagine di pubblicità!

    Ciao , allora cerchiamo di capirci.

    Per quanto riguarda il comando ,
    Scegli Start > nella casella di ricerca digita cmd > tasto destro su di esso e clicca su Esegui come amministratore.
    Da lì riesegui il comando.

    Per quanto riguarda il log di Avenger , lo trovi in C:\ in formato .txt

    Rifai una scansione completa con Malwarebytes con le definizioni aggiornate eliminando le infezioni rilevate (modalità normale)
    Riprova a fare la procedura con Hijackthis , però facendo tasto destro su di esso e cliccando su Esegui come amministratore.
    Al termine , invia un nuovo log di Hijackthis (quello che hai postato è incompleto) , di Malwarebytes dopo la scansione e di Avenger .

  10. #9
    L'avatar di micetta_18
    Specifiche del sistema

    Data Registrazione
    04-02-12
    Messaggi
    15
    Menzioni / Tag / Citazioni
    Problemi e Risposte

    Predefinito Re: Durante la navigazione mi si aprono delle pagine di pubblicità!

    Allora, ecco qua:

    hijackthis:

    Codice:
    Logfile of Trend Micro HijackThis v2.0.4Scan saved at 19:41:05, on 05/02/2012
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal
    
    
    Running processes:
    C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
    C:\Windows\AsScrPro.exe
    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    C:\Windows\vsnp2uvc.exe
    C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    C:\Program Files (x86)\G Data\TotalCare\AVKTray\AVKTray.exe
    C:\Program Files (x86)\G Data\TotalCare\Firewall\GDFirewallTray.exe
    C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
    C:\Users\Public\Documents\AppData\PoApp\PService.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
    C:\Windows\SysWOW64\DllHost.exe
    
    
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\TotalCare\WebFilter\AvkWebIE.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    O2 - BHO: Guida per l'accesso a Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
    O2 - BHO: G Data BankGuard - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G Data\AVKProxy\BanksafeBHO.dll
    O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\TotalCare\WebFilter\AvkWebIE.dll
    O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
    O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
    O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
    O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\TotalCare\AVKTray\AVKTray.exe
    O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\TotalCare\Firewall\GDFirewallTray.exe
    O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
    O4 - HKLM\..\Run: [PosService] C:\Users\Public\Documents\AppData\PoApp\PLauncher.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO LOCALE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO LOCALE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO DI RETE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO DI RETE')
    O4 - HKUS\S-1-5-21-1302392505-1184816145-3885633653-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
    O4 - HKUS\S-1-5-21-1302392505-1184816145-3885633653-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
    O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
    O4 - Global Startup: FancyStart daemon.lnk = ?
    O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: I&nvia a OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
    O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
    O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    O23 - Service: Proxy G Data AntiVirus (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
    O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G Data\TotalCare\AVK\AVKService.exe
    O23 - Service: G Data Guardiano del file system (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G Data\TotalCare\AVK\AVKWCtlX64.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: G Data Backup Service (GDBackupSvc) - G Data Software AG - C:\Program Files (x86)\G Data\TotalCare\AVKBackup\AVKBackupService.exe
    O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G Data\TotalCare\Firewall\GDFwSvcx64.exe
    O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
    O23 - Service: G Data Tuner Service (GDTunerSvc) - G Data Software AG - C:\Program Files (x86)\G Data\TotalCare\AVKTuner\AVKTunerService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    O23 - Service: Pos Service (PowerOffer Service) - PowerOfferService - C:\Users\user\AppData\Local\PosService\Pos.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Serv Updater (ServUpdater) - ServiceUpd - C:\Users\user\AppData\Local\ServUpdater\ServiceUpd.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: TiMiniService - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
    O23 - Service: Intel(R) Turbo Boost Technology Monitor (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    
    
    --
    End of file - 14497 bytes
    malwarebytes

    Codice:
    Malwarebytes Anti-Malware 1.60.1.1000www.malwarebytes.org
    
    
    Versione database: v2012.02.05.02
    
    
    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    user :: USER-PC [amministratore]
    
    
    05/02/2012 19:42:34
    mbam-log-2012-02-05 (19-42-34).txt
    
    
    Tipo di scansione: Scansione completa
    Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File system | Euristica/Extra | Euristica/Shuriken | PUP | PUM
    Opzioni di scansione disattivate: P2P
    Elementi esaminati: 351745
    Tempo impiegato: 1 ore, 22 minuti, 42 secondi
    
    
    Processi rilevati in memoria: 0
    (non sono stati rilevati elementi nocivi)
    
    
    Moduli di memoria rilevati: 0
    (non sono stati rilevati elementi nocivi)
    
    
    Chiavi di registro rilevate: 0
    (non sono stati rilevati elementi nocivi)
    
    
    Valori di registro rilevati: 0
    (non sono stati rilevati elementi nocivi)
    
    
    Voci rilevate nei dati di registro: 0
    (non sono stati rilevati elementi nocivi)
    
    
    Cartelle rilevate: 0
    (non sono stati rilevati elementi nocivi)
    
    
    File rilevati: 0
    (non sono stati rilevati elementi nocivi)
    
    
    (fine)
    riguardo avenger proprio non so... in c: non esiste alcuna cartella con questo nome, e non ci sono file txt modificati o creati con la data di oggi... quando l'ho eseguito non è uscita alcuna richiesta di salvataggio log, quindi proprio non so!

  11. #10
    L'avatar di tecnico24
    Specifiche del sistema

    Data Registrazione
    26-05-07
    Messaggi
    9,810
    Menzioni / Tag / Citazioni
    Problemi e Risposte

    Predefinito Re: Durante la navigazione mi si aprono delle pagine di pubblicità!

    Ciao , apri il prompt dei comandi e digita

    Sc delete PosService
    Sc delete gupdate service
    Sc delete ServiceUpd

    tutti e tre seguiti in sequenza seguiti da invio.

    La voce da fixare rimane questa , riprova:

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Search



  12. #11
    L'avatar di micetta_18
    Specifiche del sistema

    Data Registrazione
    04-02-12
    Messaggi
    15
    Menzioni / Tag / Citazioni
    Problemi e Risposte

    Predefinito Re: Durante la navigazione mi si aprono delle pagine di pubblicità!

    Ciao, questo è l'ultimo log di hijackthis...

    Codice:
    Logfile of Trend Micro HijackThis v2.0.4Scan saved at 14:09:29, on 06/02/2012
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Safe mode
    
    
    Running processes:
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
    
    
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\TotalCare\WebFilter\AvkWebIE.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    O2 - BHO: Guida per l'accesso a Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
    O2 - BHO: G Data BankGuard - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G Data\AVKProxy\BanksafeBHO.dll
    O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\TotalCare\WebFilter\AvkWebIE.dll
    O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
    O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
    O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
    O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\TotalCare\AVKTray\AVKTray.exe
    O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\TotalCare\Firewall\GDFirewallTray.exe
    O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
    O4 - HKLM\..\Run: [PosService] C:\Users\Public\Documents\AppData\PoApp\PLauncher.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO LOCALE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO LOCALE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO DI RETE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO DI RETE')
    O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
    O4 - Global Startup: FancyStart daemon.lnk = ?
    O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: I&nvia a OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
    O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
    O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    O23 - Service: Proxy G Data AntiVirus (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
    O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G Data\TotalCare\AVK\AVKService.exe
    O23 - Service: G Data Guardiano del file system (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G Data\TotalCare\AVK\AVKWCtlX64.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: G Data Backup Service (GDBackupSvc) - G Data Software AG - C:\Program Files (x86)\G Data\TotalCare\AVKBackup\AVKBackupService.exe
    O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G Data\TotalCare\Firewall\GDFwSvcx64.exe
    O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
    O23 - Service: G Data Tuner Service (GDTunerSvc) - G Data Software AG - C:\Program Files (x86)\G Data\TotalCare\AVKTuner\AVKTunerService.exe
    O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    O23 - Service: Pos Service (PowerOffer Service) - PowerOfferService - C:\Users\user\AppData\Local\PosService\Pos.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Serv Updater (ServUpdater) - ServiceUpd - C:\Users\user\AppData\Local\ServUpdater\ServiceUpd.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: TiMiniService - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
    O23 - Service: Intel(R) Turbo Boost Technology Monitor (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    
    
    --
    End of file - 13185 bytes
    mentre questo è quello che è successo dopo aver digitato nel promt

    http://www.freefilehosting.net/immagine_12

  13. #12
    L'avatar di tecnico24
    Specifiche del sistema

    Data Registrazione
    26-05-07
    Messaggi
    9,810
    Menzioni / Tag / Citazioni
    Problemi e Risposte

    Predefinito Re: Durante la navigazione mi si aprono delle pagine di pubblicità!

    I log non mostrano infezioni , a parte Poweroff e serviceupd che vanno eliminati.

    Scarica Combofix da questo link:
    http://download.bleepingcomputer.com/sUBs/ComboFix.exe
    Salvalo sul desktop
    Disattiva la connessione internet ( Importante) ed Antivirus
    Tasto destro su di esso e clicca su Esegui come Amministratore
    Adesso procedi con le istruzioni a schermo , non toccando assolutamente il pc (nè mouse , tastiera e utilizzo di altri programmi)
    Una volta finiti gli step , il pc dovrebbe riavviarsi altrimenti fallo tu , al Riavvio portati in C:\ e qui troverai il log di Combofix in formato .txt
    Caricalo su Wikisend: free file sharing service e postalo nel forum

    Scarica Kaspersky TDSS Killer:
    http://support.kaspersky.com/downloa...tdsskiller.exe
    ● Chiudi tutti i programmi aperti
    ● Clicca su Start Scan per avviare la scansione
    ● Se trova file infetti l'azione da intrapendere sarà Cure , invece se trova quello sospetto su Skip
    ● Al termine posta il suo relativo log caricandolo Wikisend: free file sharing service

  14. #13
    L'avatar di micetta_18
    Specifiche del sistema

    Data Registrazione
    04-02-12
    Messaggi
    15
    Menzioni / Tag / Citazioni
    Problemi e Risposte

    Predefinito Re: Durante la navigazione mi si aprono delle pagine di pubblicità!

    Perfetto, tutto in modalità provvisoria o normale?

  15. #14
    L'avatar di tecnico24
    Specifiche del sistema

    Data Registrazione
    26-05-07
    Messaggi
    9,810
    Menzioni / Tag / Citazioni
    Problemi e Risposte

    Predefinito Re: Durante la navigazione mi si aprono delle pagine di pubblicità!

    Modalità normale.

  16. #15
    L'avatar di micetta_18
    Specifiche del sistema

    Data Registrazione
    04-02-12
    Messaggi
    15
    Menzioni / Tag / Citazioni
    Problemi e Risposte

    Predefinito Re: Durante la navigazione mi si aprono delle pagine di pubblicità!

    ciao, ecco il log di combofix

    http://www.freefilehosting.net/combofix_74

    ed il log del kapersky

    http://www.freefilehosting.net/kaperskylog


    nonostante tutto le pagine si aprono ancora... ma il pc pare più veloce, almeno questo

  17.  
    Stanco della Pubblicità? Registrati

 
Pagina 1 di 2 12 UltimaUltima

Permessi di Scrittura

  • Tu non puoi inviare nuove discussioni
  • Tu non puoi inviare risposte
  • Tu non puoi inviare allegati
  • Tu non puoi modificare i tuoi messaggi
  •  
Segui Tom's Hardware!
Informazioni su Tom's Hardware
powered by
Powerd by Aruba Cloud Powerd by Intel Powerd by Dell
Copyright © 2014 - 3Labs Srl - A Purch Company. Tutti i diritti riservati.
P.Iva 04146420965 - Testata giornalistica registrata presso il Tribunale di Milano, nr. 285 del 9/9/2013
Torna Su