Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

dirottatori. Risolto!. Trattavasi di estensione di Chrome Opzioni
gino1963
Inviato: Friday, June 24, 2016 10:31:18 PM
Rank: AiutAmico

Iscritto dal : 2/27/2010
Posts: 34
Buona sera a tutti, ritorno dopo alcuni anni nel forum perchè ho un grosso problema e ringrazio anticipatamente chi può darmi una mano. Temo di avermi preso qualche dirottatore perchè navigando vengo dirottato verso altri siti (usualmente pubblicitari). Grazie. Gino

Mi permetto anticiparVi qualche dato:

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 22.23.31, on 24/06/2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)


Boot mode: Normal

Running processes:
C:\Users\Gino\AppData\Local\Microsoft\OneDrive\OneDrive.exe
E:\Program Files (x86)\Norton Security with Backup\Engine\22.6.0.142\NSBU.exe
E:\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: PDF Architect 3 Helper - {06E08260-0695-4EC1-A74B-1310D8899D93} - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - E:\Program Files (x86)\Norton Security with Backup\Engine\22.6.0.142\coIEPlg.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: Guida per l'accesso all'account Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: PDF Architect 3 Toolbar - {2DFF3579-5AA7-45B9-9328-1D38EA230861} - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - E:\Program Files (x86)\Norton Security with Backup\Engine\22.6.0.142\coIEPlg.dll
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Gino\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [Norton Download Manager{NIS203036-SHPD-FSD33017}] "C:\Program Files"/m (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Norton Download Manager{NIS203036-SHPD-FSD33017}] "C:\Program Files"/m (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: Digital Wave Update Service (DigitalWave.Update.Service) - Digital Wave Ltd. - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
O23 - Service: Dragon Service (DragonSvc) - Nuance Communications, Inc. - C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
O23 - Service: Norton Security with Backup (NSBU) - Symantec Corporation - E:\Program Files (x86)\Norton Security with Backup\Engine\22.6.0.142\NSBU.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PDF Architect 3 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\ws.exe
O23 - Service: PDF Architect 3 CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
O23 - Service: PDF Architect 3 Creator - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - E:\Program Files (x86)\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9243 bytes
# AdwCleaner v5.200 - File registro eventi creato 24/06/2016 a 22:28:05
# Aggiornato 14/06/2016 by ToolsLib
# Database : 2016-06-23.1 [Server]
# Sistema operativo : Windows 7 Home Premium Service Pack 1 (X64)
# Nome utente : Gino - GINO-PC
# In esecuzione da : E:\Downloads\adwcleaner_5.200.exe
# Opzione : Scansione
# Supporto : https://toolslib.net/forum

***** [ Servizi ] *****


***** [ Cartelle ] *****


***** [ File ] *****

File Trovato : C:\Users\Gino\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
File Trovato : C:\Users\Gino\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
File Trovato : C:\Users\Gino\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage
File Trovato : C:\Users\Gino\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage-journal
File Trovato : C:\Users\Gino\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage
File Trovato : C:\Users\Gino\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage-journal
File Trovato : C:\Users\Gino\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.re-markit00.re-markit.co_0.localstorage
File Trovato : C:\Users\Gino\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.re-markit00.re-markit.co_0.localstorage-journal
File Trovato : C:\Users\Gino\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_hightsearch.com_0.localstorage
File Trovato : C:\Users\Gino\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_hightsearch.com_0.localstorage-journal
File Trovato : C:\Users\Gino\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.coupontime00.coupontime.co_0.localstorage
File Trovato : C:\Users\Gino\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.coupontime00.coupontime.co_0.localstorage-journal

***** [ DLL ] *****


***** [ WMI ] *****


***** [ Collegamenti ] *****


***** [ Attività pianificate ] *****


***** [ Registro ] *****


***** [ Browser web ] *****


*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [2755 byte] - [24/06/2016 21:27:29]
C:\AdwCleaner\AdwCleaner[C2].txt - [2899 byte] - [24/06/2016 22:04:06]
C:\AdwCleaner\AdwCleaner[S1].txt - [2512 byte] - [24/06/2016 21:25:00]
C:\AdwCleaner\AdwCleaner[S2].txt - [2656 byte] - [24/06/2016 21:59:49]
C:\AdwCleaner\AdwCleaner[S3].txt - [2650 byte] - [24/06/2016 22:28:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [2722 byte] ##########

Sponsor
Inviato: Friday, June 24, 2016 10:31:18 PM

 
wolfestein
Inviato: Friday, June 24, 2016 10:51:24 PM

Rank: AiutAmico

Iscritto dal : 2/15/2009
Posts: 15,955
Lancia ADWCleaner seleziona Scansione,finita la scansione clicca su Pulisci dopo fai una scansione completa con malwarebytes(aggiornato) e posta i log che rilasciano.
SE usi Firefox,Chrome o Vivaldi metti l'estensione Ad-Block Plus.
gino1963
Inviato: Sunday, June 26, 2016 10:13:08 AM
Rank: AiutAmico

Iscritto dal : 2/27/2010
Posts: 34
wolfestein ha scritto:
Lancia ADWCleaner seleziona Scansione,finita la scansione clicca su Pulisci dopo fai una scansione completa con malwarebytes(aggiornato) e posta i log che rilasciano.
SE usi Firefox,Chrome o Vivaldi metti l'estensione Ad-Block Plus.

Risolto grazie a Te!.
Ho ripetutamente eseguito pulizia sia con AdwCleaner che con Malwarebyte ma subito dopo, aprendo Chrome, il problema si ripresentava. Mi è venuto in mente di utilizzare I.E.: nessun problema. gatta ci cova!.
Ho scaricato come da te suggerito l'estensione per Chrome Ad-Block Plus e con l'occasione mi sono accorto che c'era installata anche una estensione il cui nome comprendeva replicator!. Per la rabbia l'ho cancellata d'istinto senza memorizzarne il nome, mi dispiace tanto. Comunque il problema, ora appare chiaro, era generato da quell'applicazione. Ripetute scansioni con Norton, Malwarebyte, AdwCleaner etc. danno sempre risultati negativi.
Ancora grazie, wolfestein, Ti ricordo sempre con piacere e gratitudine.
Un saluto. Gino







wolfestein
Inviato: Sunday, June 26, 2016 3:11:50 PM

Rank: AiutAmico

Iscritto dal : 2/15/2009
Posts: 15,955
Felice che tu abbia risolto Gino.
Ciao!
Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.