Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Controllo LOG...problema Positive Finds

Controllo LOG...problema Positive Finds Opzioni
Topic Precedente · Topic Sucessivo
jkl
Inviato: Saturday, March 14, 2015 12:30:48 PM
Rank: AiutAmico

Iscritto dal : 6/3/2005
Posts: 129
Ciao ho seguito la guida postata da Giza su come eliminare "pagine pubblicitarie e infezioni varie" vi posto i 3 LOG, e se potete darci una controllata vi sarei devoti!!! :-)

Malwarebytes Anti-Malware
www.malwarebytes.org

Data scansione: 14/03/2015
Ora scansione: 09:35:36
File di log: ciao.txt
Amministratore: Si

Versione: 2.00.4.1028
Database malware: v2015.03.14.02
Database rootkit: v2015.02.25.01
Licenza: Free
Protezione da malware: Disattivata
Protezione da siti web nocivi: Disattivata
Autoprotezione: Disattivata

SO: Windows 7 Service Pack 1
CPU: x64
File system: NTFS
Utente: Marco Basilisco

Tipo di scansione: Scansione elementi nocivi
Risultati: Completata
Elementi analizzati: 353704
Tempo impiegato: 24 min, 29 sec

Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Attivata
Euristica: Disattivata
PUP: Attivata
PUM: Attivata

Processi: 9
PUP.Optional.FindPositive.A, C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugincontainer.exe, 4552, , [3376f72b6a20290d637e30823cc7857b]
PUP.Optional.FindPositive.A, C:\Program Files (x86)\Common Files\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\updater.exe, 4512, , [02a7061cf991181e7e63793959aaf50b]
PUP.Optional.PositiveFinds.A, C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\3\Plugin.exe, 3340, , [4e5bb66cd2b838fe8d475c48dd26a55b]
PUP.Optional.PositiveFinds.A, C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\3\Plugin.exe, 1820, , [4e5bb66cd2b838fe8d475c48dd26a55b]
PUP.Optional.PositiveFinds.A, C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\4\Plugin.exe, 4496, , [4e5bb66cd2b838fe8d475c48dd26a55b]
PUP.Optional.PositiveFinds.A, C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\4\Plugin.exe, 2180, , [4e5bb66cd2b838fe8d475c48dd26a55b]
PUP.Optional.PositiveFinds.A, C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\5\Plugin.exe, 4488, , [4e5bb66cd2b838fe8d475c48dd26a55b]
PUP.Optional.PositiveFinds.A, C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\5\Plugin.exe, 728, , [4e5bb66cd2b838fe8d475c48dd26a55b]
PUP.Optional.PositiveFinds.A, C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\8\Plugin.exe, 3384, , [4e5bb66cd2b838fe8d475c48dd26a55b]

Moduli: 0
(Nessun elemento malevolo rilevato)

Chiavi di registro: 11
PUP.Optional.FindPositive.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{30c85a3d-1d96-4589-b63f-91fb7ef45a41}, , [c8e150d2bdcd49ed3f7764b62cd735cb],
PUP.Optional.FindPositive.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{63C63464-1423-4FDB-BA5D-6F75F491C63E}, , [c8e150d2bdcd49ed3f7764b62cd735cb],
PUP.Optional.FindPositive.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{50F60937-910A-4C05-8E36-FE4E299191CF}, , [c8e150d2bdcd49ed3f7764b62cd735cb],
PUP.Optional.FindPositive.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{50F60937-910A-4C05-8E36-FE4E299191CF}, , [c8e150d2bdcd49ed3f7764b62cd735cb],
PUP.Optional.FindPositive.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{63C63464-1423-4FDB-BA5D-6F75F491C63E}, , [c8e150d2bdcd49ed3f7764b62cd735cb],
PUP.Optional.FindPositive.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{30C85A3D-1D96-4589-B63F-91FB7EF45A41}, , [c8e150d2bdcd49ed3f7764b62cd735cb],
PUP.Optional.PositiveFinds.A, HKLM\SOFTWARE\WOW6432NODE\PositiveFinds, , [a50454ce3654af87d48e8030fb088e72],
PUP.Optional.FindPositive.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Service Mgr PositiveFinds, , [3376f72b6a20290d637e30823cc7857b],
PUP.Optional.FindPositive.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Mgr PositiveFinds, , [02a7061cf991181e7e63793959aaf50b],
PUP.Optional.FindPositive.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Positive Finds, , [a603f1314347033344a10a99ef14cf31],
PUP.Optional.FindPositive.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{cfd32d46-7d3f-483f-bace-7172aec5592d}, , [a603f1314347033344a10a99ef14cf31],

Valori di registro: 0
(Nessun elemento malevolo rilevato)

Dati di registro: 0
(Nessun elemento malevolo rilevato)

Cartelle: 13
PUP.Optional.FindPositive.A, C:\Program Files (x86)\Positive Finds, , [a603f1314347033344a10a99ef14cf31],
PUP.Optional.FindPositive.A, C:\Program Files (x86)\Positive Finds\Extensions, , [a603f1314347033344a10a99ef14cf31],
PUP.Optional.PositiveFinds.A, C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602, , [4e5bb66cd2b838fe8d475c48dd26a55b],
PUP.Optional.PositiveFinds.A, C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugincontainer, , [4e5bb66cd2b838fe8d475c48dd26a55b],
PUP.Optional.PositiveFinds.A, C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins, , [4e5bb66cd2b838fe8d475c48dd26a55b],
PUP.Optional.PositiveFinds.A, C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\3, , [4e5bb66cd2b838fe8d475c48dd26a55b],
PUP.Optional.PositiveFinds.A, C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\4, , [4e5bb66cd2b838fe8d475c48dd26a55b],
PUP.Optional.PositiveFinds.A, C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\4bak, , [4e5bb66cd2b838fe8d475c48dd26a55b],
PUP.Optional.PositiveFinds.A, C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\5, , [4e5bb66cd2b838fe8d475c48dd26a55b],
PUP.Optional.PositiveFinds.A, C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\5bak, , [4e5bb66cd2b838fe8d475c48dd26a55b],
PUP.Optional.PositiveFinds.A, C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\8, , [4e5bb66cd2b838fe8d475c48dd26a55b],
PUP.Optional.PositiveFinds.A, C:\Program Files (x86)\Common Files\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602, , [c5e480a201893afc90286c39897aed13],
PUP.Optional.PositiveFinds.A, C:\Program Files (x86)\Common Files\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\updater, , [c5e480a201893afc90286c39897aed13],

File: 20
PUP.Optional.FindPositive.A, C:\Program Files (x86)\Positive Finds\Extensions\30c85a3d-1d96-4589-b63f-91fb7ef45a41.dll, , [c8e150d2bdcd49ed3f7764b62cd735cb],
PUP.Adware.Agent, C:\Users\Marco Basilisco\AppData\Local\Temp\PositiveFinds\Setup.exe, , [981132f0a0ea1620cc0720e660a0619f],
PUP.Optional.BundleInstaller.A, C:\Users\Marco Basilisco\AppData\Local\Temp\Setup.exe\4b337c66319340abb1da7ada36abef5d\parent.txt, , [f7b2e83a701a50e6aeb448e049b79b65],
PUP.Optional.BundleInstaller.A, C:\Users\Marco Basilisco\AppData\Local\Temp\Setup.exe\4b337c66319340abb1da7ada36abef5d\Setup.exe, , [61481d05a3e7a78fb8aad94f6e928977],
PUP.Optional.BundleInstaller.A, C:\Users\Marco Basilisco\Downloads\Setup.exe, , [bcede63cc1c93cfac1a1899f1ae67a86],
PUP.Optional.Softonic.A, C:\Users\Marco Basilisco\Downloads\SoftonicDownloader_per_videospin.exe, , [6c3d76ac226890a6403960eb13eed62a],
PUP.Optional.Softonic.A, C:\Users\Marco Basilisco\Downloads\SoftonicDownloader_per_windows-movie-maker-2012.exe, , [dccd29f9e2a86fc7403976d59f628e72],
PUP.Optional.FindPositive.A, C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugincontainer.exe, , [3376f72b6a20290d637e30823cc7857b],
PUP.Optional.FindPositive.A, C:\Program Files (x86)\Common Files\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\updater.exe, , [02a7061cf991181e7e63793959aaf50b],
PUP.Optional.FindPositive.A, C:\Program Files (x86)\Positive Finds\7za.exe, , [a603f1314347033344a10a99ef14cf31],
PUP.Optional.FindPositive.A, C:\Program Files (x86)\Positive Finds\Uninstaller.exe, , [a603f1314347033344a10a99ef14cf31],
PUP.Optional.PositiveFinds.A, C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugincontainer.bak, , [4e5bb66cd2b838fe8d475c48dd26a55b],
PUP.Optional.PositiveFinds.A, C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\temp, , [4e5bb66cd2b838fe8d475c48dd26a55b],
PUP.Optional.PositiveFinds.A, C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\3\Plugin.exe, , [4e5bb66cd2b838fe8d475c48dd26a55b],
PUP.Optional.PositiveFinds.A, C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\4\Plugin.exe, , [4e5bb66cd2b838fe8d475c48dd26a55b],
PUP.Optional.PositiveFinds.A, C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\4bak\Plugin.exe, , [4e5bb66cd2b838fe8d475c48dd26a55b],
PUP.Optional.PositiveFinds.A, C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\5\Plugin.exe, , [4e5bb66cd2b838fe8d475c48dd26a55b],
PUP.Optional.PositiveFinds.A, C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\5bak\Plugin.exe, , [4e5bb66cd2b838fe8d475c48dd26a55b],
PUP.Optional.PositiveFinds.A, C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\8\Plugin.exe, , [4e5bb66cd2b838fe8d475c48dd26a55b],
PUP.Optional.PositiveFinds.A, C:\Program Files (x86)\Common Files\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\updater.bak, , [c5e480a201893afc90286c39897aed13],

Settori fisici: 0
(Nessun elemento malevolo rilevato)


(end)


# AdwCleaner v4.112 - Creato file registro eventi 14/03/2015 in 12:02:29
# Aggiornato 09/03/2015 da Xplode
# Database : 2015-03-05.1 [Locale]
# Sistema operativo : Windows 7 Home Premium Service Pack 1 (x64)
# Nome utente : Marco Basilisco - MARCOBASILISCO
# In esecuzione da : C:\Users\Marco Basilisco\Desktop\adwcleaner_4.112.exe
# Opzione : Pulizia

***** [ Servizi ] *****

Servizio Eliminato : Service Mgr PositiveFinds
Servizio Eliminato : Update Mgr PositiveFinds

***** [ File / Cartelle ] *****

Cartella Eliminato : C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602
Cartella Eliminato : C:\Program Files (x86)\Positive Finds
Cartella Eliminato : C:\Program Files (x86)\Common Files\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602
Cartella Eliminato : C:\Users\Marco Basilisco\AppData\Roaming\RHEng
Cartella Eliminato : C:\Users\Marco Basilisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
File Eliminato : C:\Users\Marco Basilisco\AppData\Roaming\uninstaller.exe
File Eliminato : C:\Users\Marco Basilisco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Eliminato : C:\Users\Marco Basilisco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Eliminato : C:\Users\Marco Basilisco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
File Eliminato : C:\Users\Marco Basilisco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
File Eliminato : C:\Users\Marco Basilisco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
File Eliminato : C:\Users\Marco Basilisco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage

***** [ Attività pianificate ] *****


***** [ Collegamenti ] *****


***** [ Registry ] *****

Chiave Eliminato : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Chiave Eliminato : HKLM\SOFTWARE\Classes\AppID\{9C81D00A-3DAA-48AB-90C7-8252119ABB93}
Chiave Eliminato : HKLM\SOFTWARE\Classes\AppID\{1DA17428-323D-48FF-857C-98CFEE48BFD5}
Chiave Eliminato : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Chiave Eliminato : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
Chiave Eliminato : HKLM\SOFTWARE\Classes\CLSID\{30C85A3D-1D96-4589-B63F-91FB7EF45A41}
Chiave Eliminato : HKLM\SOFTWARE\Classes\Interface\{50F60937-910A-4C05-8E36-FE4E299191CF}
Chiave Eliminato : HKLM\SOFTWARE\Classes\TypeLib\{63C63464-1423-4FDB-BA5D-6F75F491C63E}
Chiave Eliminato : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Chiave Eliminato : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30C85A3D-1D96-4589-B63F-91FB7EF45A41}
Chiave Eliminato : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Chiave Eliminato : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Chiave Eliminato : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Chiave Eliminato : [x64] HKLM\SOFTWARE\Classes\Interface\{50F60937-910A-4C05-8E36-FE4E299191CF}
Chiave Eliminato : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Chiave Eliminato : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Chiave Eliminato : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Chiave Eliminato : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Chiave Eliminato : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Chiave Eliminato : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Chiave Eliminato : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Chiave Eliminato : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Chiave Eliminato : HKCU\Software\Softonic
Chiave Eliminato : HKLM\SOFTWARE\PositiveFinds
Chiave Eliminato : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Positive Finds

***** [ Browser web ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Google Chrome v41.0.2272.89

[C:\Users\Marco Basilisco\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Eliminato [Search Provider] : hxxp://www.softonic.it/s/{searchTerms}

-\\ Chromium v

[C:\Users\Marco Basilisco\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Eliminato [Search Provider] : hxxp://www.softonic.it/s/{searchTerms}

*************************

AdwCleaner[R0].txt - [5362 byte] - [14/03/2015 10:29:59]
AdwCleaner[S0].txt - [5093 byte] - [14/03/2015 12:02:29]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5151 byte] ##########




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.3 (03.01.2015:1)
OS: Windows 7 Home Premium x64
Ran by Marco Basilisco on 14/03/2015 at 12:13:57,07
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Marco Basilisco\appdata\local\{2292C12C-0BCC-4B27-8855-C34501C216E0}
Successfully deleted: [Empty Folder] C:\Users\Marco Basilisco\appdata\local\{6F618F47-BD4B-4F36-A00C-6E78F73B8B1C}
Successfully deleted: [Empty Folder] C:\Users\Marco Basilisco\appdata\local\{974AF7AB-EEC4-4860-B2F5-FB242FD841EB}
Successfully deleted: [Empty Folder] C:\Users\Marco Basilisco\appdata\local\{A80C895D-30D9-45DD-9F1E-646FD1F8E277}
Successfully deleted: [Empty Folder] C:\Users\Marco Basilisco\appdata\local\{BE02B165-0EB2-4897-AE45-5BF197940144}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14/03/2015 at 12:19:17,20
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Torna in alto
 
Sponsor
Inviato: Saturday, March 14, 2015 12:30:48 PM

 
Torna in alto
 
cbbusto
Inviato: Saturday, March 14, 2015 2:55:06 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
FindPositive è uno dei tanti dirottatori che ti inviano pubblucità, non pericoloso ma scocciatore.
Il sw è stato eliminato da ADWCleaner, devi eliminare tutto quanto trovato da Malwarebytes, dal log non risulta.
Controlla se è stata modificata la pagina iniziale del browser e se hai qualche componente aggiuntivo che si riferisce FindPositive, controlla anche fra i motori di ricerca se c'è qualche voce sconosciuta, eliminare.
Ti consiglio di evitare di scaricare programmi da Softonic, molti adware arrivano da li.
Ciao
Torna in alto
 
jkl
Inviato: Saturday, March 14, 2015 6:56:15 PM
Rank: AiutAmico

Iscritto dal : 6/3/2005
Posts: 129
ho eliminato tutto, ma è rimasto tutto invariato..ovvero tremila pop up di pubblicita.
Torna in alto
 
cbbusto
Inviato: Saturday, March 14, 2015 10:14:51 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Sicuramente hai scaricato dei programmi con SoftonicDownloader, questo è il guaio perchè ti sono stati installati sw aggiuntivi che portano pubblicità.
Come già detto Positive Find è stato rimosso, cartella, chiavi registro e servizi.
Se usi solo Chrome controlla fra le estensioni e plugin, Apri Google Chrome -> fare clic sul pulsante Chrome menu (3 bar icona, in alto a destra) -> selezionare Strumenti -> Estensioni -> vedi se ci sono voci che riguardano Positive Find e le elimini, se non si risolve fai un ripristino del browser:
Clicca sull'icona Personalizza (sarà sia una chiave o 3 bar icon) -> Strumenti -> Estensioni -> Impostazioni (in basso a sinistra dello schermo) -> Scroll alla parte inferiore dello schermo, fare clic su Mostra impostazioni avanzate ... -> Ripristina impostazioni del browser (situata nella parte inferiore della finestra), ok riavvia.

Fai una pulizia con Ccleaner compreso il Registro, per il registro spunta tutte le voci, acconsenti al backup quando richiesto, sempre in Ccleaner vai in Strumenti Avvio, controlla se in Avvio trovi qualche voce che riguarda Positive Find, se la trovi fai doppio clic sulla voce in questo modoil programma viene disattivato dall'avvio automatico.
Sempre in Ccleaner vai in Strumenti-Ripristino sistema, seleziona tutte le voci, l'ultima rimane e non si può cancellare, poi clic su Rimuovi.
Prima della pulizia vai nel menu Opzioni- Avanzate e togli la spunta alla voce: Elimina file in windows temp solo se più vecchi di 24 ore.

Pulire la cartella Prefetch:
Vai in C:\windows\prefetch Cancella tutti i file compresa la cartella ReadyBoot che verrà ricreata, non va cancellato il file layout.ini.
Posta un log di Hijack This che controllo cosa c'è installato sul pc.
Torna in alto
 
jkl
Inviato: Tuesday, March 17, 2015 8:41:38 PM
Rank: AiutAmico

Iscritto dal : 6/3/2005
Posts: 129
Ho eseguito tutto alla lettera, ma niente, apro Chrome, e mi si aprono pop up da ogni parte, faccio x aprire una pagina e mi rimanda ad altre pagine... ti posto il LOG hijack

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:39:19, on 17/03/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP SimplePass\TouchControl.exe
C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Users\Marco Basilisco\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQCON/6
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/CQCON/6
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL
O2 - BHO: Guida per l'accesso a Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Auto (HPAuto) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Tecnologia Intel(R) Rapid Storage (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TrueAPI Service component (TrueService) - AuthenTec, Inc. - C:\Program Files\Common Files\AuthenTec\TrueService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8441 bytes
Torna in alto
 
cbbusto
Inviato: Wednesday, March 18, 2015 6:40:26 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Dal log non vedo niente di pericoloso, solo qualche voce da eliminare.
Una domanda: non hai mai usato Firefox, se no, ti consiglio di provarlo e fai sapere se appaiono gli stessi problemi,
é risaputo che io detesto chrome, guarda caso i problemi come i tuoi con questo browser si amplificano ed è molto difficile risolverli. Non vedo nessun programma in avvio nemmeno l'antivirus.
Fai sapere, ti rispondo più tardi o domani. Ciao
Torna in alto
 
Utenti presenti in questo topic
Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Controllo LOG...problema Positive Finds


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.