Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Apertura pagine web indesiderate Opzioni
twingo207
Inviato: Sunday, January 20, 2013 12:24:20 PM
Rank: Member

Iscritto dal : 1/20/2013
Posts: 10
Salve, ho un problema di navigazione in internet, in pratica sia che usi Explorer 10 (predefinito) sia che usi Chrome, mi si aprono delle pagine web indesiderate. Le pagine sono sempre le stesse, a rotazione, ogni qualvolta apro una nuova pagina web. Ho fatto varie scansioni con antivirus, antispyware e combofix, ma non ho ottenuto nessun risultato. Allego Log di Hiijackthis, ringraziando per eventuali Vs. risposte.


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11.24.54, on 20/01/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16438)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\lsm\lsm.exe
C:\Windows\system32\conhost.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\nvraidservice.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\PIXELA\Everio MediaBrowser 3\MBCameraMonitor.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Pierfrancesco\Downloads\Programmi antivirus\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\Windows\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O4 - HKLM\..\Run: [NVRaidService] C:\Windows\system32\nvraidservice.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\Windows\system32\PCLECoInst.dll",CheckUSBController
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
O4 - HKLM\..\Run: [SpywareTerminatorShield] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKUS\S-1-5-21-3670352873-194424349-1540785737-1015\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3670352873-194424349-1540785737-1015\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Ritaglio schermata e avvio di OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Device Monitor 3.lnk = C:\Program Files\PIXELA\Everio MediaBrowser 3\MBCameraMonitor.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Scarica con Download &Express - C:\Program Files\Download Express\Add_Url.htm
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Auto Update Service (AUS) - MS - C:\Program Files\lsm\aus.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: Google Desktop Manager 5.7.808.7150 (GoogleDesktopManager-080708-050100) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Login Session Manager (LSM) - MS - C:\Program Files\lsm\lsm.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\MNA\McNASvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

--
End of file - 12523 bytes
Sponsor
Inviato: Sunday, January 20, 2013 12:24:20 PM

 
shapiro
Inviato: Monday, January 21, 2013 11:35:54 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164


ciao posta il log di combofix lo trovi in C come combofix.txt
twingo207
Inviato: Monday, January 21, 2013 12:49:52 PM
Rank: Member

Iscritto dal : 1/20/2013
Posts: 10
ComboFix 13-01-14.01 - Pierfrancesco 17/01/2013 23.47.42.9.4 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.39.1040.18.3071.1674 [GMT 1:00]
Eseguito da: c:\users\Pierfrancesco\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Creati Da 2012-12-17 al 2013-01-17 )))))))))))))))))))))))))))))))))))
.
.
2013-01-17 22:55 . 2013-01-17 22:55 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-01-17 22:55 . 2013-01-17 22:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-17 22:47 . 2013-01-17 22:47 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DF072935-8D67-4420-9A59-2B2451CEA96F}\MpKsl32a0a976.sys
2013-01-17 22:45 . 2013-01-08 04:57 6991832 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DF072935-8D67-4420-9A59-2B2451CEA96F}\mpengine.dll
2013-01-17 22:29 . 2013-01-17 22:38 -------- d-----w- C:\TDSSKiller_Quarantine
2013-01-16 22:21 . 2013-01-08 04:57 6991832 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-01-14 22:44 . 2013-01-17 22:55 -------- d-----w- c:\users\Pierfrancesco\AppData\Local\temp
2013-01-11 11:57 . 2013-01-11 11:57 -------- d-----w- c:\users\Pierfrancesco\AppData\Local\PowerCinema
2013-01-09 22:24 . 2012-11-22 04:45 626688 ----a-w- c:\windows\system32\usp10.dll
2013-01-09 22:24 . 2012-11-23 02:56 2345984 ----a-w- c:\windows\system32\win32k.sys
2013-01-09 22:24 . 2012-11-09 04:43 492032 ----a-w- c:\windows\system32\win32spl.dll
2013-01-09 22:22 . 2012-12-07 10:46 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2013-01-07 22:03 . 2013-01-07 22:03 -------- d-----w- c:\programdata\LogiShrd
2013-01-05 15:57 . 2013-01-05 15:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-05 15:57 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-05 14:25 . 2011-06-21 10:24 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2013-01-05 14:25 . 2013-01-17 11:48 -------- d-----w- c:\programdata\Spyware Terminator
2013-01-05 14:25 . 2013-01-05 14:25 -------- d-----w- c:\users\Pierfrancesco\AppData\Roaming\Spyware Terminator
2013-01-05 14:23 . 2013-01-05 14:30 -------- d-----w- c:\program files\Spyware Terminator
2013-01-03 20:01 . 2012-08-23 14:10 12288 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-01-03 20:01 . 2012-08-23 14:44 14848 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2013-01-03 20:01 . 2012-08-23 14:10 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-01-03 20:01 . 2012-08-23 13:52 12800 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2013-01-03 20:01 . 2012-08-23 14:40 49664 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2013-01-03 20:00 . 2012-08-23 13:46 16896 ----a-w- c:\windows\system32\wksprtPS.dll
2013-01-03 20:00 . 2012-08-23 13:18 37376 ----a-w- c:\windows\system32\tsgqec.dll
2013-01-03 20:00 . 2012-08-23 14:48 221184 ----a-w- c:\windows\system32\rdpudd.dll
2013-01-03 20:00 . 2012-08-23 13:47 46592 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2013-01-03 20:00 . 2012-08-23 13:32 32768 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2013-01-03 20:00 . 2012-08-23 11:40 56320 ----a-w- c:\windows\system32\TSWbPrxy.exe
2013-01-03 20:00 . 2012-08-23 11:15 269312 ----a-w- c:\windows\system32\aaclient.dll
2013-01-03 20:00 . 2012-08-23 11:12 192000 ----a-w- c:\windows\system32\rdpendp_winip.dll
2013-01-03 20:00 . 2012-08-23 11:32 317440 ----a-w- c:\windows\system32\wksprt.exe
2013-01-03 20:00 . 2012-08-23 10:39 1048064 ----a-w- c:\windows\system32\mstsc.exe
2013-01-03 20:00 . 2012-08-23 10:08 2739712 ----a-w- c:\windows\system32\rdpcorets.dll
2013-01-03 20:00 . 2012-08-23 08:19 4916224 ----a-w- c:\windows\system32\mstscax.dll
2013-01-03 19:47 . 2012-08-24 17:05 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-01-03 19:47 . 2012-08-24 16:57 247808 ----a-w- c:\windows\system32\schannel.dll
2013-01-03 19:47 . 2012-08-24 17:02 369856 ----a-w- c:\windows\system32\drivers\cng.sys
2013-01-03 19:47 . 2012-08-24 16:56 1039360 ----a-w- c:\windows\system32\lsasrv.dll
2013-01-03 19:47 . 2012-05-04 09:59 514560 ----a-w- c:\windows\system32\qdvd.dll
2013-01-03 15:21 . 2013-01-03 15:21 -------- d-----w- c:\programdata\Ad-Aware Antivirus
2013-01-03 15:21 . 2013-01-04 08:17 -------- d-----w- c:\users\Pierfrancesco\AppData\Roaming\LavasoftStatistics
2013-01-03 15:15 . 2013-01-03 15:15 -------- d-----w- c:\programdata\Lavasoft
2013-01-03 15:14 . 2013-01-03 15:14 44424 ----a-w- c:\windows\system32\sbbd.exe
2013-01-03 15:14 . 2013-01-03 15:14 13560 ----a-w- c:\windows\system32\drivers\gfibto.sys
2013-01-03 15:13 . 2013-01-03 15:13 -------- d--h--w- c:\users\Pierfrancesco\AppData\Local\adawarebp
2013-01-03 15:13 . 2013-01-03 15:13 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection
2013-01-03 15:11 . 2013-01-03 20:18 -------- d-----w- c:\users\Pierfrancesco\AppData\Roaming\Ad-Aware Antivirus
2013-01-01 11:09 . 2013-01-01 12:43 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-01-01 11:09 . 2009-01-25 11:14 15224 ----a-w- c:\windows\system32\sdnclean.exe
2013-01-01 11:09 . 2013-01-01 11:09 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2012-12-31 10:02 . 2012-12-31 10:02 -------- d-----w- c:\users\Pierfrancesco\AppData\Roaming\Malwarebytes
2012-12-31 10:02 . 2012-12-31 10:02 -------- d-----w- c:\programdata\Malwarebytes
2012-12-27 21:27 . 2013-01-07 04:06 -------- d-----w- c:\program files\lsm
2012-12-21 06:08 . 2012-12-16 14:13 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 06:08 . 2012-12-16 14:13 34304 ----a-w- c:\windows\system32\atmlib.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-08 19:43 . 2012-04-13 21:14 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-08 19:43 . 2012-04-13 21:14 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-28 12:27 . 2012-11-28 12:28 740840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4A24B7C3-A4FE-40A3-ABFE-28A48EC1F466}\gapaengine.dll
2012-11-22 21:18 . 2012-11-22 21:18 86528 ----a-w- c:\windows\system32\iesysprep.dll
2012-11-22 21:18 . 2012-11-22 21:18 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-11-22 21:18 . 2012-11-22 21:18 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-11-22 21:18 . 2012-11-22 21:18 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-11-22 21:18 . 2012-11-22 21:18 161792 ----a-w- c:\windows\system32\msls31.dll
2012-11-22 21:18 . 2012-11-22 21:18 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-11-22 21:18 . 2012-11-22 21:18 74752 ----a-w- c:\windows\system32\iesetup.dll
2012-11-22 21:18 . 2012-11-22 21:18 63488 ----a-w- c:\windows\system32\tdc.ocx
2012-11-22 21:18 . 2012-11-22 21:18 367104 ----a-w- c:\windows\system32\html.iec
2012-11-22 21:18 . 2012-11-22 21:18 23552 ----a-w- c:\windows\system32\licmgr10.dll
2012-11-22 21:18 . 2012-11-22 21:18 152064 ----a-w- c:\windows\system32\wextract.exe
2012-11-22 21:18 . 2012-11-22 21:18 150528 ----a-w- c:\windows\system32\iexpress.exe
2012-11-22 21:18 . 2012-11-22 21:18 35840 ----a-w- c:\windows\system32\imgutil.dll
2012-11-22 21:18 . 2012-11-22 21:18 11776 ----a-w- c:\windows\system32\mshta.exe
2012-11-22 21:18 . 2012-11-22 21:18 101888 ----a-w- c:\windows\system32\admparse.dll
2012-11-14 02:09 . 2012-12-12 22:57 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58 . 2012-12-12 22:57 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57 . 2012-12-12 22:57 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49 . 2012-12-12 22:57 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48 . 2012-12-12 22:57 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44 . 2012-12-12 22:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-09 04:42 . 2012-12-12 20:56 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-08 10:29 . 2012-11-08 10:29 1402312 ----a-w- c:\windows\system32\msxml4.dll
2012-11-02 05:11 . 2012-12-12 20:56 376832 ----a-w- c:\windows\system32\dpnet.dll
2012-10-30 22:51 . 2012-04-13 11:19 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2012-04-13 11:19 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51 . 2012-04-13 11:19 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2012-04-13 11:19 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 22:51 . 2012-04-13 11:19 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2012-04-13 11:18 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 22:50 . 2012-04-13 11:18 227648 ----a-w- c:\windows\system32\aswBoot.exe
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-03-04 21:38 121392 ----a-w- c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Spybot-S&D Cleaning"="c:\program files\Spybot - Search & Destroy 2\SDCleaner.exe" [2012-11-13 3713032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"RtHDVCpl"="RtHDVCpl.exe" [2008-03-26 5369856]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-11-10 406016]
"PCMMediaSharing"="c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe" [2008-01-25 204908]
"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2008-05-06 196128]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2008-05-28 570664]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 1821576]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2012-04-12 24064]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 526896]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"Acer Empowering Technology Monitor"="c:\acer\Empowering Technology\SysMonitor.exe" [2008-01-09 326176]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]
"USB2Check"="c:\windows\system32\PCLECoInst.dll" [2005-12-21 73728]
"SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2012-11-13 3825176]
"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2012-12-11 542104]
"SpywareTerminatorShield"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2012-11-09 2777296]
"SpywareTerminatorUpdater"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2012-11-09 3673808]
.
c:\users\Pierfrancesco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Ritaglio schermata e avvio di OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Device Monitor 3.lnk - c:\program files\PIXELA\Everio MediaBrowser 3\MBCameraMonitor.exe [2012-5-6 542064]
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2008-4-21 535336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 LSM;Login Session Manager;c:\program files\lsm\lsm.exe [x]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [x]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 AUS;Auto Update Service;c:\program files\lsm\aus.exe [x]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
.
.
--- Altri Servizi/Drivers In Memoria ---
.
*NewlyCreated* - 23362963
*NewlyCreated* - 50051161
*NewlyCreated* - 55213448
*NewlyCreated* - MPKSL32A0A976
*Deregistered* - 23362963
*Deregistered* - 50051161
*Deregistered* - 55213448
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
GPSvcGroup REG_MULTI_SZ GPSvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-17 19:14 1606760 ----a-w- c:\program files\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe
.
Contenuto della cartella 'Scheduled Tasks'
.
2013-01-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 19:43]
.
2013-01-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-04-13 11:19]
.
2013-01-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-04-13 11:19]
.
.
------- Scansione supplementare -------
.
uStart Page = about:blank
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Scarica con Download &Express - c:\program files\Download Express\Add_Url.htm
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{F614B787-48E0-4E4B-B37D-0BA9BB37975F}: DhcpNameServer = 192.168.1.254
Name-Space Handler: ftp\HIEClickCatcher - {E131C96E-4DDB-11D4-84B8-008048B33DEA} - c:\progra~1\DOWNLO~1\mdpph.dll
Name-Space Handler: http\HIEClickCatcher - {E131C96E-4DDB-11D4-84B8-008048B33DEA} - c:\progra~1\DOWNLO~1\mdpph.dll
Name-Space Handler: https\HIEClickCatcher - {E131C96E-4DDB-11D4-84B8-008048B33DEA} - c:\progra~1\DOWNLO~1\mdpph.dll
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
SafeBoot-50051161.sys
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.alb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FotoManager10Deluxe.8.alb"
.
[HKEY_USERS\S-1-5-21-3670352873-194424349-1540785737-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3670352873-194424349-1540785737-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-3670352873-194424349-1540785737-1000_Classes\VirtualStore\MACHINE\SOFTWARE\Ahead\Nero Home\MediaBrowser\Burning]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3670352873-194424349-1540785737-1000_Classes\VirtualStore\MACHINE\SOFTWARE\Microsoft\AudioCompressionManager\DriverCache]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'Explorer.exe'(3372)
c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
.
Ora fine scansione: 2013-01-17 23:58:27
ComboFix-quarantined-files.txt 2013-01-17 22:58
ComboFix2.txt 2013-01-14 22:51
ComboFix3.txt 2013-01-14 21:06
ComboFix4.txt 2013-01-12 21:43
ComboFix5.txt 2013-01-17 22:46
.
Pre-Run: 84.647.796.736 byte disponibili
Post-Run: 84.628.217.856 byte disponibili
.
- - End Of File - - 2C02CF61A35D6B1EECA344F0F07DAE71
shapiro
Inviato: Monday, January 21, 2013 5:31:59 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164

ma quanta roba gira su quel pc,

1 avast

2 Microsoft Security Essentials

3 c:\programdata\Ad-Aware Antivirus

4 questo driver >> gfibto appartiene a VIPRE Antivirus

fammi sapere quello che vuoi lasciare poi fammi una scansione con otl

scaricalo da qui e salvalo sul desktop

Metti la spunta su SCAN ALL USERS.

Sotto output, metti la spunta su minimal output

Clicca sulla freccettina di File Age e seleziona 60 Days

Metti la spunta a LOP Check e Purity Check.

Clicca su RUN SCAN

Lascia fare la scansione senza interferire.

Al termine della scansione trovi 2 log sul desktop. OTL.txt ed Extras.txt, salvali e caricali su Wikisend,
twingo207
Inviato: Monday, January 21, 2013 8:44:02 PM
Rank: Member

Iscritto dal : 1/20/2013
Posts: 10
Ho sempre "lavorato": con avast e Microsoft security essentials, gli altri due gli ho caricati sperando di eliminare il problema sopra citato, quindi vorrei disinstallarli ed eliminarli. Ho fatto la scansione con otl, seguendo le tue istruzioni, e caricati su Wikisend, Questi i due link http://wikisend.com/download/524918/OTL.Txt http://wikisend.com/download/443786/Extras.Txt. Spero di procedere nel modo giusto.Rimango in attesa di altre comunicazioni. Grazie
shapiro
Inviato: Tuesday, January 22, 2013 10:41:17 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164

vorrei sapere quale antivirus usi , mi serve per le eliminazioni

fammi sapere
twingo207
Inviato: Tuesday, January 22, 2013 7:24:18 PM
Rank: Member

Iscritto dal : 1/20/2013
Posts: 10
Ora come antivirus uso Avast
twingo207
Inviato: Thursday, January 24, 2013 7:18:44 PM
Rank: Member

Iscritto dal : 1/20/2013
Posts: 10
Adesso che procedura devo adottare?
twingo207
Inviato: Saturday, January 26, 2013 9:13:39 AM
Rank: Member

Iscritto dal : 1/20/2013
Posts: 10
Ciao aiutamici, qualcuno mi può aiutare a risolvere il problema, non ho più risposte da martedì 22, Grazie
shapiro
Inviato: Saturday, January 26, 2013 9:36:18 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
un po' di pazienza in giornata ti posto la procedura
twingo207
Inviato: Saturday, January 26, 2013 9:54:23 AM
Rank: Member

Iscritto dal : 1/20/2013
Posts: 10
Scusa, grazie.
shapiro
Inviato: Saturday, January 26, 2013 11:47:24 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164

a parte qualche riga che possiamo rimuovere con hikackthis non vedo altro

rimuovi gli antivirus che non usi e dimmi se hai sempre l'apertura delle pagine
twingo207
Inviato: Saturday, January 26, 2013 2:45:25 PM
Rank: Member

Iscritto dal : 1/20/2013
Posts: 10
allora, rimosso e pulito registro da tutti i vari antivirus, ora instalato Avast 6 e Mc essential. Purtroppo le pagine web si aprono ancora, soprattutto clickpoint,it
shapiro
Inviato: Saturday, January 26, 2013 4:51:04 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164

Apri internet explorer

vai su opzioni internet >> scheda avanzate

metti la spunta su Blocca immagini non sicure con altri contenuti misti

clicca su applica e dai ok

riavvia il browser naviga un po' e vedi se si aprono ancora

twingo207
Inviato: Tuesday, January 29, 2013 8:24:56 PM
Rank: Member

Iscritto dal : 1/20/2013
Posts: 10
Purtroppo il problema continua a persistere. quindi ogni qualvolta che mi si apre una nuova pagina pubblicitaria (gira e rigira sono sempre le solite),utilizzando Explorer come browser predefinito, vado in strumenti-opzioni internet-sicurezza-siti con restrizioni-e aggiungo il sito indicato della pagina indesiderata, per ora quelle bloccate non si aprono più. Non sarà una soluzione eccezionale ma è l'unica che funziona. aspetto eventuali suggerimenti. Ciao.
shapiro
Inviato: Tuesday, January 29, 2013 8:56:16 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164

start/esegui > digita inetcpl.cpl e dai invio vai nella scheda avanzate e clicca su reimposta
cbbusto
Inviato: Tuesday, January 29, 2013 11:49:41 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Scusate l'intromissione, shapiro cosa ne pensi di far fare una scansione con ADW ? potrebbe essere utile.

Twingo non puoi tenere 2 antivirus ne devi tenere uno solo, io terrei solo MSE che è molto valido ed eliminerei Avast.

Elimina anche questo sw: C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe è inutile ne hai già troppi.

Anche questi non servono;
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
sono le solite utility delle case produttrici che di utile non hanno niente e creano solo casini, più programmi installi e più problemi crei al pc.
Per non parlare delle innumerevoli voci in avvio, la maggior parte inutili servono solo a rallentare il sistema.
Questa è la mia opinione, a te la scelta. Ciao
twingo207
Inviato: Thursday, January 31, 2013 1:35:32 PM
Rank: Member

Iscritto dal : 1/20/2013
Posts: 10
Probabilmente ho risolto in maniera diversa da come descritto nei post precedenti., stasera posto il percorso fatto.
NB. Per cbbusto, ho letto solo oggi il tuo post, (forse a problema risolto)(spero),

Inanzitutto, anche bloccando le pagine web con restrizione dei siti, in internet explorer, come avevo descritto sopra, queste pagine si aprivano ugualmente con il cambio di dominio, esempio da .com a .it, stanco e snervato dalle continue aperture, ha ricontrollato tutti i vari post che parlano di questo problema. Ho rifatto, per l'ennesima volta tutte le scansioni possibili con antivirus e tutti i vari programmi indicati nei vari post, fino alla scansione con TDSSKILLER, spuntando, però, tutte le caselle in cambia parametri nella schermata di avvio del programma, mi è stato chiesto il riavvio del pc, al riavvio si è avviata anche la scansione trovando una 15 di voci sospette. Queste voci,le ho spuntate con il comando "delete" invece di "quarantena", fatto questo ho ripulito il registro con CCleaner e cancellando tutte le voci che si presentavano. Per il momento non ha avuto aperture di pagine indesiderate.

shapiro
Inviato: Friday, February 01, 2013 10:39:21 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
puoi allegare il log di tds killer?
Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.