cbbusto ha scritto:Vedo che sei nuovo del forum, anche se un nick simile al tuo mi sembra di ricordarlo.
Detto così è impossibile aiutarti, da cosa deduci che sei pieno di virus ?
Prova a fare queste scansioni:
Scarica ed installa MalwareBytes: clicca qui per il download:
http://it.malwarebytes.org/Clicca su:
scarica la versione Gratuita alla sinistra, nella finestra che appare clic su Salva file,
poi per installarlo clic su: mbam-setup.exe
Alla fine dell'installazione nell’ultima schermata deseleziona la voce Attiva la prova gratuita di Malwarebytes Anti-Malware Pro.Se il sw è in inglese, vai nella scheda Settings e seleziona la voce Italian dal menu a tendina Language per tradurre il programma in italiano.
Prima di fare la scansione
AGGIORNALO. (è molto importante)Poi clic
su SCANSIONE seleziona la voce scansione di minaccia Elimina gli eventuali file infetti trovati.
(li devi selezionare, e poi cliccare su "Rimuovi selezionati")Posta il log.
Scarica Adwcleaner sul desktop:http://dw2.it.uptodown.com/dw/1435411607/a94c018f502a4aea50c76175543cf32ee028bd97/adwcleaner-4-207-multi-win.exePer il download cliccare su: Download now
Chiudi tutti i browser (è importante IE,Firefox Chrome ecc...)Clicca sul pulsante "
Scan".
Finita la scansione clicca su "
Clean"
Conferma con OK le varie finestre che ti compariranno.
Il pc si riavvierà, e uscirà il log con le eliminazioni.
Postalo qui.
Scarica Junkware Removal Tool sul desktop.http://thisisudax.org/downloads/JRT.exeIl download dovrebbe partire entro 5 secondi
Disattiva temporaneamente l'antivirus per evitare potenziali conflitti.Doppio click su JRT
Lo strumento si aprirà e avvierà la scansione del sistema.
Devi avere pazienza in quanto questo tool può richiedere del tempo per completare la scansione .
Al termine, un log (JRT.txt) viene salvato sul desktop e si aprirà automaticamente.
Postalo qui.
Alla fine fai una scansione con Hijackthis e posta il log che vediamo cosa c'è nel pc.
Ciao
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:04:16, on 02/09/2015
Platform: Unknown Windows (WinNT 6.03.1408)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Safe mode
Running processes:
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\program files (x86)\avira\antivir desktop\avcenter.exe
C:\program files (x86)\avira\antivir desktop\avscan.exe
C:\Users\licia\Desktop\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.v9.com?type=hp&ts=1435566624&from=mych123&uid=toshibaxmq01abd050_62q4f9bbsxx62q4f9bbs&z=e168aa5d3523ee3f8a4c066g0zec7wbwfq6qbqco1t
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.istartsurf.com/web/?type=dspp&ts=1424975788&from=tugs&uid=TOSHIBAXMQ01ABD050_62Q4F9BBSXX62Q4F9BBS&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.v9.com?type=hp&ts=1435566624&from=mych123&uid=toshibaxmq01abd050_62q4f9bbsxx62q4f9bbs&z=e168aa5d3523ee3f8a4c066g0zec7wbwfq6qbqco1t
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.v9.com?type=hp&ts=1435566624&from=mych123&uid=toshibaxmq01abd050_62q4f9bbsxx62q4f9bbs&z=e168aa5d3523ee3f8a4c066g0zec7wbwfq6qbqco1t
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.mystartsearch.com/web/?type=dspp&ts=1425288952&from=sfpsnew5&uid=TOSHIBAXMQ01ABD050_62Q4F9BBSXX62Q4F9BBS&q={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.mystartsearch.com/web/?type=dspp&ts=1425288952&from=sfpsnew5&uid=TOSHIBAXMQ01ABD050_62Q4F9BBSXX62Q4F9BBS&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.v9.com?type=hp&ts=1435566624&from=mych123&uid=toshibaxmq01abd050_62q4f9bbsxx62q4f9bbs&z=e168aa5d3523ee3f8a4c066g0zec7wbwfq6qbqco1t
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.bing.com/search?q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
F2 - REG:system.ini: UserInit=userinit.exe,
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [ToshibaDynamicIconUtility] "C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe"
O4 - HKLM\..\Run: [TPUReg] "C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe" /Retimes
O4 - HKLM\..\Run: [CommonToolkitTray] C:\Program Files (x86)\Fighters\Tray\FightersTray.exe
O4 - HKLM\..\Run: [OfferBoulevard] C:\Program Files (x86)\OfferBoulevard\OfferBoulevardW.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe /boot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [Taplika] C:\WINDOWS\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\licia\AppData\Roaming\Taplika\UpdateProc\bkup.dat"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\RunOnce: [Taplika] C:\WINDOWS\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\licia\AppData\Roaming\Taplika\UpdateProc\bkup.dat"
O4 - HKUS\S-1-5-21-3253684712-1169726433-492310600-1001\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (User '?')
O4 - HKUS\S-1-5-21-3253684712-1169726433-492310600-1001\..\RunOnce: [Taplika] C:\WINDOWS\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\licia\AppData\Roaming\Taplika\UpdateProc\bkup.dat" (User '?')
O4 - S-1-5-21-3253684712-1169726433-492310600-1001 Startup: Download.lnk = C:\ProgramData\{62a42190-5ce9-4be3-62a4-421905ce8641}\Download.exe (User '?')
O4 - Startup: Download.lnk = C:\ProgramData\{62a42190-5ce9-4be3-62a4-421905ce8641}\Download.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\oexufafono.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\oexufafono.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\oexufafono.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\oexufafono.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\oexufafono.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\programdata\flashbeat\flashbeat32.dll
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Pianificatore (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - Unknown owner - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe (file missing)
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Suite Service - Unknown owner - C:\Program Files (x86)\Fighters\FighterSuiteService.exe (file missing)
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\WINDOWS\servicing\TrustedInstaller.exe (file missing)
O23 - Service: Update Air Globe - Unknown owner - C:\Program Files (x86)\Air Globe\updateAirGlobe.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
--
End of file - 7192 bytes
