Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

zodiac-games Opzioni
cris71
Inviato: Wednesday, February 22, 2017 11:48:38 PM

Rank: AiutAmico

Iscritto dal : 9/24/2008
Posts: 194
ciao a tutti : non riesco a eliminare zodiac-games in nessun modo
ho provato con un milione di guide trovate googlando ma non trovo voci nel registro al riguardo
grazie Cristiano
Sponsor
Inviato: Wednesday, February 22, 2017 11:48:38 PM

 
maopapof
Inviato: Thursday, February 23, 2017 12:00:00 AM

Rank: AiutAmico

Iscritto dal : 10/31/2004
Posts: 7,183

prova in modalità provvisoria ( F8 )

cris71
Inviato: Thursday, February 23, 2017 12:02:54 AM

Rank: AiutAmico

Iscritto dal : 9/24/2008
Posts: 194
provato anche cosi' ma da regedit non mi da nulla se non l'avviso "ricerca completata : l'unica cosa che vedo anomala è l'apertura del sito all'avvio del sistema , ma piu' avanti non so se dia altri problemi
solfami
Inviato: Thursday, February 23, 2017 6:42:10 AM

Rank: AiutAmico

Iscritto dal : 11/14/2003
Posts: 2,269
Salve
Provato questo?
http://software.aiutamici.com/software?ID=11175
Incolla il log
magari si vede qualcosa.
Lo fa anche a modem spento?
Ovviamente avrai controllato la pagina iniziale.
Saluti
cris71
Inviato: Thursday, February 23, 2017 9:52:00 AM

Rank: AiutAmico

Iscritto dal : 9/24/2008
Posts: 194
ok stasera provo e posto il responso , grazie intanto
wolfestein
Inviato: Thursday, February 23, 2017 2:45:50 PM

Rank: AiutAmico

Iscritto dal : 2/15/2009
Posts: 15,951
http://rimuovere.removemalwarevirus.com/guida-rimuovere-zodiac-game-info-da-pc-guida-per-la-rimozione-per-zodiac-game-info
http://www.rimuovere-virus.com/eliminare-zodiac-game-info/ (Non scaricare lo strumento).
Oltre al programma consigliato da solfami fai una scansione completa con Malwarebytes(aggiornato)e ADWCleaner.
http://software.aiutamici.com/software?ID=11168
http://software.aiutamici.com/software?ID=80346 (non attivare la versione di prova della versione PRO).
cris71
Inviato: Thursday, February 23, 2017 8:56:31 PM

Rank: AiutAmico

Iscritto dal : 9/24/2008
Posts: 194
su hijackthis ho cliccato il primo pulsante e mi da :
Code:
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 19:51:09, on 23/02/2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18231)

FIREFOX: 51.0.1 (x86 en-US)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files (x86)\WinZip\WZQKPICK.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Users\cristiano.z\AppData\Local\Opera Software\Opera Neon\Application\neon.exe
C:\Users\cristiano.z\AppData\Local\Opera Software\Opera Neon\Application\neon.exe
C:\Users\cristiano.z\AppData\Local\Opera Software\Opera Neon\Application\neon.exe
C:\Users\cristiano.z\AppData\Local\Opera Software\Opera Neon\Application\neon.exe
C:\Users\cristiano.z\AppData\Local\Opera Software\Opera Neon\Application\neon.exe
C:\Users\cristiano.z\AppData\Local\Opera Software\Opera Neon\Application\neon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Users\cristiano.z\Desktop\malware win\HijackThisPortable\HijackThisPortable.exe
C:\Users\cristiano.z\Desktop\malware win\HijackThisPortable\App\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: Spyware Terminator 2015 Internet Guard - {82A76710-4F98-4957-92BE-99648A4E2475} - C:\PROGRA~2\SPYWAR~1\STINTE~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\PROGRAM FILES\CCLEANER\CCLEANER64.EXE" /MONITOR
O4 - HKCU\..\Run: [cristiano.z] explorer.exe http://sd-steam.info
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\PROGRAM FILES\DAEMON TOOLS LITE\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO DI RETE')
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files (x86)\WinZip\WZQKPICK.EXE
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 9 (AdvancedSystemCareService9) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASRock IO Monitor Service (ASRockIOMon) - Unknown owner - C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\ASRock\XFast LAN\spd.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Bitdefender Antivirus Free Edition (gzserv) - Bitdefender - C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® ME Service (Intel(R) ME Service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Intel(R) Small Business Advantage (intelsba) - Intel Corporation - C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SpyHunter4 Service (SpyHunter 4 Service) - Enigma Software Group USA, LLC. - C:\Program Files\Enigma Software Group\SpyHunter\Sh4Service.exe
O23 - Service: Spyware Terminator 2015 Realtime Shield Service (ST2012_Svc) - Crawler Group, LLC - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11456 bytes
cris71
Inviato: Thursday, February 23, 2017 9:15:51 PM

Rank: AiutAmico

Iscritto dal : 9/24/2008
Posts: 194
mentre adwcleaner al riavvio mi ha dato questo
Commenta:
# AdwCleaner v6.043 - Creato file registro eventi 23/02/2017 in 20:11:23
# Aggiornato su 27/01/2017 da Malwarebytes
# Database : 2017-02-23.4 [Server]
# Sistema operativo : Windows 7 Ultimate Service Pack 1 (X64)
# Utente : cristiano.z - CRISTIANO
# In esecuzione da : C:\Users\cristiano.z\Desktop\malware win\adwcleaner_6.043.exe
# Modo: pulizia
# Supporto : https://www.malwarebytes.com/support



***** [ Servizi ] *****

[-] Servizio eliminato: sp_rsdrv2


***** [ Cartelle ] *****

[-] Cartella eliminata: C:\Users\cristiano.z\AppData\Local\YSearchUtil
[-] Cartella eliminata: C:\Users\cristiano.z\AppData\Roaming\Tencent
[-] Cartella eliminata: C:\Program Files\Enigma Software Group
[-] Cartella eliminata: C:\sh4ldr
[-] Cartella eliminata: C:\ProgramData\Tencent
[#] Cartella eliminata al riavvio: C:\ProgramData\Application Data\Tencent
[-] Cartella eliminata: C:\Program Files (x86)\Common Files\Tencent
[-] Cartella eliminata: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil


***** [ File ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Collegamenti ] *****



***** [ Attività pianificate ] *****



***** [ Registro ] *****

[-] Chiave eliminata: HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
[-] Chiave eliminata: HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
[-] Chiave eliminata: HKLM\SOFTWARE\Classes\CLSID\{B9E49847-9822-4139-BC55-7173ED1ADA11}
[-] Chiave eliminata: HKLM\SOFTWARE\Classes\Interface\{6B3732AA-F6D4-4F16-9E22-49EDC52C9514}
[-] Chiave eliminata: HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Chiave eliminata: HKLM\SOFTWARE\Classes\Interface\{B9E49847-9822-4139-BC55-7173ED1ADA11}
[-] Chiave eliminata: [x64] HKLM\SOFTWARE\EnigmaSoftwareGroup
[-] Chiave eliminata: HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
[-] Valore eliminato: HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [AndroidServer.exe]


***** [ Browser ] *****

[-] [C:\Users\cristiano.z\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Eliminato: www1.delta-search.com
[-] [C:\Users\cristiano.z\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Eliminato: isearch.avg.com
[-] [C:\Users\cristiano.z\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Eliminato: dts.search.ask.com


*************************

:: " tracciamento " chiavi eliminate
:: Impostazioni Winsock ripristinate

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2601 Byte] - [23/02/2017 20:11:23]
C:\AdwCleaner\AdwCleaner[S0].txt - [2748 Byte] - [23/02/2017 20:09:47]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2745 Byte] ##########


in ogni caso non ho piu visto aprire la scheda zodiac all'avvio : grandi !! grazie !!!!
wolfestein
Inviato: Thursday, February 23, 2017 10:23:22 PM

Rank: AiutAmico

Iscritto dal : 2/15/2009
Posts: 15,951
Di niente cris ma stai attento a ciò che installi.
Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.