Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

non si apre firefox Opzioni
stelladelnord1
Inviato: Friday, August 10, 2012 8:27:38 PM
Rank: AiutAmico

Iscritto dal : 3/31/2012
Posts: 328
allora da ieri mi fa storiare il pc, ho dovuto fare un ripristino, non apre explorer, non apre firefox, non apre nulla, e se lo fa, lo fa mooooolllltttto lentamente, devo cliccare piu di una volta, ho fatto varie scansioni, dalle quali non risulta nulla, ma ho la sensazione che ci sia qualcosa che non va.

vi va di aiutarmi?

scusate se ho postato nella sezione sbagliata
Sponsor
Inviato: Friday, August 10, 2012 8:27:38 PM

 
shapiro
Inviato: Friday, August 10, 2012 9:09:27 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164

posta un log di hijackthis
stelladelnord1
Inviato: Friday, August 10, 2012 9:37:48 PM
Rank: AiutAmico

Iscritto dal : 3/31/2012
Posts: 328
shapiro ha scritto:

posta un log di hijackthis


non riesco a fare il copia e incolla
shapiro
Inviato: Friday, August 10, 2012 9:39:03 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
in che senso non riesci....prova a caricarlo su wikisend
stelladelnord1
Inviato: Saturday, August 11, 2012 8:04:56 PM
Rank: AiutAmico

Iscritto dal : 3/31/2012
Posts: 328
shapiro ha scritto:
in che senso non riesci....prova a caricarlo su wikisend


ok ci provo
stelladelnord1
Inviato: Saturday, August 11, 2012 9:12:22 PM
Rank: AiutAmico

Iscritto dal : 3/31/2012
Posts: 328
si aprem una finestrelle che dice:

for some reason your system denied write access to the Hosts file.if any hijacked domains are in this file, Hijackthis may NOT be able to fix this. if that happens, you need edit the file yourself. to do this, click START, `run and type: notepad C:\Windows\System32\drivers\etc\hosts

and press Enter. Find the line(s} hijackthis reports and delete them. save the file as HOST. {with quotes}, and reboot

for vista>simply, exit hijackthis, right click on the hijackthis icon, choose {run as administrator}
shapiro
Inviato: Saturday, August 11, 2012 9:15:58 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164


prova ad avviarlo col tasto destro ed eseguilo come amministratore

che S.O. hai
stelladelnord1
Inviato: Saturday, August 11, 2012 10:21:56 PM
Rank: AiutAmico

Iscritto dal : 3/31/2012
Posts: 328
shapiro ha scritto:


prova ad avviarlo col tasto destro ed eseguilo come amministratore

che S.O. hai


fatto, non si apre, riprovero domani con calma SO windows
stelladelnord1
Inviato: Sunday, August 12, 2012 5:29:12 AM
Rank: AiutAmico

Iscritto dal : 3/31/2012
Posts: 328
stelladelnord1 ha scritto:
shapiro ha scritto:


prova ad avviarlo col tasto destro ed eseguilo come amministratore

che S.O. hai


fatto, non si apre, riprovero domani con calma SO windows


nn prende i comandi con il tasto dx
stelladelnord1
Inviato: Thursday, August 16, 2012 8:20:50 PM
Rank: AiutAmico

Iscritto dal : 3/31/2012
Posts: 328
ecco iol log hijackthis, ho ammattito un pò ma ci sono riuscita

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:17:29, on 16/08/2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclIVTBTSrv.exe
C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil VoIP Plugin.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/6
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/6
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPCON/6
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: uTorrentBar_IT Toolbar - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTor.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: uTorrentBar_IT - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTor.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: uTorrentBar_IT Toolbar - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTor.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: Snapfish PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Users\hp\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: I&nvia a OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWOW64\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files (x86)\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Start BT in service - Unknown owner - C:\Program Files (x86)\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13026 bytes
shapiro
Inviato: Thursday, August 16, 2012 8:28:25 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164


ciao le solite ''porcherie'' che entrano quando si installa un programma

apri hjt riavvia la scansione e metti la spunta accanto alle caselle delle voci che ti indico poi premi su fix checked




Code:
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

O2 - BHO: uTorrentBar_IT - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTor.dll
    

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: uTorrentBar_IT Toolbar - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTor.dll

O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll" (file missing)

O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"



scarica adwcleaner clicca su ''search'' e posta il log che rilascia

scarica malwarebytes
Aggiornalo: clicca sulla scheda "aggiornamenti" => "controlla aggiornamenti"
Esegui una "scansione completa" (seleziona l'opzione)
A scansione completa, fai clic su OK => Mostra i Risultati.
Assicurarti che tutto sia selezionato e clicca clic su Rimuovi selezionati.
Se ti chiede di riavviare, riavvia per completare il processo di pulizia.
Posta il rapporto
stelladelnord1
Inviato: Thursday, August 16, 2012 8:43:36 PM
Rank: AiutAmico

Iscritto dal : 3/31/2012
Posts: 328
# AdwCleaner v1.801 - Logfile created 08/16/2012 at 20:45:23
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : hp - HP-HP
# Boot Mode : Normal
# Running from : C:\Users\hp\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Users\hp\AppData\Local\Conduit
Folder Found : C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdghcmanhfigpijjllopocpcnjffkhl
Folder Found : C:\Users\hp\AppData\LocalLow\AskToolbar
Folder Found : C:\Users\hp\AppData\LocalLow\BabylonToolbar
Folder Found : C:\Users\hp\AppData\LocalLow\Conduit
Folder Found : C:\Users\hp\AppData\LocalLow\PriceGong
Folder Found : C:\Users\hp\AppData\LocalLow\uTorrentBar_IT
Folder Found : C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\sg8s01ki.default\ConduitCommon
Folder Found : C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\sg8s01ki.default\extensions\ffxtlbr@babylon.com
Folder Found : C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\sg8s01ki.default\extensions\ffxtlbr@funmoods.com
Folder Found : C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\sg8s01ki.default\extensions\toolbar@ask.com
Folder Found : C:\Program Files\Babylon
Folder Found : C:\Program Files (x86)\Ask.com
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\Funmoods
Folder Found : C:\Program Files (x86)\uTorrentBar_IT
Folder Found : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
File Found : C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\sg8s01ki.default\searchplugins\Askcom.xml
File Found : C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\sg8s01ki.default\searchplugins\funmoods.xml
File Found : C:\user.js

***** [Registry] *****

  • Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2851640
    Key Found : HKCU\Software\APN
    Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
    Key Found : HKCU\Software\AppDataLow\Software\Conduit
    Key Found : HKCU\Software\AppDataLow\Software\PriceGong
    Key Found : HKCU\Software\AppDataLow\Software\SmartBar
    Key Found : HKCU\Software\AppDataLow\Toolbar
    Key Found : HKCU\Software\Ask.com
    Key Found : HKCU\Software\Funmoods
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
    Key Found : HKCU\Software\Softonic
    Key Found : HKLM\SOFTWARE\APN
    Key Found : HKLM\SOFTWARE\AskToolbar
    Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
    Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
    Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
    Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
    Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
    Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
    Key Found : HKLM\SOFTWARE\Conduit
    Key Found : HKLM\SOFTWARE\Funmoods
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ncdghcmanhfigpijjllopocpcnjffkhl
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_IT Toolbar
    Key Found : HKLM\SOFTWARE\uTorrentBar_IT
    Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
    [x64] Key Found : HKCU\Software\APN
    [x64] Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
    [x64] Key Found : HKCU\Software\AppDataLow\Software\Conduit
    [x64] Key Found : HKCU\Software\AppDataLow\Software\PriceGong
    [x64] Key Found : HKCU\Software\AppDataLow\Software\SmartBar
    [x64] Key Found : HKCU\Software\AppDataLow\Toolbar
    [x64] Key Found : HKCU\Software\Ask.com
    [x64] Key Found : HKCU\Software\Funmoods
    [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
    [x64] Key Found : HKCU\Software\Softonic
    [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
    [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
    [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
    [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
    [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
    [x64] Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
    [x64] Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
    [x64] Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
    [x64] Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
    [x64] Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar
    [x64] Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF

    ***** [Registre - GUID] *****
  • shapiro
    Inviato: Thursday, August 16, 2012 8:48:46 PM

    Rank: AiutAmico

    Iscritto dal : 8/24/2008
    Posts: 4,164

    apri nuovamente il tool e questa volta scegli ''delete''

    posta il log poi avvia la scansione con mbam, posta il rapporto a fine scansione

    mi raccomando, aggiornalo prima di fare la scansione
    stelladelnord1
    Inviato: Friday, August 17, 2012 5:32:01 PM
    Rank: AiutAmico

    Iscritto dal : 3/31/2012
    Posts: 328
    shapiro ha scritto:

    apri nuovamente il tool e questa volta scegli ''delete''

    posta il log poi avvia la scansione con mbam, posta il rapporto a fine scansione

    mi raccomando, aggiornalo prima di fare la scansione


    ci riprovo dopo, ma ieri sera avg, mi ha chiuso il programma e cancellato, come minaccia, appena ho dato l'imput su delete, ehmm dove trovo mbam?
    stelladelnord1
    Inviato: Friday, August 17, 2012 5:49:22 PM
    Rank: AiutAmico

    Iscritto dal : 3/31/2012
    Posts: 328
    eccolo


    # AdwCleaner v1.801 - Logfile created 08/17/2012 at 17:45:02
    # Updated 14/08/2012 by Xplode
    # Operating system : Windows 7 Home Premium (64 bits)
    # User : hp - HP-HP
    # Boot Mode : Normal
    # Running from : C:\Users\hp\Downloads\adwcleaner.exe
    # Option [Delete]


    ***** [Services] *****


    ***** [Files / Folders] *****


    ***** [Registry] *****


    ***** [Registre - GUID] *****


    ***** [Internet Browsers] *****

    -\\ Internet Explorer v9.0.8112.16421

    [OK] Registry is clean.

    -\\ Mozilla Firefox v10.0.2 (it)

    Profile name : default
    File : C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\sg8s01ki.default\prefs.js

    [OK] File is clean.

    -\\ Google Chrome v [Unable to get version]

    File : C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] File is clean.

    *************************

    AdwCleaner[R1].txt - [16174 octets] - [16/08/2012 20:45:23]
    AdwCleaner[S1].txt - [913 octets] - [17/08/2012 17:45:02]

    ########## EOF - C:\AdwCleaner[S1].txt - [1040 octets] ##########
    shapiro
    Inviato: Friday, August 17, 2012 6:18:14 PM

    Rank: AiutAmico

    Iscritto dal : 8/24/2008
    Posts: 4,164
    Commenta:
    dove trovo mbam?


    eccolo qui >>> malwarebytes
    Aggiornalo: clicca sulla scheda "aggiornamenti" => "controlla aggiornamenti"
    Esegui una "scansione completa" (seleziona l'opzione)
    A scansione completa, fai clic su OK => Mostra i Risultati.
    Assicurarti che tutto sia selezionato e clicca clic su Rimuovi selezionati.
    Se ti chiede di riavviare, riavvia per completare il processo di pulizia.
    Posta il rapporto .
    stelladelnord1
    Inviato: Friday, August 17, 2012 8:08:37 PM
    Rank: AiutAmico

    Iscritto dal : 3/31/2012
    Posts: 328
    shapiro ha scritto:
    Commenta:
    dove trovo mbam?


    eccolo qui >>> malwarebytes
    Aggiornalo: clicca sulla scheda "aggiornamenti" => "controlla aggiornamenti"
    Esegui una "scansione completa" (seleziona l'opzione)
    A scansione completa, fai clic su OK => Mostra i Risultati.
    Assicurarti che tutto sia selezionato e clicca clic su Rimuovi selezionati.
    Se ti chiede di riavviare, riavvia per completare il processo di pulizia.
    Posta il rapporto .


    ok faccio subito
    stelladelnord1
    Inviato: Friday, August 17, 2012 9:11:18 PM
    Rank: AiutAmico

    Iscritto dal : 3/31/2012
    Posts: 328
    Malwarebytes Anti-Malware 1.62.0.1300
    www.malwarebytes.org

    Versione database: v2012.08.17.07

    Windows 7 x64 NTFS
    Internet Explorer 9.0.8112.16421
    hp :: HP-HP [amministratore]

    17/08/2012 20:10:46
    mbam-log-2012-08-17 (20-10-46).txt

    Tipo di scansione: Scansione completa (C:\|D:\|F:\|H:\|)
    Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File system | Euristica/Extra | Euristica/Shuriken | PUP | PUM
    Opzioni di scansione disattivate: P2P
    Elementi esaminati: 422180
    Tempo impiegato: 59 minuti, 1 secondi

    Processi rilevati in memoria: 0
    (non sono stati rilevati elementi nocivi)

    Moduli di memoria rilevati: 0
    (non sono stati rilevati elementi nocivi)

    Chiavi di registro rilevate: 0
    (non sono stati rilevati elementi nocivi)

    Valori di registro rilevati: 0
    (non sono stati rilevati elementi nocivi)

    Voci rilevate nei dati di registro: 0
    (non sono stati rilevati elementi nocivi)

    Cartelle rilevate: 0
    (non sono stati rilevati elementi nocivi)

    File rilevati: 0
    (non sono stati rilevati elementi nocivi)

    (fine)


    ecco il log di malawarebytes
    shapiro
    Inviato: Friday, August 17, 2012 9:28:18 PM

    Rank: AiutAmico

    Iscritto dal : 8/24/2008
    Posts: 4,164
    Commenta:
    ho fatto varie scansioni, dalle quali non risulta nulla, ma ho la sensazione che ci sia qualcosa che non va.


    quali scansioni hai eseguito? puoi postare i log? mi raccomando non incollarli ma caricali su wikisend
    Utenti presenti in questo topic
    Guest


    Salta al Forum
    Aggiunta nuovi Topic disabilitata in questo forum.
    Risposte disabilitate in questo forum.
    Eliminazione tuoi Post disabilitata in questo forum.
    Modifica dei tuoi post disabilitata in questo forum.
    Creazione Sondaggi disabilitata in questo forum.
    Voto ai sondaggi disabilitato in questo forum.

    Main Forum RSS : RSS

    Aiutamici Theme
    Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
    Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.