Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Mi controllate il log per favore ho grossi problemi grazie

Mi controllate il log per favore ho grossi problemi grazie Opzioni
Topic Precedente · Topic Sucessivo
tiziano64
Inviato: Sunday, April 05, 2015 2:26:57 AM
Rank: AiutAmico

Iscritto dal : 4/7/2001
Posts: 113
Ciao a tutti ho grossi problemi con maxthon ovvero da oggi non riesco piu ad usarlo perchè all'apertura si presenta una finestrella con su scritto"msg error !urlDomain.empty()(2)" chiudo la finestrella se ne apre una identica la chiudo se ne apre un altra si apre la finestra principale e basta se cerco di continuare continuano ad aprirsi le finestrelle fino a che non esce il messaggio"è in corso un grave errore e devo chiudere.
A tutto questo si aggiunge un fatto in basso a destra dove c'è la bandierina dei messaggi importanti è uscita una crocetta bianca su cerchio rosso capisco che c'è qualcosa che non va e praticamente mi dice che è impossibile trovare l'antivirus sul computer. Ma io lo avevo (Microsoft security essentials) non sarà il massimo ma mi andava bene. Lo cerco tra i programmi non lo trovo vado in programmi e funzionalità è in elenco ma non funziona, la voglio disinstallare esce il messaggio che è gia stata disinstallata e se voglio posso togliere l'icona dall'elenco.

Quindi dopo tutto questo vorrei che mi controllaste il log per vedere se c'è qualcosa che non va(qualcosa c'è sicuro) grazie


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 01:58:27, on 05/04/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Users\TRLT\AppData\Local\Akamai\netsession_win.exe
C:\Users\TRLT\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O1 - Hosts: 74.208.10.249 gs.apple.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O3 - Toolbar: (no name) - !{201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - (no file)
O3 - Toolbar: (no name) - !{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - (no file)
O4 - HKCU\..\Run: [Google Update] "C:\Users\TRLT\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\TRLT\AppData\Local\Akamai\netsession_win.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO DI RETE')
O8 - Extra context menu item: Add to Video Converter... - C:\Program Files (x86)\Media Player Utilities 5.21\AVIConverter\grab.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: ArcSoft Exchange Service (ADExchange) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: gearsec - GEAR Software - C:\Windows\SysWOW64\gearsec.exe
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: UPnPService - Magix AG - C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12867 bytes
Torna in alto
 
Sponsor
Inviato: Sunday, April 05, 2015 2:26:57 AM

 
Torna in alto
 
cbbusto
Inviato: Sunday, April 05, 2015 11:12:28 AM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Il log non presenta problemi, le voci che appaiono sono un bug di Maxthon, come mai usi questo browser ???,
rimuovi completamente Maxthon, poi fai una pulizia con Ccleaner compreso il Registro e poi scarica l'ultima versione la 4.4.4.3000 da qui: http://www.filehippo.com/it/download_maxthon/tech/
Prova ad usare Firefox, che vedo installato, e vedi se ti da problemi.
Per sicurezza fai anche queste scansioni, segui bene le indicazioni:

Scarica ed installa MalwareBytes: clicca qui per il download: http://it.malwarebytes.org/
Clicca su: scarica la versione Gratuita alla sinistra, nella finestra che appare clic su Salva file,
poi per installarlo clic su: mbam-setup.exe
Alla fine dell'installazione nell’ultima schermata deseleziona la voce Attiva la prova gratuita di Malwarebytes Anti-Malware Pro.
Se il sw è in inglese, vai nella scheda Settings e seleziona la voce Italian dal menu a tendina Language per tradurre il programma in italiano.
Prima di fare la scansione AGGIORNALO. (è molto importante)
Poi clic su SCANSIONE seleziona la voce scansione di minaccia
Elimina gli eventuali file infetti trovati. (li devi selezionare, e poi cliccare su "Rimuovi selezionati")
Posta il log.

Scarica Adwcleaner sul desktop:
http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner
Per il download cliccare alla destra su: Download now
Chiudi tutti i browser (è importante IE,Firefox Chrome ecc...)
Clicca sul pulsante "Scan".
Finita la scansione clicca su "Clean"
Conferma con OK le varie finestre che ti compariranno.
Il pc si riavvierà, e uscirà il log con le eliminazioni.
Postalo qui.

Scarica Junkware Removal Tool sul desktop.
http://download.html.it/software/junkware-removal-tool/?utm_source%20651
Il download dovrebbe partire entro 5 secondi
Disattiva temporaneamente l'antivirus per evitare potenziali conflitti.
Doppio click su JRT
Lo strumento si aprirà e avvierà la scansione del sistema.
Devi avere pazienza in quanto questo tool può richiedere del tempo per completare la scansione .
Al termine, un log (JRT.txt) viene salvato sul desktop e si aprirà automaticamente.
Postalo qui.

MSE ottimo antivirus, scaricalo da qui: http://windows.microsoft.com/it-it/windows/security-essentials-all-versions - scorri la pagina scegli la lingua e il tipo di Sistema Operativo 32 o 64 bit e poi lo reinstalli.
Fai sapere se hai risolto.
Ciao e Buona Pasqua.
Torna in alto
 
tiziano64
Inviato: Sunday, April 05, 2015 6:15:22 PM
Rank: AiutAmico

Iscritto dal : 4/7/2001
Posts: 113
Ti invio i risultati dei controlli in ordine di come me li hai detti


Malwarebytes Anti-Malware
www.malwarebytes.org

Data scansione: 05/04/2015
Ora scansione: 11:24:34
File di log: controllo.txt
Amministratore: Si

Versione: 2.01.4.1018
Database malware: v2015.04.04.07
Database rootkit: v2015.03.31.01
Licenza: Premium
Protezione da malware: Attivata
Protezione da siti web nocivi: Attivata
Auto-protezione: Disattivata

SO: Windows 7 Service Pack 1
CPU: x64
File system: NTFS
Utente: TRLT

Tipo di scansione: Ricerca elementi nocivi
Risultati: Completata
Elementi analizzati: 421242
Tempo impiegato: 5 ore, 50 min, 15 sec

Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Disattivata
Euristica: Attivata
PUP: Avviso
PUM: Attivata

Processi: 0
(Nessun elemento nocivo rilevato)

Moduli: 0
(Nessun elemento nocivo rilevato)

Chiavi di registro: 10
PUP.Optional.Multiplug, HKU\S-1-5-21-1126588406-3731013205-1106062256-1001_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, , [3b5c4721bdcd1a1c5e00ca685ea55ca4],
PUP.Optional.Multiplug, HKU\S-1-5-21-1126588406-3731013205-1106062256-1001_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, , [3b5c4721bdcd1a1c5e00ca685ea55ca4],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\HKJFDHIOKECJJPDLKAMNPOKKBIOAGBGD, , [a6f186e20288142289c57a3cb3500df3],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\IGJPDDHDDMMMBMGLHNMPMOEOFNJNEJOJ, , [ebac38303d4d4aece965536315eefe02],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\MEDEMCLBHPEELBNIICDAOEJGOGCKGHPL, , [0c8b76f2414964d2400e4f67758ea55b],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\MGHIPIHHOIEKCEPOGONHNFHBKNCFHFGA, , [583f69ff7a10bb7bff4ff5c191728b75],
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\BILJDCCIPKNGFFBHFLFLIBHOJJLDHFEM, , [7d1aa2c6a0eafa3ca3a9595d21e2b44c],
PUP.Optional.RichMediaView.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\DJIMMBLEGBEDKOPHEEFBAGOBCNPNCHAK, , [efa889dfc7c3f83e52fff2c40ff47888],
PUP.Optional.TrustMediaViewer.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\GBBCFPDKCDOPDHPLDDAHHBGDIBLFJGCC, , [61366afe088259dd371ed0e6c34015eb],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\HGGMPJBAPLOLBBHHINBIDNCCJKEHCEDE, , [4453d197eb9f42f47ad60da9fb08f709],

Valori di registro: 10
PUP.Optional.MediaView.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\hkjfdhiokecjjpdlkamnpokkbioagbgd|path, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4287\ch\MediaViewV1alpha4287.crx, , [a6f186e20288142289c57a3cb3500df3]
PUP.Optional.MediaView.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\igjpddhddmmmbmglhnmpmoeofnjnejoj|path, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha7647\ch\MediaViewV1alpha7647.crx, , [ebac38303d4d4aece965536315eefe02]
PUP.Optional.MediaView.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\medemclbhpeelbniicdaoejgogckghpl|path, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3884\ch\MediaViewV1alpha3884.crx, , [0c8b76f2414964d2400e4f67758ea55b]
PUP.Optional.MediaView.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\mghipihhoiekcepogonhnfhbkncfhfga|path, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1768\ch\MediaViewV1alpha1768.crx, , [583f69ff7a10bb7bff4ff5c191728b75]
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\biljdccipkngffbhflflibhojjldhfem|path, C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode2263\ch\MediaBuzzV1mode2263.crx, , [7d1aa2c6a0eafa3ca3a9595d21e2b44c]
PUP.Optional.RichMediaView.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\djimmblegbedkopheefbagobcnpnchak|path, C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release202\ch\RichMediaViewV1release202.crx, , [efa889dfc7c3f83e52fff2c40ff47888]
PUP.Optional.TrustMediaViewer.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\gbbcfpdkcdopdhplddahhbgdiblfjgcc|path, C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha2890\ch\TrustMediaViewerV1alpha2890.crx, , [61366afe088259dd371ed0e6c34015eb]
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\hggmpjbaplolbbhhinbidnccjkehcede|path, C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home868\ch\MediaWatchV1home868.crx, , [4453d197eb9f42f47ad60da9fb08f709]
PUP.Optional.Spigot.A, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9DC69FC6-0772-411E-9B24-CD27D049ACD5}|URL, http://it.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=114576&p={searchTerms}, , [afe8194f7218d363bebbdbda59aaf60a]
PUP.Optional.Spigot.A, HKU\S-1-5-21-1126588406-3731013205-1106062256-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BFCB2841-BE3A-468B-A9AA-A6DF38E7F0C9}|URL, http://it.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=114576&p={searchTerms}, , [d0c75513fc8e78beea8fd9dcaa59c838]

Dati di registro: 0
(Nessun elemento nocivo rilevato)

Cartelle: 6
PUP.Optional.MultiPlug.A, C:\Users\TRLT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aamljmgllfjgagkdhgpjlcnnaicgpnhd\184, , [158272f611798caa77751c989a6948b8],
PUP.Optional.MultiPlug.A, C:\Users\TRLT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aamljmgllfjgagkdhgpjlcnnaicgpnhd, , [158272f611798caa77751c989a6948b8],
PUP.Optional.MultiPlug.A, C:\Users\TRLT\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjbbfjkgenpehcokclfggnfniaiglaai\166, , [1681da8e5c2e5adcc9234371f60d59a7],
PUP.Optional.MultiPlug.A, C:\Users\TRLT\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjbbfjkgenpehcokclfggnfniaiglaai, , [1681da8e5c2e5adcc9234371f60d59a7],
PUP.Optional.MultiPlug.A, C:\Users\TRLT\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpcgmhpmdinmidgkkiekbochocibaejn\152, , [187f0068b5d5b58156965f55c73c956b],
PUP.Optional.MultiPlug.A, C:\Users\TRLT\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpcgmhpmdinmidgkkiekbochocibaejn, , [187f0068b5d5b58156965f55c73c956b],

File: 16
PUP.Optional.AnyProtect.A, C:\Users\TRLT\AppData\Local\nsu47FC.tmp, , [ddbab7b1fa906fc7d21257daa3636799],
PUP.Optional.MultiPlug.A, C:\Users\TRLT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aamljmgllfjgagkdhgpjlcnnaicgpnhd\184\lsdb.js, , [158272f611798caa77751c989a6948b8],
PUP.Optional.MultiPlug.A, C:\Users\TRLT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aamljmgllfjgagkdhgpjlcnnaicgpnhd\184\background.html, , [158272f611798caa77751c989a6948b8],
PUP.Optional.MultiPlug.A, C:\Users\TRLT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aamljmgllfjgagkdhgpjlcnnaicgpnhd\184\content.js, , [158272f611798caa77751c989a6948b8],
PUP.Optional.MultiPlug.A, C:\Users\TRLT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aamljmgllfjgagkdhgpjlcnnaicgpnhd\184\JFsciKd.js, , [158272f611798caa77751c989a6948b8],
PUP.Optional.MultiPlug.A, C:\Users\TRLT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aamljmgllfjgagkdhgpjlcnnaicgpnhd\184\manifest.json, , [158272f611798caa77751c989a6948b8],
PUP.Optional.MultiPlug.A, C:\Users\TRLT\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjbbfjkgenpehcokclfggnfniaiglaai\166\lsdb.js, , [1681da8e5c2e5adcc9234371f60d59a7],
PUP.Optional.MultiPlug.A, C:\Users\TRLT\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjbbfjkgenpehcokclfggnfniaiglaai\166\background.html, , [1681da8e5c2e5adcc9234371f60d59a7],
PUP.Optional.MultiPlug.A, C:\Users\TRLT\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjbbfjkgenpehcokclfggnfniaiglaai\166\content.js, , [1681da8e5c2e5adcc9234371f60d59a7],
PUP.Optional.MultiPlug.A, C:\Users\TRLT\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjbbfjkgenpehcokclfggnfniaiglaai\166\manifest.json, , [1681da8e5c2e5adcc9234371f60d59a7],
PUP.Optional.MultiPlug.A, C:\Users\TRLT\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjbbfjkgenpehcokclfggnfniaiglaai\166\QhBgEeRxu.js, , [1681da8e5c2e5adcc9234371f60d59a7],
PUP.Optional.MultiPlug.A, C:\Users\TRLT\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpcgmhpmdinmidgkkiekbochocibaejn\152\lsdb.js, , [187f0068b5d5b58156965f55c73c956b],
PUP.Optional.MultiPlug.A, C:\Users\TRLT\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpcgmhpmdinmidgkkiekbochocibaejn\152\background.html, , [187f0068b5d5b58156965f55c73c956b],
PUP.Optional.MultiPlug.A, C:\Users\TRLT\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpcgmhpmdinmidgkkiekbochocibaejn\152\content.js, , [187f0068b5d5b58156965f55c73c956b],
PUP.Optional.MultiPlug.A, C:\Users\TRLT\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpcgmhpmdinmidgkkiekbochocibaejn\152\manifest.json, , [187f0068b5d5b58156965f55c73c956b],
PUP.Optional.MultiPlug.A, C:\Users\TRLT\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpcgmhpmdinmidgkkiekbochocibaejn\152\nUy.js, , [187f0068b5d5b58156965f55c73c956b],

Settori fisici: 0
(Nessun elemento nocivo rilevato)


(end)




# AdwCleaner v4.200 - Creato file registro eventi 05/04/2015 in 17:50:28
# Aggiornato 29/03/2015 da Xplode
# Database : 2015-03-29.1 [Server]
# Sistema operativo : Windows 7 Home Premium Service Pack 1 (x64)
# Nome utente : TRLT - TRLT-HP
# In esecuzione da : C:\Users\TRLT\Downloads\adwcleaner_4.200.exe
# Opzione : Pulizia

***** [ Servizi ] *****


***** [ File / Cartelle ] *****

File Eliminato : C:\Users\TRLT\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ippenodjaoidmkkfdlmdhofiebnpjddb

***** [ Attività pianificate ] *****


***** [ Collegamenti ] *****


***** [ Registry ] *****

Dati Eliminato : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>

***** [ Browser web ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Mozilla Firefox v32.0.3 (x86 it)


-\\ Google Chrome v

[C:\Users\TRLT\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Eliminato [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&ISID=M8F47DC78-92BC-4CEE-9365-D5B6D6F72D54&SearchSource=58&CUI=&UM=5&UP=SPA62F3C47-ED35-47B4-AD6A-4EB5700D9BA3&q={searchTerms}&SSPV=SP215B_sp_ch
[C:\Users\TRLT\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Eliminato [Default_Search_Provider_Data] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&ISID=M8F47DC78-92BC-4CEE-9365-D5B6D6F72D54&SearchSource=58&CUI=&UM=5&UP=SPA62F3C47-ED35-47B4-AD6A-4EB5700D9BA3&q={searchTerms}&SSPV=SP215B_sp_ch

*************************

AdwCleaner[R0].txt - [15914 byte] - [20/12/2014 00:20:21]
AdwCleaner[R1].txt - [1147 byte] - [21/12/2014 01:17:01]
AdwCleaner[R2].txt - [1207 byte] - [21/12/2014 09:08:16]
AdwCleaner[R3].txt - [3422 byte] - [18/03/2015 23:05:48]
AdwCleaner[R4].txt - [2131 byte] - [05/04/2015 17:24:08]
AdwCleaner[R5].txt - [2189 byte] - [05/04/2015 17:44:20]
AdwCleaner[S0].txt - [16329 byte] - [20/12/2014 00:22:49]
AdwCleaner[S1].txt - [1270 byte] - [21/12/2014 10:05:22]
AdwCleaner[S2].txt - [3480 byte] - [18/03/2015 23:09:35]
AdwCleaner[S3].txt - [2119 byte] - [05/04/2015 17:50:28]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [2177 byte] ##########





Junkware Removal Tool (JRT) by Thisisu
Version: 6.5.1 (04.02.2015:1)
OS: Windows 7 Home Premium x64
Ran by TRLT on 05/04/2015 at 17:56:39,33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05/04/2015 at 18:02:41,04
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Come mi hai detto ho reinstallato maxthon (uso questo perche in passato sia explorer che firefox mi avevano dato problemi di velocità erano lenti nell'aprirsi e nel caricare le pagine con questo era piu veloce)
Ho anche reinstallato MSE.
Il tutto sembra funzionare gia da prima dei controlli una volta reinstallato tutto.

Ciao e grazie
Torna in alto
 
cbbusto
Inviato: Sunday, April 05, 2015 7:27:36 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Per malwarebytes avevo detto di scaricare la versione gratuita non la premium, a meno che tu non l'abbia acquistata, tutto quello trovato da Mbam e ADWcleaner deve essere eliminato, la maggior parte dei file e chiavi registro riguardano Chrome, browser che io non gradisco, se non lo usi molto eliminalo avrai meno problemi.
Ciao
Torna in alto
 
Utenti presenti in questo topic
Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Mi controllate il log per favore ho grossi problemi grazie


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.