Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

pc infetto da virus Opzioni
peppinho78
Inviato: Saturday, January 28, 2017 9:34:55 AM
Rank: AiutAmico

Iscritto dal : 12/6/2008
Posts: 30
Salve ragazzi!Ho bisogno del vostro aiuto.....quando apro le pagine di internet, in automatico si aprono pagine non richieste di pubblicità ed altro.....inoltre non riesco ad usare google maps perchè si aprono pagine indesiderate ecc.....facendo una scansione con windows reimage, mi ha trovato come virus: Tapsnake, CronDSN, Dubfishicv
File infetti: /os/apps/hiddenos-component/X/snake.icv
/os/local/conf/keyboard/retype.icv eccc
Come posso risolvere??? GRAZIE in anticipo
Sponsor
Inviato: Saturday, January 28, 2017 9:34:55 AM

 
solfami
Inviato: Saturday, January 28, 2017 9:56:45 AM

Rank: AiutAmico

Iscritto dal : 11/14/2003
Posts: 2,269
Salve
http://forum.aiutamici.com/yaf_postst96025_eliminare-pagine-pubblicitarie-e-porcherie-varie-e-pulire-sistema.aspx
http://software.aiutamici.com/software?ID=11175
Postare i log con il copia e incolla,
aspettare che qualcuno li decifri,
seguire le istruzioni del postatore delle medesime.
Saluti
peppinho78
Inviato: Saturday, January 28, 2017 10:36:13 AM
Rank: AiutAmico

Iscritto dal : 12/6/2008
Posts: 30
ok grazie, appena lo faccio posto tutto qui
peppinho78
Inviato: Saturday, January 28, 2017 1:06:59 PM
Rank: AiutAmico

Iscritto dal : 12/6/2008
Posts: 30
Malwarebytes Anti-Malware
www.malwarebytes.org

Data scansione: 28/01/2017
Ora scansione: 12:50
File di log: malwaere.txt
Amministratore: Sì

Versione: 2.2.1.1043
Database malware: v2017.01.28.06
Database rootkit: v2016.11.20.01
Licenza: Gratuito
Protezione da malware: Disattivata
Protezione da siti web nocivi: Disattivata
Auto-protezione: Disattivata

SO: Windows 7 Service Pack 1
CPU: x86
File system: NTFS
Utente: Giuseppe

Tipo di scansione: Ricerca elementi nocivi
Risultati: Completata
Elementi analizzati: 268385
Tempo impiegato: 14 min, 15 sec

Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Attivata
Euristiche: Attivata
PUP: Attivata
PUM: Attivata

Processi: 0
(Nessun elemento nocivo rilevato)

Moduli: 0
(Nessun elemento nocivo rilevato)

Chiavi di registro: 20
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, , [f0562e53119762d402c1f47e42be619f],
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}, , [7fc7423f2385c76f9fcbe17bf80815eb],
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}, , [7fc7423f2385c76f9fcbe17bf80815eb],
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\INTERFACE\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}, , [7fc7423f2385c76f9fcbe17bf80815eb],
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\INTERFACE\{BD51A48E-EB5F-4454-8774-EF962DF64546}, , [7fc7423f2385c76f9fcbe17bf80815eb],
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\REI_AxControl.ReiEngine.1, , [7fc7423f2385c76f9fcbe17bf80815eb],
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\REI_AxControl.ReiEngine, , [7fc7423f2385c76f9fcbe17bf80815eb],
PUP.Optional.Reimage, HKU\S-1-5-21-1999444948-1767919195-568569961-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{10ECCE17-29B5-4880-A8F5-EAD298611484}, , [7fc7423f2385c76f9fcbe17bf80815eb],
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}, , [da6c077a7a2e7cbac1adc393827ea759],
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\APPID\REI_AxControl.DLL, , [0442d0b10e9a9c9a90732f26af5115eb],
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}\1.0, , [88bed9a845638bab67674430926e40c0],
PUP.Optional.PCKeeper, HKLM\SOFTWARE\ESSENTWARE\Pckeeper, , [aa9c7e03634593a3743cb6f711f253ad],
PUP.Optional.PCKeeper, HKLM\SOFTWARE\MICROSOFT\TRACING\PCKeeper_RASAPI32, , [03430180e1c7e353e4d8eb82719211ef],
PUP.Optional.PCKeeper, HKLM\SOFTWARE\MICROSOFT\TRACING\PCKeeper_RASMANCS, , [b1956e139513f0468339f77606fde719],
PUP.Optional.Reimage, HKLM\SOFTWARE\REIMAGE\Reimage Repair, , [ff47651c5751b38364704d32728ed927],
PUP.Optional.Reimage, HKU\S-1-5-21-1999444948-1767919195-568569961-1000\SOFTWARE\Reimage, , [a4a2275a6642ab8b49047f2812ee748c],
PUP.Optional.PCKeeper, HKU\S-1-5-21-1999444948-1767919195-568569961-1000\SOFTWARE\ESSENTWARE\PCKeeper, , [fd49c0c12b7d6bcbf010bdf744bf4cb4],
PUP.Optional.Reimage, HKU\S-1-5-21-1999444948-1767919195-568569961-1000\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\Reimage - Windows Problem Relief., , [291de29f03a54ee898689ecec0404fb1],
PUP.Optional.PCKeeper, HKU\S-1-5-21-1999444948-1767919195-568569961-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\AUDIO\POLICYCONFIG\PROPERTYSTORE\809E879_0, , [e95dbec3faae96a04966cfde34cf8a76],
PUP.Optional.Reimage, HKU\S-1-5-21-1999444948-1767919195-568569961-1000\SOFTWARE\REIMAGE\PC REPAIR, , [0b3ba4dd22863df904dab9a202fe5fa1],

Valori di registro: 5
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}\1.0, REI_AxControl 1.0 Type Library, , [88bed9a845638bab67674430926e40c0]
PUP.Optional.PCKeeper, HKU\S-1-5-21-1999444948-1767919195-568569961-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\AUDIO\POLICYCONFIG\PROPERTYSTORE\809e879_0, {0.0.0.00000000}.{33d346ac-3d7f-4c7c-a9b4-3ad1217eae64}|\Device\HarddiskVolume2\Program Files\Essentware\PCKeeper\PCKeeper.exe%b{00000000-0000-0000-0000-000000000000}, , [e95dbec3faae96a04966cfde34cf8a76]
PUP.Optional.PCKeeper, HKU\S-1-5-21-1999444948-1767919195-568569961-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|PCKeeperLive, "C:\Program Files\Essentware\PCKeeper\PCKeeper.exe" /autorun, , [8fb790f1ccdcaa8cb1f92c81d42fe11f]
PUP.Optional.PCKeeper, HKU\S-1-5-21-1999444948-1767919195-568569961-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|PCKeeper Antivirus, "C:\Program Files\Essentware\PCKAV\PCKAV.exe" /autorun, , [96b00f722484b2840f9b6944c24126da]
PUP.Optional.Reimage, HKU\S-1-5-21-1999444948-1767919195-568569961-1000\SOFTWARE\REIMAGE\PC REPAIR|QuitMessage, , , [0b3ba4dd22863df904dab9a202fe5fa1]

Dati di registro: 0
(Nessun elemento nocivo rilevato)

Cartelle: 55
PUP.Optional.CrossRider, C:\Program Files\MPlayerplus, , [70d6730eeeba70c6e84a0a54699a7a86],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKeeper, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKeeper\backup, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKeeper\backup\21_01_2017, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKeeper\backup\21_01_2017\09_00, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKeeper\Minidumps, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKeeper\ProblemFinder, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\AccountService, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\Installer, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKAV, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKAV\Qurantine, , [70d6493884247eb826808c2129da6799],
PUP.Optional.WebSearches, C:\Users\Giuseppe\AppData\Roaming\webssearches, , [67dfe29f0d9b96a0b51ffaec49b7a45c],
PUP.Optional.GlobalUpdate, C:\Program Files\globalUpdate\Update, , [89bdea97594f2c0adda07827f11105fb],
PUP.Optional.GlobalUpdate, C:\Program Files\globalUpdate\Update\Download, , [89bdea97594f2c0adda07827f11105fb],
PUP.Optional.GlobalUpdate, C:\Program Files\globalUpdate\Update\Install, , [89bdea97594f2c0adda07827f11105fb],
PUP.Optional.GlobalUpdate, C:\Program Files\globalUpdate\Update\Offline, , [89bdea97594f2c0adda07827f11105fb],
PUP.Optional.GlobalUpdate, C:\Program Files\globalUpdate\Update\Offline\{1D10E639-42A5-45B1-BDDF-9B4DAA57EDDF}, , [89bdea97594f2c0adda07827f11105fb],
PUP.Optional.Fortunitas, C:\Program Files\Fortunitas, , [3115b6cb1c8c71c560762581f111cc34],
PUP.Optional.IEPluginService, C:\ProgramData\IePluginService, , [f55190f117912412763a327646bcc63a],
PUP.Optional.IEPluginService, C:\ProgramData\IePluginService\update, , [f55190f117912412763a327646bcc63a],
PUP.Optional.SupTab, C:\Program Files\SupTab, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\weather, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\en-US, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\es-419, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\es-ES, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-BE, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-CA, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-CH, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-FR, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-LU, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\it-CH, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\it-IT, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\pl, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\pt, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\pt-BR, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\ru, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\ru-MO, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\tr-TR, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\vi-VI, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\zh-CN, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\zh-TW, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.ASK.Gen, C:\Users\Giuseppe\AppData\Local\Temp\APN-Stub, , [73d3126f9d0b8caa883281347d85ca36],
PUP.Optional.ASK.Gen, C:\Users\Giuseppe\AppData\Local\Temp\APN-Stub\Unknown, , [73d3126f9d0b8caa883281347d85ca36],
PUP.Optional.SearchProtect.AppFlsh, C:\Users\Giuseppe\AppData\Local\SearchProtect, , [b1953b46337548eeb09da214d82a5ea2],
PUP.Optional.SearchProtect.AppFlsh, C:\Users\Giuseppe\AppData\Local\SearchProtect\Logs, , [b1953b46337548eeb09da214d82a5ea2],
PUP.Optional.PCKeeper, C:\Users\Giuseppe\AppData\Local\Essentware, , [ec5a8bf62385181e29562a8f857d41bf],
PUP.Optional.PCKeeper, C:\Users\Giuseppe\AppData\Local\Essentware\DefaultDomain_Path_bxxzefytm003jjejxjupxndgjnsjt1ye, , [ec5a8bf62385181e29562a8f857d41bf],
PUP.Optional.PCKeeper, C:\Users\Giuseppe\AppData\Local\Essentware\DefaultDomain_Path_bxxzefytm003jjejxjupxndgjnsjt1ye\1.1.1057.0, , [ec5a8bf62385181e29562a8f857d41bf],
PUP.Optional.PCKeeper, C:\Users\Giuseppe\AppData\Local\Essentware\DefaultDomain_Path_bxxzefytm003jjejxjupxndgjnsjt1ye\2.2.2155.0, , [ec5a8bf62385181e29562a8f857d41bf],
PUP.Optional.PCKeeper, C:\Users\Giuseppe\AppData\Local\Essentware\DefaultDomain_Path_xseuterajdw5fywvmojz5uax4dukfyo4, , [ec5a8bf62385181e29562a8f857d41bf],
PUP.Optional.PCKeeper, C:\Users\Giuseppe\AppData\Local\Essentware\DefaultDomain_Path_xseuterajdw5fywvmojz5uax4dukfyo4\2.2.2155.0, , [ec5a8bf62385181e29562a8f857d41bf],

File: 117
PUP.Optional.Reimage, C:\Users\Giuseppe\AppData\Local\Temp\ReimagePackage.exe, , [a6a04b3675338bab40622e29b64a6d93],
PUP.Optional.ASK.OL, C:\Users\Giuseppe\AppData\Local\Temp\nsl6F68.tmp-2\APN_ATU3_.exe, , [0a3c96eba20682b4912b324b857b07f9],
PUP.Optional.ASK.OL, C:\Users\Giuseppe\AppData\Local\Temp\nsm980D.tmp-2\APN_ATU3_.exe, , [281e354c693f0333784490ed22deb34d],
PUP.Optional.NewPlayer, C:\Users\Giuseppe\AppData\Local\Temp\d3eb5bf8-f209-48aa-a92c-238f5a4a3832\software\New_Player, , [073f245d495f2b0b96d1244cd22f2bd5],
PUP.Optional.APNToolBar, C:\Users\Giuseppe\AppData\Local\Temp\rninst~0\ui_data\ask\ASKInstaller.exe, , [d0768100505892a470e6baeb20e1ba46],
PUP.Optional.APNToolBar, C:\Users\Giuseppe\AppData\Local\Temp\rninst~0\ui_data\ask\askrt_it.cab, , [88becdb47038310599bd3174738ebf41],
PUP.Optional.APNToolBar, C:\Users\Giuseppe\AppData\Local\Temp\rninst~1\ui_data\ask\ASKInstaller.exe, , [bb8b077a9c0c8fa772e42c7939c833cd],
PUP.Optional.APNToolBar, C:\Users\Giuseppe\AppData\Local\Temp\rninst~1\ui_data\ask\askrt_it.cab, , [d670f58c7e2a76c078de3570c43d817f],
PUP.Optional.APNToolBar, C:\Users\Giuseppe\AppData\Local\Temp\rninst~2\ui_data\ask\ASKInstaller.exe, , [311587fabdeb7bbb83d3f0b51be6c937],
PUP.Optional.APNToolBar, C:\Users\Giuseppe\AppData\Local\Temp\rninst~2\ui_data\ask\askrt_it.cab, , [5cea0f723f69b680292d7a2be41df30d],
PUP.Optional.APNToolBar, C:\Users\Giuseppe\AppData\Local\Temp\rninst~3\ui_data\ask\ASKInstaller.exe, , [13330b76f9af57df95c18322e0217a86],
PUP.Optional.APNToolBar, C:\Users\Giuseppe\AppData\Local\Temp\rninst~3\ui_data\ask\askrt_it.cab, , [291d354cf8b0fd39f660e1c4df227e82],
PUP.Optional.APNToolBar, C:\Users\Giuseppe\Documents\APNSetup.exe, , [57ef324f792fb185ed688f162bd652ae],
PUP.Optional.Reimage, C:\Users\Giuseppe\Downloads\Non confermato 284512.crdownload, , [cd79612006a24aec8b171146718f51af],
PUP.Optional.PCKeeper, C:\Users\Giuseppe\Downloads\PCKeeper Installer (1).exe, , [271f0f72792f3afce51318cce11f27d9],
PUP.Optional.PCKeeper, C:\Users\Giuseppe\Downloads\PCKeeper Installer.exe, , [0e38f68b43651d1904f4dc08e719b54b],
PUP.Optional.Reimage, C:\Users\Giuseppe\Downloads\ReimageRepair (1).exe, , [90b6d8a90c9c0e285f437addd42c926e],
PUP.Optional.Reimage, C:\Users\Giuseppe\Downloads\ReimageRepair.exe, , [3e08ef92eabedc5af0b2c88fc739ff01],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\installer.exe, , [78ce0a778c1cf14553a512d2fb05956b],
PUP.Optional.Reimage, C:\Users\Giuseppe\AppData\Local\Temp\Reimage.log, , [2d19800144646acc84c1caaf3dc3e020],
PUP.Optional.Reimage, C:\Windows\Temp\reimage.log, , [71d519688325191d03422752ba4650b0],
PUP.Optional.CrossRider, C:\Users\Giuseppe\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_majjphhgppkndjjkmhhnbgafooenebhd_0.localstorage, , [94b249384365ac8a54ac005e54af27d9],
PUP.Optional.CrossRider, C:\Users\Giuseppe\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_majjphhgppkndjjkmhhnbgafooenebhd_0.localstorage-journal, , [b393b8c92e7a66d07f81144aab589c64],
PUP.Optional.CrossRider, C:\Program Files\MPlayerplus\bgNova.html, , [70d6730eeeba70c6e84a0a54699a7a86],
PUP.Optional.CrossRider, C:\Program Files\MPlayerplus\1293297481.mxaddon, , [70d6730eeeba70c6e84a0a54699a7a86],
PUP.Optional.CrossRider, C:\Program Files\MPlayerplus\360-54246.crx, , [70d6730eeeba70c6e84a0a54699a7a86],
PUP.Optional.CrossRider, C:\Program Files\MPlayerplus\54246.crx, , [70d6730eeeba70c6e84a0a54699a7a86],
PUP.Optional.CrossRider, C:\Program Files\MPlayerplus\54246.xpi, , [70d6730eeeba70c6e84a0a54699a7a86],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKeeper\OneClickFixService.exe0.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKeeper\CrashReportSender.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKeeper\OneClickFixService.exe1.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKeeper\PCKeeper.exe0.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKeeper\PCKeeper.exe1.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKeeper\PCKeeper.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKeeper\PCKeeperService.exe0.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKeeper\PCKeeperService.exe1.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKeeper\PCKeeperService.exe2.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKeeper\PCKeeperService.exe3.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKeeper\PCKeeperService.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKeeper\RegistryCleanerComponent.dll0.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKeeper\backup\21_01_2017\09_00\HKEY_LOCAL_MACHINE_SOFTWARE_Microsoft_Windows_CurrentVersion_Installer_Folders.reg, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKeeper\backup\21_01_2017\09_00\HKEY_LOCAL_MACHINE_SOFTWARE_Microsoft_Windows_CurrentVersion_SharedDLLs.reg, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKeeper\ProblemFinder\RegistryScan.xml, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKeeper\ProblemFinder\ScanReport.xml, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKeeper\ProblemFinder\SystemScan.xml, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\LastReports.xml, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\release_notes.txt, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\Reports.xml, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\AccountService\AccountService.exe0.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\AccountService\AccountService.exe1.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\AccountService\AccountService.exe2.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\AccountService\AccountService.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\AccountService\CrashReportSender.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\Installer\AccSvc.log, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\Installer\installer.exe0.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\Installer\installer.exe1.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\Installer\installer.exe2.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\Installer\installer0.exe0.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\Installer\PCKeeper Installer.exe0.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKAV\AvComponent.dll0.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKAV\AvComponent.dll1.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKAV\AvComponent.dll2.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKAV\CrashReportSender.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKAV\PCKAV.exe0.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKAV\PCKAV.exe1.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKAV\PCKAV.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKAV\PCKAVService.exe0.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKAV\PCKAVService.exe1.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKAV\PCKAVService.exe2.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKAV\PCKAVService.exe3.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKAV\PCKAVService.exe4.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.PCKeeper, C:\ProgramData\Essentware\PCKAV\PCKAVService.llog, , [70d6493884247eb826808c2129da6799],
PUP.Optional.Fortunitas, C:\Program Files\Fortunitas\updateFortunitas.InstallState, , [3115b6cb1c8c71c560762581f111cc34],
PUP.Optional.IEPluginService, C:\ProgramData\IePluginService\update\conf, , [f55190f117912412763a327646bcc63a],
PUP.Optional.SupTab, C:\Program Files\SupTab\ient.json, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\WebDataJs, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\data.html, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\indexIE.html, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\indexIE8.html, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\main.css, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\ver.txt, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\arrow.png, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\default_add_logo.png, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\default_add_logo_hover.png, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\default_logo.png, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\googlelogo.png, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\googlelogo2.png, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\google_trends.png, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\icon128.png, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\icon16.png, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\icon48.png, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\loading.gif, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\img\weather\0.png, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\en-US\messages.json, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\es-419\messages.json, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\es-ES\messages.json, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-BE\messages.json, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-CA\messages.json, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-CH\messages.json, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-FR\messages.json, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\fr-LU\messages.json, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\it-CH\messages.json, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\it-IT\messages.json, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\pl\messages.json, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\pt\messages.json, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\pt-BR\messages.json, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\ru\messages.json, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\ru-MO\messages.json, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\tr-TR\messages.json, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\vi-VI\messages.json, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\zh-CN\messages.json, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.SupTab, C:\Program Files\SupTab\web\_locales\zh-TW\messages.json, , [82c4a8d925834fe7950ee3cd5aa8ef11],
PUP.Optional.ASK.Gen, C:\Users\Giuseppe\AppData\Local\Temp\APN-Stub\Unknown\Stb1d9e5abc-e8f7-4bef-95cf-3ab7ef857ab0.log, , [73d3126f9d0b8caa883281347d85ca36],
PUP.Optional.PCKeeper, C:\Users\Giuseppe\AppData\Local\Essentware\DefaultDomain_Path_bxxzefytm003jjejxjupxndgjnsjt1ye\1.1.1057.0\user.config, , [ec5a8bf62385181e29562a8f857d41bf],
PUP.Optional.PCKeeper, C:\Users\Giuseppe\AppData\Local\Essentware\DefaultDomain_Path_bxxzefytm003jjejxjupxndgjnsjt1ye\2.2.2155.0\user.config, , [ec5a8bf62385181e29562a8f857d41bf],
PUP.Optional.PCKeeper, C:\Users\Giuseppe\AppData\Local\Essentware\DefaultDomain_Path_xseuterajdw5fywvmojz5uax4dukfyo4\2.2.2155.0\user.config, , [ec5a8bf62385181e29562a8f857d41bf],
PUP.Optional.SpeedItUp, C:\Windows\Reimage.ini, , [b78f661bf4b4b87e429ae77053add030],

Settori fisici: 0
(Nessun elemento nocivo rilevato)


(end)
peppinho78
Inviato: Saturday, January 28, 2017 1:07:45 PM
Rank: AiutAmico

Iscritto dal : 12/6/2008
Posts: 30
mi ha trovato 197 minacce....ma devo rimuoverle???
solfami
Inviato: Saturday, January 28, 2017 2:23:58 PM

Rank: AiutAmico

Iscritto dal : 11/14/2003
Posts: 2,269
Salve
questi programmi servono per rimuovere le schifezze dai computer.
Fai anche gli altri sempre disconnesso.
Spegni e riaccendi.
Fai le pulizie , poi fa la scansione con Hijack e incolla i log.
Chi di dovere vedrà se è rimasta qualche schifezza.
Saluti
peppinho78
Inviato: Saturday, January 28, 2017 2:37:05 PM
Rank: AiutAmico

Iscritto dal : 12/6/2008
Posts: 30
ok grazie
peppinho78
Inviato: Saturday, January 28, 2017 2:45:11 PM
Rank: AiutAmico

Iscritto dal : 12/6/2008
Posts: 30
# AdwCleaner v6.043 - Creato file registro eventi 28/01/2017 in 14:40:24
# Aggiornato su 27/01/2017 da Malwarebytes
# Database : 2017-01-28.1 [Server]
# Sistema operativo : Windows 7 Ultimate Service Pack 1 (X86)
# Utente : Giuseppe - GIUSEPPE-PC
# In esecuzione da : C:\Users\Giuseppe\Downloads\adwcleaner_6.043.exe
# Modo: pulizia
# Supporto : https://www.malwarebytes.com/support



***** [ Servizi ] *****



***** [ Cartelle ] *****

[-] Cartella eliminata: C:\Users\Giuseppe\AppData\Local\globalUpdate
[-] Cartella eliminata: C:\ProgramData\WPM
[#] Cartella eliminata al riavvio: C:\ProgramData\Application Data\WPM
[-] Cartella eliminata: C:\Program Files\globalUpdate


***** [ File ] *****

[-] File eliminato: C:\END


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Collegamenti ] *****



***** [ Attività pianificate ] *****



***** [ Registro ] *****

[-] Chiave eliminata: HKLM\SOFTWARE\Classes\AppID\{56AD7EEE-D6C0-410E-8A7B-811DEA764554}
[-] Chiave eliminata: HKLM\SOFTWARE\Classes\AppID\{E8EB2F1F-661E-4A7F-8F9A-77DEB757A906}
[-] Chiave eliminata: HKLM\SOFTWARE\Classes\AppID\{AF85DB83-06F2-4ECF-97CF-C46EDB06BE29}
[-] Chiave eliminata: HKLM\SOFTWARE\Classes\CLSID\{990F7D4F-09EF-47DF-9ABE-BAF2DCCF5C4B}
[-] Chiave eliminata: HKU\S-1-5-21-1999444948-1767919195-568569961-1000\Software\Essentware
[#] Chiave eliminata al riavvio: HKCU\Software\Essentware
[-] Chiave eliminata: HKLM\SOFTWARE\Essentware
[-] Chiave eliminata: HKLM\SOFTWARE\Reimage


***** [ Browser ] *****



*************************

:: " tracciamento " chiavi eliminate
:: Impostazioni Winsock ripristinate

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1696 Byte] - [28/01/2017 14:40:24]
C:\AdwCleaner\AdwCleaner[S0].txt - [1920 Byte] - [28/01/2017 14:39:43]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1840 Byte] ##########
peppinho78
Inviato: Saturday, January 28, 2017 2:50:45 PM
Rank: AiutAmico

Iscritto dal : 12/6/2008
Posts: 30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 7 Ultimate x86
Ran by Giuseppe (Administrator) on 28/01/2017 at 14:47:58,52
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 19

Successfully deleted: C:\Users\Giuseppe\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd (Folder)
Successfully deleted: C:\Users\Giuseppe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\14ZS7XHB (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Giuseppe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2D7B8KH7 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Giuseppe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3FX54W70 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Giuseppe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3GVGB3W2 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Giuseppe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DV5UW6V2 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Giuseppe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UYAK9EUZ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Giuseppe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V4P2OWG2 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Giuseppe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VJTGHX8Z (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Giuseppe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZBCK3SM4 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\14ZS7XHB (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2D7B8KH7 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3FX54W70 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3GVGB3W2 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DV5UW6V2 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UYAK9EUZ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V4P2OWG2 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VJTGHX8Z (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZBCK3SM4 (Temporary Internet Files Folder)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28/01/2017 at 14:49:25,69
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
peppinho78
Inviato: Saturday, January 28, 2017 2:55:55 PM
Rank: AiutAmico

Iscritto dal : 12/6/2008
Posts: 30
Rkill 2.8.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2017 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/28/2017 02:54:54 PM in x86 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Policies\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 01/28/2017 02:55:02 PM
Execution time: 0 hours(s), 0 minute(s), and 8 seconds(s)
peppinho78
Inviato: Saturday, January 28, 2017 3:33:17 PM
Rank: AiutAmico

Iscritto dal : 12/6/2008
Posts: 30
ho fatto tutto passo-passo, ma mi continuano ad aprire pagine pubblicitarie
blackmanba
Inviato: Saturday, January 28, 2017 3:44:53 PM

Rank: AiutAmico

Iscritto dal : 1/5/2011
Posts: 810
ciao prova a dare una letta a questa
peppinho78
Inviato: Saturday, January 28, 2017 4:34:19 PM
Rank: AiutAmico

Iscritto dal : 12/6/2008
Posts: 30
come faccio a postare un mio log e farvelo controllare?
solfami
Inviato: Saturday, January 28, 2017 8:51:51 PM

Rank: AiutAmico

Iscritto dal : 11/14/2003
Posts: 2,269
Salve
con il copia e incolla.
Fatto le pulizie?
http://software.aiutamici.com/software?r=y&C1=1&C2=4&C3=19
Saluti
cbbusto
Inviato: Sunday, January 29, 2017 12:22:41 AM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Penso che tutti i tuoi guai siano procurati da PCKeeper Live / Antivirus PCKeeper, se lo hai installato tu hai commesso un grave errore, anche se questo viene descritto come antivirus, vai nei programmi e rimuovilo, poi controlla il browser che usi e controlla fra i componenti aggiuntivi se trovi qualche voce inerente a PCKeeper e lo rimuovi, controlla anche fra i motori di ricerca se trovi un nome simile e lo cancelli, poi reimposta la tua pagina preferita nel browser. Come ti è gia stato consigliato fai una scansione con Hijackthis e posta il log che rilascia, se non conosci il programma leggi qui:
http://software.aiutamici.com/software?ID=11175
Ciao
peppinho78
Inviato: Sunday, January 29, 2017 10:21:35 AM
Rank: AiutAmico

Iscritto dal : 12/6/2008
Posts: 30
ok grazie mille, appena finisco di fare tutte le procedure. posto il tutto qui
peppinho78
Inviato: Sunday, January 29, 2017 11:17:53 AM
Rank: AiutAmico

Iscritto dal : 12/6/2008
Posts: 30
Dopo aver fatto tutte le pulizie vi posto io log.c'è qualcosa da sistemare???? GRAZIE


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:13:12, on 29/01/2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Users\Giuseppe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Giuseppe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Giuseppe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Giuseppe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Giuseppe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Giuseppe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Giuseppe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://it.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_aftdwn_17_04&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dit%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutCzz0AyC0FyBtD0EyB0F0FzztB0CtC0AtN0D0Tzu0StCzzyDyDtN1L2XzutAtFtByDtFtCtFtCtCzztN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StA0ByCyEtA0BtC0DtGyEyBzz0FtG0C0D0C0FtGtB0AyDtCtG0BzytDyEyCtAtBtB0E0FtCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0CyC0F0A0DtD0CtG0F0AzztDtGyEzzzytAtGzzyCyEyDtG0DyC0Ezz0AtD0AtAyB0DtByE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCzztBtD%26cr%3D899623958%26a%3Dwbf_aftdwn_17_04%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://it.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_aftdwn_17_04&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dit%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutCzz0AyC0FyBtD0EyB0F0FzztB0CtC0AtN0D0Tzu0StCzzyDyDtN1L2XzutAtFtByDtFtCtFtCtCzztN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StA0ByCyEtA0BtC0DtGyEyBzz0FtG0C0D0C0FtGtB0AyDtCtG0BzytDyEyCtAtBtB0E0FtCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0CyC0F0A0DtD0CtG0F0AzztDtGyEzzzytAtGzzyCyEyDtG0DyC0Ezz0AtD0AtAyB0DtByE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCzztBtD%26cr%3D899623958%26a%3Dwbf_aftdwn_17_04%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll
O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Google Update] C:\Users\Giuseppe\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: I&nvia a OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ByteFence Anti-Malware Service (ByteFenceService) - Byte Technologies LLC - C:\Program Files\ByteFence\ByteFenceService.exe
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files\Wondershare\WAF\2.3.0.5\WsAppService.exe
O23 - Service: Wondershare Driver Install Service (WsDrvInst) - Wondershare - C:\Program Files\Wondershare\Dr.Fone per iOS\DriverInstall.exe

--
End of file - 8571 bytes

cbbusto
Inviato: Sunday, January 29, 2017 12:06:27 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Ci sono delle voci da eliminare, Chiudi tutti i programmi e disconnesso da internet,
Lancia HijackThis e clicca sul secondo pulsante Do a system scan only
inserisci il segno di spunta nel quadratino davanti alle righe sotto elencate, una volta seleziona clicca il tasto Fix checked per procedere all'eliminazione, comparirà una finestra clicca su SI per accettare e l'operazione è conclusa.
Ricorda che Hijackthis deve essere avviato da una cartella a lui dedicata sul desktop. Solo così Hijackthis creerà copie di backup di quello che viene eliminato prima di apportare modifiche, così in caso di inconvenienti si possono reinstallare.

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://it.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wb f_aftdwn_17_04&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dit%26pa%3Dwincy%26cd%3D2Xzu yEtN2Y1L1QzutCzz0AyC0FyBtD0EyB0F0FzztB0CtC0AtN0D0Tzu0StCzzyDyDtN1L2XzutAtFtByDtF tCtFtCtCzztN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StA0ByCyEtA0BtC0DtGyEyBzz0FtG0C0D0C0F tGtB0AyDtCtG0BzytDyEyCtAtBtB0E0FtCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0CyC0F0A0DtD0CtG 0F0AzztDtGyEzzzytAtGzzyCyEyDtG0DyC0Ezz0AtD0AtAyB0DtByE2QtN0A0LzuyEtN1B2Z1V1T1S1N zutCtCzztBtD%26cr%3D899623958%26a%3Dwbf_aftdwn_17_04%26os_ver%3D6.1%26os%3DWindo ws%2B7%2BUltimate

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://it.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wb f_aftdwn_17_04&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dit%26pa%3Dwincy%26cd%3D2Xzu yEtN2Y1L1QzutCzz0AyC0FyBtD0EyB0F0FzztB0CtC0AtN0D0Tzu0StCzzyDyDtN1L2XzutAtFtByDtF tCtFtCtCzztN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StA0ByCyEtA0BtC0DtGyEyBzz0FtG0C0D0C0F tGtB0AyDtCtG0BzytDyEyCtAtBtB0E0FtCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0CyC0F0A0DtD0CtG 0F0AzztDtGyEzzzytAtGzzyCyEyDtG0DyC0Ezz0AtD0AtAyB0DtByE2QtN0A0LzuyEtN1B2Z1V1T1S1N zutCtCzztBtD%26cr%3D899623958%26a%3Dwbf_aftdwn_17_04%26os_ver%3D6.1%26os%3DWindo ws%2B7%2BUltimate

Poi devi disattivare tutte le voci che hai in Avvio lascia silo Avast tutte le altre non servono rallentano il pc e basta, i programmi non vengono toccati.
Vedo che usi Chrome, hai controllato se ci sono componenti aggiuntivi o plugin che non conosci ? se ci sono eliminali, se dovesse rallentare ancora prova a fare un ripristino del browser,
Per ripristinare Chrome segui le seguenti istruzioni:

Apri Chrome.
Clicca sul pulsante sulla barra degli strumenti del browser, in alto a destra.
Seleziona Impostazioni.
Clicca su Mostra impostazioni avanzate.
Cerca la sezione “Reimposta impostazioni del browser” (in genere l'ultima dell'elenco) OK chiudi.
PCKeeper lo avevi messo tu dimmi cosh'ai trovato, fai sapere se le pagine pubblicitarie appaio ancora.
Non c'è altro ciao

peppinho78
Inviato: Sunday, January 29, 2017 3:57:08 PM
Rank: AiutAmico

Iscritto dal : 12/6/2008
Posts: 30
Per adesso sto navigando tranquillamente, non si aprono più pagine indesiderate e google maps mi funziona regolarmente.Spero di aver risolto grazie al vostro aiuto
Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.