PDA

Visualizza la versione completa : Pagine si aprono da sole


Supernikita
12-04-2009, 15:36
Ciao a tutti e buona pasqua!Ho un grosso problema:mentre navigo mi si aprono da sole pagine indesiderate,ho norton come antivirus che non mi segnala niente di anomalo.Qualche buona anima può aiutarmi?Grazie,Sara. :ciauz:

Deifobe
12-04-2009, 18:59
ciao, buona Pasqua anche a te :)

scarica SystemScan (http://www.suspectfile.com/forum/viewtopic.php?f=8&t=466&start=0)
disconnetti il pc da internet => disattiva l'antivirus => esegui systemscan => clicca su "Scan Now". Finita la scansione, riattiva l'antivirus

carica il rapporto che trovi sul desktop su Savefile (http://www.savefile.com/) e posta il link ottenuto.

nota: systemscan viene riconosciuto come infetto per il tipo di scansione effettuata (è un falso positivo). La procedura postata è sicura.

Supernikita
12-04-2009, 21:44
Deifobe ti ringrazio,ho fatto la sansione ma savefile non funziona.Come la posto?

Supernikita
12-04-2009, 21:50
Ho provato a caricare il rappoto su RapidSpread,ecco il link

http://www.rapidspread.com/file.jsp?id=cj6yp52q8a

Deifobe
13-04-2009, 13:24
ciao,
Scarica navilog1.exe_il mafioso (http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe) sul desktop e installalo.
Eseguilo, scegli la lingua e, al menù di scelta, seleziona l'opzione 1 (non scegliere le altre). Ad un certo punto uscirà una scritta "Analysis ... Terminate", premi un tasto come richiesto e si aprirà un file di testo (il rapporto della scansione).

Supernikita
13-04-2009, 14:05
Ok,ti posto il file di testo generato da Navilog

Search Navipromo version 3.7.6 began on 13/04/2009 at 13.58.20,62

!!! Warning, this report may include legitimate files/programs !!!
!!! Post this report on the forum you are being helped !!!
!!! Don't continue with removal unless instructed by an authorized helper !!!

Fix running from C:\Programmi\navilog1

Updated on 14.03.2009 at 18h00 by IL-MAFIOSO

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
BIOS : Default System BIOS
USER : Acer ( Administrator )
BOOT : Normal boot

Antivirus : Norton AntiVirus 16.1.0.33 (Activated)


C:\ (Local Disk) - NTFS - Total:465 Go (Free:392 Go)
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)


Search done in normal mode


*** Search folders in "C:\WINDOWS" ***


*** Search folders in "C:\Programmi" ***


*** Search folders in "C:\Documents and Settings\All Users\menuav~1\progra~1" ***


*** Search folders in "C:\Documents and Settings\All Users\menuav~1" ***


*** Search folders in "c:\docume~1\alluse~1\datiap~1" ***


*** Search folders in "C:\Documents and Settings\Acer\datiap~1" ***


*** Search folders in "C:\DOCUME~1\ADMINI~1\datiap~1" ***


*** Search folders in "C:\Documents and Settings\Acer\impost~1\datiap~1" ***


*** Search folders in "C:\DOCUME~1\ADMINI~1\impost~1\datiap~1" ***


*** Search folders in "C:\Documents and Settings\Acer\menuav~1\progra~1" ***


*** Search folders in "C:\DOCUME~1\ADMINI~1\menuav~1\progra~1" ***


*** Search with Catchme-rootkit/stealth malware detector by gmer ***
for more info : http://www.gmer.net



*** Search with GenericNaviSearch ***
!!! Possibility of legitimate files in the result !!!
!!! Must always be checked before manually deleting !!!

* Scan in "C:\WINDOWS\system32" *

* Scan in "C:\Documents and Settings\Acer\impost~1\datiap~1" *

* Scan in "C:\DOCUME~1\ADMINI~1\impost~1\datiap~1" *



*** Search files ***



*** Search specific Registry keys ***
!! Following keys are not certainly all infected !!


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"wwocy"="\"c:\\documents and settings\\acer\\impostazioni locali\\dati applicazioni\\wwocy.exe\" wwocy"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ewkomya"="\"c:\\documents and settings\\acer\\impostazioni locali\\dati applicazioni\\ewkomya.exe\" ewkomya"


*** Complementary Search ***
(Search specific files)

1)Search new Instant Access files :


2)Heuristic Search :

* In "C:\WINDOWS\system32" :


* In "C:\Documents and Settings\Acer\impost~1\datiap~1" :

ewkomya.exe found !
ewkomya.dat found !
ewkomya_nav.dat found !
ewkomya_navps.dat found !

* In "C:\DOCUME~1\ADMINI~1\impost~1\datiap~1" :


3)Certificates Search :

Egroup certificate not found !
Electronic-Group certificate not found !
Montorgueil certificate not found !
OOO-Favorit certificate not found !
Sunny-Day-Design-Ltd certificate not found !

4)Search others known folders and files :



*** Search completed on 13/04/2009 at 14.03.17,98 ***

E grazie ancora per la disponibilità.

Deifobe
13-04-2009, 15:13
Riavvia il computer in modalità provvisoria: all'avvio del pc, prima che inizi a caricare Windows, premi ripetutamente F8. Uscirà la finestra del menu Opzioni avanzate di Windows => scegli modalità provvisoria (usa il tasto freccia ^).
Esegui Navilog1 e scegli l'opzione 2 (Automatic Cleaning) e dai l'ok (eseguirà la pulizia dei files infetti trovati)
Quando finisce, riavvia il pc in modalità normale
Posta il rapporto rilasciato

Supernikita
13-04-2009, 16:09
Fatto come hai detto,ecco il rapporto:

Navipromo Removal version 3.7.6 started on 13/04/2009 at 16.00.30,93

Fix running from C:\Programmi\navilog1

Updated on 14.03.2009 at 18h00 by IL-MAFIOSO

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
BIOS : Default System BIOS
USER : Administrator ( Administrator )
BOOT : Fail-safe boot

Antivirus : Norton AntiVirus 16.1.0.33 (Activated)


C:\ (Local Disk) - NTFS - Total:465 Go (Free:396 Go)
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)


Automatic removal
with Catchme and GNS results


Cleanning stage done in safe mode


*** fsbl1.txt not found ***
(Check that Catchme found nothing in Search Mode)


*** Deleting with Backups GenericNaviSearch results ***

* Deletion in "C:\WINDOWS\System32" *


* Deletion in "C:\Documents and Settings\Administrator\impost~1\datiap~1" *


* Deletion in "C:\DOCUME~1\Acer\impost~1\datiap~1" *


*** Deleting folders in "C:\WINDOWS" ***


*** Deleting folders in "C:\Programmi" ***


*** Deleting folders in "C:\Documents and Settings\All Users\menuav~1\progra~1" ***


*** Deleting folders in "C:\Documents and Settings\All Users\menuav~1" ***


*** Deleting folders in "c:\docume~1\alluse~1\datiap~1" ***


*** Deleting folders in "C:\Documents and Settings\Administrator\datiap~1" ***


*** Deleting folders in "C:\DOCUME~1\Acer\datiap~1" ***


*** Deleting folders in "C:\Documents and Settings\Administrator\impost~1\datiap~1" ***


*** Deleting folders in "C:\DOCUME~1\Acer\impost~1\datiap~1" ***


*** Deleting folders in "C:\Documents and Settings\Administrator\menuav~1\progra~1" ***


*** Deleting folders in "C:\DOCUME~1\Acer\menuav~1\progra~1" ***



*** Deleting files ***


*** Deleting temporary files ***

Cleaning of C:\WINDOWS\Temp done !
Cleaning of C:\Documents and Settings\Administrator\impost~1\Temp done !

*** Complementary Search ***
(Search specific files)

1)Deletion with backups new Instant Access files:

2)Heuristic search and deletion with backups :


* In "C:\WINDOWS\system32" *


* In "C:\Documents and Settings\Administrator\impost~1\datiap~1" *


* In "C:\DOCUME~1\Acer\impost~1\datiap~1" *


ewkomya.exe found !
Copy ewkomya.exe done !
ewkomya.exe deleted !

ewkomya.dat found !
Copy ewkomya.dat done !
ewkomya.dat deleted !

ewkomya_nav.dat found !
Copy ewkomya_nav.dat done !
ewkomya_nav.dat deleted !

ewkomya_navps.dat found !
Copy ewkomya_navps.dat done !
ewkomya_navps.dat deleted !


*** Copy Registry to Safebackup folder ***

Backing up Registry done !

*** Cleaning Registry ***

Registry cleaned


*** Certificates ***

Egroup Certificate not found !
Electronic-Group Certificate not found !
Montorgueil Certificate not found !
OOO-Favorit Certificate not found !
Sunny-Day-Design-Ltd Certificate not found !

*** Search others known folders and files ***



*** Cleaning stage complete on 13/04/2009 at 16.03.33,35 ***

Deifobe
13-04-2009, 19:57
ok, vedi ora il pc come va...

ciao

Supernikita
13-04-2009, 20:47
Grazie mille,sembra proprio che il problema sia risolto,e il pc va anche più veloce!
Volevo chiederti (sono una vera rottura...),siccome anche il pc di mio fratello ha il mio stesso problema,faccio la solita procedura con Navilog (opzione 2)o è meglio che apra un nuovo post?
Grazie di tutto,ciao! :ciauz:

Loading