Pagina 1 di 3 1 2 3 ultimoultimo
Visualizzazione dei risultati da 1 a 10 su 29

Discussione: come faccio ad eliminare MyStart IncrediBar.com ?

  1. #1
    Utente di HTML.it
    Registrato dal
    Oct 2009
    Messaggi
    39

    come faccio ad eliminare MyStart IncrediBar.com ?

    Salve ragazzi

    come faccio ad eliminare MyStart IncrediBar.com ? dalla pagina iniziale

    uso firefox, ho cancellato MyStart IncrediBar.com dalla pagine predefinita e cancellato nella gestione componenti aggiunive estensione

  2. #2
    Utente di HTML.it
    Registrato dal
    May 2009
    Messaggi
    4,224
    ciao

    prova con adwcleaner clicca sul pulsante delete e posta il log
    i log delle scansioni caricali = > QUI

    oppure = > QUI

  3. #3
    Utente di HTML.it
    Registrato dal
    Oct 2009
    Messaggi
    39
    grazie per la risposta.

    non ha funzionato...ricompare.

  4. #4
    Utente di HTML.it
    Registrato dal
    Oct 2009
    Messaggi
    39
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 22.17.58, on 19/09/2012
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\Programmi\IObit\Advanced SystemCare 5\ASCService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Programmi\Avira\AntiVir Desktop\sched.exe
    C:\WINDOWS\Explorer.EXE
    C:\Programmi\Avira\AntiVir Desktop\avguard.exe
    C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\mdm.exe
    C:\Programmi\Avira\AntiVir Desktop\avgnt.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\WINDOWS\system32\S3trayp.exe
    C:\Programmi\VIA\VIAudioi\SBADeck\ADeck.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Programmi\Messenger\msmsgs.exe
    C:\Programmi\Nokia\Nokia Suite\NokiaSuite.exe
    C:\Programmi\Skype\Phone\Skype.exe
    C:\Programmi\Skype\Updater\Updater.exe
    C:\Programmi\IObit\Advanced SystemCare 5\ASCTray.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Programmi\Adobe\Reader 10.0\Reader\Reader_sl.exe
    C:\Programmi\Alice ti aiuta\bin\mpbtn.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
    O4 - HKLM\..\Run: [AudioDeck] C:\Programmi\VIA\VIAudioi\SBADeck\ADeck.exe 1
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [autoclk] autoclk.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\utente\Impostazioni locali\Dati applicazioni\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\utente\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Programmi\Nokia\Nokia Suite\NokiaSuite.exe -tray
    O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /minimized /regrun
    O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Programmi\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
    O4 - Global Startup: Alice ti aiuta.lnk = C:\Programmi\Alice ti aiuta\bin\matcli.exe
    O4 - Global Startup: Tasto di scelta rapida per l'avvio di AutoCAD.lnk = C:\Programmi\File comuni\Autodesk Shared\acstart16.exe
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
    O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: PokerStars.it - {C4046502-6524-4d87-896C-878F57D1FF07} - C:\Programmi\PokerStars.IT\PokerStarsUpdate.exe (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
    O16 - DPF: {1F831FA9-42FC-11D4-95A6-0080AD30DCE1} (InstaFred Control) - file:///C:/Programmi/AutoCAD%20LT%202000i%20Ita/InstFred.ocx
    O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (Controllo AcDc oggi) - file:///C:/Programmi/AutoCAD%20LT%202000i%20Ita/AcDcToday.ocx
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
    O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (Controllo AcPreview) - file:///C:/Programmi/AutoCAD%20LT%202000i%20Ita/AcPreview.ocx
    O17 - HKLM\System\CCS\Services\Tcpip\..\{A8623A30-9C52-40A1-83E8-893E5E599E2D}: NameServer = 85.37.17.57 85.38.28.80
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
    O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpda teService.exe
    O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Programmi\IObit\Advanced SystemCare 5\ASCService.exe
    O23 - Service: Avira Pianificatore (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Programmi\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Programmi\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: ServiceLayer - Nokia - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Programmi\Skype\Updater\Updater.exe

    --
    End of file - 6959 bytes

  5. #5
    Utente di HTML.it
    Registrato dal
    May 2009
    Messaggi
    4,224
    scarica OTL e salvalo sul desktop

    Metti la spunta su SCAN ALL USERS.

    Sotto output, metti la spunta su minimal output

    Clicca sulla freccettina di File Age e seleziona 60 Days

    Metti la spunta a LOP Check e Purity Check.

    Clicca su RUN SCAN

    Lascia fare la scansione senza interferire.

    Al termine della scansione trovi 2 log sul desktop. OTL.txt ed Extras.txt, salvali e caricali su Wikisend,
    i log delle scansioni caricali = > QUI

    oppure = > QUI

  6. #6
    Utente di HTML.it
    Registrato dal
    Oct 2009
    Messaggi
    39
    grazie di nuovo menatwork...sto procedento

    Originariamente inviato da menatwork
    scarica OTL e salvalo sul desktop

    Metti la spunta su SCAN ALL USERS.

    Sotto output, metti la spunta su minimal output

    Clicca sulla freccettina di File Age e seleziona 60 Days

    Metti la spunta a LOP Check e Purity Check.

    Clicca su RUN SCAN

    Lascia fare la scansione senza interferire.

    Al termine della scansione trovi 2 log sul desktop. OTL.txt ed Extras.txt, salvali e caricali su Wikisend,

  7. #7

  8. #8
    Utente di HTML.it
    Registrato dal
    May 2009
    Messaggi
    4,224
    controlla questa cartella se non la conosci eliminala

    C:\Documents and Settings\utente\Dati applicazioni\wtxpcom

    vai qui e controlla questo file se viene riconosciuto nocivo

    C:\WINDOWS\System32\emptyregdb.dat

    adesso apri OTL e copia nello spazio bianco questo testo

    :OTL
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
    DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
    DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
    DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\utente\Desktop\PC WIZARD\pcwiz_x32.sys -- (cpuz134)
    DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.chatzum.com/?q={searchTerms}
    IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    FF - prefs.js..keyword.URL: "http://mystart.incredibar.com/mb174/?loc=IB_DS&a=6R8FFvuvei&&i=26&search="
    O4 - HKU\S-1-5-21-839522115-1004336348-1177238915-1003..\Run: [] File not found
    :file
    C:\Programmi\1ClickDownload\1ClickDownload.exe
    :reg
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\AuthorizedApplications\List]
    "C:\Programmi\1ClickDownload\1ClickDownload.ex e" =-

    :commands
    [EMPTYTEMP]
    [EMPTYFLASH]
    [Reboot]
    clicca su run fix e attendi ...alla fine della scansione verra' prodotto un log che dovrai allegare

    riesegui una nuova scansione con OTL e posta anche questo rapporto
    i log delle scansioni caricali = > QUI

    oppure = > QUI

  9. #9
    Utente di HTML.it
    Registrato dal
    Oct 2009
    Messaggi
    39
    All processes killed
    ========== OTL ==========
    Service WDICA stopped successfully!
    Service WDICA deleted successfully!
    Service PDRFRAME stopped successfully!
    Service PDRFRAME deleted successfully!
    Service PDRELI stopped successfully!
    Service PDRELI deleted successfully!
    Service PDFRAME stopped successfully!
    Service PDFRAME deleted successfully!
    Service PDCOMP stopped successfully!
    Service PDCOMP deleted successfully!
    Service PCIDump stopped successfully!
    Service PCIDump deleted successfully!
    Service lbrtfdc stopped successfully!
    Service lbrtfdc deleted successfully!
    Service i2omgmt stopped successfully!
    Service i2omgmt deleted successfully!
    Service cpuz134 stopped successfully!
    Service cpuz134 deleted successfully!
    File C:\Documents and Settings\utente\Desktop\PC WIZARD\pcwiz_x32.sys not found.
    Service Changer stopped successfully!
    Service Changer deleted successfully!
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE9 3-D776-472f-A0FF-E1416B8B2E3A}\ not found.
    HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    Prefs.js: "http://mystart.incredibar.com/mb174/?loc=IB_DS&a=6R8FFvuvei&&i=26&search=" removed from keyword.URL
    Registry value HKEY_USERS\S-1-5-21-839522115-1004336348-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Run \\ deleted successfully.
    Error: Unable to interpret <:file> in the current context!
    Error: Unable to interpret <C:\Programmi\1ClickDownload\1ClickDownload.exe> in the current context!
    ========== REGISTRY ==========
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\AuthorizedApplications\List\\C:\Programmi\ 1ClickDownload\1ClickDownload.exe deleted successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: LocalService
    ->Temp folder emptied: 66016 bytes
    ->Temporary Internet Files folder emptied: 33177 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: utente
    ->Temp folder emptied: 73281451 bytes
    ->Temporary Internet Files folder emptied: 1507039 bytes
    ->FireFox cache emptied: 71189671 bytes
    ->Google Chrome cache emptied: 6645443 bytes
    ->Flash cache emptied: 543 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 2352329 bytes
    %systemroot%\System32 .tmp files removed: 33884997 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 0 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 180,00 mb


    [EMPTYFLASH]

    User: All Users

    User: Default User

    User: LocalService

    User: NetworkService

    User: utente
    ->Flash cache emptied: 0 bytes

    Total Flash Files Cleaned = 0,00 mb


    OTL by OldTimer - Version 3.2.64.0 log created on 09202012_124531

    Files\Folders moved on Reboot...

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...






    Originariamente inviato da menatwork
    controlla questa cartella se non la conosci eliminala

    C:\Documents and Settings\utente\Dati applicazioni\wtxpcom

    vai qui e controlla questo file se viene riconosciuto nocivo

    C:\WINDOWS\System32\emptyregdb.dat

    adesso apri OTL e copia nello spazio bianco questo testo



    clicca su run fix e attendi ...alla fine della scansione verra' prodotto un log che dovrai allegare

    riesegui una nuova scansione con OTL e posta anche questo rapporto

  10. #10
    Utente di HTML.it
    Registrato dal
    May 2009
    Messaggi
    4,224
    visualizzi ancora la fastidiosa IncrediBar?
    i log delle scansioni caricali = > QUI

    oppure = > QUI

Permessi di invio

  • Non puoi inserire discussioni
  • Non puoi inserire repliche
  • Non puoi inserire allegati
  • Non puoi modificare i tuoi messaggi
  •  
Powered by vBulletin® Version 4.2.1
Copyright © 2014 vBulletin Solutions, Inc. All rights reserved.