PDA

Visualizza la versione completa : Pagine si aprono da sole


 
Supernikita
12-04-2009, 16:36
Ciao a tutti e buona pasqua!Ho un grosso problema:mentre navigo mi si aprono da sole pagine indesiderate,ho norton come antivirus che non mi segnala niente di anomalo.Qualche buona anima pu˛ aiutarmi?Grazie,Sara. :ciauz:

Deifobe
12-04-2009, 19:59
ciao, buona Pasqua anche a te :)

scarica SystemScan (http://www.suspectfile.com/forum/viewtopic.php?f=8&t=466&start=0)
disconnetti il pc da internet => disattiva l'antivirus => esegui systemscan => clicca su "Scan Now". Finita la scansione, riattiva l'antivirus

carica il rapporto che trovi sul desktop su Savefile (http://www.savefile.com/) e posta il link ottenuto.

nota: systemscan viene riconosciuto come infetto per il tipo di scansione effettuata (Ŕ un falso positivo). La procedura postata Ŕ sicura.

Supernikita
12-04-2009, 22:44
Deifobe ti ringrazio,ho fatto la sansione ma savefile non funziona.Come la posto?

Supernikita
12-04-2009, 22:50
Ho provato a caricare il rappoto su RapidSpread,ecco il link

http://www.rapidspread.com/file.jsp?id=cj6yp52q8a

Deifobe
13-04-2009, 14:24
ciao,
Scarica navilog1.exe_il mafioso (http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe) sul desktop e installalo.
Eseguilo, scegli la lingua e, al men¨ di scelta, seleziona l'opzione 1 (non scegliere le altre). Ad un certo punto uscirÓ una scritta "Analysis ... Terminate", premi un tasto come richiesto e si aprirÓ un file di testo (il rapporto della scansione).

Supernikita
13-04-2009, 15:05
Ok,ti posto il file di testo generato da Navilog

Search Navipromo version 3.7.6 began on 13/04/2009 at 13.58.20,62

!!! Warning, this report may include legitimate files/programs !!!
!!! Post this report on the forum you are being helped !!!
!!! Don't continue with removal unless instructed by an authorized helper !!!

Fix running from C:\Programmi\navilog1

Updated on 14.03.2009 at 18h00 by IL-MAFIOSO

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
BIOS : Default System BIOS
USER : Acer ( Administrator )
BOOT : Normal boot

Antivirus : Norton AntiVirus 16.1.0.33 (Activated)


C:\ (Local Disk) - NTFS - Total:465 Go (Free:392 Go)
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)


Search done in normal mode


*** Search folders in "C:\WINDOWS" ***


*** Search folders in "C:\Programmi" ***


*** Search folders in "C:\Documents and Settings\All Users\menuav~1\progra~1" ***


*** Search folders in "C:\Documents and Settings\All Users\menuav~1" ***


*** Search folders in "c:\docume~1\alluse~1\datiap~1" ***


*** Search folders in "C:\Documents and Settings\Acer\datiap~1" ***


*** Search folders in "C:\DOCUME~1\ADMINI~1\datiap~1" ***


*** Search folders in "C:\Documents and Settings\Acer\impost~1\datiap~1" ***


*** Search folders in "C:\DOCUME~1\ADMINI~1\impost~1\datiap~1" ***


*** Search folders in "C:\Documents and Settings\Acer\menuav~1\progra~1" ***


*** Search folders in "C:\DOCUME~1\ADMINI~1\menuav~1\progra~1" ***


*** Search with Catchme-rootkit/stealth malware detector by gmer ***
for more info : http://www.gmer.net



*** Search with GenericNaviSearch ***
!!! Possibility of legitimate files in the result !!!
!!! Must always be checked before manually deleting !!!

* Scan in "C:\WINDOWS\system32" *

* Scan in "C:\Documents and Settings\Acer\impost~1\datiap~1" *

* Scan in "C:\DOCUME~1\ADMINI~1\impost~1\datiap~1" *



*** Search files ***



*** Search specific Registry keys ***
!! Following keys are not certainly all infected !!


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"wwocy"="\"c:\\documents and settings\\acer\\impostazioni locali\\dati applicazioni\\wwocy.exe\" wwocy"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ewkomya"="\"c:\\documents and settings\\acer\\impostazioni locali\\dati applicazioni\\ewkomya.exe\" ewkomya"


*** Complementary Search ***
(Search specific files)

1)Search new Instant Access files :


2)Heuristic Search :

* In "C:\WINDOWS\system32" :


* In "C:\Documents and Settings\Acer\impost~1\datiap~1" :

ewkomya.exe found !
ewkomya.dat found !
ewkomya_nav.dat found !
ewkomya_navps.dat found !

* In "C:\DOCUME~1\ADMINI~1\impost~1\datiap~1" :


3)Certificates Search :

Egroup certificate not found !
Electronic-Group certificate not found !
Montorgueil certificate not found !
OOO-Favorit certificate not found !
Sunny-Day-Design-Ltd certificate not found !

4)Search others known folders and files :



*** Search completed on 13/04/2009 at 14.03.17,98 ***

E grazie ancora per la disponibilitÓ.

Deifobe
13-04-2009, 16:13
Riavvia il computer in modalitÓ provvisoria: all'avvio del pc, prima che inizi a caricare Windows, premi ripetutamente F8. UscirÓ la finestra del menu Opzioni avanzate di Windows => scegli modalitÓ provvisoria (usa il tasto freccia ^).
Esegui Navilog1 e scegli l'opzione 2 (Automatic Cleaning) e dai l'ok (eseguirÓ la pulizia dei files infetti trovati)
Quando finisce, riavvia il pc in modalitÓ normale
Posta il rapporto rilasciato

Supernikita
13-04-2009, 17:09
Fatto come hai detto,ecco il rapporto:

Navipromo Removal version 3.7.6 started on 13/04/2009 at 16.00.30,93

Fix running from C:\Programmi\navilog1

Updated on 14.03.2009 at 18h00 by IL-MAFIOSO

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
BIOS : Default System BIOS
USER : Administrator ( Administrator )
BOOT : Fail-safe boot

Antivirus : Norton AntiVirus 16.1.0.33 (Activated)


C:\ (Local Disk) - NTFS - Total:465 Go (Free:396 Go)
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)


Automatic removal
with Catchme and GNS results


Cleanning stage done in safe mode


*** fsbl1.txt not found ***
(Check that Catchme found nothing in Search Mode)


*** Deleting with Backups GenericNaviSearch results ***

* Deletion in "C:\WINDOWS\System32" *


* Deletion in "C:\Documents and Settings\Administrator\impost~1\datiap~1" *


* Deletion in "C:\DOCUME~1\Acer\impost~1\datiap~1" *


*** Deleting folders in "C:\WINDOWS" ***


*** Deleting folders in "C:\Programmi" ***


*** Deleting folders in "C:\Documents and Settings\All Users\menuav~1\progra~1" ***


*** Deleting folders in "C:\Documents and Settings\All Users\menuav~1" ***


*** Deleting folders in "c:\docume~1\alluse~1\datiap~1" ***


*** Deleting folders in "C:\Documents and Settings\Administrator\datiap~1" ***


*** Deleting folders in "C:\DOCUME~1\Acer\datiap~1" ***


*** Deleting folders in "C:\Documents and Settings\Administrator\impost~1\datiap~1" ***


*** Deleting folders in "C:\DOCUME~1\Acer\impost~1\datiap~1" ***


*** Deleting folders in "C:\Documents and Settings\Administrator\menuav~1\progra~1" ***


*** Deleting folders in "C:\DOCUME~1\Acer\menuav~1\progra~1" ***



*** Deleting files ***


*** Deleting temporary files ***

Cleaning of C:\WINDOWS\Temp done !
Cleaning of C:\Documents and Settings\Administrator\impost~1\Temp done !

*** Complementary Search ***
(Search specific files)

1)Deletion with backups new Instant Access files:

2)Heuristic search and deletion with backups :


* In "C:\WINDOWS\system32" *


* In "C:\Documents and Settings\Administrator\impost~1\datiap~1" *


* In "C:\DOCUME~1\Acer\impost~1\datiap~1" *


ewkomya.exe found !
Copy ewkomya.exe done !
ewkomya.exe deleted !

ewkomya.dat found !
Copy ewkomya.dat done !
ewkomya.dat deleted !

ewkomya_nav.dat found !
Copy ewkomya_nav.dat done !
ewkomya_nav.dat deleted !

ewkomya_navps.dat found !
Copy ewkomya_navps.dat done !
ewkomya_navps.dat deleted !


*** Copy Registry to Safebackup folder ***

Backing up Registry done !

*** Cleaning Registry ***

Registry cleaned


*** Certificates ***

Egroup Certificate not found !
Electronic-Group Certificate not found !
Montorgueil Certificate not found !
OOO-Favorit Certificate not found !
Sunny-Day-Design-Ltd Certificate not found !

*** Search others known folders and files ***



*** Cleaning stage complete on 13/04/2009 at 16.03.33,35 ***

Deifobe
13-04-2009, 20:57
ok, vedi ora il pc come va...

ciao

Supernikita
13-04-2009, 21:47
Grazie mille,sembra proprio che il problema sia risolto,e il pc va anche pi¨ veloce!
Volevo chiederti (sono una vera rottura...),siccome anche il pc di mio fratello ha il mio stesso problema,faccio la solita procedura con Navilog (opzione 2)o Ŕ meglio che apra un nuovo post?
Grazie di tutto,ciao! :ciauz:

Loading