|
|
|
| the-wanted |
Ciao,
è da qualche giorno che mentre navigo in internet si aprono automaticamente
delle pagine internet. Come browser uso Google Chrome e come sistema operativo
windows 7. Ho provato a fare una scansione con avast ma non rileva nessun
virus... come posso risolvere?
Grazie |
| menatwork |
ciao
scarica
hijackthis e mettilo nella directory C dove avrai preparato una cartella
con il suo nome.
Lanci l'eseguibile e clicchi su " do a system scan and save a log" alla fine
salvi questo file con estensione *.TXT e lo alleghi ad un post sul forum. |
| the-wanted |
ecco il report del software...
---------------------------------------
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 03:53:17, on 30/07/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
C:\Users\Ida\AppData\Local\Google\Update\1.3.21.115\GoogleCrashHandler.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Public\Documents\AppData\PoApp\PService.exe
C:\Program Files\Sony\VAIO Personalization Manager\VpmIfPav.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\hijackthis\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://vaioportal.sony.eu
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://search.babylon.com/?affID=11...000eeaf78c67f83
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = |
|
|
|
|
| the-wanted |
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://search.findeer.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: CrossriderApp0002258 - {11111111-1111-1111-1111-110011221158} -
C:\Program Files (x86)\I Want This\I Want This.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program
Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} -
c:\progra~1\mcafee\msk\mskapbho.dll (file missing)
O2 - BHO: TBSB01620 - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files
(x86)\IMinent Toolbar\tbcore3.dll
O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program
Files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -
C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: SearchToolbar.ShowToolbarBHO - {86a3cdaa-9b25-480e-b73f-c2d359b87966}
- mscoree.dll (file missing)
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files
(x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program
Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Guida per l'accesso a Windows Live ID -
{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common
Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} -
C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll
O2 - BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} -
C:\PROGRA~2\SEARCH~1\Datamngr\BROWSE~1.DLL
O2 - BHO: Adobe PDF Conversion Toolbar Helper -
{AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common
Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} -
C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program
Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9}
- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program
Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program
Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} -
C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -
C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program
Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: IMinent Toolbar - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} -
C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll
O3 - Toolbar: SearchToolbar - {691ca8ec-7205-4aa9-bdd6-15493d16f835} -
mscoree.dll (file missing)
O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} -
C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid
Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB
Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [facemoods] "C:\Program Files
(x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft
Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories
Home\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe"
/nogui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple
Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files
(x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat
10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common
Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common
Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe"
-atboottime
O4 - HKLM\..\Run: [PosService]
C:\Users\Public\Documents\AppData\PoApp\PLauncher.exe
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common
Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Elbserver] C:\Program Files (x86)\Sony\Media
Gallery\ElbServer.exe /Stay
O4 - HKCU\..\Run: [Google Update]
"C:\Users\Ida\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Media Finder] "C:\Program Files (x86)\Media Finder\Media
Finder.exe" /opentotray
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files
(x86)\Media Finder\hook.html
O8 - Extra context menu item: E&sporta in Microsoft Excel -
res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter -
C:\Users\Ida\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: I&nvia a OneNote -
res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows
Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 -
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows
Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows
Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 -
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows
Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} -
C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote -
{2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft
Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} -
C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to -
{7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth
Suite\IEPlugIn.dll
O9 - Extra button: &Note collegate di OneNote -
{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft
Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Note collegate di OneNote -
{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft
Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5}
- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft
shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft
shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -
http://messenger.zone.msn.com/Messe...r />
E_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
[url]http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab[/u
rl]
O17 - HKLM\System\CCS\Services\Tcpip\..\{597BFC1F-329F-4529-985E-403AE1ED04A8}:
NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{653AE411-DEDD-4FE8-98D7-94092BA8C086}:
NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{846ee342-7039-11de-9d20-806e6f6e6963}:
NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{C6818A27-12F2-402F-ADDE-058309C1C14B}:
NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{E1104477-D4C8-49B9-B44B-6B619F3AD74C}:
NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{597BFC1F-329F-4529-985E-403AE1ED04A8}:
NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{597BFC1F-329F-4529-985E-403AE1ED04A8}:
NameServer = 176.31.229.24,176.31.229.25
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files
(x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} -
C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll
C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program
Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems
Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner -
C:\Windows\System32\alg.exe (file missing)
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files
(x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files
(x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST
Software\Avast\AvastSvc.exe
O23 - Service: DCDhcpService - Atheros Communication Inc. - C:\Program
Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner -
C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner -
C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel
Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage
Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files
(x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner -
C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management
Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R)
Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner -
C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown
owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files
(x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: Pos Service (PowerOffer Service) - PowerOfferService -
C:\Users\Ida\AppData\Local\PosService\Pos.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) -
Unknown owner - C:\Windows\system32\lsass.exe (file missing) |
|
|
|
|
| the-wanted |
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program
Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown
owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony
Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner -
C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Serv Updater (ServUpdater) - ServiceUpd -
C:\Users\Ida\AppData\Local\ServUpdater\ServiceUpd.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. -
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program
Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner
- C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Software Upd (SoftwareUpd) - SoftwareUpdService -
C:\Users\Ida\AppData\Local\SoftwareUpdater\SoftwareUpdService.exe
O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program
Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program
Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation
- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment
Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner -
C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner -
C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files
(x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown
owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification
Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R)
Management Engine Components\UNS\UNS.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files
(x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown
owner- C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation -
C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder
Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr)
- Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing
Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager
(VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network
Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony
Corporation - C:\Program Files\Common Files\Sony
Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO
Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner -
C:\Windows\System32\vds.exe (file missing)
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart
Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner -
C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update
Common\VUAgent.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown
owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown
owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) -
Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101
(WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media
Player\wmpnetwk.exe (file missing)
--
End of file - 18304 bytes |
|
|
|
|
| menatwork |
riesegui la scansione con hjt e metti la spunta accanto alle caselle
corrispondenti delle voci che ti indico poi premi fix checked
Citazione: R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://search.babylon.com/?affID=11...000eeaf78c67f83
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://search.findeer.com
O2 - BHO: CrossriderApp0002258 - {11111111-1111-1111-1111-110011221158} -
C:\Program Files (x86)\I Want This\I Want This.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} -
c:\progra~1\mcafee\msk\mskapbho.dll (file missing)
O2 - BHO: SearchToolbar.ShowToolbarBHO - {86a3cdaa-9b25-480e-b73f-c2d359b87966}
- mscoree.dll (file missing)
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} -
C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program
Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program
Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: SearchToolbar - {691ca8ec-7205-4aa9-bdd6-15493d16f835} -
mscoree.dll (file missing)
O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} -
C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll
O20 - AppInit_DLLs: C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll
C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll
scarica avenger sul desktop
http://swandog46.geekstogo.com/avenger.zip
Decomprimi l'archivio
Avvia il file avenger.exe
Copi e incolli nella finestra: "Imput script here" questo testo in rosso
files to delete:
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe
C:\Program Files (x86)\I Want This\I Want This.dll
C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll
C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll
C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll
folders to delete:
C:\Program Files (x86)\Searchqu Toolbar\Datamngr
C:\Program Files (x86)\I Want This
C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar
C:\PROGRA~2\SEARCH~1\Datamngr
Togli il segno di spunta dalla voce Scan for Rootkits
Premi il pulsante Execute
Rispondi di Si alle due richieste di Avenger
Adesso il tuo computer dovrebbe riavviarsi, nel caso non succedesse, riavvialo
tu manualmente
Al riavvio del computer, copia e incolla qui il contenuto del blocco note che
apparirà.
Controlla se hai ancora il problema che lamentavi poi fai una scansione con
malwarebytes
Aggiornalo: clicca sulla scheda "aggiornamenti" => "controlla aggiornamenti"
Esegui una "scansione completa" (seleziona l'opzione)
A scansione completa, fai clic su OK => Mostra i Risultati.
Assicurarti che tutto sia selezionato e clicca clic su Rimuovi selezionati.
Se ti chiede di riavviare, riavvia per completare il processo di pulizia.
Posta il rapporto . |
|
|
|
|
| the-wanted |
ho effettuato tutte le procedure che mi avete indicato ma purtroppo i software
non mi danno alcun report. Nonostante ciò il problema rimane :dhò: :dhò: :dhò: |
|
|
|
|
| menatwork |
se non vedo i rapporti come faccio ad aiutarti?? hai fatto anche la scansione
con malwarebytes? posta un log di hjt |
|
|
|
|
| the-wanted |
ciao,
ho effettuato la scansione con malwarebytes ma niente. Ho fatto una nuova
scansione con hjt e allego log
----------------------------
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 00:31:05, on 02/08/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
C:\Users\Ida\AppData\Local\Google\Update\1.3.21.115\GoogleCrashHandler.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Users\Public\Documents\AppData\PoApp\PService.exe
C:\Program Files\Sony\VAIO Personalization Manager\VpmIfPav.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Users\Ida\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ida\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ida\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ida\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ida\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ida\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\Magic-i Visual
Effects.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Users\Ida\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ida\Downloads\join.me.exe
C:\Users\Ida\AppData\Local\Temp\joi3FE2.tmp\join.me.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Ida\AppData\Local\Temp\joi3FE2.tmp\LMISupportM.exe
C:\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://vaioportal.sony.eu
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://search.chatzum.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program
Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} -
c:\progra~1\mcafee\msk\mskapbho.dll (file missing)
O2 - BHO: TBSB01620 - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files
(x86)\IMinent Toolbar\tbcore3.dll
O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program
Files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -
C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: SearchToolbar.ShowToolbarBHO - {86a3cdaa-9b25-480e-b73f-c2d359b87966}
- mscoree.dll (file missing)
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files
(x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program
Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Guida per l'accesso a Windows Live ID -
{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common
Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} -
C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll
O2 - BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} -
C:\PROGRA~2\SEARCH~1\Datamngr\BROWSE~1.DLL
O2 - BHO: Adobe PDF Conversion Toolbar Helper -
{AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common
Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} -
C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program
Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9}
- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program
Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program
Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} -
C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -
C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program
Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: IMinent Toolbar - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} -
C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll
O3 - Toolbar: SearchToolbar - {691ca8ec-7205-4aa9-bdd6-15493d16f835} -
mscoree.dll (file missing)
O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} -
C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid
Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB
Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [facemoods] "C:\Program Files
(x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft
Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories
Home\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe"
/nogui |
|
|
|
|
| the-wanted |
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple
Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files
(x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat
10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common
Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common
Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe"
-atboottime
O4 - HKLM\..\Run: [PosService]
C:\Users\Public\Documents\AppData\PoApp\PLauncher.exe
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common
Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files
(x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [Elbserver] C:\Program Files (x86)\Sony\Media
Gallery\ElbServer.exe /Stay
O4 - HKCU\..\Run: [Google Update]
"C:\Users\Ida\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Media Finder] "C:\Program Files (x86)\Media Finder\Media
Finder.exe" /opentotray
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files
(x86)\Media Finder\hook.html
O8 - Extra context menu item: E&sporta in Microsoft Excel -
res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter -
C:\Users\Ida\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: I&nvia a OneNote -
res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows
Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 -
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows
Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows
Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 -
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows
Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} -
C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote -
{2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft
Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} -
C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to -
{7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth
Suite\IEPlugIn.dll
O9 - Extra button: &Note collegate di OneNote -
{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft
Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Note collegate di OneNote -
{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft
Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5}
- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft
shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft
shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -
http://messenger.zone.msn.com/Messe...r />
E_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
[url]http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab[/u
rl]
O17 - HKLM\System\CCS\Services\Tcpip\..\{597BFC1F-329F-4529-985E-403AE1ED04A8}:
NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{653AE411-DEDD-4FE8-98D7-94092BA8C086}:
NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{846ee342-7039-11de-9d20-806e6f6e6963}:
NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{C6818A27-12F2-402F-ADDE-058309C1C14B}:
NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{E1104477-D4C8-49B9-B44B-6B619F3AD74C}:
NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{597BFC1F-329F-4529-985E-403AE1ED04A8}:
NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{597BFC1F-329F-4529-985E-403AE1ED04A8}:
NameServer = 176.31.229.24,176.31.229.25
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files
(x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} -
C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll
C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program
Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems
Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner -
C:\Windows\System32\alg.exe (file missing)
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files
(x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files
(x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST
Software\Avast\AvastSvc.exe
O23 - Service: DCDhcpService - Atheros Communication Inc. - C:\Program
Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner -
C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner -
C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel
Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage
Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files
(x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner -
C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management
Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R)
Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files
(x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner -
C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown
owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files
(x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: Pos Service (PowerOffer Service) - PowerOfferService -
C:\Users\Ida\AppData\Local\PosService\Pos.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) -
Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program
Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown
owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony
Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner -
C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Serv Updater (ServUpdater) - ServiceUpd -
C:\Users\Ida\AppData\Local\ServUpdater\ServiceUpd.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. -
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program
Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner
- C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Software Upd (SoftwareUpd) - SoftwareUpdService -
C:\Users\Ida\AppData\Local\SoftwareUpdater\SoftwareUpdService.exe
O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program
Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program
Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation
- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment
Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner -
C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner -
C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files
(x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown
owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification
Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R)
Management Engine Components\UNS\UNS.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files
(x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown
owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation -
C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder
Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr)
- Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing
Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager
(VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network
Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony
Corporation - C:\Program Files\Common Files\Sony
Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO
Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner -
C:\Windows\System32\vds.exe (file missing)
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart
Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner -
C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update
Common\VUAgent.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown
owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown
owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) -
Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101
(WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media
Player\wmpnetwk.exe (file missing)
--
End of file - 19056 bytes |
|
|
|
|
| menatwork |
scarica
ToolBarSD e
salvalo sul Desktop
Doppio click sul file ToolBarSD.exe appena scaricato ( tasto destro sul file e
scegli l' opzione "Esegui come amministratore")
Verrà visualizzata la console con la scelta della lingua . Premi sulla tastiera
la lettera E e dai Invio. Avrai così selezionato la lingua
Inglese (l' Italiano non c' è).
Un messaggio ti chiederà la conferma per proseguire, clicca su OK
1 - Search : Ricerca l'infezione
2 - Fix : Elimina l'infezione
Q - Quit : Esce dal programma
premi il tasto 1 sulla tastiera e conferma la scelta dando Invio.
Partirà la ricerca dell' infezione riguardante i file delle Toolbar, le cartelle
e i servizi, l' elenco delle URL presenti in HKLM eHKCU\..\Internet
Explorer\Main, la lista delle estensioni (solo in Xp) e la ricerca di altre
eventuali infezioni.
Riceverai un messaggio quando la scansione sarà completata:
A questo punto si aprirà automaticamente il file di log TB.txt che è
stato salvato nel percorso C:\TB.txt.
Allegalo qui nel forum |
|
|
|
|
| the-wanted |
ciao,
il software che mi hai postato mi indica che funziona solo per windows vista ed
xp, io ho windows 7... |
|
|
|
|
| menatwork |
sono passati tre giorni dal tuo ultimo intervento, sai dirmi ora i problemi
che lamenti quali sono? |
|
|
|
|
| the-wanted |
scusa se non rispondo con molta frequenza ma non ho sempre modo di collegarmi...
continuo ad avere pagine internet che si aprono da sole all'improvviso |
|
|
|
|
| menatwork |
apri gli strumenti di internet explorer
apri il tabellino "privacy"
clicca sul pulsante "siti"
nella riga fai copia e incolla dell'indirizzo delle pagine pubblicitarie che si
aprono
poi clicca su "blocca"
Chiudi la finestra e rilancia internet explorer, riavvia il pc se richiesto. |
|
|
|
|
| the-wanted |
ma sono siti comuni che utilizzo normalmente come fnac, vivastreet, autoscout,
bakeca... poi di solito utilizzo google chrome, funziona ugualmente ciò? |
|
|
|
|
| the-wanted |
| ok, provo così |
|
|
|
|
Home
Registrati
Logout