Ciao a tutti .
Qualcuno sa dirmi come posso eliminara questo fastidioso va' e vieni di IP ? Il malwarabytes fa il suo lavoro ma per escluderlo totalmente ? grazie per ogni risposta.
Ciao a tutti .
Qualcuno sa dirmi come posso eliminara questo fastidioso va' e vieni di IP ? Il malwarabytes fa il suo lavoro ma per escluderlo totalmente ? grazie per ogni risposta.
Sicuro di non avere qualche virus/malware... sul computer? Hai verificato la sorgente/processo?
Ho letto vari rapporti di malwarebytes facendo così svariate scansioni sia con avg e con malwarebytes ma non trovano niente... Anzi metre ti scrivo malwarebytes ha bloccato un ip - 2014/03/12 21:47:17 +0100 ADMINISTRATOR Administrator IP-BLOCK 89.28.92.248 (Type: outgoing, Port: 38010, Process: utorrent.exe) -.
immagino che tu abbia utorrent attivo e che tu stia scaricando. Non so cosa, ma probabilmente sono le fonti del client P2P che ti danno questi problemi
Ho fatto tutto quello che Habanero mi ha descritto nel " Eliminazione HOME PAGE redirezionate, POP-UP, SPYWARE, TROJAN, DIALER, VIRUS " ma quando mi collego con utorrent malwarebytes mi avverte : IP-BLOCK 89.28.92.248 (Type: outgoing, Port: 38010, Process: utorrent.exe). Inoltre malwarebytes è nella versione completa. Comunque questi sono i risultati di HijackThis se qulcuno trova anomalie gli chiedo gentilmente di farmelo sapere . Grazie a tutti.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:42:41, on 18/03/2014
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware
\mbamgui.exe
C:\Program Files (x86)\LSM\lsm.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage
Technology\IAStorIcon.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer
\Main,Default_Page_URL = http://www.google.it
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start
Page = https://www.google.it/?
gfe_rd=ctrl&ei=KCkiU67KB6ne8geq2IG4CA&gws_rd=cr
R1 - HKLM\Software\Microsoft\Internet Explorer
\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?
LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer
\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?
LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search
Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start
Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer
\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer
\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local
Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer
\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-
CF10577473F7} - C:\Program Files (x86)\Google\Google
Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-
009027A5CD4F} - C:\Program Files (x86)\Google\Google
Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-
0333ea26e113} - (no file)
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel
\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG
\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common
Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files
(x86)\Winamp\winampa.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows
Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows
Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows
\System32\mctadmin.exe (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows
Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows
\System32\mctadmin.exe (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [RocketDock] "C:\Program Files
\RocketDock\RocketDock.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [RocketDock] "C:\Program Files
\RocketDock\RocketDock.exe" (User 'Default user')
O4 - Startup: lollipop.lnk = Administrator\AppData\Local
\Lollipop\Lollipop.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated
graphics
O13 - Gopher Prefix:
O23 - Service: Adobe Acrobat Update Service
(AdobeARMservice) - Adobe Systems Incorporated - C:\Program
Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service
(AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated -
C:\Windows\SysWOW64\Macromed\Flash
\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) -
Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Auto Update Service (AUS) - MS - C:\Program
Files (x86)\LSM\aus.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ,
s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. -
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ,
s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS)
- Unknown owner - C:\Windows\System32\lsass.exe (file
missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax)
- Unknown owner - C:\Windows\system32\fxssvc.exe (file
missing)
O23 - Service: Servizio Google Update (gupdate) (gupdate) -
Google Inc. - C:\Program Files (x86)\Google\Update
\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem)
- Google Inc. - C:\Program Files (x86)\Google\Update
\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google -
C:\Program Files (x86)\Google\Common\Google Updater
\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology
(IAStorDataMgrSvc) - Intel Corporation - C:\Program Files
(x86)\Intel\Intel(R) Rapid Storage Technology
\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%
\system32\ieetwcollectorres.dll,-1000
(IEEtwCollectorService) - Unknown owner - C:\Windows
\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner -
C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Log Session Manager (Log S.M.) - MS - C:
\Program Files (x86)\LSM\lsm.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation -
C:\Program Files (x86)\Malwarebytes' Anti-Malware
\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:
\Program Files (x86)\Malwarebytes' Anti-Malware
\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner -
C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102
(Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
(file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) -
Unknown owner - C:\Windows\system32\nvvsvc.exe (file
missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300
(ProtectedStorage) - Unknown owner - C:\Windows
\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2
(RpcLocator) - Unknown owner - C:\Windows
\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs)
- Unknown owner - C:\Windows\system32\lsass.exe (file
missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3
(SNMPTRAP) - Unknown owner - C:\Windows
\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1
(Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
(file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101
(sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe
(file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101
(UI0Detect) - Unknown owner - C:\Windows
\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003
(VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe
(file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) -
Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) -
Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601
(WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat
\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104
(wbengine) - Unknown owner - C:\Windows
\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110
(wmiApSrv) - Unknown owner - C:\Windows\system32\wbem
\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player
\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:
\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file
missing)
--
End of file - 7772 bytes
Siccome stai scrivendo anche qui http://forum.html.it/forum/showthrea...readid=2905965
Chiudo questa discussione in quanto doppione. Continua nella sezione sicurezza
Permessi di invio
