Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

Assalito dai popup

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

Assalito dai popup

Messaggioda maxim1960 » mar apr 27, 2010 10:10 pm

Da qualche Giorno Il Mio PC e letteralmente assalito da fastidiosissimi pop-up (Benedetto Emule ...). Ho provato diverse Scansioni con vari antivirus e antimalware (Avira, Panda in linea, Spy Bot, Windows Defender) ma niente da tariffa. Cari Amici venire posso difendermi? Di Seguito Il log di HijackThis. Grazie uno Tutti

Logfile di Trend Micro HijackThis v2.0.2
Scansione salvato 22.38.24, su 27/04/2010
Piattaforma: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal

processi in esecuzione:
C: \ Windows \ system32 \ dwm.exe
C: \ Windows \ Explorer.EXE
C: \ Windows \ system32 \ taskeng.exe
C: \ Windows \ Xfyqea.exe
C: \ Windows \ system32 \ taskeng.exe
C: \ Programmi \ Sony \ VAIO Update 5 \ VAIOUpdt.exe
C: \ Programmi \ Sony \ VAIO SPMgr.exe Power Management \
C: \ Programmi \ Windows Defender \ msascui.exe
C: \ Programmi \ Synaptics \ \ SynTP \ Syntpenh.exe
C: \ Programmi \ Sony \ Utility ISBMgr.exe ISB \
C: \ Programmi \ \ Google Google Desktop GoogleDesktop.exe \ Search
C: \ Programmi \ Sony \ Strumenti di marketing \ MarketingTools.exe
C: \ Programmi \ File comuni \ Java \ jusched.exe Aggiornamento Java \
C: \ Program Files \ Avira \ AntiVir Desktop avgnt.exe \
C: \ Programmi \ ATI Technologies \ ATI.ACE \ MOM.exe \ Core-Static
C: \ Programmi \ \ Google Google Desktop GoogleDesktop.exe \ Search
C: \ Programmi \ Sony \ Utility LANUtil.exe Network \
C: \ Programmi \ Google \ GoogleToolbarNotifier \ GoogleToolbarNotifier.exe
C: \ Program Files \ Windows Live \ Messenger msnmsgr.exe \
C: \ Windows \ \ ehtray.exe ehome
C: \ Program Files \ Windows Media Player wmpnscfg.exe \
C: \ Programmi \ Spybot - Search & Destroy \ TeaTimer.exe
C: \ Windows \ \ ehmsas.exe ehome
C: \ Programmi \ ATI Technologies \ ATI.ACE \ CCC.exe \ Core-Static
C: \ Windows \ System32 mobsync.exe \
C: \ Windows \ system32 \ Macromed \ Flash \ FlashUtil10e.exe
C: \ Users \ pina \ Desktop \ HijackThis.exe

R1 - Software \ HKCU \ \ Microsoft \ Internet Explorer Main, Search Bar = Preserve
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://www.club-vaio.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - \ Software HKLM \ Search \ Microsoft \ Internet Explorer, SearchAssistant =
R0 - \ Software HKLM \ Search \ Microsoft \ Internet Explorer, CustomizeSearch =
R0 - \ Software HKCU \ Toolbar \ Microsoft \ Internet Explorer, LinksFolderName =
O1 - Hosts::: 1 localhost
O2 - BHO: SuggestMeYesBHO - (0FB6A909-6.086-458F-BD92-1F8EE10042A0) - C: \ Programmi \ AutocompletePro \ AutocompletePro.dll
O2 - BHO: AcroIEHelperStub - (18DF081C-E8AD-4.283-A596-FA578C2EBDC3) - C: \ Programmi \ File comuni \ Adobe \ Acrobat \ ActiveX \ AcroIEHelperShim.dll
O2 - BHO: Spybot-S & D di protezione di IE - (53707962-6F74-2D53-2644-206D7942484F) - C: \ progra ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O2 - BHO: (no name) - (5C255C8A-E604-49b4-9D64-90988571CECB) - (no file)
O2 - BHO: Helper ricerca - (6EBF7485-159F-4bff-A14F-B9E3AAC4465B) - C: \ Programmi \ Microsoft \ Enhancement Pack Search \ Helper SEPsearchhelperie.dll Search \
O2 - BHO: Guida per l'acces un Windows Live - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Programmi \ File comuni \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8.333-CF10577473F7) - C: \ Programmi \ Google \ Google Toolbar \ GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4.638-B6FA-CE66B5AD205D) - C: \ Programmi \ Google \ GoogleToolbarNotifier \ 5.5.4723.1820 \ swg.dll
O2 - BHO: Indirizzo Error Redirector Browser - (CA6319C0-31B7-401E-A518-A07C3DB8F777) - C: \ progra ~ 1 \ GOOGLE ~ 1 \ BAE.dll
O2 - BHO: Java (tm) Plug-In 2 SSV Helper - (DBC80044-A445-435B-BC74-9C25C1C588A9) - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll
O2 - BHO: Google Gears Helper - (E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53) - C: \ Programmi \ Google \ Google Gears \ Internet Explorer \ 0.5.36.0 \ gears.dll
O2 - BHO: Windows Live Toolbar Helper - (E15A8DC0-8.516-42A1-81EA-DC94EC1ACF10) - C: \ Program Files \ Windows Live \ Toolbar wltcore.dll \
O3 - Toolbar: & Windows Live Toolbar - (21FA44EF-376D-4D53-9B0F-8A89D3229068) - C: \ Program Files \ Windows Live \ Toolbar \ wltcore.dll
O3 - Toolbar: (no name) - (CCC7A320-B3CA-4.199-B1A6-9F516DD69829) - (no file)
O3 - Toolbar: Google Toolbar - (2318C2B1-4.965-11D4-9B18-009027A5CD4F) - C: \ Programmi \ Google \ Google Toolbar \ GoogleToolbar_32.dll
O4 - HKLM \ .. \ Run: [Windows Defender]% ProgramFiles% \ Windows Defender \ msascui.exe-hide
O4 - HKLM \ .. \ Run: [RtHDVCpl.exe] RtHDVCpl
O4 - HKLM \ .. Run \: [] SynTPEnh C: \ Programmi \ Synaptics \ \ SynTP \ Syntpenh.exe
O4 - HKLM \ .. Run \: [] ISBMgr.exe "C: \ Programmi \ Sony \ Utility ISB \ ISBMgr.exe"
O4 - HKLM \ .. \ Run: [Google Desktop Search] "C: \ Programmi \ Google \ Google Desktop Search \ GoogleDesktop.exe" / startup
O4 - HKLM \ .. Run \: [] MarketingTools C: \ Programmi \ Sony \ Strumenti di marketing \ MarketingTools.exe
O4 - HKLM \ .. \ Run: [Google Quick Search Box] "C: \ Programmi \ Google \ Casella di ricerca rapida \ GoogleQuickSearchBox.exe" / autorun
O4 - HKLM \ .. \ Run: [Skytel] Skytel.exe
O4 - HKLM \ .. Run \: [] StartCCC "C: \ Programmi \ ATI Technologies \ ATI.ACE" MSRun \ CLIStart.exe Core-Static \
O4 - HKLM \ .. \ Run: [ccApp] "C: \ Programmi \ File comuni \ Java \ Java Update \ jusched.exe"
O4 - HKLM \ .. \ Run:] avgnt ["C: \ Program Files \ Avira \ AntiVir Desktop avgnt.exe \" / min
O4 - HKLM \ .. Run \: Adobe Reader [] Speed Launcher "C: \ Programmi \ Adobe \ Reader 9.0 \ Reader Reader_sl.exe \"
O4 - HKLM \ .. Run \: [] ARM Adobe "C: \ Programmi \ File comuni \ Adobe \ ARM \ 1.0 AdobeARM.exe \"
O4 - HKCU \ .. \ Run: [WindowsWelcomeCenter oobefldr.dll] rundll32.exe, ShowWelcomeCenter
O4 - HKCU \ .. Run \: [NSUFloatingUI] "C: \ Programmi \ Sony \ Utility Network \ LANUtil.exe"
O4 - HKCU \ .. Run \: [] SWG "C: \ Programmi \ Google \ GoogleToolbarNotifier \ GoogleToolbarNotifier.exe"
O4 - HKCU \ .. \ Run:] msnmsgr ["C: \ Program Files \ Windows Live Messenger msnmsgr.exe \ \" / background
O4 - HKCU \ .. \ Run: [ehTray.exe] C: \ Windows \ \ ehTray.exe ehome
O4 - HKCU \ .. Run \: [] WMPNSCFG C: \ Programmi \ Windows Media Player \ wmpnscfg.exe
O4 - HKCU \ .. Run \: [] TeaTimer spybotsd C: \ Programmi \ Spybot - Search & Destroy \ TeaTimer.exe
O4 - HKCU \ .. \ RunOnce: [Shockwave Updater] C: \ Windows \ System32 \ Adobe \ SHOCKW ~ 1 \ ~ SWHELP 1.EXE-Update -1.103.472 - "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0; GTB6.4; SLCC1;. NET CLR 2.0.50727; Media Center PC 5.0;. NET CLR 3.5.30729; InfoPath.2; OfficeLiveConnector.1.3; OfficeLivePatch.0.0;. NET CLR 3.0.30729) "- "http://king.it.msn.com/play.jsp?tournamentId=6899"
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User 'SERVIZIO LOCALE')
O4 - HKUS \ S-1-5-19 \ .. \ Run: [WindowsWelcomeCenter oobefldr.dll] rundll32.exe, ShowWelcomeCenter (User 'SERVIZIO LOCALE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User 'SERVIZIO DI RETE')
O8 - elemento di contesto extra menu: Add to Google Photos Screensa & ver - res: / / C: \ Windows \ system32 \ GPhotos.scr/200
O8 - elemento di contesto extra menu: Google Sidewiki ... - Res: / / C: \ Programmi \ Google \ Google Toolbar Component \ GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html \
O9 - Pulsante extra: (no name) - (09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5) - C: \ Programmi \ Google \ Google Gears \ Internet Explorer \ 0.5.36.0 \ gears.dll
O9 - Extra 'Tools' menuitem: & Impostazioni di Google Gears - (09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5) - C: \ Programmi \ Google \ Google Gears \ Internet Explorer \ 0.5.36.0 \ gears.dll
O9 - Pulsante extra: blog Inserisci - (219C3416-8CB2-491a-A3C7-D9FCDDC9D600) - C: \ Program Files \ Windows Live \ Writer \ WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci & Blog di Windows Live Writer - (219C3416-8CB2-491a-A3C7-D9FCDDC9D600) - C: \ Program Files \ Windows Live \ Writer \ WriterBrowserExtension.dll
O9 - Pulsante extra: (no name) - (85d1f590-48f4-11d9-9.669-0800200c9a66) - C: \ Windows bdoscandel.exe \
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - (85d1f590-48f4-11d9-9.669-0800200c9a66) - C: \ Windows bdoscandel.exe \
O9 - Pulsante extra: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 2 \ Office12 \ REFIEBAR.DLL
O9 - Pulsante extra: (no name) - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll
Ø13 - Gopher Prefix:
O15 - Trusted IP range: http://192.168.1.1
O15 - Trusted ESC range IP: http://192.168.1.1
O16 - DPF: (3860DD98-0549-4D50-AA72-5D17D200EE10) (Windows Live OneCare Safety scanner di controllo) - http://cdn.scan.onecare.live.com/resour ... /wlscctrl2. cabina
O16 - DPF: (5D86DDB5-BDF9-441b-9E9E-D4730F4EE499) (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: (C3F79A2B-B9B4-4A66-B012-3EE46475B072) (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ .. \ (8DF1EFB5-1215-4C4D-A7A0-29359A24222B): NameServer = 192.168.1.1
O18 - Protocol: skyline - (3A4F9195-65A8-11d5-85C1-0001023952C1) - (no file)
O18 - Protocol: skype4com - (FFC8B962-9B40-4DFF-9.458-1830C7DD7F5D) - C: \ PROGRA ~ 1 \ COMMON ~ 1 \ Skype \ SKYPE4 ~ 1.dll
Ø20 - AppInit_DLLs: C: \ progra ~ 1 \ \ Google GOOGLE ~ 1 \ GOEC62 ~ 1.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C: \ Program Files \ Avira \ AntiVir Desktop sched.exe \
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C: \ Program Files \ Avira \ AntiVir Desktop avguard.exe \
O23 - Service: Ati esterno Event Utility - ATI Technologies Inc. - C: \ Windows \ system32 \ Ati2evxx.exe
Servizio O23 -: Intel (R) PROSet / Wireless Event Log (EvtEng) - Intel (R) Corporation - C: \ Programmi \ Intel \ WiFi \ bin \ EvtEng.exe
O23 - Service: getPlus (R) Helper - NOS Microsystems Ltd. - C: \ Program Files \ NOS \ bin \ getPlus_HelperSvc.exe
Servizio O23 -: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110.309-193.829) - Google - C: \ Programmi \ \ Google Google Desktop GoogleDesktop.exe \ Search
O23 - Service: Google Update Service (gupdate1c9a35ea15716de) (gupdate1c9a35ea15716de) - Google Inc. - C: \ Programmi \ Google \ Update \ GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C: \ Programmi \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: IviRegMgr - InterVideo - C: \ Programmi \ File comuni \ InterVideo \ RegMgr iviRegMgr.exe \
O23 - Service: MSCSPTISRV - proprietario Sconosciuto - c: \ Programmi \ File comuni \ Sony Shared \ AVLib \ MSCSPTISRV.exe (file missing)
Servizio O23 -: NSUService - Sony Corporation - C: \ Programmi \ Sony \ Utility NSUService.exe Network \
Servizio O23 -: PACSPTISVR - Sony Corporation - C: \ Programmi \ File comuni \ Sony Shared \ PACSPTISVR.exe \ AVLib
Servizio O23 -: Intel (R) PROSet / Wireless Service Registry (RegSrvc) - Intel (R) Corporation - C: \ Programmi \ File comuni \ Intel RegSrvc.exe \ \ WirelessCommon
Servizio O23 -: Service Audio Realtek (RtkAudioService) - Realtek Semiconductor - C: \ Windows RtkAudioService.exe \
Servizio O23 -: SBSD Centro Servizi di sicurezza (SBSDWSCService) - Safer Networking Ltd. - C: \ Programmi \ Spybot - Search & Destroy \ SDWinSec.exe
Servizio O23 -: ServiceLayer - Nokia - C: \ Programmi \ PC Connectivity Solution ServiceLayer.exe \
O23 - Service: VAIO Media Plus Content Importer (SOHCImp) - Sony Corporation - C: \ Program Files \ Sony \ VAIO Media plus \ SOHCImp.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C: \ Program Files \ Sony \ VAIO Media plus \ SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C: \ Program Files \ Sony \ VAIO Media plus \ SOHDs.exe
O23 - Service: Sony SPTI Service (SPTISRV) - proprietario Unknown - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ SPTISRV.exe (file missing)
Servizio O23 -: VAIO TV Mobile Device Service compromissoria - Sony Corporation - C: \ Programmi \ File comuni \ Sony Shared \ VAIO Entertainment Platform \ VzHardwareResourceManager \ VzHardwareResourceManager \ VzHardwareResourceManager.exe
Servizio O23 -: Service Event VAIO - Sony Corporation - C: \ Programmi \ Sony \ VESMgr.exe VAIO Event Service \
Servizio O23 -: VAIO Power Management - Sony Corporation - C: \ Programmi \ Sony \ VAIO SPMService.exe Power Management \
Servizio O23 -: VAIO Watcher cartella di contenuto (VCFw) - Sony Corporation - C: \ Programmi \ File comuni \ Sony Shared \ Content VAIO VCFw.exe Watcher Folder \
Servizio O23 -: VAIO Intelligent Content Metadata Manager analisi (VcmIAlzMgr) - Sony Corporation - C: \ Programmi \ Sony \ VCM \ Intelligent Manager Analisi VcmIAlzMgr.exe
Servizio O23 -: metadati di contenuti VAIO interfaccia XML (VcmXmlIfHelper) - Sony Corporation - C: \ Programmi \ File comuni \ Sony Shared \ VcmXmlIfHelper.exe \ VcmXml
Servizio O23 -: UPnP adattatore VAIO Entertainment Client (Vcsw) - Sony Corporation - C: \ Programmi \ File comuni \ Sony Shared \ VAIO \ Platform Entertainment VCSW \ VCSW.exe
Servizio O23 -: VUAgent - Sony Corporation - C: \ Programmi \ Sony \ VAIO Update 5 \ VUAgent.exe
Servizio O23 -: VAIO Service Database Entertainment (VzCdbSvc) - Sony Corporation - C: \ Programmi \ File comuni \ Sony Shared \ Entertainment \ VAIO Platform VzCdb \ VzCdbSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C: \ Windows \ system32 \ DRIVERS \ xaudio.exe

-
Fine del file - 13.276 bytes
Avatar utente
maxim1960
Neo Iscritto
Neo Iscritto
 
Messaggi: 3
Iscritto il: mar apr 27, 2010 9:44 pm

Re: Assalito dai popup

Messaggioda crazy.cat » mer apr 28, 2010 7:11 am

File strani o sospetti.
C: \ Windows \ Xfyqea.exe (fai analizzare questo file sul sito www.virustotal.com)
C: \ Programmi \ Sony \ Strumenti di marketing \ MarketingTools.exe (è qualcosa di utile???)
O2 - BHO: SuggestMeYesBHO - (0FB6A909-6.086-458F-BD92-1F8EE10042A0) - C: \ Programmi \ AutocompletePro \ AutocompletePro.dll (fai analizzare questo file sul sito www.virustotal.com)

Butta via windows defender tanto non serve e usa malwarebytes o superantispyware per una scansione completa del tuo pc.
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre

Re: Assalito dai popup

Messaggioda maxim1960 » gio apr 29, 2010 9:01 pm

Grazie. Ho installato Malwarebytes e la scansione ha rilevato diversi Adware, ora il sistema è pulito e non mi arriva nessuna pubblicità indesiderata. Ancora grazie e ciao!
Avatar utente
maxim1960
Neo Iscritto
Neo Iscritto
 
Messaggi: 3
Iscritto il: mar apr 27, 2010 9:44 pm


Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 4 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising