Gabriele94 Posted November 21, 2011 Share Posted November 21, 2011 salve da oggi ho notato che se apro alcuni siti tipo samsung , siti in generale firefox mi indirrizza su questo sito Vuwl Web Directory ho proato con IE ma niente.. una pulita con quick care avira boh! cosa è? Ps a volte scompare e ricomporae il desktop, si è aperto un programma da solo il volume di alza da solo!! è impossessato!! aiutoo ora mentre stavo scrivendo il problema emetteva dei suoni dalle casse tipo bepp passando il mouse ra le scritte del sito! Quote Link to comment Share on other sites More sharing options...
tom1 Posted November 21, 2011 Share Posted November 21, 2011 fai una scansione con avira , sicuramente un virus o malware Quote Link to comment Share on other sites More sharing options...
Gabriele94 Posted November 21, 2011 Author Share Posted November 21, 2011 la sta facendo Quote Link to comment Share on other sites More sharing options...
tom1 Posted November 21, 2011 Share Posted November 21, 2011 ma non capisco perchè usare ancora IE che è un browser alquanto vulnerabile sopratutto se non aggiornato Quote Link to comment Share on other sites More sharing options...
Gabriele94 Posted November 21, 2011 Author Share Posted November 21, 2011 ehi Tom uso firefox da una vita, ho solo provato a usare ie x vedere un po.. ma nn lo considero mai ha ftt la scansione.. ti faccio sapere se lo rifà Quote Link to comment Share on other sites More sharing options...
tom1 Posted November 21, 2011 Share Posted November 21, 2011 ok Quote Link to comment Share on other sites More sharing options...
Gabriele94 Posted November 21, 2011 Author Share Posted November 21, 2011 nnt il fatto del explorer.exe lo fa e poi sta un processo k si kiama wins.exe k usa quasi tutta la cpu se lo termino si riattiva.... il ftt del sito non lo so ma mi sai dire k sito è quello k mi indirizza! Quote Link to comment Share on other sites More sharing options...
tom1 Posted November 21, 2011 Share Posted November 21, 2011 hai qualche toolbar? inoltre parla con un linguaggio lineare e non stile messaggi Quote Link to comment Share on other sites More sharing options...
Gabriele94 Posted November 21, 2011 Author Share Posted November 21, 2011 scusa è l'abitudine nessuna toolbar Quote Link to comment Share on other sites More sharing options...
tom1 Posted November 21, 2011 Share Posted November 21, 2011 senno gli altri non capiscono Quote Link to comment Share on other sites More sharing options...
Le085 Posted November 21, 2011 Share Posted November 21, 2011 Fai una scansione con hijackthis e postaci il log Inviato dal mio GT-I9000 usando Tapatalk Quote Link to comment Share on other sites More sharing options...
Gabriele94 Posted November 22, 2011 Author Share Posted November 22, 2011 sto provando ad aprire tanti link x il downaload mentre carica il sito cambiano tanti siti nell'URL, e alla fine mi indirizza sempre a quel sito.. altri link sempre dell'antivirus, mi indirizza su siti porno ! Edit dopo tentavivi ho trovato il sito che si apre 2edit sto scansionando Quote Link to comment Share on other sites More sharing options...
Gabriele94 Posted November 22, 2011 Author Share Posted November 22, 2011 Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:21:28, on 22/11/2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:Windowssystem32 askhost.exe C:Windowssystem32Dwm.exe C:UsersgabrieleAppDataRoaming942CA11CF8.exe C:Program FilesRealtekAudioHDARtHDVCpl.exe C:Program FilesHDD RegeneratorHDD Regenerator.exe C:Program FilesAviraAntiVir Desktopavgnt.exe C:Program FilesLPF8D9583.exe C:Program FilesiZ3D DriverControl center.exe C:Program Files3 Internet3 Internet.exe C:Program FilesCAD3Elvvm.exe C:Windowsexplorer.exe C:Program FilesATI TechnologiesATI.ACECore-StaticMOM.exe C:Program FilesATI TechnologiesATI.ACECore-StaticCCC.exe C:Program FilesMozilla Firefoxfirefox.exe C:Program FilesMozilla Firefoxplugin-container.exe C:Windowssystem32SearchFilterHost.exe C:Program FilesTrend MicroHiJackThisHiJackThis.exe R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = Bing R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = Ti diamo il benvenuto su Facebook: accedi, iscriviti o scopri maggiori informazioni R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = Messenger, Hotmail, MSN, Windows Live: benvenuti su MSN.it R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = Bing R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = Bing R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = Messenger, Hotmail, MSN, Windows Live: benvenuti su MSN.it R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch = R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = http=127.0.0.1:52545 R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file) O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - (no file) O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {7E0506DF-2C88-19C8-4CB0-04900AA3772A} - C:Windowssystem32lbrres.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:PROGRA~1MICROS~2Office14URLREDIR.DLL O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:Program FilesDAEMON Tools ToolbarDTToolbar.dll O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file) O4 - HKLM..Run: [RTHDVCPL] C:Program FilesRealtekAudioHDARtHDVCpl.exe -s O4 - HKLM..Run: [HDD Regenerator] C:Program FilesHDD RegeneratorHDD Regenerator.exe O4 - HKLM..Run: [avgnt] "C:Program FilesAviraAntiVir Desktopavgnt.exe" /min O4 - HKLM..Run: [583.exe] C:Program FilesLPF8D9583.exe O4 - HKLM..Run: [startCCC] "C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe" MSRun O4 - HKCU..Run: [Control center.exe] C:Program FilesiZ3D DriverControl center.exe /silent O4 - HKCU..Run: [Mobile Partner] "C:Program Files3 Internet3 Internet.exe" O4 - HKUSS-1-5-19..Run: [sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun (User 'SERVIZIO LOCALE') O4 - HKUSS-1-5-19..RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe (User 'SERVIZIO LOCALE') O4 - HKUSS-1-5-20..Run: [sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun (User 'SERVIZIO DI RETE') O4 - HKUSS-1-5-20..RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe (User 'SERVIZIO DI RETE') O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:PROGRA~1MICROS~2Office14EXCEL.EXE/3000 O17 - HKLMSystemCCSServicesTcpip..{330AEA00-0629-4365-B2E6-5696B67C0202}: NameServer = 62.13.173.92 62.13.173.93 O17 - HKLMSystemCCSServicesTcpip..{E1C5B3C9-2E69-472A-81EC-F7EA9D895329}: NameServer = 62.13.173.92 62.13.173.93 O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:Program FilesCommon FilesMicrosoft SharedOFFICE14MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:Program FilesCommon FilesAdobeARM1.0armsvc.exe O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:Program FilesIObitAdvanced SystemCare 4ASCService.exe O23 - Service: AMD External Events Utility - AMD - C:Windowssystem32atiesrxx.exe O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:Program FilesAviraAntiVir Desktopsched.exe O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:Program FilesAviraAntiVir Desktopavguard.exe O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:Program FilesGoogleUpdateGoogleUpdate.exe O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:Program FilesGoogleUpdateGoogleUpdate.exe O23 - Service: My Web Search Service (MyWebSearchService) - Unknown owner - C:PROGRA~1MYWEBS~1ar1.binmwssvc.exe (file missing) O23 - Service: S3D Service (Win32) (S3DSvc32) - iZ3D Inc. - C:Program FilesiZ3D DriverWin32S3DCService.exe O23 - Service: Steam Client Service - Valve Corporation - C:Program FilesCommon FilesSteamSteamService.exe O23 - Service: Service Watcher (SvcWatch) - Unknown owner - C:Windowssystem32SvcWatch.exe O23 - Service: Windows Internet Name Service - Unknown owner - C:Windowssystem32configsystemprofileAppDataLocalWindows Internet Name Servicewins.exe -- End of file - 5903 bytes Quote Link to comment Share on other sites More sharing options...
Le085 Posted November 22, 2011 Share Posted November 22, 2011 Ora se incolli il log qui: HijackThis Logfileauswertung Ti dice cosa c'è che non va appunto c'è una specie di toolbar che fa casini: my WebSearchService Quote Link to comment Share on other sites More sharing options...
tom1 Posted November 22, 2011 Share Posted November 22, 2011 ma si leo sicuro è la toolbar è sempre il classico sintomo Quote Link to comment Share on other sites More sharing options...
principe andry Posted November 22, 2011 Share Posted November 22, 2011 Hai cancellato le voci rilevate da Avira? Hai fatto una scansione con un antispyware? Se non ce l'hai usa Malwarebytes. Aggiornalo e fai una scansione eliminando tutto quello che trova. Ti metto il link al download immediato così non dovresti avere problemi -> click Dopo questo, riposta il log di hijackthis. Sposto in problemi di software. ciao Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.