Valutazione 4.87/ 5 (100.00%) 5838 voti

Condividi:        

Spyware che non va via

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: kadosh, Luke57

Spyware che non va via

Postdi libelloso » 25/12/13 19:14

Ciao e tutti ho un problema penso con uno spyware,durante la navigazione nei siti sono pieno di pubblicità e inoltre quando clicco per andare su un sito mi manda da tutt'altra parte,ho fatto scansioni con ogni anti spyware disponibile ma non ho risolto nulla,come devo fare?Grazie.
libelloso
Newbie
 
Post: 4
Iscritto il: 25/12/13 16:12

Sponsor
 

Re: Spyware che non va via

Postdi shel » 25/12/13 20:25

ciao fai subito una scansione con adwcleaner
Chiudi tutti i browser (è importante che siano chiusi: IE,Firefox, Chrome ecc...)
Clicca sul pulsante "Scan".
Finita la scansione clicca su "Clean"
Conferma con OK le varie finestre che ti compariranno.
Il pc si riavvierà, e uscirà il log con le eliminazioni.
Postalo qui.


scarica Junkware Removal Tool
clicca sull'icona di JRT e attendi pazientemente la fine della scansione
Una volta terminata dovrebbe aprirsi il log sul desktop come JRT.txt


allega i due log
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: Spyware che non va via

Postdi libelloso » 25/12/13 21:26

# AdwCleaner v3.016 - Report created 25/12/2013 at 21:15:09
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : roby - ROBY-PC
# Running from : C:\Users\roby\Downloads\adwcleaner(1).exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\roby\AppData\Local\Max Secure Software
Folder Deleted : C:\Users\roby\AppData\Roaming\dvdvideosoftiehelpers
Folder Deleted : C:\Users\roby\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
File Deleted : C:\Users\roby\AppData\Roaming\Mozilla\Firefox\Profiles\2krijrkd.default-1385243451920\searchplugins\iminent.xml
File Deleted : C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\78r1jf5h.default\searchplugins\Mysearchdial.xml
File Deleted : C:\Users\roby\AppData\Roaming\Mozilla\Firefox\Profiles\2krijrkd.default-1385243451920\user.js
File Deleted : C:\Users\roby\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage
File Deleted : C:\Users\roby\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Classes\Iminent
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422592218}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466596618}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422592218}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D0EC4142-5808-41D2-A4DC-6081CF1A9693}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466596618}
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BuzzSearch

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16750


-\\ Mozilla Firefox v26.0 (it)

[ File : C:\Users\roby\AppData\Roaming\Mozilla\Firefox\Profiles\2krijrkd.default-1385243451920\prefs.js ]

Line Deleted : user_pref("extensions.crossrider.bic", "142a85252bcd4435e0365fac8505447d");
Line Deleted : user_pref("extensions.iminent.admin", false);
Line Deleted : user_pref("extensions.iminent.aflt", "orgnl");
Line Deleted : user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}");
Line Deleted : user_pref("extensions.iminent.autoRvrt", "false");
Line Deleted : user_pref("extensions.iminent.dfltLng", "");
Line Deleted : user_pref("extensions.iminent.excTlbr", false);
Line Deleted : user_pref("extensions.iminent.ffxUnstlRst", false);
Line Deleted : user_pref("extensions.iminent.id", "523be38200000000000062e400bcc192");
Line Deleted : user_pref("extensions.iminent.instlDay", "16039");
Line Deleted : user_pref("extensions.iminent.instlRef", "");
Line Deleted : user_pref("extensions.iminent.newTab", false);
Line Deleted : user_pref("extensions.iminent.prdct", "iminent");
Line Deleted : user_pref("extensions.iminent.prtnrId", "iminent");
Line Deleted : user_pref("extensions.iminent.rvrt", "false");
Line Deleted : user_pref("extensions.iminent.smplGrp", "none");
Line Deleted : user_pref("extensions.iminent.tlbrId", "base");
Line Deleted : user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://start.iminent.com/?ref=toolbarm#q=");
Line Deleted : user_pref("extensions.iminent.vrsn", "1.8.26.8");
Line Deleted : user_pref("extensions.iminent.vrsnTs", "1.8.26.810:23:42");
Line Deleted : user_pref("extensions.iminent.vrsni", "1.8.26.8");
Line Deleted : user_pref("iminent.LayoutId", "28");
Line Deleted : user_pref("iminent.ShowThankyouPixel", "0");
Line Deleted : user_pref("iminent.adapters", "{\"64\":{\"CountryCode\":\"IT\",\"NoAds\":false,\"Status\":2,\"expireTime\":\"1385805253404259200\"},\"iminent\":{\"CountryCode\":\"IT\",\"NoAds\":false,\"Status\":1,\"e[...]
Line Deleted : user_pref("iminent.enabledAds", "false");
Line Deleted : user_pref("iminent.registerToolbarEvent102", "1385803764843");
Line Deleted : user_pref("iminent.registerToolbarEvent109", "1385803930969");
Line Deleted : user_pref("iminent.registerToolbarEvent110", "1385806267698");
Line Deleted : user_pref("iminent.registerToolbarEvent111", "1385803930978");
Line Deleted : user_pref("iminent.registerToolbarEvent112", "1385803931215");
Line Deleted : user_pref("iminent.registerToolbarEvent122", "1385803930986");
Line Deleted : user_pref("iminent.registerToolbarEvent140", "1385804975520");
Line Deleted : user_pref("iminent.version", "7.48.1.1");
Line Deleted : user_pref("iminent.versioning", "{\"CurrentVersion\":\"7.48.1.1\",\"InstallEventCTime\":1385832722493,\"InstallEvent\":\"True\"}");

[ File : C:\Users\Giulio\AppData\Roaming\Mozilla\Firefox\Profiles\78r1jf5h.default\prefs.js ]

Line Deleted : user_pref("extensions.crossrider.bic", "142bc53b35734bab10b5d83f23e1fdf0");

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\roby\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Giulio\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [34603 octets] - [19/09/2013 21:01:42]
AdwCleaner[R1].txt - [14466 octets] - [23/11/2013 15:13:34]
AdwCleaner[R2].txt - [36819 octets] - [24/12/2013 18:11:33]
AdwCleaner[R3].txt - [6339 octets] - [25/12/2013 21:13:00]
AdwCleaner[S0].txt - [33762 octets] - [19/09/2013 21:03:06]
AdwCleaner[S1].txt - [13567 octets] - [23/11/2013 15:15:04]
AdwCleaner[S2].txt - [6262 octets] - [25/12/2013 21:15:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [6322 octets] ##########
libelloso
Newbie
 
Post: 4
Iscritto il: 25/12/13 16:12

Re: Spyware che non va via

Postdi shel » 25/12/13 22:07

devi eseguire anche l'altra scansione
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: Spyware che non va via

Postdi libelloso » 25/12/13 22:17

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by roby on 25/12/2013 at 21:27:10,99
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smarttweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\adawarebp
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-45089853-1344346505-2625668054-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\eb525538db364ce4495200ecda84942c
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\eb525538db364ce4495200ecda84942c



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\bearshare applications"
Successfully deleted: [Folder] "C:\Program Files (x86)\smarttweak"
Successfully deleted: [Folder] "C:\Users\roby\AppData\Roaming\microsoft\windows\start menu\programs\smarttweak software"
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{07A7F60E-9169-4A3B-B635-8538BCA64E08}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{0E6C54CD-A8EF-43CD-B61A-5701AFCF4CBE}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{102D168D-181D-4CDC-9918-50F236FF0F13}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{11A3C0E5-E2D2-4961-8785-E53A0D447191}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{1946607B-D7CF-4A1F-AB0E-B48A920B259A}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{1A464402-2B28-495A-8434-9A2209E96872}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{1B6D5F8B-382D-4F58-952B-33D8C754D55B}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{23764337-E159-4D39-9147-69CF5A048AB5}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{26B35EB7-7C4A-4C92-B8D5-9DF57AE4C010}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{270BA94F-BC77-4492-ABDE-C429954EA212}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{2C9A5668-F4E7-46E7-8C97-008F0BEF797D}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{2D40BE9B-0C88-40DD-A310-C193BEDE2315}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{2DFB1CF2-DACB-46A2-900B-EF9AA9A38852}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{2E796FD7-72AC-496C-B668-A23396D713F1}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{38A93073-1A54-406A-8BD9-76F4EC00C72E}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{3ECC58D0-1B11-4B00-BFBE-749F7FE277E8}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{4079B180-B573-4CCE-9C9C-EF932A1630A8}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{43A7B55E-DCCE-4A67-B38E-38C9F34F19E3}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{5676FF1F-6F35-4E18-87CC-F2DB27BF7E8C}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{5C2586B3-B182-4EAC-B857-32213A63E4F9}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{5C3505E7-A5EC-478A-B198-4CDDA393070B}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{688C8D21-B361-4BFB-892E-B12F701EA2DB}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{6990AB15-D136-4ACE-9092-DB633E2E848B}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{6B82C732-1FBF-4EE9-AC68-0F4CA7E6E338}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{6D2DAB22-AB5D-481F-BE2C-FD9978FF30E0}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{703E7FD6-8364-40D2-85B6-F562D745D744}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{704E60C4-E428-414A-B77A-81A4353C33A4}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{70A7AEE2-6AB7-4C5E-9CC7-6339A02F2A08}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{754589FE-2AA5-46F3-8F26-D4F81577A2A7}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{77F0C1B4-4693-4F8C-93EE-658E60B93162}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{7D20E812-DC67-4624-811B-3BB3956897EF}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{8333AE5E-90E2-4D46-9A14-94EC5AAC4697}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{89C91CBE-F65F-4F4F-B53D-14A1F335EBE9}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{8E25D823-3AF4-4092-BD7B-52CCF7494479}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{9058BCB3-A21E-421B-A54A-4A6A86FB4CA3}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{9148DC21-B803-4570-AEBE-C95F7F8AA197}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{9E83BC68-C49A-432C-9E69-47D5D1E08BB2}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{A4E96C5E-E35F-4E68-A2B0-44E46E0221E2}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{AA419B64-4B01-4F68-BE3B-42A993920427}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{AC485EC4-BA31-46A0-A758-66B1482F4B48}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{B62401F7-24B8-4F57-AB7E-22278AB5651D}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{B947F7FF-1D82-4E4C-9C3B-2A4A8309010A}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{C3DBA7B9-E2F7-4DB2-AEC2-B8413A03CB38}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{C938060E-517C-4B28-A5B5-3F250F2BDF03}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{CA38BB76-DF72-4D59-80BD-BED55C3645AD}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{CAC6E9BD-72DC-484F-AA4A-005645627DC4}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{CF9EEDF6-5CF9-44A8-8B42-C7622AD5AEB2}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{D46232DF-CE0D-497B-BB18-9F0BEBE8F3A1}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{D6585E32-7EF1-4954-8F1E-AF659F7B5585}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{D9BEF7EF-76BB-4967-9DBF-E465C39C5681}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{DAB805F9-D49F-48AF-937A-97021308B968}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{DDAE38C8-FD47-4617-B239-8DD117152953}
Successfully deleted: [Empty Folder] C:\Users\roby\appdata\local\{E24537D0-56CB-48DB-99D8-0B1C77FB8A2F}



~~~ FireFox

Successfully deleted: [Folder] C:\Users\roby\AppData\Roaming\mozilla\firefox\profiles\2krijrkd.default-1385243451920\extensions\d019febe-eb2b-4057-a3f2-7def88f2c9cd@1cced8ec-0ffe-43ea-b4b2-fbce5de8e9a4.com
Emptied folder: C:\Users\roby\AppData\Roaming\mozilla\firefox\profiles\2krijrkd.default-1385243451920\minidumps [54 files]



~~~ Event Viewer Logs were cleared
libelloso
Newbie
 
Post: 4
Iscritto il: 25/12/13 16:12

Re: Spyware che non va via

Postdi shel » 25/12/13 22:21

dimmi se il problema persiste o se hai risolto
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: Spyware che non va via

Postdi libelloso » 25/12/13 22:51

Sembrerebbe risolto il problema.
libelloso
Newbie
 
Post: 4
Iscritto il: 25/12/13 16:12


Torna a Sicurezza e Privacy


Topic correlati a "Spyware che non va via":

spyware
Autore: babart
Forum: Sicurezza e Privacy
Risposte: 1

Chi c’è in linea

Visitano il forum: Nessuno e 12 ospiti