Precedente :: Successivo |
Autore |
Messaggio |
Baltus Eroe in grazia degli dei
Registrato: 22/09/11 13:42 Messaggi: 111
|
Inviato: 20 Ago 2016 21:03 Oggetto: Trovit.com |
|
|
Salve,
problema con trovit.com che mi ha "inhvaso" i browsers!!
Allego log AdwCleaner
.txt]AdwCleaner[S0].txt |
|
Top |
|
|
Baltus Eroe in grazia degli dei
Registrato: 22/09/11 13:42 Messaggi: 111
|
Inviato: 20 Ago 2016 21:09 Oggetto: |
|
|
Wikisend non mi carica il log di adwCleaner, lo posto direttamente:
# AdwCleaner v6.000 - Logfile created 20/08/2016 at 21:54:58
# Updated on 12/08/2016 by ToolsLib
# Database : 2016-08-20.1 [Server]
# Operating System : Windows 8.1 Pro (X86)
# Username : poi - POI8
# Running from : C:\Users\poi\Desktop\adwcleaner_6.000.exe
# Mode: Scan
# Support : https://toolslib.net/forum
***** [ Services ] *****
Service Found: CltMngSvc
Service Found: Orbiter
Service Found: SPPD
***** [ Folders ] *****
Folder Found: C:\Users\poi\AppData\Local\SearchProtect
Folder Found: C:\Users\poi\AppData\Local\bvyvbvhx
Folder Found: C:\Program Files\ORBTR
Folder Found: C:\Program Files\SearchProtect
***** [ Files ] *****
File Found: C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
File Found: C:\Windows\AppPatch\nbin\VC32Loader.dll
File Found: C:\Users\poi\AppData\Roaming\Mozilla\Firefox\Profiles\xnnx1qv9.default\searchplugins\trovi.xml
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious keys found.
***** [ Shortcuts ] *****
No infected shortcut found.
***** [ Scheduled Tasks ] *****
Task Found: bvyvbvhx
***** [ Registry ] *****
Key Found: HKLM\SOFTWARE\Classes\protector_dll.Protector
Key Found: HKLM\SOFTWARE\Classes\protector_dll.Protector.1
Key Found: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
Key Found: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
Key Found: HKU\S-1-5-21-382136830-1405898088-1604346383-1001\Software\SearchProtect
Key Found: HKU\S-1-5-21-382136830-1405898088-1604346383-1001\Software\SEARCHPROTECT
Key Found: HKCU\Software\SearchProtect
Key Found: HKCU\Software\SEARCHPROTECT
Key Found: HKLM\SOFTWARE\ORBTR
Key Found: HKLM\SOFTWARE\SearchProtect
Key Found: HKLM\SOFTWARE\SPPDCOM
Key Found: HKLM\SOFTWARE\SEARCHPROTECT
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SEARCHPROTECT
Data Found: HKU\S-1-5-21-382136830-1405898088-1604346383-1001\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.trovi.com/?gd=&ctid=CT3333673&octid=EB_ORIGINAL_CTID&ISID=E4395938-12A9-4D05-9D96-A315ED5B5229&SearchSource=55&CUI=&UM=8&UP=SPB10A4E5C-EC73-4A38-99D6-A3CE96FC6EBB&D=082016&SSPV=
Data Found: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.trovi.com/?gd=&ctid=CT3333673&octid=EB_ORIGINAL_CTID&ISID=E4395938-12A9-4D05-9D96-A315ED5B5229&SearchSource=55&CUI=&UM=8&UP=SPB10A4E5C-EC73-4A38-99D6-A3CE96FC6EBB&D=082016&SSPV=
Key Found: HKU\S-1-5-21-382136830-1405898088-1604346383-1001\Software\Microsoft\Internet Explorer\SearchScopes\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Value Found: HKLM\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Custom\chrome.exe [{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb]
Value Found: HKLM\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Custom\firefox.exe [{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb]
Value Found: HKLM\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Custom\iexplore.exe [{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb]
Key Found: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\InstalledsDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}
Value Found: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe [{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb]
Value Found: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe [{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb]
Value Found: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\iexplore.exe [{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb]
***** [ Web browsers ] *****
Firefox pref Found: [C:\Users\poi\AppData\Roaming\Mozilla\Firefox\Profiles\xnnx1qv9.default\prefs.js] - "browser.newtab.url" - "hxxp://www.trovi.com/?gd=&ctid=CT3333673&octid=EB_ORIGINAL_CTID&ISID=E4395938-12A9-4D05-9D96-A315ED5B5229&SearchSource=69&CUI=&SSPV=&Lay=1&UM=8&UP=SPB10A4E5C-EC73-4A38-99D6-A3CE96FC6EBB&D=082016"
Firefox pref Found: [C:\Users\poi\AppData\Roaming\Mozilla\Firefox\Profiles\xnnx1qv9.default\prefs.js] - "browser.startup.homepage" - "hxxp://www.trovi.com/?gd=&ctid=CT3333673&octid=EB_ORIGINAL_CTID&ISID=E4395938-12A9-4D05-9D96-A315ED5B5229&SearchSource=55&CUI=&UM=8&UP=SPB10A4E5C-EC73-4A38-99D6-A3CE96FC6EBB&D=082016&SSPV="
No malicious Chromium based browser items found.
*************************
C:\AdwCleaner\AdwCleaner[S0].txt - [4608 Bytes] - [20/08/2016 21:54:58]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4681 Bytes] ########## |
|
Top |
|
|
R16 Dio maturo
Registrato: 07/03/08 21:58 Messaggi: 10123
|
Inviato: 21 Ago 2016 11:38 Oggetto: |
|
|
Ciao.
Elimina quello che ha trovato Adwcleaner, cliccando sul pulsante "Clean", alla fine delle eliminazioni, ti chiederà di riavviare il pc: acconsenti.
Al riavvio, controlla se il problema è risolto.
In tutti i casi, fai una scansione con Malwarebytes, ed elimina quello che trova. |
|
Top |
|
|
Baltus Eroe in grazia degli dei
Registrato: 22/09/11 13:42 Messaggi: 111
|
Inviato: 22 Ago 2016 20:15 Oggetto: |
|
|
Allora, tutto sembra funzionare bene!
MBAM non ha trovato nulla di rilevante se non i soliti PUB.
Grazie R16! ... in servizio attivo anche sotto l'ombrellone
|
|
Top |
|
|
|