Author Topic: Virus ricompare  (Read 12128 times)

0 Members and 1 Guest are viewing this topic.

REDACTED

  • Guest
Re: Virus ricompare
« Reply #15 on: July 28, 2014, 08:24:13 PM »
Si verifica anche con altri browser.

Inoltre ho notato che ad ogni avvio di windows viene rilevato il trojan da avast.

Non sono riuscito a completare lo scan con aswMBR in quanto a un certo momento mi dice:" Avast! Antirookit ha smesso di funzionare"

Offline giogio

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4088
Re: Virus ricompare
« Reply #16 on: July 28, 2014, 08:31:41 PM »
ciao,
prova ad eseguire ashmbr da modalità provvisoria (premendo F8 durante il boot del pc)

Riesci a postare la schermata di avast del trojan che trova? Non riesci a fare una scansione all'avvio con avast per cercare di eliminarlo?
Prima di scrivere sul forum per favore leggi le istruzioni qui https://forum.avast.com/index.php?topic=144453.0
Non inviatemi MP per supporto,grazie-No support PM please
Home: E8400-4GB RAM-500GB HDD-Win10.0.15063x64-Avast! Free 17.3.2291-CryptoPrevent-MBAM 2.2free-Chrome 57(uBlock origin)-TB52
Work: i5-2400-4GB RAM-500GB HDD-Win 7sp1x64-Avast!Business Security 12.3.2515,     
Cloud Console 2.18
-FF52-TB52

REDACTED

  • Guest
Re: Virus ricompare
« Reply #17 on: July 28, 2014, 08:36:06 PM »
ok , ora provo ad avviare ashmbr in modalità provvisoria.

In allegato trovi il trojan rilevato da avast.

Come faccio a far eseguire la scansione ad avast all'avvio se lo rileva prima ancora che io riesca ad accedere ad avast ?

Offline giogio

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4088
Re: Virus ricompare
« Reply #18 on: July 28, 2014, 08:41:00 PM »
La scansione all'avvio devi programmarla da avast e quindi riavviare il pc. (avast->scansione->scansione all'avvio->avvia)
Scusa se il trojan cmq è quello è sempre il solito.
Prova prima a fare la scansione con ashmbr da provvisoria ed allega il log.
Dopo puoi fare la scansione all'avvio con avast, intanto che aspettiamo una risposta da Essexboy

ciao
Prima di scrivere sul forum per favore leggi le istruzioni qui https://forum.avast.com/index.php?topic=144453.0
Non inviatemi MP per supporto,grazie-No support PM please
Home: E8400-4GB RAM-500GB HDD-Win10.0.15063x64-Avast! Free 17.3.2291-CryptoPrevent-MBAM 2.2free-Chrome 57(uBlock origin)-TB52
Work: i5-2400-4GB RAM-500GB HDD-Win 7sp1x64-Avast!Business Security 12.3.2515,     
Cloud Console 2.18
-FF52-TB52

REDACTED

  • Guest
Re: Virus ricompare
« Reply #19 on: July 28, 2014, 09:10:08 PM »
Anche in modalità provvisoria ashmbr non è riuscito a completare la scansione dando lo stesso avviso

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Virus ricompare
« Reply #20 on: July 28, 2014, 09:42:15 PM »
Download the latest version of TDSSKiller from here and save it to your Desktop.
 
 
  • Doubleclick on TDSSKiller.exe to run the application


  • Then click on Change parameters.
     

     
  • Check the boxes beside Verify Driver Digital Signature, Detect TDLFS file system  and Use KSN to scan objects , then click OK.
     
  • Click the Start Scan button.
     
     
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
     

     
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

  • Get the report by selecting Reports

 
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
Please copy and paste its contents on your next reply.

REDACTED

  • Guest
Re: Virus ricompare
« Reply #21 on: July 28, 2014, 11:00:22 PM »
Ok effettuato... NO threats found.

REDACTED

  • Guest
Re: Virus ricompare
« Reply #22 on: July 29, 2014, 09:36:37 AM »
Effettuato anche la scansione avast all'avvio... ma niente, ancora vengo reindirizzato !

Sono disperato

REDACTED

  • Guest
Re: Virus ricompare
« Reply #23 on: July 29, 2014, 03:19:06 PM »
A quanto sembra dopo aver effettuato l'ennesimo reset del router il problema sembra essere risolto per tutti i pc di casa.

Inoltre anche con i dispositivi Apple le varie app si connettono ad internet senza problemi e tutte le pagine caricano regolarmente .

Questo significa che probabilmente il reindirizzamento era dovuto al router ??

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Virus ricompare
« Reply #24 on: July 29, 2014, 03:43:34 PM »
Che è un'alta probabilità, avete a reimpostare la password del router?
Come se è venuta da un particolare sito Web che potrebbe accadere di nuovo

That is a high probability, have you reset the password on the router ? 
As if it is coming from a particular website it could happen again

REDACTED

  • Guest
Re: Virus ricompare
« Reply #25 on: July 29, 2014, 03:51:58 PM »
yes i have !

Lets see if it lasts..

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Virus ricompare
« Reply #26 on: July 29, 2014, 04:26:46 PM »
Subject to no further problems   :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems 

Now the best part of the day ----- Your log now appears clean  :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset  System Restore points:

Click  Start  then Run.
On Windows7 or Vista  you may use  Start Search  field if  Run  is not available.
In the box copy/paste the following command:

ComboFix  /Uninstall

Note that there is a space between "  ComboFix  " and "  /Uninstall  " .

Then click  OK  (or press  Enter ).
Wait for the uninstall process to complete.

Download and run Delfix




: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware



Malwarebytes.

Update and run weekly to keep your system clean


It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide  Best security practices Keep safe  :wave: