Author Topic: url maligno ovunque  (Read 36246 times)

0 Members and 1 Guest are viewing this topic.

Halbhe

  • Guest
Re: url maligno ovunque
« Reply #45 on: June 28, 2012, 12:16:02 PM »
Sono riuscito a fare la scansione con OTL... il problema c'è sempre... questi sono i log

Halbhe

  • Guest
Re: url maligno ovunque
« Reply #46 on: June 28, 2012, 12:16:37 PM »
e questo... sempre OTL

Offline giogio

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4088
Re: url maligno ovunque
« Reply #47 on: June 28, 2012, 07:54:09 PM »
Ok, riapri OTL,
 sotto Custom Scans/Fixes, incolla:

Code: [Select]
:OTL
MOD - [2012/06/25 19:55:34 | 000,115,137 | ---- | M] () -- C:\Users\Alberto\AppData\Local\Temp\bad4021e-8b96-4726-a482-7caebf5bc001\CliSecureRT.dll

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Alberto\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (avuscj7n)

IE - HKLM\..\SearchScopes\{6F067FA3-FEB1-4679-83F4-90560BD193E9}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=f4c3124c-1542-11e1-b5ed-6cf049b82518&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 32 6D 25 E2 B4 51 CB 01  [binary data]
IE - HKCU\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{36839826-9CAD-475D-94A7-F68A8B3C3A1E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=MYC-ST&o=102869&src=kw&q={searchTerms}&locale=it_IT&apn_ptnrs=5J&apn_dtid=YYYYYYYYIT&apn_uid=764b2295-a9ce-403a-b27e-33b7db4484bd&apn_sauid=6E8D1F72-1B9E-4355-94D7-AE982D36C218&
IE - HKCU\..\SearchScopes\{68C86FC3-4EC1-432a-ADF9-D664C81C34EB}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SPLBR2&pc=SPLH
IE - HKCU\..\SearchScopes\{6F067FA3-FEB1-4679-83F4-90560BD193E9}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=f4c3124c-1542-11e1-b5ed-6cf049b82518&q={searchTerms}
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{C8C87D1C-E52E-44fc-AD45-F6E28BFB4D08}: "URL" = http://www.google.com/cse?cx=partner-pub-3794288947762788%3A4067623346&ie=UTF-8&q={searchTerms}&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A4067623346
IE - HKCU\..\SearchScopes\{CCDE8BF7-1CF2-47CF-ADD7-70B4DEC067C3}: "URL" = http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

:Files
ipconfig /flushdns /c

:Commands
[purity]
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]

Attenzione, questa soluzione è applicabile solo sul tuo sistema


Quindi clicca nel pulsante in alto RUN FIX.
Lascia lavorare il programma e alla fine riavvierà il computer.
Al riavvio fai di nuovo una Quick Scan con OTL  e posta il log e dimmi se hai ancora problemi...

Ciao
Prima di scrivere sul forum per favore leggi le istruzioni qui https://forum.avast.com/index.php?topic=144453.0
Non inviatemi MP per supporto,grazie-No support PM please
Home: E8400-4GB RAM-500GB HDD-Win10.0.15063x64-Avast! Free 17.3.2291-CryptoPrevent-MBAM 2.2free-Chrome 57(uBlock origin)-TB52
Work: i5-2400-4GB RAM-500GB HDD-Win 7sp1x64-Avast!Business Security 12.3.2515,     
Cloud Console 2.18
-FF52-TB52

Halbhe

  • Guest
Re: url maligno ovunque
« Reply #48 on: June 29, 2012, 04:25:43 PM »
ora il problema è sparito... non mi ricordo però cosa ho fatto.... :P se ricompare proverò a fare quello che hai detto...

Halbhe

  • Guest
Re: url maligno ovunque
« Reply #49 on: June 29, 2012, 05:22:06 PM »
Il Problema è tornato.. ho fatto quello che mi hai detto con OTL.. ma non è cambiato nulla.. non ho risolto niente.... questo è il log

Halbhe

  • Guest
Re: url maligno ovunque
« Reply #50 on: June 29, 2012, 05:24:21 PM »
forse ho risolto escludendo questo URL dalle pagine che avast deve segnalare... http://includeit.info/include.js?id

Halbhe

  • Guest
Re: url maligno ovunque
« Reply #51 on: June 29, 2012, 05:25:22 PM »
nemmeno così funziona... ad ogni pagina che visito sempre la stessa finestrella di Avast.. mi sto veramente stufando....

Offline giogio

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4088
Re: url maligno ovunque
« Reply #52 on: June 29, 2012, 10:43:15 PM »
mi sto veramente stufando....

Lo so non è bello, ma non devi perdere la pazienza  ;)
purtoppo io posso solo andare a tentativi

Prova a:
1) andare in pannello di controllo->opzioni internet->connessioni->impostazioni LAN e controlla che sia selezionato "rileva automaticamente le impostazioni"
2) scarica questo programma http://www.datum-forensics.com/down/comintrep.exe, unzippa i file in una cartella sul desktop, quindi fai girare il file IntRep,
seleziona tutti i box e quindi clicca su go. Quando ha finito se vai su file ti permette di salvare il log,  postalo per favore.
3)riesegui OTL
apri il programma ma assicurati di avere chiuso tutte le finestre e lascialo lavorare senza interruzioni, poi seleziona Scan All User, sotto Custom scan incolla questo:

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
WSHELPER.*
services.exe
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
HKCR\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /rs
CREATERESTOREPOINT


Quindi clicca Quick scan, e non cambiare altre impostazioni.
Quando finirà la scansione aprirà in automatico 2 file OTL.Txt e Extras.Txt si trovano dove si trova il programma OTL, quindi posta i 2 log.

ciao

Ciao
Prima di scrivere sul forum per favore leggi le istruzioni qui https://forum.avast.com/index.php?topic=144453.0
Non inviatemi MP per supporto,grazie-No support PM please
Home: E8400-4GB RAM-500GB HDD-Win10.0.15063x64-Avast! Free 17.3.2291-CryptoPrevent-MBAM 2.2free-Chrome 57(uBlock origin)-TB52
Work: i5-2400-4GB RAM-500GB HDD-Win 7sp1x64-Avast!Business Security 12.3.2515,     
Cloud Console 2.18
-FF52-TB52

valentina362

  • Guest
Re: url maligno ovunque
« Reply #53 on: July 06, 2012, 10:06:36 PM »
ciao a tt io stesso problema e ho internet explorer e come sistame operativo xp..vi posto il log...
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-06 21:55:01
-----------------------------
21:55:01.937    OS Version: Windows 5.1.2600 Service Pack 3
21:55:01.937    Number of processors: 1 586 0xF0D
21:55:01.937    ComputerName: ACER-VALENTINA  UserName: Valentina
21:55:03.437    Initialize success
21:55:07.578    AVAST engine defs: 12070601
21:55:11.687    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:55:11.687    Disk 0 Vendor: WDC_WD16 11.0 Size: 152627MB BusType: 3
21:55:11.750    Disk 0 MBR read successfully
21:55:11.750    Disk 0 MBR scan
21:55:11.812    Disk 0 unknown MBR code
21:55:11.828    Disk 0 Partition 1 00     27 Hidden NTFS WinRE MSDOS5.0    10000 MB offset 2048
21:55:11.859    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        71317 MB offset 20482048
21:55:11.875    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        71308 MB offset 166539264
21:55:11.890    Disk 0 scanning sectors +312578048
21:55:12.000    Disk 0 scanning C:\WINDOWS\system32\drivers
21:55:24.859    Service scanning
21:55:46.781    Modules scanning
21:55:53.953    Disk 0 trace - called modules:
21:55:53.968    ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
21:55:53.968    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ac63030]
21:55:53.968    3 CLASSPNP.SYS[ba188fd7] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8ac6f028]
21:55:54.578    AVAST engine scan C:\WINDOWS
21:56:04.031    AVAST engine scan C:\WINDOWS\system32
21:58:47.671    AVAST engine scan C:\WINDOWS\system32\drivers
21:59:00.468    AVAST engine scan C:\Documents and Settings\Valentina
21:59:37.625    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Valentina\Desktop\MBR.dat"
21:59:37.640    The log file has been saved successfully to "C:\Documents and Settings\Valentina\Desktop\aswMBR.txt"



Offline giogio

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4088
Re: url maligno ovunque
« Reply #54 on: July 08, 2012, 09:00:12 PM »
ciao a tt io stesso problema e ho internet explorer e come sistame operativo xp..vi posto il log...
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-06 21:55:01
-----------------------------
21:55:01.937    OS Version: Windows 5.1.2600 Service Pack 3
21:55:01.937    Number of processors: 1 586 0xF0D
21:55:01.937    ComputerName: ACER-VALENTINA  UserName: Valentina
21:55:03.437    Initialize success
21:55:07.578    AVAST engine defs: 12070601
21:55:11.687    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:55:11.687    Disk 0 Vendor: WDC_WD16 11.0 Size: 152627MB BusType: 3
21:55:11.750    Disk 0 MBR read successfully
21:55:11.750    Disk 0 MBR scan
21:55:11.812    Disk 0 unknown MBR code
21:55:11.828    Disk 0 Partition 1 00     27 Hidden NTFS WinRE MSDOS5.0    10000 MB offset 2048
21:55:11.859    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        71317 MB offset 20482048
21:55:11.875    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        71308 MB offset 166539264
21:55:11.890    Disk 0 scanning sectors +312578048
21:55:12.000    Disk 0 scanning C:\WINDOWS\system32\drivers
21:55:24.859    Service scanning
21:55:46.781    Modules scanning
21:55:53.953    Disk 0 trace - called modules:
21:55:53.968    ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
21:55:53.968    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ac63030]
21:55:53.968    3 CLASSPNP.SYS[ba188fd7] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8ac6f028]
21:55:54.578    AVAST engine scan C:\WINDOWS
21:56:04.031    AVAST engine scan C:\WINDOWS\system32
21:58:47.671    AVAST engine scan C:\WINDOWS\system32\drivers
21:59:00.468    AVAST engine scan C:\Documents and Settings\Valentina
21:59:37.625    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Valentina\Desktop\MBR.dat"
21:59:37.640    The log file has been saved successfully to "C:\Documents and Settings\Valentina\Desktop\aswMBR.txt"




ciao e benvenuta,
sarò lieto di aiutarti, ma per favore apri un nuovo topic questo ha già 2 utenti con problemi e sono troppi ;)
Prima di scrivere sul forum per favore leggi le istruzioni qui https://forum.avast.com/index.php?topic=144453.0
Non inviatemi MP per supporto,grazie-No support PM please
Home: E8400-4GB RAM-500GB HDD-Win10.0.15063x64-Avast! Free 17.3.2291-CryptoPrevent-MBAM 2.2free-Chrome 57(uBlock origin)-TB52
Work: i5-2400-4GB RAM-500GB HDD-Win 7sp1x64-Avast!Business Security 12.3.2515,     
Cloud Console 2.18
-FF52-TB52