Pagine pubblicitarie si aprono da sole [Chiuso]

Segnala
Posti
3
Data di registrazione
domenica 12 marzo 2017
Stato
Membri
Ultimo intervento
martedì 14 marzo 2017
-
Noureddine Bouzidi
Posti
22676
Data di registrazione
giovedì 19 marzo 2009
Stato
Contribuente
Ultimo intervento
martedì 11 febbraio 2020
-
Salve a tutti.
Da qualche tempo quando apro pagine internet mi si aprono fastidiose pagine pubblicitarie. ho provato a fare una scansione con il mio antivirus (avira) e non ha trovato niente, ho fatto una scansione online con F-secure e non ha trovato niente, ho installato ad-block plus, ma le pagine pubblicitarie continuano ad imperversare.
Vi posto il logfile fatto da una scansione con HijackThis v. 2.0.5. nella speranza che qualcuno mi aiuti a risolvere.
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 17:15:13, on 14/03/2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\USB Camera\VM331STI.EXE
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Ideapad\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q=%7BsearchTerms%7D
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [331BigDog] "C:\Program Files (x86)\USB Camera\VM331STI.EXE"
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
O4 - HKLM\..\Run: [Avira System Speedup User Starter] "C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - Startup: zSpeedup.lnk = C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: I&nvia a OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avira Protezione email (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Pianificatore (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Protezione in tempo reale (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Protezione web (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: @%systemroot%\system32\AppVClient.exe,-102 (AppVClient) - Unknown owner - C:\WINDOWS\system32\AppVClient.exe (file missing)
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Avira Phantom VPN (AviraPhantomVPN) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
O23 - Service: Avira Updater Service (AviraUpdaterService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
O23 - Service: @oem12.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Servizio Scout Update (scupdate) (scupdate) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe
O23 - Service: Servizio Scout Update (scupdatem) (scupdatem) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: Avira System Speedup (SpeedupService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%systemroot%\system32\AgentService.exe,-102 (UevAgentService) - Unknown owner - C:\WINDOWS\system32\AgentService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
End of file - 12280 bytes

6 risposte

Posti
22676
Data di registrazione
giovedì 19 marzo 2009
Stato
Contribuente
Ultimo intervento
martedì 11 febbraio 2020
10.841
Ciao,

=AdwCleaner=
  • Scarica e salva sul desktop AdwCleaner di Xplode
  • Chiudi tutti i programmi e browser internet aperti
  • Fai doppio clic su "AdwCleaner.exe" per eseguirlo
  • Fai clic sul pulsante "Scan" e attendi la fine del processo
  • Fai clic sul pulsante "Clean" e segui le istruzioni
  • Il programma chiuderà tutti i programmi aperti, quindi salva i tuoi dati e lavori in corso prima di continuare
  • Se viene chiesto di avviare il PC, accetta
  • Un report verrà aperto automaticamente, Copia/incolla il contenuto del file nella tua risposta
  • Puoi trovare il file log in "C:\AdwCleaner\AdwCleaner[Sn].txt" (nel quale "n" è un numero).


=ZHPCleaner=
  • Scarica ZHPCleaner
  • Chiudi tutti i browser e programmi aperti
  • Avvia il programma e accetta la licenza
  • Fai clic su Scanner finita la scansione fai clic su Riparazione e mandaci il report generato


=Malwarebytes=
  • Scarica Malwarebytes ed installalo
  • Disattiva l'antivirus (durante la scansione)
  • Avvia il programma
  • Aspetta che finisca l'aggiornamento del database; se non si fa in automatico, clicca su "Aggiornamento"
  • Clicca su "Opzione"
    • Cambia la lingua in italiano
    • Clicca su "Rilevamento e protezione" (a sinistra), in "Protezione da 'non-malware'" seleziona "Gestisci rilevamenti come malware" in entrambe le voci Rilevamenti "PUP" e "PUM"
  • Clicca su "Scansione"
  • Seleziona la voce "Ricerca elementi nocivi"
  • Una volta finita clicca su "Applica azioni"
  • Se viene chiesto di riavviare "Accetta"
  • Apri il programma e clicca su "Cronologia" poi "Log applicazione"
  • Seleziona l'ultimo log quindi "Vedi"
  • Clicca su "Copia negli appunti" (non succede niente ma il report verrà copiato)
  • Fai incolla nella tua risposta


~~# Per ogni problema... c'è una soluzione #~~
Posti
3
Data di registrazione
domenica 12 marzo 2017
Stato
Membri
Ultimo intervento
martedì 14 marzo 2017

questo è il report di ZHPCleaner:
ZHPCleaner v2017.3.13.45 by Nicolas Coolman (2017/03/13)
~ Run by Ideapad (Administrator) (14/03/2017 18:32:57)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Riparare
~ Report : C:\Users\Ideapad\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Ideapad\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 14393)


---\\ Servizi (0)
~ Nessun elemento malevolo o inutili trovato.


---\\ Browser Internet (0)
~ Nessun elemento malevolo o inutili trovato.


---\\ File hosts (1)
~ Il file hosts è legittimo (21)


---\\ Operazioni pianificate automatiche. (0)
~ Nessun elemento malevolo o inutili trovato.


---\\ Esploratore ( File, Cartelle) (40)
SPOSTATO file: C:\Windows\Prefetch\PANDA_URL_FILTERINGB.EXE-24C2BB86.pf =>PUP.Optional.StartSearch
SPOSTATO file: C:\Windows\Installer\wix{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}.SchedServiceConfig.rmi =>.Superfluous.Empty
SPOSTATO file: C:\Windows\Installer\wix{417A95B7-A57F-4245-A3B8-DE7A054F4E32}.SchedServiceConfig.rmi =>.Superfluous.Empty
SPOSTATO file: C:\Windows\Installer\wix{7DB25DF9-4AAA-484B-B0D5-40286505A3F6}.SchedServiceConfig.rmi =>.Superfluous.Empty
SPOSTATO file: C:\Users\Ideapad\AppData\Local\Temp\wct69E8.tmp =>.Superfluous.Temporary.Various
SPOSTATO file: C:\Users\Ideapad\AppData\Local\Temp\wct71A6.tmp =>.Superfluous.Temporary.Various
SPOSTATO file: C:\Users\Ideapad\AppData\Local\Temp\wctB00E.tmp =>.Superfluous.Temporary.Various
SPOSTATO file: C:\Users\Ideapad\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.coupontime00.coupontime.co_0.localstorage =>PUP.Optional.CouponTime
SPOSTATO file: C:\Users\Ideapad\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.coupontime00.coupontime.co_0.localstorage-journal =>PUP.Optional.CouponTime
SPOSTATO cartelle: C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
SPOSTATO cartelle: C:\ProgramData\panda_url_filtering =>PUP.Optional.StartSearch
SPOSTATO cartelle: C:\Users\Ideapad\AppData\Roaming\Search The Web =>PUP.Optional.IMBooster
SPOSTATO cartelle: C:\Users\Ideapad\AppData\Local\Google\Chrome\User Data\Default\File System\008 =>PUP.Optional.DomaIQ
SPOSTATO cartelle: C:\WINDOWS\Installer\MSI106D.tmp- =>.Superfluous.Empty
SPOSTATO cartelle: C:\WINDOWS\Installer\MSI16C7.tmp- =>.Superfluous.Empty
SPOSTATO cartelle: C:\WINDOWS\Installer\MSI188D.tmp- =>.Superfluous.Empty
SPOSTATO cartelle: C:\WINDOWS\Installer\MSI19E6.tmp- =>.Superfluous.Empty
SPOSTATO cartelle: C:\WINDOWS\Installer\MSI1D82.tmp- =>.Superfluous.Empty
SPOSTATO cartelle: C:\WINDOWS\Installer\MSI2AD.tmp- =>.Superfluous.Empty
SPOSTATO cartelle: C:\WINDOWS\Installer\MSI4ECF.tmp- =>.Superfluous.Empty
SPOSTATO cartelle: C:\WINDOWS\Installer\MSI5327.tmp- =>.Superfluous.Empty
SPOSTATO cartelle: C:\WINDOWS\Installer\MSI55B4.tmp- =>.Superfluous.Empty
SPOSTATO cartelle: C:\WINDOWS\Installer\MSI5C36.tmp- =>.Superfluous.Empty
SPOSTATO cartelle: C:\WINDOWS\Installer\MSI60BB.tmp- =>.Superfluous.Empty
SPOSTATO cartelle: C:\WINDOWS\Installer\MSI6214.tmp- =>.Superfluous.Empty
SPOSTATO cartelle: C:\WINDOWS\Installer\MSI6620.tmp- =>.Superfluous.Empty
SPOSTATO cartelle: C:\WINDOWS\Installer\MSI68DB.tmp- =>.Superfluous.Empty
SPOSTATO cartelle: C:\WINDOWS\Installer\MSI6A34.tmp- =>.Superfluous.Empty
SPOSTATO cartelle: C:\WINDOWS\Installer\MSI6AB5.tmp- =>.Superfluous.Empty
SPOSTATO cartelle: C:\WINDOWS\Installer\MSI71F6.tmp- =>.Superfluous.Empty
SPOSTATO cartelle: C:\WINDOWS\Installer\MSI7505.tmp- =>.Superfluous.Empty
SPOSTATO cartelle: C:\WINDOWS\Installer\MSI766D.tmp- =>.Superfluous.Empty
SPOSTATO cartelle: C:\WINDOWS\Installer\MSI7797.tmp- =>.Superfluous.Empty
SPOSTATO cartelle: C:\WINDOWS\Installer\MSI793E.tmp- =>.Superfluous.Empty
SPOSTATO cartelle: C:\WINDOWS\Installer\MSIC50B.tmp- =>.Superfluous.Empty
SPOSTATO cartelle: C:\WINDOWS\Installer\MSIC752.tmp- =>.Superfluous.Empty
SPOSTATO cartelle: C:\WINDOWS\Installer\MSICD5E.tmp- =>.Superfluous.Empty
SPOSTATO cartelle: C:\WINDOWS\Installer\MSICE78.tmp- =>.Superfluous.Empty
SPOSTATO cartelle: C:\WINDOWS\Installer\MSIE0D8.tmp- =>.Superfluous.Empty
SPOSTATO cartelle: C:\WINDOWS\Installer\MSIEE56.tmp- =>.Superfluous.Empty


---\\ Registro ( Chiavi, Valori, Dati ) (10)
ELIMINATO chiave*: [X64] HKLM\Software\Google\Chrome\Extensions\cglobijmmnefeacmdjkgkimhjcidaedm [C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\cglobijmmnefeacmdjkgkimhjcidaedm.crx (Not File)] =>PUP.Optional.APNToolBar
ELIMINATO chiave*: [X64] HKLM\Software\Google\Chrome\Extensions\cohecngphbppjpaokeilaichhgggcmjb [C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\cohecngphbppjpaokeilaichhgggcmjb.crx (Not File)] =>PUP.Optional.APNToolBar
ELIMINATO chiave*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\soundcloud.com [] =>PUP.Optional.SoundCloud
ELIMINATO chiave*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\soundcloud.com [] =>PUP.Optional.SoundCloud
ELIMINATO chiave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\235CDDD4FAA2BCE4C9E578A53866F91E [C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\tbnhlpr_x64.exe (Not File)] =>PUP.Optional.APNToolBar
ELIMINATO chiave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2DD4D11A59E51134AAC663F91417DDE2 [C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ (Not File)] =>PUP.Optional.APNToolBar
ELIMINATO chiave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [ITool] =>Toolbar.Ask
ELIMINATO chiave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{41545533-2D54-4D47-00A7-A758B70C2804} [APN, LLC] =>Adware.Bandoo
ELIMINATO chiave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{41545533-2D54-5347-00A7-A758B70C2806} [APN, LLC] =>Adware.Bandoo
ELIMINATO chiave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [Google Inc.] =>Heuristic.Suspect


---\\ Riepilogo dei elementi trovato sulla workstation (12)
https://www.nicolascoolman.com/fr/pup-optional-startsearch/ =>PUP.Optional.StartSearch
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Empty
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Temporary.Various
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.CouponTime
https://nicolascoolman.eu/2017/02/02/hacktool-autokms/ =>HackTool.AutoKMS
https://www.nicolascoolman.com/fr/adware-imbooster/ =>PUP.Optional.IMBooster
https://www.nicolascoolman.com/fr/adware-domaiq/ =>PUP.Optional.DomaIQ
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.APNToolBar
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.SoundCloud
https://nicolascoolman.eu/2017/02/28/toolbar-ask/ =>Toolbar.Ask
https://nicolascoolman.eu/2017/02/23/adware-bandoo/ =>Adware.Bandoo
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect


---\\ Borrar otro. (12)
~ Chiave di registro Tracing éliminati (12)
~ Rimuovi vecchi report ZHPCleaner. (0)


---\\ Risultato di riparazione
~ Riparazione effettuata con successo
~ Browser non trovato (Mozilla Firefox)


---\\ Statistiche
~ Elementi analizzati : 1453
~ Elementi trovati : 0
~ Elementi cancellati : 0
~ Elementi riparati : 50


~ End of clean in 00h00mn18s
~====================
ZHPCleaner-[R]-14032017-18_33_15.txt
ZHPCleaner-[S]-14032017-18_31_52.txt
Posti
3
Data di registrazione
domenica 12 marzo 2017
Stato
Membri
Ultimo intervento
martedì 14 marzo 2017

E questo invece è il report di MWB:
Dettagli log-
Data scansione: 14/03/17
Ora scansione: 21:11
File di log:
Amministratore: Sì

-Informazioni software-
Versione: 3.0.6.1469
Versione componenti: 1.0.75
Aggiorna versione pacchetto: 1.0.1502
Licenza: Trial

-Informazioni sistema-
SO: Windows 10
CPU: x64
File system: NTFS
Utente: LENOVO\Ideapad

-Riepilogo scansione-
Tipo di scansione: Ricerca elementi nocivi
Risultati: Completata
Elementi analizzati: 425141
Tempo impiegato: 12 min, 25 sec

-Opzioni di scansione-
Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Attivata
Analisi euristica: Attivata
PUP: Attivata
PUM: Attivata

-Dettagli scansione-
Processo: 0
(Nessun elemento nocivo rilevato)

Modulo: 0
(Nessun elemento nocivo rilevato)

Chiave di registro: 2
PUP.Optional.ASKPartnerNetwork, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\cglobijmmnefeacmdjkgkimhjcidaedm, In quarantena, [17967], [245531],1.0.1502
PUP.Optional.ASKPartnerNetwork, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\cohecngphbppjpaokeilaichhgggcmjb, In quarantena, [17967], [245531],1.0.1502

Valore di registro: 2
PUP.Optional.ASKPartnerNetwork, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\cglobijmmnefeacmdjkgkimhjcidaedm|PATH, In quarantena, [17967], [245531],1.0.1502
PUP.Optional.ASKPartnerNetwork, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\cohecngphbppjpaokeilaichhgggcmjb|PATH, In quarantena, [17967], [245531],1.0.1502

Dati di registro: 1
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DEFAULTSCOPE, Sostituito, [16787], [292819],1.0.1502

Flusso di dati: 0
(Nessun elemento nocivo rilevato)

Cartella: 0
(Nessun elemento nocivo rilevato)

File: 2
PUP.Optional.Yontoo, C:\USERS\IDEAPAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_static.coupontime00.coupontime.co_0.localstorage, In quarantena, [71], [304355],1.0.1502
PUP.Optional.Yontoo, C:\USERS\IDEAPAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_static.coupontime00.coupontime.co_0.localstorage-journal, In quarantena, [71], [304355],1.0.1502

Settore fisico: 0
(Nessun elemento nocivo rilevato)


(end)
Posti
22676
Data di registrazione
giovedì 19 marzo 2009
Stato
Contribuente
Ultimo intervento
martedì 11 febbraio 2020
10.841
si aprono ancora della pagine?

fai anche una scansione con Adwcleaner https://www.malwarebytes.com/adwcleaner/
Salve a tutti,
purtroppo il problema da me presentato delle pagine pubblicitarie che si aprono di continuo non sono riuscito a risolverlo nonostante abbia seguito i vostri consigli.
Probabilmente mi toccherà formattare il pc..
Noureddine Bouzidi
Posti
22676
Data di registrazione
giovedì 19 marzo 2009
Stato
Contribuente
Ultimo intervento
martedì 11 febbraio 2020
10.841
salve,

le pagine si aprono in un browser specifico o qualsiasi browser ?
Le pagine pubblicitarie si aprono su google chrome...
Noureddine Bouzidi
Posti
22676
Data di registrazione
giovedì 19 marzo 2009
Stato
Contribuente
Ultimo intervento
martedì 11 febbraio 2020
10.841