si aprono pagine web su chrome Chiuso

Question

Ciao, ho scaricato il programma e questo è il log ora cosa devo fare?

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 20:53:37, on 15/10/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)

FIREFOX: 21.0 (it)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Users\Andrea\AppData\Local\pgcchelper\pgcchelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\D-Link\RangeBooster G WUA-2340\AirPlusCFG.exe
C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Users\Public\Documents\AppData\PoApp\PService.exe
C:\Users\Andrea\Downloads\HijackThis.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.libero.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=89F3D4EE2FC4485B9349E9B7DD90579D
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=89F3D4EE2FC4485B9349E9B7DD90579D
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/?ptr=100&crg=3.1010000.10039&barid={CB87BE62-E7AF-11E2-8ACC-0015833F8702}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [blank]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: LinkVerifierBHO - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Program Files (x86)\DAP\LinkVerifier.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [PosService] C:\Users\Public\Documents\AppData\PoApp\PLauncher.exe
O4 - HKLM\..\Run: [D-Link RangeBooster G WUA-2340] C:\Program Files (x86)\D-Link\RangeBooster G WUA-2340\AirPlusCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [pgcchelper] C:\Users\Andrea\AppData\Local\pgcchelper\pgcchelper.exe
O4 - HKCU\..\Run: [90A4488B45C50C9049F387EB11B9ACF449011272._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
O8 - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm
O8 - Extra context menu item: &Verify with DAP - C:\Program Files (x86)\DAP\dapverify.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: ImTranslator - C:\PROGRA~2\SMARTL~1\IMTRAN~1\startup.html
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra button: ImTranslator - {AE436396-55E7-4ec4-AD6D-45E88A530A4C} - C:\PROGRA~2\SMARTL~1\IMTRAN~1\startup.html (HKCU)
O9 - Extra 'Tools' menuitem: ImTranslator - {AE436396-55E7-4ec4-AD6D-45E88A530A4C} - C:\PROGRA~2\SMARTL~1\IMTRAN~1\startup.html (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivX Web Player Object) - 
O17 - HKLM\System\CCS\Services\Tcpip\..\{71C68ABB-C167-45A9-8056-2D6CDD67068E}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{F5901427-69E6-42E2-946B-48E3A773779F}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASO3DiskOptimizer - Systweak Software, (www.systweak.com) - C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files\BitComet	ools\BitCometService.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: IBUpdaterService - Unknown owner - C:\Windows\system32\dmwu.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files (x86)\D-Link\RangeBooster G WUA-2340\JSWUtilVst\jswpsapi.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: PhoneMyPC_Helper - SoftwareForMe Inc - C:\Program Files\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC_Helper.exe
O23 - Service: Pos Service (PowerOffer Service) - PowerOfferService - C:\Users\Andrea\AppData\Local\PosService\Pos.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcappcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: RtkBleServ - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Serv Updater (ServUpdater) - ServiceUpd - C:\Users\Andrea\AppData\Local\ServUpdater\ServiceUpd.exe
O23 - Service: Splashtop® Remote Service (SplashtopRemoteService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Remote\SERVER\SRService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Splashtop Software Updater Service (SSUService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Copia shadow del volume (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

Bridget. · Answer

Ciao Andre,
Guardo il tuo report e ti dico cosa fare. 
A presto. Bridget.

Bridget. · Answer

Ciao Andre,

Hijack è diventato obsoleto.   Per una diagnosi più efficiente, è meglio di   fare questa scansione, molto semplice (livello principiante) e rapida (10 minuti). Ho tutto  spiegato. Basta seguire le istruzioni riportate di seguito.

1) Scaricare ZHPDiag qui : 
https://ccm.net/download/download-23176-zhpdiag       
Salvarlo sul tuo desktop. 

L'installazione è molto semplice . 
Vedrai sette finestre durante l'installazione. 
I primi cinque finestre : clicca su " Suivant" ( Avanti ) 
La sesta finestra : clicca su " Installer " ( Installare) 
La settima finestra : clicca su "Terminer" (Chiudi ) . 
Il software è installato. 

Attenzione : Vedrai allora due nuove icone sul desktop : ZHPDiag ( pergamena ) e ZHPFix ( siringa ) perché il software si compone di due parti . Uno per le scansioni, l'altra per le cure. 

2) Per fare una scansione di diagnosi : 

- Sotto Windows XP : Apre ZHPDiag, facendo un « doppio clic » sull'icona che ha la forma d'una pergamena. . 
È necessario disporre di privilegi di amministratore sul PC . 
- Sotto Vista , 7 e 8 : Apre ZHPDiag, facendo un « clic destro » sull'icona che ha la forma d'una pergamena. Poi clicca su " Esegui come amministratore " . 

Quando ZHPDiag sarà aperto , vedrai due grandi tasti : 
« Rechercher » (Ricercare) e « Configurer » (Configurare) 
Clicca sul tasto destro "Configura"

Nella nuova finestra che si aprirà : 

- >In basso, a sinistra , vedrai tre lenti di ingrandimento . 
Prima di chiudere il browser, leggi il seguente 
Poi, clicca sul la seconda lente di ingrandimento.

Durante la scansione (10 minuti o meno ), attende con pazienza senza usare il tuo pc. 
A volte , il software può sembrare inattivo , ma si sta lavorando. 
Alla fine della scansione, un report sarà salvato nel blocco-note. 

3) Per trasmettere il report, come fare ? : 

Il report è sul tuo desktop. Come è troppo lungo, non puo essere postato su forum, deve essere ospitato su un speciale sito online. 

Vai su questo sito https://pjjoint.malekal.com/index.php?lang=en       
Una volta sulla pagina di deposito, clicca su "Sfoglia" 
Si aprirà una finestra, recupera il tuo report sul tuo Dekstop 
e clicca su "Apri" 
Poi clicca su "Send File".

Un link sarà creato/ 
Copia e incolla questo  linknella tua riposta.

Spero che questa guida è abbastanza chiara , ma se hai una domanda, non esita a richiedere :) 
Cordialmente Bridget.

Si aprono pagine web su chrome

2 risposte

Discussioni simili