Consenso all'uso dei cookies

SITO1 -- SITO2 -- Forum2 -- CercaGlobale -- Informativa su Cookie e Privacy

Questo Forum1 è in sola lettura -- Usa il Forum2


//Removed by EUCookieLaw Valutazione discussione:
  • 0 voto(i) - 0 media
  • 1
  • 2
  • 3
  • 4
  • 5
[ RISOLTO ] PLauncher.exe da eliminare
#1
Buona Domenica! Vorrei eliminare la chiave di registro che contiene PLauncher.exe; come si può notare dall'immagine allegata dovrei eliminare PosService; ci sono dei rischi? Grazie. http://img812.imageshack.us/img812/8258/...gistro.jpg
Cita messaggio
#2
Puoi eliminarla tranquillamente.
Controlla prima che nel percorso che vedi nella chiave documents e setting\all users\documenti\appdata\PoApp ci sia la cartella PoApp(abilita la visualizzazione dei file e cartelle nascoste) e devi eliminarla con shift+canc, se risulta bloccata usa il programma unlocker http://www.aiutamici.com/software?ID=11419 (scarica la versione aup se vuoi la versione portable) oppure file governor http://www.novirusthanks.org/product/file-governor/ versione zip. (se non ti piace unlocker o file governor http://alternativeto.net/software/unlocker/ )
Disinstalla tutte le toolbar che non usi da pannello di controllo e fai una scansione con adwcleaner http://www.megalab.it/7845/pulizia-appro...adwcleaner
Cita messaggio
#3
Leggi pure questo thread http://www.tomshw.it/forum/sicurezza/245...ncher.html
Cita messaggio
#4
Pur eliminando la voce di registro contenente PLauncher.exe , al riavvio del pc ritorna al suo posto come dimostra la seguente immagine ottenuta scansionando il pc con TuneUp Utilities 2012. Saluti http://img9.imageshack.us/img9/3001/tuneuputilities.jpg
Cita messaggio
#5
da start digita msconfig , clicca poi su msconfig.exe, continua, clicca su scheda Avvio e cerca la voce Plauncher.exe, togli la spunta, ok. Si riavvia ancora?
Intanto fai una scansione con malwarebytes http://it.malwarebytes.org/ (clicca su scarica subito per il download)
Cita messaggio
#6
Salve! Dopo aver postato il log di malwarebytes(dopo la scansione completa), allega il log di hijackthis.
L'ipocrisia è un briciolo di speranza, per chi non ha personalità.(By Leroy)

Niente rafforza l'autorità quanto il silenzio.(Charles De Gaulle )

Siate la cura della vostra malattia, non la causa. (By Leroy)


Cita messaggio
#7
(28-10-2012, 17:40 )wirgilio Ha scritto: Pur eliminando la voce di registro contenente PLauncher.exe , al riavvio del pc ritorna al suo posto come dimostra la seguente immagine ottenuta scansionando il pc con TuneUp Utilities 2012. Saluti http://img9.imageshack.us/img9/3001/tuneuputilities.jpg

Wirgilio, ma tuneup te la fa eliminare?
L'ipocrisia è un briciolo di speranza, per chi non ha personalità.(By Leroy)

Niente rafforza l'autorità quanto il silenzio.(Charles De Gaulle )

Siate la cura della vostra malattia, non la causa. (By Leroy)


Cita messaggio
#8
Da start digito msconfig e dopo l'ok non vedo msconfig.exe : questa è la videata dopo di msconfig http://img685.imageshack.us/img685/9311/...onedis.jpg - Per quanto riguarda gli antivirus, ho già lanciato in modalità provvisoria SpyBot-Malwarebytes Anti Malware - CalmWin Antivirus e ComboFix . Il Computer risulta pulito. TuneUp non mi fà eliminare la voce di registro ma è solo una comunicazione sul cosa dovrei fare. Saluti
Cita messaggio
#9
Guarda l'immagine che allego, devi cliccare su avvio.


Allegati Anteprime
   
Cita messaggio
#10
Ecco il Report di hijackthis: Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20.41.31, on 28/10/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\logishrd\LVMVFM\UMVPFSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\BillP Studios\WinPatrol\winpatrol.exe
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmi\Microsoft Security Client\msseces.exe
C:\Programmi\Logitech\LWS\Webcam Software\LWS.exe
C:\Programmi\AVG Secure Search\vprot.exe
C:\Programmi\Logitech\Vid HD\Vid.exe
C:\Programmi\ClamWin\bin\ClamTray.exe
C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
C:\Documents and Settings\All Users\Dati applicazioni\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Nitro PDF\Reader\NitroPDFReaderDriverService2.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\MemoRex\MemoRex.exe
C:\Programmi\Macrium\Reflect\ReflectService.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
C:\Programmi\File comuni\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
C:\Programmi\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/webhp?sourceid=navc...t&ie=UTF-8
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=4.0003002
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programmi\Ask.com\GenericAskToolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programmi\ConduitEngine\prxConduitEngine.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll
O2 - BHO: SearchToolbar.ShowToolbarBHO - {86a3cdaa-9b25-480e-b73f-c2d359b87966} - mscoree.dll (file missing)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programmi\AVG Secure Search\13.2.0.4\AVG Secure Search_toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programmi\Free Download Manager\iefdm2.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Programmi\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programmi\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Programmi\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: SearchToolbar - {691ca8ec-7205-4aa9-bdd6-15493d16f835} - mscoree.dll (file missing)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programmi\AVG Secure Search\13.2.0.4\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [WinPatrol] C:\Programmi\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [MSC] "C:\Programmi\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [MemoREX] "C:\Programmi\MemoRex\MemoRexStart.exe"
O4 - HKLM\..\Run: [LWS] C:\Programmi\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [vProt] "C:\Programmi\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Programmi\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
O4 - HKCU\..\Run: [DriverMax] "C:\Programmi\Innovative Solutions\DriverMax\drivermax.exe" -agent
O4 - HKCU\..\Run: [DriverMax_RESTART] "C:\Programmi\Innovative Solutions\DriverMax\drivermax.exe" -RESTART
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Programmi\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [swg] "C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Logitech Vid] "C:\Programmi\Logitech\Vid HD\Vid.exe" -bootmode
O4 - HKCU\..\Run: [ClamWin] "C:\Programmi\ClamWin\bin\ClamTray.exe" --logon
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FILECO~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MRU-Blaster Silent Clean.lnk = C:\Programmi\MRU-Blaster\mrublaster.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Invia a periferica &Bluetooth... - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Scarica con Free Download Manager - file://C:\Programmi\Free Download Manager\dllink.htm
O8 - Extra context menu item: Scarica i video con Free Download Manager - file://C:\Programmi\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Scarica selezionati con Free Download Manager - file://C:\Programmi\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Scarica tutto con Free Download Manager - file://C:\Programmi\Free Download Manager\dlall.htm
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmi\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdat...7064946026
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsof...0604577546
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/sh...wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{36F32072-C3CF-4FF4-A03E-533D92A5B1FA}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{58DE31BD-357E-4C13-911F-2C3B2152929D}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{89630D31-4D74-489B-9810-6868327F9634}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{58DE31BD-357E-4C13-911F-2C3B2152929D}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{36F32072-C3CF-4FF4-A03E-533D92A5B1FA}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CS3\Services\Tcpip\..\{36F32072-C3CF-4FF4-A03E-533D92A5B1FA}: NameServer = 176.31.229.24,176.31.229.25
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Programmi\File comuni\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Freemake Improver - Freemake - C:\Documents and Settings\All Users\Dati applicazioni\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: Servizio di Google Update (gupdate1ca01748cbf36fa) (gupdate1ca01748cbf36fa) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Programmi\Nitro PDF\Reader\NitroPDFReaderDriverService2.exe
O23 - Service: Pos Service (PowerOffer Service) - PowerOfferService - C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\PosService\Pos.exe
O23 - Service: Macrium Reflect Image Mounting Service (ReflectService.exe) - Unknown owner - C:\Programmi\Macrium\Reflect\ReflectService.exe
O23 - Service: Serv Updater (ServUpdater) - ServiceUpd - C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\ServUpdater\ServiceUpd.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Programmi\Skype\Updater\Updater.exe
O23 - Service: Software Upd (SoftwareUpd) - SoftwareUpdService - C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\SoftwareUpdater\SoftwareUpdService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Programmi\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Programmi\File comuni\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Programmi\File comuni\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe

--
End of file - 14072 bytes
Cita messaggio


Vai al forum: