Toggle sidebar Toggle sidebar

Hijack log,help qualcosa non va.

X

xspillox

Utente Attivo
81
0
CPU
intel i5 3570k
Scheda Madre
asrock z77 extreme 6
HDD
2 tera totali
RAM
corsair vengeance 8 giga
GPU
Msi gtx 680 twin frozr
Audio
realtek integrata
Monitor
asus vg278h
PSU
delta 750w
OS
windows 7 home
Continui problemi di instabilità internet,perdite di connessione,ho già provato ogni programma elencato nel post sopra su come analizzare il pc,qui c'è il log di hijack,ho eventualmente anche quello fatto con combo fixer.grazie

- - - Updated - - -

Aggiungo combo fixer log.Tempo fa ho avuto parecchi problemi con virtumonde,che non so nemmeno se effettivamente sia stato rimosso.
ComboFix 14-06-09.01 - spillo 09/06/2014 18:56:10.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.39.1040.18.8085.6694 [GMT 2:00]
Eseguito da: c:\users\spillo\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Creato nuovo punto di ripristino
.
.
((((((((((((((((((((((((( Files Creati Da 2014-05-09 al 2014-06-09 )))))))))))))))))))))))))))))))))))
.
.
2014-06-09 16:58 . 2014-06-09 16:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-06-06 09:05 . 2014-06-06 09:05 -------- d-----w- c:\users\spillo\AppData\Local\VNT
2014-06-06 09:05 . 2014-06-06 09:05 -------- d-----w- c:\programdata\AskPartnerNetwork
2014-06-06 09:05 . 2014-06-06 09:05 -------- d-----w- c:\program files (x86)\VNT
2014-06-06 09:05 . 2014-06-06 09:05 -------- d-----w- c:\program files (x86)\AskPartnerNetwork
2014-06-06 09:05 . 2014-06-06 09:05 -------- d-----w- c:\programdata\APN
2014-06-06 09:05 . 2014-06-06 09:05 -------- d-----w- c:\users\spillo\AppData\Roaming\Avira
2014-06-06 09:04 . 2014-05-16 06:34 84720 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2014-06-06 09:04 . 2014-05-16 06:34 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2014-06-06 09:04 . 2014-05-16 06:34 130584 ----a-w- c:\windows\system32\drivers\avipbb.sys
2014-06-06 09:04 . 2014-05-16 06:34 112080 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-06-06 09:04 . 2014-06-06 09:04 -------- d-----w- c:\programdata\Avira
2014-06-05 08:40 . 2014-06-05 08:40 -------- d-----w- c:\program files\Trend Micro
2014-06-04 17:07 . 2014-06-04 17:07 -------- d-----w- c:\programdata\Logs
2014-06-04 15:55 . 2014-05-29 23:07 1291232 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-06-04 15:55 . 2014-05-29 23:07 1715176 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-06-03 17:52 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-06-02 09:16 . 2014-06-02 09:16 -------- d-----w- c:\users\spillo\VirtualBox VMs
2014-06-02 09:09 . 2014-06-02 09:19 -------- d-----w- c:\users\spillo\.VirtualBox
2014-06-02 09:08 . 2014-05-16 12:04 254240 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2014-06-02 09:08 . 2014-06-02 09:08 -------- dc----w- c:\windows\system32\DRVSTORE
2014-06-02 09:08 . 2014-05-16 12:03 128288 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2014-06-02 08:33 . 2014-06-02 08:33 66728 ----a-w- c:\windows\system32\drivers\vrtaucbl.sys
2014-05-30 08:09 . 2014-05-30 08:09 -------- d-----w- c:\users\spillo\AppData\Local\WinZip
2014-05-30 08:09 . 2014-05-30 08:09 -------- d-----w- c:\programdata\WinZip
2014-05-30 08:09 . 2014-05-30 08:09 -------- d-----w- c:\program files\WinZip
2014-05-28 16:42 . 2014-05-19 23:10 601432 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-05-27 08:16 . 2014-03-31 16:42 40392 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-05-27 08:16 . 2014-03-31 16:42 34760 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2014-05-20 10:04 . 2014-05-20 10:04 -------- d-----w- c:\users\spillo\AppData\Local\Wisdom-soft
2014-05-20 09:59 . 2014-05-20 09:59 -------- d-----w- c:\users\spillo\Screenshots
2014-05-20 09:58 . 2014-05-20 10:02 -------- d-----w- c:\users\spillo\AppData\Local\ScreenCapture
2014-05-20 09:58 . 2014-05-20 09:58 -------- d-----w- c:\users\Default\AppData\Local\ScreenCapture
2014-05-20 09:57 . 2014-05-20 09:57 -------- d-----w- c:\programdata\ScreenCapture
2014-05-16 12:03 . 2014-05-16 12:03 156448 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2014-05-16 12:03 . 2014-05-16 12:03 141600 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2014-05-16 12:01 . 2014-05-16 12:01 204064 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2014-05-15 17:22 . 2014-05-15 17:22 100312 ----a-w- c:\windows\system32\drivers\TeeDriverx64.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-29 23:07 . 2013-12-23 17:02 1122312 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-05-29 23:07 . 2013-12-23 17:02 1279480 ----a-w- c:\windows\system32\nvspcap64.dll
2014-05-20 02:44 . 2013-09-02 18:10 952952 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-05-20 02:44 . 2013-09-02 18:10 3109248 ----a-w- c:\windows\system32\nvapi64.dll
2014-05-20 02:44 . 2013-09-02 18:10 2730208 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-05-20 02:44 . 2013-09-02 18:10 14434704 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-05-20 02:44 . 2013-03-07 16:45 166568 ----a-w- c:\windows\system32\nvinitx.dll
2014-05-20 02:44 . 2013-03-07 16:45 146480 ----a-w- c:\windows\SysWow64\nvinit.dll
2014-05-20 01:25 . 2013-09-02 18:11 6769096 ----a-w- c:\windows\system32\nvcpl.dll
2014-05-20 01:25 . 2013-09-02 18:11 3514144 ----a-w- c:\windows\system32\nvsvc64.dll
2014-05-20 01:25 . 2013-09-02 18:11 927520 ----a-w- c:\windows\system32\nvvsvc.exe
2014-05-20 01:25 . 2013-09-02 18:11 62808 ----a-w- c:\windows\system32\nvshext.dll
2014-05-20 01:25 . 2013-09-02 18:11 387528 ----a-w- c:\windows\system32\nvmctray.dll
2014-05-20 01:25 . 2013-09-02 18:11 2560968 ----a-w- c:\windows\system32\nvsvcr.dll
2014-05-14 23:49 . 2013-09-02 17:59 3774821 ----a-w- c:\windows\system32\nvcoproc.bin
2014-05-14 16:09 . 2014-01-06 20:16 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-14 16:09 . 2014-01-06 20:16 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-24 10:31 . 2014-04-28 08:55 61120 ----a-w- c:\windows\system32\drivers\{b8a90375-3b37-4954-86de-f96c458c4ce2}Gw64.sys
2014-04-17 03:31 . 2014-05-04 06:56 10651704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{67E7653E-469E-4F55-86DE-B2F61663A3A1}\mpengine.dll
2014-04-14 18:13 . 2014-04-15 09:10 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-03 16:50 . 2014-04-03 16:50 2157704 ----a-w- c:\windows\system32\YamahaAE.dll
2014-04-03 16:50 . 2014-04-03 16:50 2101848 ----a-w- c:\windows\system32\WavesGUILib64.dll
2014-04-03 16:50 . 2014-04-03 16:50 3872984 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
2014-04-03 16:50 . 2014-04-03 16:50 2792152 ----a-w- c:\windows\system32\RtkAPO64.dll
2014-04-03 16:50 . 2014-04-03 16:50 1024216 ----a-w- c:\windows\system32\RtkApi64.dll
2014-04-03 16:50 . 2014-04-03 16:50 624344 ----a-w- c:\windows\system32\RtDataProc64.dll
2014-04-03 16:50 . 2014-04-03 16:50 946392 ----a-w- c:\windows\system32\RCoInstII64.dll
2014-04-03 16:50 . 2014-04-03 16:50 56270848 ----a-w- c:\windows\system32\RCoRes64.dat
2014-04-03 16:50 . 2014-04-03 16:50 1286872 ----a-w- c:\windows\system32\RTCOM64.dll
2014-04-03 16:50 . 2014-04-03 16:50 938608 ----a-w- c:\windows\system32\MaxxVoiceAPO2064.dll
2014-04-03 16:50 . 2014-04-03 16:50 3923032 ----a-w- c:\windows\system32\MaxxAudioVnN64.dll
2014-04-03 16:50 . 2014-04-03 16:50 1313904 ----a-w- c:\windows\system32\MaxxSpeechAPO64.dll
2014-04-03 16:50 . 2014-04-03 16:50 12793944 ----a-w- c:\windows\system32\MaxxVoiceAPO3064.dll
2014-04-03 16:50 . 2014-04-03 16:50 28310104 ----a-w- c:\windows\system32\MaxxAudioVnA64.dll
2014-04-03 16:50 . 2014-04-03 16:50 2319960 ----a-w- c:\windows\system32\MaxxAudioAPO6064.dll
2014-04-03 16:50 . 2014-04-03 16:50 2037336 ----a-w- c:\windows\system32\MaxxAudioEQ64.dll
2014-04-03 16:50 . 2014-04-03 16:50 1932888 ----a-w- c:\windows\system32\MaxxAudioRealtek264.dll
2014-04-03 16:50 . 2014-04-03 16:50 14737496 ----a-w- c:\windows\system32\MaxxAudioRealtek64.dll
2014-04-03 16:50 . 2014-04-03 16:50 1419376 ----a-w- c:\windows\system32\MaxxAudioAPO5064.dll
2014-04-03 16:50 . 2014-04-03 16:50 1419376 ----a-w- c:\windows\system32\MaxxAudioAPO4064.dll
2014-04-03 16:50 . 2014-04-03 16:50 1033304 ----a-w- c:\windows\system32\MaxxAudioAPOShell64.dll
2014-04-03 16:50 . 2014-04-03 16:50 2770976 ----a-w- c:\windows\system32\FMAPO64.dll
2014-03-31 16:42 . 2013-12-23 17:01 37320 ----a-w- c:\windows\system32\nvaudcap64v.dll
2014-03-31 07:35 . 2012-08-18 14:28 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-03-31 01:51 . 2012-10-04 10:44 90655440 ----a-w- c:\windows\system32\MRT.exe
2014-03-26 14:40 . 2014-03-26 14:40 942384 ----a-w- c:\windows\system32\NAHIMICAPOSettingsIPC.dll
2014-03-26 14:40 . 2014-03-26 14:40 899320 ----a-w- c:\windows\system32\sl3apo64.dll
2014-03-26 14:40 . 2014-03-26 14:40 724728 ----a-w- c:\windows\system32\sltech64.dll
2014-03-26 14:40 . 2014-03-26 14:40 5752072 ----a-w- c:\windows\system32\NAHIMICAPOlfx.dll
2014-03-26 14:40 . 2014-03-26 14:40 2825432 ----a-w- c:\windows\system32\RtPgEx64.dll
2014-03-26 14:40 . 2014-03-26 14:40 245496 ----a-w- c:\windows\system32\slprp64.dll
2014-03-26 14:40 . 2014-03-26 14:40 1045752 ----a-w- c:\windows\system32\slcnt64.dll
2013-10-04 03:44 . 2013-10-05 15:44 44 ---h--w- c:\program files (x86)\1fafdbe2.tmp
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7}]
2014-02-13 05:22 12240 ----a-w- c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{41564952-412D-5637-4300-7A786E7484D7}"= "c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll" [2014-02-13 12240]
.
[HKEY_CLASSES_ROOT\clsid\{41564952-412d-5637-4300-7a786e7484d7}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-03-29 222128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-29 284440]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"avgnt"="e:\avira\Avira\AntiVir Desktop\avgnt.exe" [2014-05-16 737872]
"ApnTBMon"="c:\program files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [2014-02-13 1758160]
"VNT"="c:\program files (x86)\VNT\vntldr.exe" [2014-02-13 195536]
.
c:\users\spillo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2014-6-3 0]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\appinit_dll.dll c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe"
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"F-Secure Hoster (666)"="c:\program files (x86)\F-Secure\fshoster32.exe" -app -hosterid:1
"TrojanScanner"="c:\program files (x86)\Trojan Remover\Trjscan.exe"/boot
"RzSBHelper"="c:\program files (x86)\Razer\SwitchBlade\RzSBHelper.exe"
.
R1 CSN5PDTS82;CSN5PDTS82 NDIS Protocol Driver;c:\windows\system32\Drivers\CSN5PDTS82.sys;c:\windows\SYSNATIVE\Drivers\CSN5PDTS82.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HDDHealth;HDDHealth;e:\hdd health\HDD Health\HDDHealthService.exe;e:\hdd health\HDD Health\HDDHealthService.exe [x]
R2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 DAUpdaterSvc;Dragon Age: Origins - Programma di aggiornamento;e:\dragon age origins\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe;e:\dragon age origins\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [x]
R3 FNETTBOH_305;FNETTBOH_305;c:\windows\system32\drivers\FNETTBOH_305.SYS;c:\windows\SYSNATIVE\drivers\FNETTBOH_305.SYS [x]
R3 iusb3hub;Driver hub Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
R3 iusb3xhc;Driver Controller Host estendibile Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
R3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
R3 MSICDSetup;MSICDSetup;h:\cdriver64.sys;h:\CDriver64.sys [x]
R3 VirtuWDDM;VirtuWDDM;c:\windows\system32\DRIVERS\VirtuWDDM.sys;c:\windows\SYSNATIVE\DRIVERS\VirtuWDDM.sys [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys;c:\windows\SYSNATIVE\DRIVERS\asahci64.sys [x]
S0 AsrRamDisk;AsrRamDisk;c:\windows\system32\DRIVERS\AsrRamDisk.sys;c:\windows\SYSNATIVE\DRIVERS\AsrRamDisk.sys [x]
S0 BootDefragDriver;BootDefragDriver;c:\windows\System32\drivers\BootDefragDriver.sys;c:\windows\SYSNATIVE\drivers\BootDefragDriver.sys [x]
S0 RzFilter;RzFilter;c:\windows\system32\drivers\RzFilter.sys;c:\windows\SYSNATIVE\drivers\RzFilter.sys [x]
S1 {b8a90375-3b37-4954-86de-f96c458c4ce2}Gw64;{b8a90375-3b37-4954-86de-f96c458c4ce2}Gw64;c:\windows\system32\drivers\{b8a90375-3b37-4954-86de-f96c458c4ce2}Gw64.sys;c:\windows\SYSNATIVE\drivers\{b8a90375-3b37-4954-86de-f96c458c4ce2}Gw64.sys [x]
S1 AsrAppCharger;AsrAppCharger;c:\windows\system32\DRIVERS\AsrAppCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AsrAppCharger.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 CSN5PDTS82x64;CSN5PDTS82x64 NDIS Protocol Driver;c:\windows\system32\Drivers\CSN5PDTS82x64.sys;c:\windows\SYSNATIVE\Drivers\CSN5PDTS82x64.sys [x]
S1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS;c:\windows\SYSNATIVE\drivers\FNETURPX.SYS [x]
S1 nm3;Microsoft Network Monitor 3 Driver;c:\windows\system32\DRIVERS\nm3.sys;c:\windows\SYSNATIVE\DRIVERS\nm3.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 AntiVirMailService;Avira Mail Protection;e:\avira\Avira\AntiVir Desktop\avmailc7.exe;e:\avira\Avira\AntiVir Desktop\avmailc7.exe [x]
S2 AntiVirSchedulerService;Avira Pianificatore;e:\avira\Avira\AntiVir Desktop\sched.exe;e:\avira\Avira\AntiVir Desktop\sched.exe [x]
S2 AntiVirWebService;Avira Web Protection;e:\avira\Avira\AntiVir Desktop\avwebg7.exe;e:\avira\Avira\AntiVir Desktop\avwebg7.exe [x]
S2 APNMCP;Servizio di aggiornamento Ask;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 fshoster;F-Secure Dll Hoster;c:\program files (x86)\F-Secure\fshoster32.exe;c:\program files (x86)\F-Secure\fshoster32.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RzKLService;RzKLService;e:\razer booster\Razer Game Booster\RzKLService.exe;e:\razer booster\Razer Game Booster\RzKLService.exe [x]
S2 RzOvlMon;Razer Overlay Subsystem Emergency Service;c:\program files (x86)\Razer\Core\64bit\rzovlmon.exe;c:\program files (x86)\Razer\Core\64bit\rzovlmon.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys;c:\windows\SYSNATIVE\DRIVERS\vrtaucbl.sys [x]
S3 IntcDAud;Audio schermo Intel(R);c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
S3 RzDxgk;RzDxgk;c:\windows\system32\drivers\RzDxgk.sys;c:\windows\SYSNATIVE\drivers\RzDxgk.sys [x]
S3 rzendpt;rzendpt;c:\windows\system32\DRIVERS\rzendpt.sys;c:\windows\SYSNATIVE\DRIVERS\rzendpt.sys [x]
S3 rzhnet;Razer Inc. External Display Driver;c:\windows\system32\Drivers\rzhnet.sys;c:\windows\SYSNATIVE\Drivers\rzhnet.sys [x]
S3 rzjstk;Razer Virtual Joystick Driver;c:\windows\system32\DRIVERS\rzjstk.sys;c:\windows\SYSNATIVE\DRIVERS\rzjstk.sys [x]
S3 rzudd;Razer Keyboard Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
--- Altri Servizi/Drivers In Memoria ---
.
*Deregistered* - RTCore64
.
Contenuto della cartella 'Scheduled Tasks'
.
2014-06-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-06 16:09]
.
2014-06-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3976336094-2344063025-783862048-1000Core.job
- c:\users\spillo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-18 15:18]
.
2014-06-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3976336094-2344063025-783862048-1000UA1cf2b2087178394.job
- c:\users\spillo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-18 15:18]
.
2014-06-09 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 11:41]
.
2014-06-09 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 11:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7}]
2014-02-13 05:22 13776 ----a-w- c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{41564952-412D-5637-4300-7A786E7484D7}"= "c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll" [2014-02-13 13776]
.
[HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-4300-7A786E7484D7}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-05-29 2352072]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-05-29 1279480]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2014-04-03 13667032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\appinit_dll.dll c:\windows\System32\nvinitx.dll
.
------- Scansione supplementare -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = www.google.com
mDefault_Search_URL = www.google.com
mDefault_Page_URL = www.google.com
mStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
TCP: DhcpNameServer = 62.101.93.101 83.103.25.250
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
AddRemove-PunkBusterSvc - f:\origin games\bf3\Medal of Honor Warfighter\pbsvc.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\fshoster]
"ImagePath"="\"c:\program files (x86)\F-Secure\fshoster32.exe\" -hosterid:0"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\F-Secure\My Services Agent\Protected] @DenieD: ) (Everyone)
"AgentIdentifier"=""
"AuthorizationCode"=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @DenieD: (Full) (Everyone)
.
Ora fine scansione: 2014-06-09 18:59:15
ComboFix-quarantined-files.txt 2014-06-09 16:59
ComboFix2.txt 2014-06-08 13:22
ComboFix3.txt 2014-06-05 08:56
.
Pre-Run: 10.005.958.656 byte disponibili
Post-Run: 9.945.047.040 byte disponibili
.
- - End Of File - - 1351676D8567EAFB24A1EA5CC8D33195
 

Allegati

  • hijack.txt
    9 KB · Visualizzazioni: 78
Devi accedere o registrarti per rispondere qui.

Ci sono discussioni simili a riguardo, dai un'occhiata!

sannythebest
HDD funziona ma mostra primi segni di malfunzionamento
Risposte
4
Visualizzazioni
407
Storage (HDD, SSD, M2, RAID e NAS)
Liupen
Liupen

Entra

Hai dimenticato la password?
oppure Accedi utilizzando
Discord Ufficiale Entra ora!

Discussioni Simili