Toggle sidebar Toggle sidebar

Lettura log Combfix

R

Robinhos

Nuovo Utente
1
0
ciao a tutti ho effettutato una scansione con combfix per eliminare dei presunti malware che mi comportano problemi nella navigazione utilizzando qualunque browser mi si aprono pagine inutili che rallentano il sistema ciò ho avuto modo di riscontrare che non dipende dalla finestre pop up a questo punto una volta che ho il log vorrei sapere cosa devo fare C'E QUALCUNO IN GRADO DI LEGGERE IL LOG E DIRMI QUALE VOCI DEL REGISTRO DEVO CANCELLARE??? vi posto qui il log:

ComboFix 14-05-29.01 - Roberto 02/06/2014 10.27.30.1.2 - x64
Microsoft Windows 8 6.2.9200.0.1252.39.1040.18.3682.2415 [GMT 2:00]
Eseguito da: c:\users\Roberto\Downloads\ComboFix_14_4_30_1.exe
AV: AVG AntiVirus 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Roberto\BIT1E39.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_globalUpdate
-------\Legacy_IePluginServices
-------\Service_IePluginServices
.
.
((((((((((((((((((((((((( Files Creati Da 2014-05-02 al 2014-06-02 )))))))))))))))))))))))))))))))))))
.
.
2014-06-02 08:45 . 2014-06-02 08:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-05-31 18:50 . 2014-05-31 18:50 -------- d-----w- c:\users\Roberto\AppData\Local\CrashRpt
2014-05-31 18:49 . 2014-05-31 18:50 -------- d-----w- c:\users\Roberto\AppData\Local\Softonic
2014-05-31 18:43 . 2014-05-31 18:43 -------- d-----w- c:\programdata\CheckPoint
2014-05-31 18:17 . 2014-05-31 18:19 -------- d-----w- c:\users\Roberto\AppData\Local\Akamai
2014-05-29 13:03 . 2014-06-02 08:17 -------- d-----w- c:\users\Roberto\AppData\Roaming\BitTorrent
2014-05-26 10:14 . 2014-05-26 10:14 258224 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10240.bin
2014-05-23 14:45 . 2014-05-23 14:49 -------- d-----w- C:\FreeOffice
2014-05-23 12:50 . 2014-05-23 12:50 -------- d-----w- c:\programdata\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-05-23 12:38 . 2013-09-20 08:49 21040 ----a-w- c:\windows\system32\sdnclean64.exe
2014-05-23 12:37 . 2014-05-29 13:22 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2014-05-23 12:37 . 2014-05-23 12:38 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2014-05-23 11:44 . 2014-05-23 11:44 -------- d-----w- c:\users\Roberto\AppData\Roaming\AVG2014
2014-05-23 11:40 . 2014-05-23 11:40 -------- d-----w- c:\users\Roberto\AppData\Roaming\TuneUp Software
2014-05-23 11:38 . 2014-05-23 15:02 -------- d-----w- c:\programdata\AVG2014
2014-05-23 11:38 . 2014-05-23 11:38 -------- d-----w- C:\$AVG
2014-05-23 11:34 . 2014-05-23 11:34 -------- d-----w- c:\program files (x86)\AVG
2014-05-23 11:27 . 2014-05-23 13:24 -------- d-----w- c:\users\Roberto\AppData\Local\fst_it_119
2014-05-23 11:27 . 2014-05-23 13:36 -------- d-----w- c:\program files (x86)\fst_it_119
2014-05-23 11:24 . 2014-05-23 11:24 -------- d-----w- c:\users\Roberto\AppData\Roaming\Settings Manager
2014-05-23 11:23 . 2014-05-23 11:23 -------- d-----w- c:\program files (x86)\Settings Manager
2014-05-23 11:23 . 2014-05-23 11:23 -------- d-----w- c:\programdata\systemk
2014-05-23 11:23 . 2014-05-23 11:23 -------- d-----w- c:\program files (x86)\SiteLookup
2014-05-23 11:22 . 2014-05-23 11:22 -------- d-----w- c:\users\Roberto\AppData\Roaming\SimilarSites
2014-05-23 10:47 . 2014-06-02 07:12 -------- d-----w- c:\programdata\MFAData
2014-05-23 10:47 . 2014-05-23 11:54 -------- d-----w- c:\users\Roberto\AppData\Local\Avg2014
2014-05-23 10:47 . 2014-05-23 10:47 -------- d-----w- c:\users\Roberto\AppData\Local\MFAData
2014-05-23 10:42 . 2014-05-26 13:51 -------- d-----w- c:\users\Roberto\AppData\Local\AVG SafeGuard toolbar
2014-05-23 10:41 . 2014-05-23 10:40 50464 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2014-05-23 10:40 . 2014-05-23 10:40 -------- d-----w- c:\programdata\AVG Secure Search
2014-05-23 10:40 . 2014-05-23 10:41 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search
2014-05-23 10:40 . 2014-05-23 10:41 -------- d-----w- c:\programdata\AVG SafeGuard toolbar
2014-05-23 10:40 . 2014-05-23 10:40 -------- d-----w- c:\program files (x86)\AVG SafeGuard toolbar
2014-05-23 10:17 . 2014-05-23 10:17 -------- d-----w- c:\users\Roberto\AppData\Roaming\CyberLink
2014-05-23 10:17 . 2014-05-23 10:17 -------- d-----w- c:\users\Roberto\AppData\Local\CyberLink
2014-05-23 10:09 . 2014-05-23 13:50 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2014-05-21 14:55 . 2014-04-19 09:39 628024 ----a-w- c:\windows\system32\NotificationUI.exe
2014-05-21 14:55 . 2014-04-19 08:45 693760 ----a-w- c:\windows\system32\WSShared.dll
2014-05-21 14:55 . 2014-04-19 06:57 566784 ----a-w- c:\windows\SysWow64\WSShared.dll
2014-05-21 14:55 . 2014-04-19 06:57 124928 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-21 14:55 . 2014-04-19 08:45 163840 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-20 14:39 . 2014-05-20 14:39 -------- d-----w- c:\programdata\374311380
2014-05-19 15:19 . 2014-05-19 15:19 -------- d-----w- c:\users\Roberto\AppData\Local\Macromedia
2014-05-19 15:16 . 2014-05-19 15:16 -------- d-----w- c:\program files (x86)\Uninstaller
2014-05-19 15:15 . 2014-05-19 15:15 -------- d-----w- c:\users\Roberto\AppData\Local\com
2014-05-19 15:13 . 2014-05-23 13:39 -------- d-----w- c:\program files (x86)\Supporter
2014-05-19 15:13 . 2014-05-28 08:44 -------- d-----w- c:\programdata\7cf5b3b17b4df954
2014-05-19 15:13 . 2014-06-02 08:10 -------- d-----w- c:\programdata\CostMin
2014-05-19 15:13 . 2014-05-20 14:41 -------- d-----w- c:\users\Roberto\AppData\Roaming\Activeris
2014-05-19 15:12 . 2014-05-28 08:44 -------- d-----w- c:\program files (x86)\CostMin
2014-05-19 15:12 . 2014-05-19 15:12 -------- d-----w- c:\users\Roberto\AppData\Local\Chromatic Browser
2014-05-19 15:12 . 2014-05-19 15:12 -------- d-----w- c:\users\Roberto\AppData\Local\Torch
2014-05-19 15:12 . 2014-05-19 15:12 -------- d-----w- c:\users\Roberto\AppData\Local\globalUpdate
2014-05-19 15:12 . 2014-05-19 15:12 -------- d-----w- c:\program files (x86)\globalUpdate
2014-05-19 15:12 . 2014-05-19 15:12 -------- d-----w- c:\users\Roberto\AppData\Local\Comodo
2014-05-19 15:12 . 2014-05-19 15:15 -------- d-----w- c:\program files (x86)\Pl-usHD
2014-05-19 15:12 . 2014-05-19 15:12 -------- d-----w- c:\users\HomeGroupUser$
2014-05-19 15:12 . 2014-05-19 15:12 -------- d-----w- c:\users\Guest
2014-05-19 15:12 . 2014-05-19 15:12 -------- d-----w- c:\users\Administrator
2014-05-19 14:36 . 2014-05-19 14:36 -------- d-----w- c:\users\Roberto\AppData\Local\Skype
2014-05-19 14:36 . 2014-06-02 08:23 -------- d-----w- c:\users\Roberto\AppData\Roaming\Skype
2014-05-19 14:36 . 2014-05-19 14:37 -------- d-----r- c:\program files (x86)\Skype
2014-05-19 14:36 . 2014-05-19 14:36 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-05-19 14:36 . 2014-05-19 14:36 -------- d-----w- c:\programdata\Skype
2014-05-17 14:28 . 2013-06-01 11:34 2391280 ----a-w- c:\windows\explorer.exe
2014-05-17 14:27 . 2013-06-16 22:41 997632 ----a-w- c:\windows\system32\drivers\ndis.sys
2014-05-17 14:21 . 2013-11-01 01:45 23350272 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2014-05-17 14:21 . 2013-11-01 01:16 22615040 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2014-05-16 09:00 . 2014-05-16 09:02 -------- d-----w- c:\programdata\IePluginServices
2014-05-16 09:00 . 2014-05-29 13:13 -------- d-----w- c:\program files (x86)\SupTab
2014-05-16 09:00 . 2014-05-23 11:47 -------- d-----w- c:\programdata\WPM
2014-05-16 08:55 . 2014-05-28 08:43 -------- d-----w- c:\users\Roberto\AppData\Roaming\sweet-page
2014-05-16 08:53 . 2014-05-23 13:24 -------- d-----w- c:\users\Roberto\AppData\Local\fst_it_116
2014-05-16 08:53 . 2014-05-16 08:53 -------- d-----w- c:\program files (x86)\fst_it_116
2014-05-16 08:53 . 2014-05-23 12:29 -------- d-----w- c:\users\Roberto\AppData\Roaming\Systweak
2014-05-16 08:53 . 2014-04-25 12:49 20312 ----a-w- c:\windows\system32\roboot64.exe
2014-05-16 08:51 . 2014-05-31 18:23 -------- d-----w- c:\users\Roberto\AppData\Local\PriceMeter
2014-05-16 08:43 . 2014-05-16 08:43 -------- d-----w- c:\users\Roberto\AppData\Local\Mozilla
2014-05-16 08:39 . 2014-05-16 08:39 -------- d-----w- c:\users\Roberto\AppData\Roaming\VOPackage
2014-05-16 08:39 . 2014-05-16 08:39 -------- d-----w- c:\users\Roberto\AppData\Local\SearchProtect
2014-05-16 08:39 . 2014-05-29 13:09 -------- d-----w- c:\program files (x86)\SearchProtect
2014-05-15 06:28 . 2014-05-15 06:33 -------- d-----w- c:\windows\system32\MRT
2014-05-14 17:44 . 2014-05-21 16:05 -------- d-----w- C:\Desertificazione_PIT_4
2014-05-14 17:41 . 2007-04-18 06:51 2113536 ----a-w- c:\windows\SysWow64\python25.dll
2014-05-14 17:40 . 2014-05-17 14:04 -------- d-----w- c:\users\Roberto\AppData\Roaming\ESRI
2014-05-14 17:33 . 2014-05-14 17:33 -------- d-----w- c:\program files (x86)\Common Files\AnswerWorks 4.0
2014-05-14 17:31 . 2014-05-14 17:31 -------- d-----w- c:\program files (x86)\Leica Geosystems
2014-05-14 17:30 . 2014-05-14 17:31 -------- d-----w- c:\program files (x86)\Common Files\ESRI
2014-05-14 17:29 . 2014-05-14 17:29 -------- d-----w- c:\programdata\ESRI
2014-05-14 17:29 . 2014-05-15 09:12 -------- d-----w- C:\Python25
2014-05-14 17:29 . 2014-05-14 17:33 -------- d-----w- c:\program files (x86)\ArcGIS
2014-05-14 16:24 . 2014-05-14 16:24 -------- d-----w- C:\Temp
2014-05-14 16:07 . 2014-05-14 16:07 -------- d-----w- c:\users\Roberto\AppData\Local\ElevatedDiagnostics
2014-05-14 16:06 . 2014-05-14 16:06 -------- d-----w- c:\program files (x86)\Microsoft Office 15
2014-05-14 15:58 . 2014-05-28 08:52 -------- d-----w- c:\program files (x86)\IminentToolbar
2014-05-14 15:58 . 2014-05-14 15:58 -------- d-----w- c:\users\Roberto\AppData\Roaming\IminentToolbar
2014-05-14 15:57 . 2014-05-14 15:57 -------- d-----w- c:\users\Roberto\AppData\Local\pgcchelper
2014-05-14 15:39 . 2014-02-08 04:34 4036608 ----a-w- c:\windows\system32\win32k.sys
2014-05-14 15:39 . 2014-03-28 08:23 19759104 ----a-w- c:\windows\system32\shell32.dll
2014-05-14 15:33 . 2014-03-28 08:23 1287168 ----a-w- c:\windows\system32\schedsvc.dll
2014-05-14 14:42 . 2014-05-14 14:46 -------- d-----w- c:\users\Roberto\AppData\Local\Diagnostics
2014-05-14 14:23 . 2014-05-31 17:38 -------- d-----w- c:\program files (x86)\ViewPassword
2014-05-14 14:22 . 2014-05-06 05:14 97280 ----a-w- c:\windows\system32\mshtmled.dll
2014-05-14 14:22 . 2014-05-06 05:14 19274752 ----a-w- c:\windows\system32\mshtml.dll
2014-05-14 14:22 . 2014-05-06 03:37 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2014-05-14 14:22 . 2014-05-06 03:26 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-05-14 14:20 . 2014-02-05 23:41 595968 ----a-w- c:\windows\system32\qedit.dll
2014-05-14 14:20 . 2014-02-05 23:37 496640 ----a-w- c:\windows\SysWow64\qedit.dll
2014-05-14 14:20 . 2014-01-31 00:48 1339392 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-05-14 14:20 . 2014-01-31 00:06 1628160 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-05-14 14:18 . 2014-03-01 09:47 1258496 ----a-w- c:\windows\system32\kernel32.dll
2014-05-14 14:18 . 2014-02-26 23:18 621568 ----a-w- c:\windows\system32\drivers\srv2.sys
2014-05-14 14:18 . 2014-03-01 09:47 1120768 ----a-w- c:\windows\system32\gpedit.dll
2014-05-14 14:18 . 2014-03-01 08:07 1075200 ----a-w- c:\windows\SysWow64\gpedit.dll
2014-05-14 14:18 . 2014-02-26 23:18 370688 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2014-05-14 14:18 . 2014-02-26 23:18 247808 ----a-w- c:\windows\system32\drivers\srvnet.sys
2014-05-14 14:18 . 2014-02-26 23:18 215040 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2014-05-14 14:18 . 2014-02-15 04:15 78336 ----a-w- c:\windows\system32\drivers\IPMIDrv.sys
2014-05-14 14:15 . 2013-10-01 23:26 2304512 ----a-w- c:\windows\system32\authui.dll
2014-05-14 14:15 . 2013-10-01 23:37 2035712 ----a-w- c:\windows\SysWow64\authui.dll
2014-05-14 13:46 . 2014-05-01 20:37 78296 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-14 13:46 . 2014-05-01 20:37 694240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-13 12:20 . 2014-05-13 12:20 235800 ----a-w- c:\windows\system32\drivers\avgldx64.sys
2014-05-13 12:06 . 2014-05-13 12:06 323352 ----a-w- c:\windows\system32\drivers\avgloga.sys
2014-05-13 12:05 . 2014-05-13 12:05 191768 ----a-w- c:\windows\system32\drivers\avgidsha.sys
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-31 14:06 . 2014-03-31 14:06 274712 ----a-w- c:\windows\system32\drivers\avgwfpa.sys
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110511311170}]
2014-05-19 15:15 539496 ----a-w- c:\program files (x86)\Pl-usHD\Pl-usHD-bho.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-05-23 14:24 220632 ----a-w- c:\users\Roberto\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_3\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-05-23 14:24 220632 ----a-w- c:\users\Roberto\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_3\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-05-23 14:24 220632 ----a-w- c:\users\Roberto\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_3\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"pgcchelper"="c:\users\Roberto\AppData\Local\pgcchelper\pgcchelper.exe" [2013-08-21 465920]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-05-08 21444224]
"BitTorrent"="c:\users\Roberto\AppData\Roaming\BitTorrent\BitTorrent.exe" [2014-05-29 1643096]
"Akamai NetSession Interface"="c:\users\Roberto\AppData\Local\Akamai\netsession_win.exe" [2014-04-17 4672920]
"Softonic for Windows"="c:\users\Roberto\AppData\Local\Softonic\Softonic.exe" [2014-05-26 4170224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-13 642656]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2012-07-13 93296]
"HPMessageService"="c:\program files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe" [2013-02-25 1045304]
"fst_it_56"="c:\program files (x86)\fst_it_56\fst_it_56.exe" [2014-02-06 3998704]
"fst_it_116"="c:\program files (x86)\fst_it_116\fst_it_116.exe" [2014-05-12 3985360]
"vProt"="c:\program files (x86)\AVG SafeGuard toolbar\vprot.exe" [2014-05-23 2557976]
"fst_it_119"="c:\program files (x86)\fst_it_119\fst_it_119.exe" [2014-05-20 3983824]
"AVG_UI"="c:\program files (x86)\AVG\AVG2014\avgui.exe" [2014-05-13 5181456]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2013-07-25 5624784]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
R0 Avgboota;AVG Early Launch Anti-Malware Driver;c:\windows\system32\DRIVERS\avgboota.sys;c:\windows\SYSNATIVE\DRIVERS\avgboota.sys [x]
R2 70e6ca8c;Optimizer Pro Crash Monitor;c:\windows\system32\rundll32.exe;c:\windows\SYSNATIVE\rundll32.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 globalUpdatem;globalUpdate Update Service (globalUpdatem);c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe;c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [x]
R3 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
R3 SmbDrv;SmbDrv;c:\windows\System32\drivers\Smb_driver_AMDASF.sys;c:\windows\SYSNATIVE\drivers\Smb_driver_AMDASF.sys [x]
R3 SmbDrvI;SmbDrvI;c:\windows\System32\drivers\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\drivers\Smb_driver_Intel.sys [x]
S0 amd_sata;amd_sata;c:\windows\System32\drivers\amd_sata.sys;c:\windows\SYSNATIVE\drivers\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\System32\drivers\amd_xata.sys;c:\windows\SYSNATIVE\drivers\amd_xata.sys [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 Avgwfpa;AVG Firewall Driver;c:\windows\system32\DRIVERS\avgwfpa.sys;c:\windows\SYSNATIVE\DRIVERS\avgwfpa.sys [x]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualDrive.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.EXE;c:\program files\Realtek\Audio\HDA\AERTSr64.EXE [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 ArcGIS License Manager;ArcGIS License Manager;c:\program files (x86)\ESRI\License\arcgis9x\lmgrd.exe;c:\program files (x86)\ESRI\License\arcgis9x\lmgrd.exe [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 OfficeSvc;Servizio di Microsoft Office;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe [x]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [x]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
S2 ViewPassword;View Password;c:\program files (x86)\ViewPassword\ViewPasswordIyC161.exe;c:\program files (x86)\ViewPassword\ViewPasswordIyC161.exe [x]
S2 VOsrv;Service Component of VO;c:\users\Roberto\AppData\Roaming\VOPackage\VOsrv.exe;c:\users\Roberto\AppData\Roaming\VOPackage\VOsrv.exe [x]
S2 vToolbarUpdater18.1.0;vToolbarUpdater18.1.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW86.sys;c:\windows\SYSNATIVE\drivers\AtihdW86.sys [x]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\DRIVERS\RtsP2Stor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsP2Stor.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
S3 WirelessButtonDriver;HP Wireless Button Driver Service;c:\windows\System32\drivers\WirelessButtonDriver64.sys;c:\windows\SYSNATIVE\drivers\WirelessButtonDriver64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
apphost REG_MULTI_SZ apphostsvc
iissvcs REG_MULTI_SZ w3svc was
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-14 14:08 1077576 ----a-w- c:\program files (x86)\Google\Chrome\Application\34.0.1847.137\Installer\chrmstp.exe
.
Contenuto della cartella 'Scheduled Tasks'
.
2014-06-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-19 15:18]
.
2014-06-02 c:\windows\Tasks\dba1c78b-b3c1-43aa-9baa-6d258490dccb-1.job
- c:\program files (x86)\Pl-usHD\Pl-usHD-codedownloader.exe [2014-05-19 15:15]
.
2014-06-02 c:\windows\Tasks\dba1c78b-b3c1-43aa-9baa-6d258490dccb-2.job
- c:\program files (x86)\Pl-usHD\dba1c78b-b3c1-43aa-9baa-6d258490dccb-2.exe [2014-05-19 15:15]
.
2014-06-02 c:\windows\Tasks\dba1c78b-b3c1-43aa-9baa-6d258490dccb-4.job
- c:\program files (x86)\Pl-usHD\dba1c78b-b3c1-43aa-9baa-6d258490dccb-4.exe [2014-05-19 15:14]
.
2014-06-02 c:\windows\Tasks\dba1c78b-b3c1-43aa-9baa-6d258490dccb-5.job
- c:\program files (x86)\Pl-usHD\dba1c78b-b3c1-43aa-9baa-6d258490dccb-5.exe [2014-05-19 15:15]
.
2014-06-02 c:\windows\Tasks\dba1c78b-b3c1-43aa-9baa-6d258490dccb-6.job
- c:\program files (x86)\Pl-usHD\Pl-usHD-novainstaller.exe [2014-05-19 15:12]
.
2014-06-02 c:\windows\Tasks\dba1c78b-b3c1-43aa-9baa-6d258490dccb-7.job
- c:\program files (x86)\Pl-usHD\Pl-usHD-nova.exe [2014-05-19 15:12]
.
2014-06-02 c:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job
- c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-05-19 15:12]
.
2014-05-31 c:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job
- c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-05-19 15:12]
.
2014-06-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-18 15:07]
.
2014-06-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-18 15:07]
.
2014-06-02 c:\windows\Tasks\HPCeeScheduleForRoberto.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 02:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-05-23 14:24 244696 ----a-w- c:\users\Roberto\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_3\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-05-23 14:24 244696 ----a-w- c:\users\Roberto\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_3\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-05-23 14:24 244696 ----a-w- c:\users\Roberto\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_3\amd64\SkyDriveShell64.dll
.
------- Scansione supplementare -------
.
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1400230489&from=cor&uid=HGSTXHTS545050A7E380_TM85134T0ZTKWL0ZTKWLX&q={searchTerms}
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1400230489&from=cor&uid=HGSTXHTS545050A7E380_TM85134T0ZTKWL0ZTKWLX&q={searchTerms}
uInternet Settings,ProxyOverride = <-loopback>;<local>
uInternet Settings,ProxyServer = http=127.0.0.1:14212
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll
FF - ProfilePath -
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
URLSearchHooks-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
BHO-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
Notify-SDWinLogon - SDWinLogon.dll
AddRemove-3506BD4B-3548-1E7F-40CF-F1315821EB5F - c:\program files (x86)\ViewPassword\Uninstall.exe
AddRemove-Activeris AntiMalware_is1 - c:\program files (x86)\Activeris AntiMalware\unins000.exe
AddRemove-SearchProtect - c:\progra~2\SearchProtect\Main\bin\uninstall.exe
AddRemove-WPM - c:\programdata\WPM\wprotectmanager.exe
AddRemove-{5F189DF5-2D05-472B-9091-84D9848AE48B}{be0fb33b} - c:\progra~2\SUPPOR~1\SUPPOR~1.DLL
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@DenieD: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@DenieD: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@DenieD: (Full) (Everyone)
@SACL=(02 0000)
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\program files (x86)\ESRI\License\arcgis9x\ARCGIS.exe
c:\program files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe
.
**************************************************************************
.
Ora fine scansione: 2014-06-02 11:03:39 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2014-06-02 09:03
.
Pre-Run: 428.712.493.056 byte disponibili
Post-Run: 427.868.258.304 byte disponibili
.
- - End Of File - - 3C75668DD9CB96E0BD57E3A060ADB1D8
5FB38429D5D77768867C76DCBDB35194
 
Devi accedere o registrarti per rispondere qui.

Ci sono discussioni simili a riguardo, dai un'occhiata!

sannythebest
HDD funziona ma mostra primi segni di malfunzionamento
Risposte
4
Visualizzazioni
407
Storage (HDD, SSD, M2, RAID e NAS)
Liupen
Liupen

Entra

Hai dimenticato la password?
oppure Accedi utilizzando
Discord Ufficiale Entra ora!

Discussioni Simili