Malware?C'è qualcosa che non và

Vito Pinto · 24 Giugno 2018

Salve vorrei sapere da qualcuno se il mio pc è infetto o qualcos'altro,visto che sono un paio di giorni che va a scatti,pagine che si aprono e chiudono,non la fà sempre ma vorrei saperne di piu.Qui vi allego un report di COMBOFIX

ComboFix 18-06-17.01 - ViTo 24/06/2018 20:21:43.5.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.39.1040.18.3948.2665 [GMT 2:00]
Eseguito da: c:\users\ViTo\Downloads\ComboFix.exe
AV: Avast Antivirus *Disabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
SP: Avast Antivirus *Disabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Creato nuovo punto di ripristino
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_WiseBootAssistant
.
.
((((((((((((((((((((((((( Files Creati Da 2018-05-24 al 2018-06-24 )))))))))))))))))))))))))))))))))))
.
.
2018-06-24 18:27 . 2018-06-24 18:27 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2018-06-24 18:27 . 2018-06-24 18:27 -------- d-----w- c:\users\Psyco\AppData\Local\temp
2018-06-24 18:27 . 2018-06-24 18:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2018-06-20 20:57 . 2018-06-20 20:57 -------- d-----w- c:\users\ViTo\AppData\Local\AVAST Software
2018-06-20 19:33 . 2018-06-20 19:33 378072 ----a-w- c:\windows\system32\aswBoot.exe
2018-06-18 10:35 . 2018-06-18 10:35 -------- d-----w- c:\users\ViTo\AppData\Local\CEF
2018-06-17 22:02 . 2018-06-17 22:03 -------- d-----w- C:\AdwCleaner
2018-06-17 20:07 . 2018-06-17 20:07 -------- d-----w- c:\programdata\WindowsPerformanceRecorder
2018-06-17 18:23 . 2018-06-17 18:23 -------- d-----w- c:\programdata\Doctor Web
2018-06-14 15:45 . 2018-06-21 17:33 -------- d-----w- c:\users\ViTo\AppData\Local\Spotify
2018-06-14 15:44 . 2018-06-21 17:21 -------- d-----w- c:\users\ViTo\AppData\Roaming\Spotify
2018-06-11 21:38 . 2018-06-13 19:48 -------- d-----w- c:\users\ViTo\AppData\Local\NPE
2018-06-11 20:32 . 2018-06-11 20:32 -------- d-----w- c:\programdata\Loaris
2018-06-08 18:31 . 2018-06-08 22:01 -------- d-----w- c:\program files (x86)\Seagate
2018-06-03 19:52 . 2018-06-03 20:00 -------- d-----w- c:\users\ViTo\AppData\Local\Promosoft Corporation
2018-06-03 18:15 . 2018-06-04 09:57 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2018-06-01 21:42 . 2018-06-01 21:45 -------- d-----w- c:\users\ViTo\AppData\Local\ZHP
2018-05-28 20:35 . 2004-03-09 01:30 152848 ----a-w- c:\windows\SysWow64\COMDLG32.OCX
2018-05-28 20:35 . 1998-04-23 22:00 368912 ----a-w- c:\windows\SysWow64\vbar332.dll
2018-05-27 19:45 . 2018-05-27 19:45 33864 ----a-w- c:\windows\WiseHDInfo64.dll
2018-05-27 19:45 . 2018-05-27 19:45 51272 ----a-w- c:\windows\WiseRegNotify.sys
2018-05-26 12:53 . 2018-05-26 12:53 -------- d-----w- c:\users\ViTo\AppData\Roaming\SmartClose
2018-05-26 11:01 . 2018-06-24 13:02 -------- d-----w- c:\users\ViTo\AppData\Roaming\Wise Care 365
2018-05-26 11:01 . 2018-05-26 11:01 -------- d-----w- c:\program files (x86)\Wise
2018-05-25 22:25 . 2018-05-25 22:25 -------- d-----w- c:\users\ViTo\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me
2018-05-25 21:59 . 2018-05-25 21:59 -------- d-----w- c:\windows\system32\wbem\Framework
2018-05-25 21:58 . 2018-06-11 19:29 -------- d-----w- c:\program files (x86)\AnVir Task Manager Free
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2018-06-22 18:31 . 2018-02-16 18:56 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2018-06-20 19:33 . 2018-04-20 10:53 211160 ----a-w- c:\windows\system32\drivers\aswStm.sys
2018-06-20 19:33 . 2018-04-20 10:53 85968 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2018-06-20 19:33 . 2018-04-20 10:53 46976 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2018-06-20 19:33 . 2018-04-20 10:53 463080 ----a-w- c:\windows\system32\drivers\aswSP.sys
2018-06-20 19:33 . 2018-04-20 10:53 381584 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2018-06-20 19:33 . 2018-04-20 10:53 197160 ----a-w- c:\windows\system32\drivers\aswArPot.sys
2018-06-20 19:33 . 2018-04-20 10:53 159640 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2018-06-20 19:33 . 2018-04-20 10:53 111872 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2018-06-20 19:32 . 2018-04-20 10:53 1027728 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2018-06-20 19:32 . 2018-04-20 10:53 239680 ----a-w- c:\windows\system32\drivers\aswHdsKe.sys
2018-06-20 19:32 . 2018-04-20 10:53 59592 ----a-w- c:\windows\system32\drivers\aswbuniva.sys
2018-06-20 19:32 . 2018-04-20 10:53 346664 ----a-w- c:\windows\system32\drivers\aswbloga.sys
2018-06-20 19:32 . 2018-04-20 10:53 229392 ----a-w- c:\windows\system32\drivers\aswbidsdrivera.sys
2018-06-20 19:32 . 2018-04-20 10:53 201328 ----a-w- c:\windows\system32\drivers\aswbidsha.sys
2018-06-17 19:18 . 2018-02-09 11:24 842240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2018-06-17 19:18 . 2018-02-09 11:24 175104 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2018-06-13 10:29 . 2018-02-08 19:11 133315992 -c--a-w- c:\windows\system32\MRT-KB890830.exe
2018-06-13 10:29 . 2018-02-08 19:10 133315992 -c--a-w- c:\windows\system32\MRT.exe
2018-06-08 10:17 . 2018-03-28 22:42 15 ----a-w- c:\users\ViTo\advanced_ip_scanner_Comments.bin
2018-06-08 10:17 . 2018-03-28 22:42 15 ----a-w- c:\users\ViTo\advanced_ip_scanner_Aliases.bin
2018-06-08 10:17 . 2018-03-28 22:42 1318 ----a-w- c:\users\ViTo\advanced_ip_scanner_MAC.bin
2018-05-29 02:22 . 2018-06-13 22:17 44544 ----a-w- c:\windows\apppatch\acwow64.dll
2018-05-26 10:51 . 2018-05-02 20:06 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2018-05-15 12:45 . 2018-05-15 12:45 115272 ----a-w- c:\windows\HMFAxCore56d706f6725c732df006697fd5ec3381.sys
2018-05-14 10:38 . 2018-05-14 10:38 28424 ----a-w- c:\windows\system32\drivers\GUBootStartup.sys
2018-05-02 20:15 . 2018-05-02 22:47 2230600 ----a-w- c:\windows\ETDUninst.dll
2018-05-02 20:12 . 2018-05-02 20:12 388936 ----a-w- c:\windows\system32\drivers\ETD.sys
2018-05-02 20:08 . 2018-05-02 20:08 82128 ----a-w- c:\windows\system32\drivers\bScsiSDa.sys
2018-05-02 20:05 . 2018-05-02 20:05 63120 ----a-w- c:\windows\system32\LMouFiltCoInst.dll
2018-05-02 20:05 . 2018-05-02 20:05 1854096 ----a-w- c:\windows\system32\LkmdfCoInst.dll
2018-05-02 20:05 . 2018-05-02 20:05 69264 ----a-w- c:\windows\system32\drivers\LMouFilt.Sys
2018-05-02 20:05 . 2018-05-02 20:05 86672 ----a-w- c:\windows\system32\drivers\LHidFilt.Sys
2018-05-02 20:00 . 2018-05-02 20:00 480800 ----a-w- c:\windows\system32\drivers\IntcDAud.sys
2018-05-02 19:57 . 2018-05-02 19:57 28008 ----a-w- c:\windows\system32\drivers\iaStorF.sys
2018-05-02 19:57 . 2018-05-02 19:57 632168 ----a-w- c:\windows\system32\drivers\iaStorA.sys
2018-04-23 19:16 . 2018-04-23 19:16 255928 ----a-w- c:\windows\system32\drivers\631171D4.sys
2018-04-23 00:00 . 2018-05-10 10:48 876032 ----a-w- c:\windows\system32\oleaut32.dll
2018-04-23 00:00 . 2018-05-10 10:48 512512 ----a-w- c:\windows\system32\rpcss.dll
2018-04-23 00:00 . 2018-05-10 10:48 2066432 ----a-w- c:\windows\system32\ole32.dll
2018-04-23 00:00 . 2018-05-10 10:48 26112 ----a-w- c:\windows\system32\oleres.dll
2018-04-23 00:00 . 2018-05-10 10:48 8704 ----a-w- c:\windows\system32\comcat.dll
2018-04-22 23:40 . 2018-05-10 10:48 582144 ----a-w- c:\windows\SysWow64\oleaut32.dll
2018-04-22 23:40 . 2018-05-10 10:48 1417728 ----a-w- c:\windows\SysWow64\ole32.dll
2018-04-22 23:40 . 2018-05-10 10:48 26112 ----a-w- c:\windows\SysWow64\oleres.dll
2018-04-22 23:24 . 2018-05-10 10:48 7168 ----a-w- c:\windows\SysWow64\comcat.dll
2018-04-20 11:02 . 2018-02-21 20:33 145352 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2018-04-18 16:03 . 2018-05-10 10:48 701952 ----a-w- c:\windows\system32\hhctrl.ocx
2018-04-18 16:03 . 2018-05-10 10:48 53248 ----a-w- c:\windows\system32\hhsetup.dll
2018-04-18 15:51 . 2018-05-10 10:48 523776 ----a-w- c:\windows\SysWow64\hhctrl.ocx
2018-04-18 15:51 . 2018-05-10 10:48 43008 ----a-w- c:\windows\SysWow64\hhsetup.dll
2018-04-18 15:41 . 2018-05-10 10:48 16896 ----a-w- c:\windows\hh.exe
2018-04-18 15:35 . 2018-05-10 10:48 15360 ----a-w- c:\windows\SysWow64\hh.exe
2018-04-11 16:38 . 2018-05-10 10:48 170496 ----a-w- c:\windows\system32\itss.dll
2018-04-11 16:38 . 2018-05-10 10:48 194048 ----a-w- c:\windows\system32\itircl.dll
2018-04-11 16:36 . 2018-05-10 10:48 142848 ----a-w- c:\windows\SysWow64\itss.dll
2018-04-11 16:36 . 2018-05-10 10:48 158720 ----a-w- c:\windows\SysWow64\itircl.dll
2018-04-10 16:36 . 2018-05-10 10:48 236032 ----a-w- c:\windows\system32\srvsvc.dll
2018-04-10 16:36 . 2018-05-10 10:48 13312 ----a-w- c:\windows\system32\sscore.dll
2018-04-10 16:35 . 2018-05-10 10:48 1735168 ----a-w- c:\windows\system32\comsvcs.dll
2018-04-10 16:34 . 2018-05-10 10:48 525824 ----a-w- c:\windows\system32\catsrvut.dll
2018-04-10 16:33 . 2018-05-10 10:48 1241600 ----a-w- c:\windows\SysWow64\comsvcs.dll
2018-04-10 16:32 . 2018-05-10 10:48 487936 ----a-w- c:\windows\SysWow64\catsrvut.dll
2018-04-10 16:00 . 2018-05-10 10:48 9728 ----a-w- c:\windows\SysWow64\sscore.dll
2018-04-10 15:54 . 2018-05-10 10:48 3226112 ----a-w- c:\windows\system32\win32k.sys
2018-04-10 15:48 . 2018-05-10 10:48 464384 ----a-w- c:\windows\system32\drivers\srv.sys
2018-04-10 15:47 . 2018-05-10 10:48 406016 ----a-w- c:\windows\system32\drivers\srv2.sys
2018-04-10 15:47 . 2018-05-10 10:48 169984 ----a-w- c:\windows\system32\drivers\srvnet.sys
2018-04-07 16:41 . 2018-05-10 10:48 371392 ----a-w- c:\windows\system32\clfs.sys
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\ViTo\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2018-06-21 781712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleNetIDList"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 aswbIDSAgent;aswbIDSAgent;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe [x]
R3 aswHwid;aswHwid;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 semav6msr64;semav6msr64;c:\windows\system32\drivers\semav6msr64.sys;c:\windows\SYSNATIVE\drivers\semav6msr64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WiseHDInfo;WiseHDInfo;c:\windows\WiseHDInfo64.dll;c:\windows\WiseHDInfo64.dll [x]
R3 WiseRegNotify;WiseRegNotify;c:\windows\WiseRegNotify.sys;c:\windows\WiseRegNotify.sys [x]
R4 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
R4 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R4 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
R4 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R4 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R4 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [x]
R4 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswbidsh;aswbidsh;c:\windows\system32\drivers\aswbidsha.sys;c:\windows\SYSNATIVE\drivers\aswbidsha.sys [x]
S0 aswblog;aswblog;c:\windows\system32\drivers\aswbloga.sys;c:\windows\SYSNATIVE\drivers\aswbloga.sys [x]
S0 aswbuniv;aswbuniv;c:\windows\system32\drivers\aswbuniva.sys;c:\windows\SYSNATIVE\drivers\aswbuniva.sys [x]
S0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys;c:\windows\SYSNATIVE\drivers\aswRvrt.sys [x]
S0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys;c:\windows\SYSNATIVE\drivers\aswVmm.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswArPot;aswArPot;c:\windows\system32\drivers\aswArPot.sys;c:\windows\SYSNATIVE\drivers\aswArPot.sys [x]
S1 aswbidsdriver;aswbidsdriver;c:\windows\system32\drivers\aswbidsdrivera.sys;c:\windows\SYSNATIVE\drivers\aswbidsdrivera.sys [x]
S1 aswHdsKe;aswHdsKe;c:\windows\system32\drivers\aswHdsKe.sys;c:\windows\SYSNATIVE\drivers\aswHdsKe.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 GUBootStartup;GUBootStartup;c:\windows\System32\drivers\GUBootStartup.sys;c:\windows\SYSNATIVE\drivers\GUBootStartup.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdbd.sys [x]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdmp.sys [x]
S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiMSa.sys [x]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiSDa.sys [x]
S3 IntcDAud;Audio Intel(R) per schermi;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
Contenuto della cartella 'Scheduled Tasks'
.
2018-06-23 c:\windows\Tasks\Wise Turbo Checker.job
- c:\program files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2018-05-26 09:13]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00asw]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2018-06-20 19:33 1822424 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvLaunch.exe" [2018-06-20 242904]
.
------- Scansione supplementare -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{ADB78799-2F6F-41CA-B2D7-58C5D89EB337}: NameServer = 8.8.8.8,8.8.4.4
.
.
------- Associazioni dei file -------
.
inifile="%SystemRoot%\system32\NOTEPAD.EXE" %1
txtfile="%SystemRoot%\system32\NOTEPAD.EXE" %1
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@DenieD: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_30_0_0_113_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_30_0_0_113_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@DenieD: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@DenieD: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_30_0_0_113_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_30_0_0_113_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@DenieD: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_30_0_0_113.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.30"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_30_0_0_113.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@DenieD: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_30_0_0_113.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_30_0_0_113.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@DenieD: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@DenieD: (Full) (Everyone)
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
c:\program files (x86)\Common Files\Java\Java Update\jusched.exe
.
**************************************************************************
.
Ora fine scansione: 2018-06-24 21:50:08 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2018-06-24 19:50
.
Pre-Run: 247.739.817.984 byte disponibili
Post-Run: 246.840.254.464 byte disponibili
.
- - End Of File - - C94BD3F936D22A6F91144F2354D4B997
A36C5E4F47E84449FF07ED3517B43A31

Lam · 26 Giugno 2018

Prima vedi se riesci a trovare qualcosa eseguendo prima Rkill,poi installando ed eseguendo adwcleaner,poi
malwarebytes

Poi,se il pc va a scatti potrebbe essere anche altro
Che servizi partono all'avvio? il disco è frammentato?
Hai provato ad utilizzare pulizia disco?
eseguendo sfc/scannow dal prompt dei comando(come amministratore) cosa ottieni?

Lam · 26 Giugno 2018

farbar recovery scan tool?
E' lo standard su questo forum

Vito Pinto · 27 Giugno 2018

ecco qui...

danilo79 · 29 Giugno 2018

Ciao e scusa il ritardo...

esegui in ordine come scritto:

Avevi provato un sacco di software antimalware in genere....
ci sono rimasugli vari...
-Doctor web
-hitmanpro
-avira
-combofix
-aswmbr
-Loaris
-Simantec NPE.exe
-e altri...
Disinstalla tutti quelli che sono rimasti di questi programmi ,ingolfano il pc e basta...

2)Poi posiziona sul desktop frst.exe e il file allegato sotto fixlist.txt (mi raccomando sul desktop)
tasto dx sopra frst---->esegui come amministratore
quando si apre clicca su fix
attendi che finisca e che il pc si riavvii ( se non si riavvia fallo te)
posta il fixlog.txt (lo trovi sul desktop)

3)Resetta i browser:
vedi qui https://it.ccm.net/faq/1767-come-ripristinare-il-browser
prima di resettare i browser salvati i segnalibri e password se ti interessano....

4)Fai pulizia con ccleaner sia sistema che registro

fa sapere....

Vito Pinto · 30 Luglio 2018

ci sei

danilo79 ha detto:
Ciao e scusa il ritardo...

esegui in ordine come scritto:

Avevi provato un sacco di software antimalware in genere....
ci sono rimasugli vari...
-Doctor web
-hitmanpro
-avira
-combofix
-aswmbr
-Loaris
-Simantec NPE.exe
-e altri...
Disinstalla tutti quelli che sono rimasti di questi programmi ,ingolfano il pc e basta...

2)Poi posiziona sul desktop frst.exe e il file allegato sotto fixlist.txt (mi raccomando sul desktop)
tasto dx sopra frst---->esegui come amministratore
quando si apre clicca su fix
attendi che finisca e che il pc si riavvii ( se non si riavvia fallo te)
posta il fixlog.txt (lo trovi sul desktop)

3)Resetta i browser:
vedi qui https://it.ccm.net/faq/1767-come-ripristinare-il-browser
prima di resettare i browser salvati i segnalibri e password se ti interessano....

4)Fai pulizia con ccleaner sia sistema che registro

fa sapere....

danilo79 · 30 Luglio 2018

Come va il pc?
Che problemi rimangono?

Cerca

Malware?C'è qualcosa che non và

Vito Pinto

Nuovo Utente

Lam

Lam

Vito Pinto

Nuovo Utente

Allegati

danilo79

Allegati

Vito Pinto

Nuovo Utente

Allegati

danilo79

Ci sono discussioni simili a riguardo, dai un'occhiata!

Entra

Discussioni Simili