pulizia pc e log combofix

Pubblicità
L

laurag

Nuovo Utente
Messaggi
3
Reazioni
0
Punteggio
24
salve a tutti!
dopo aver convissuto con il mio vecchio pc pieno di rallentamenti e blocchi, avvisi vari credo di essere riuscita ad alleggerito da un pò di zavorre. Cerco aiuto nel leggere il log di combofix per togliere tutti i sassolini..finora ho fatto tutto sulla filosofia del 'sbagliando si impara', ma qui mi fermo!:patpat:
grazie a chi vorrà aiutarmi


qui il log:

ComboFix 14-01-16.03 - quiqquoqqua 18/01/2014 18.31.52.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.510.241 [GMT 1:00]
Eseguito da: c:\documents and settings\quiqquoqqua\Documenti\Download\ComboFix.exe
AV: AntiVir Desktop *Enabled/Outdated* {00000002-0002-0000-6C25-9E7C08000A00}
AV: AntiVir Desktop *Enabled/Outdated* {00000002-0002-0000-7C25-9E7C08000A00}
AV: AntiVir Desktop *Enabled/Updated* {00000000-0000-0000-0000-000000000000}
AV: AntiVir Desktop *Enabled/Updated* {0012EE20-534A-7C92-A410-1600080015C0}
FW: COMODO Firewall Pro *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Dati applicazioni\TEMP
c:\documents and settings\quiqquoqqua\WINDOWS
c:\windows\IsUn0410.exe
c:\windows\system32\SET122.tmp
c:\windows\system32\SETD1.tmp
c:\windows\system32\SETDD.tmp
c:\windows\unin0410.exe
.
.
((((((((((((((((((((((((( Files Creati Da 2013-12-18 al 2014-01-18 )))))))))))))))))))))))))))))))))))
.
.
2014-01-16 09:18 . 2014-01-16 09:18 -------- dc----w- c:\programmi\CCleaner
2014-01-16 08:35 . 2014-01-16 08:35 -------- dc----w- c:\documents and settings\quiqquoqqua\Dati applicazioni\Eusing
2014-01-16 08:35 . 2014-01-16 08:35 -------- dc----w- c:\programmi\Eusing Free Registry Cleaner
2014-01-16 07:50 . 2014-01-16 07:50 32368 -c--a-w- c:\windows\SCHEDLGU.TXT.TMP
2014-01-16 00:36 . 2014-01-16 00:36 53 -c--a-w- c:\windows\system32\inst_virit_ie.bat
2014-01-16 00:36 . 2014-01-16 00:34 96304 -c--a-w- c:\windows\system32\drivers\viragtlt.sys
2014-01-15 23:24 . 2014-01-16 07:50 -------- dc----w- C:\VEXPLite
2014-01-15 21:18 . 2014-01-15 21:18 -------- dc----w- c:\programmi\Enigma Software Group
2014-01-15 21:17 . 2014-01-15 22:29 -------- dc----w- c:\windows\A358F2F62500420C989C25C4F22DF51E.TMP
2014-01-15 21:16 . 2014-01-15 21:16 -------- dc----w- c:\programmi\File comuni\Wise Installation Wizard
2014-01-06 23:34 . 2014-01-06 23:34 -------- dc----w- c:\programmi\File comuni\PCSuite
2014-01-06 23:32 . 2012-06-11 10:33 19072 -c--a-w- c:\windows\system32\drivers\pccsmcfd.sys
2014-01-06 23:32 . 2014-01-06 23:32 -------- dc----w- c:\programmi\PC Connectivity Solution
2014-01-04 13:49 . 2012-01-09 16:28 8576 -c--a-w- c:\windows\system32\drivers\nmwcdnsuc.sys
2014-01-04 13:49 . 2012-01-09 16:28 137600 -c--a-w- c:\windows\system32\drivers\nmwcdnsu.sys
2014-01-04 13:49 . 2012-01-09 16:28 8192 -c--a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2014-01-04 13:49 . 2012-01-09 16:28 8192 -c--a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2014-01-04 13:49 . 2012-01-09 16:28 23168 -c--a-w- c:\windows\system32\drivers\ccdcmbo.sys
2014-01-04 13:49 . 2012-01-09 16:28 18176 -c--a-w- c:\windows\system32\drivers\ccdcmb.sys
2014-01-04 13:32 . 2014-01-04 13:32 73728 -c--a-r- c:\documents and settings\quiqquoqqua\Dati applicazioni\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe
2014-01-04 13:32 . 2014-01-04 13:32 73728 -c--a-r- c:\documents and settings\quiqquoqqua\Dati applicazioni\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe
2014-01-04 13:32 . 2014-01-04 13:32 53248 -c--a-r- c:\documents and settings\quiqquoqqua\Dati applicazioni\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\ARPPRODUCTICON.exe
2014-01-04 13:32 . 2014-01-04 13:32 49152 -c--a-r- c:\documents and settings\quiqquoqqua\Dati applicazioni\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
2014-01-04 13:32 . 2014-01-04 13:32 49152 -c--a-r- c:\documents and settings\quiqquoqqua\Dati applicazioni\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-13 08:42 . 2013-08-07 18:20 71048 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-13 08:42 . 2013-08-07 18:20 692616 -c--a-w- c:\windows\system32\FlashPlayerApp.exe
2013-11-27 20:21 . 2005-07-14 08:39 40960 -c--a-w- c:\windows\system32\drivers\ndproxy.sys
2013-11-13 02:59 . 2005-07-14 08:38 150528 -c--a-w- c:\windows\system32\imagehlp.dll
2013-11-07 05:38 . 2005-07-14 08:39 591360 -c--a-w- c:\windows\system32\rpcrt4.dll
2013-11-06 01:36 . 2008-05-05 06:25 7680 -c--a-w- c:\windows\system32\xpsp4res.dll
2013-10-30 02:52 . 2005-07-14 08:39 1879040 -c--a-w- c:\windows\system32\win32k.sys
2013-10-23 23:45 . 2005-07-14 08:39 172032 -c--a-w- c:\windows\system32\scrrun.dll
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\programmi\Apoint\Apoint.exe" [2003-11-07 114688]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-06-09 6746112]
"NSU_agent"="c:\programmi\Nokia\Nokia Software Updater\nsu3ui_agent.exe" [2012-02-28 190768]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Default User\Menu Avvio\Programmi\Esecuzione automatica\
VAIO Launcher.lnk - c:\programmi\Sony\VAIO Launcher\Launcher.exe reset [2005-12-20 778240]
.
c:\documents and settings\Administrator\Menu Avvio\Programmi\Esecuzione automatica\
VAIO Launcher.lnk - c:\programmi\Sony\VAIO Launcher\Launcher.exe reset [2005-12-20 778240]
.
c:\documents and settings\paperinik\Menu Avvio\Programmi\Esecuzione automatica\
VAIO Launcher.lnk - c:\programmi\Sony\VAIO Launcher\Launcher.exe reset [2005-12-20 778240]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programmi\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2005-05-20 15:42 73728 ----a-w- c:\windows\system32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Programmi\\Mozilla Firefox\\firefox.exe"=
"c:\\Programmi\\Youtube Downloader HD\\YouTubeDownloaderHD.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"54925:UDP"= 54925:UDP:BrotherNetwork Scanner
.
R0 VIRAGTLT;VIRAGTLT;c:\windows\system32\drivers\viragtlt.sys [16/01/2014 1.36.52 96304]
S2 IcRecUsb;IC Recorder Driver;c:\windows\system32\drivers\IcRecUsb.sys [24/04/2007 16.06.29 17432]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys --> c:\windows\system32\DRIVERS\ewusbdev.sys [?]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [04/01/2014 14.49.28 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [04/01/2014 14.49.30 8576]
S3 ONDAusbmdm6k;ONDA Proprietary USB Driver;c:\windows\system32\drivers\ONDAusbmdm6k.sys [20/04/2010 12.56.03 100864]
S3 ONDAusbnet;ONDA USB-NDIS miniport;c:\windows\system32\drivers\ONDAusbnet.sys [20/04/2010 12.56.03 87552]
S3 ONDAusbnmea;ONDA NMEA Port;c:\windows\system32\drivers\ONDAusbnmea.sys [20/04/2010 12.56.03 100864]
S3 ONDAusbser6k;ONDA Diagnostic Port;c:\windows\system32\drivers\ONDAusbser6k.sys [20/04/2010 12.56.03 100864]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [20/09/2010 20.23.55 27064]
.
Contenuto della cartella 'Scheduled Tasks'
.
2014-01-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-07 08:42]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.com/
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: Trasferimento tramite Image Converter 2 - c:\programmi\Sony\Image Converter 2\menu.htm
Trusted Zone: sony-europe.com
Trusted Zone: sonystyle-europe.com
Trusted Zone: vaio-link.com
TCP: Interfaces\{E6784FAF-8350-4823-A988-B43AB57EDDD2}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
FF - ProfilePath - c:\documents and settings\quiqquoqqua\Dati applicazioni\Mozilla\Firefox\Profiles\w2omzwue.default-1382601768015\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.it/
FF - ExtSQL: 2013-12-05 14:54; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; c:\documents and settings\quiqquoqqua\Dati applicazioni\Mozilla\Firefox\Profiles\w2omzwue.default-1382601768015\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-Adobe Illustrator 8.0 - c:\windows\UNIN0410.EXE
AddRemove-EPSON Photo Print - c:\windows\IsUn0410.exe
AddRemove-Microsoft Interactive Training - c:\windows\IsUn0410.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2014-01-18 18:42
Windows 5.1.2600 Service Pack 3 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
"0140AC1900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•9~*]
"0140610900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'winlogon.exe'(1028)
c:\windows\system32\VESWinlogon.dll
.
Ora fine scansione: 2014-01-18 18:45:45
ComboFix-quarantined-files.txt 2014-01-18 17:45
.
Pre-Run: 13.143.482.368 byte disponibili
Post-Run: 13.646.569.472 byte disponibili
.
- - End Of File - - BB0152205DF0348B2DAA008909D61676
8F558EB6672622401DA993E1E865C861

scusate, ma nessuno che riesci a dirmi se è a posto o meno?
grazie
 
Ultima modifica:
Pubblicità
Pubblicità
Indietro
Top