Toggle sidebar Toggle sidebar

PROBLEMA rimozione virus problematica

A

aleblabla

Nuovo Utente
10
1
Salve a tutti sono nuova e non so se questa sezione sia corretta, se non lo fosse chiedo scusa. Allora ieri mio fratello ha acceso il suo pc (notebook con sistema operativo windows 7 starter) e ha trovato 4 virus: ho scansionato con AVG 2013 e due li ha rimossi mentre altri due definiti rootkit dall'antivirus non son riuscita ad eliminarli e cambiano continuamente nome (per esempio "service function NtCreateThreadEx hook-> 0x8569DF70") allora ho scaricato TDSSkiller e scansionando ne ha rilevate 4 ( due in più oltre a quelli di AVG) ho eliminato tutto ho scansionato nuovamente con AVG ma quelli sono ancora presenti. Oggi ho scaricato Combofix e ho scansionato e allego qui il log, ho riavviato il pc e rifatto la scansione con AVG e TDSS e AVG mi dà ancora queste due minacce mentre TDSS nulla..se potreste dirmi cosa devo fare se non lanciare il pc contro ilmuro vi sarei grata..

ComboFix 13-04-02.01 - giovanni 03/04/2013 17:55:22.1.2 - x86
Microsoft Windows 7 Starter 6.1.7600.0.1252.39.1040.18.1012.95 [GMT 2:00]
Eseguito da: c:\users\giovanni\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\users\giovanni\AppData\Local\lollipop
c:\users\giovanni\AppData\Local\lollipop\lollipop.bat
c:\users\giovanni\AppData\Local\lollipop\lollipop.lpd
c:\users\giovanni\AppData\Local\lollipop\lollipop_cfg.lpd
c:\users\giovanni\AppData\Local\lollipop\lollipop_ps.lpd
c:\users\giovanni\AppData\Local\unins000.exe
.
.
((((((((((((((((((((((((( Files Creati Da 2013-03-03 al 2013-04-03 )))))))))))))))))))))))))))))))))))
.
.
2013-04-03 16:22 . 2013-04-03 16:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-03 16:07 . 2013-04-03 16:07 0 ---ha-w- c:\users\giovanni\BIT2C62.tmp
2013-04-02 17:12 . 2013-04-02 18:09 -------- d-----w- C:\TDSSKiller_Quarantine
2013-04-02 13:50 . 2013-04-02 13:50 -------- d-----w- c:\windows\system32\SPReview
2013-04-02 13:43 . 2013-04-02 13:43 -------- d-----w- c:\windows\system32\EventProviders
2013-03-18 13:05 . 2013-03-18 13:05 -------- d-----w- c:\users\giovanni\AppData\Local\Mozilla
2013-03-18 13:04 . 2013-03-18 13:04 -------- d-----w- c:\program files\Mozilla Maintenance Service
2013-03-18 13:00 . 2013-03-18 13:00 -------- d-----w- c:\users\giovanni\AppData\Local\Wajam
2013-03-18 13:00 . 2013-03-18 13:01 -------- d-----w- c:\program files\Wajam
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-18 13:03 . 2012-10-09 17:57 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-18 13:03 . 2012-10-09 17:57 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-05 05:02 . 2013-02-17 14:55 3957608 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-05 05:02 . 2013-02-17 14:55 3902312 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-04 04:55 . 2013-02-17 14:55 1287528 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-04 04:55 . 2013-02-17 14:55 187240 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-01-04 04:50 . 2013-02-17 14:55 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-01-04 04:46 . 2013-02-17 14:55 293376 ----a-w- c:\windows\system32\KernelBase.dll
2013-01-04 04:43 . 2013-02-17 14:55 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-04 04:43 . 2013-02-17 14:55 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-04 04:43 . 2013-02-17 14:55 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-04 04:43 . 2013-02-17 14:55 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-04 04:43 . 2013-02-17 14:55 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-04 04:43 . 2013-02-17 14:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-04 04:43 . 2013-02-17 14:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-04 04:43 . 2013-02-17 14:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-04 04:43 . 2013-02-17 14:55 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-04 04:43 . 2013-02-17 14:55 4096 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-04 04:43 . 2013-02-17 14:55 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-04 04:43 . 2013-02-17 14:55 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-04 04:43 . 2013-02-17 14:55 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-04 04:43 . 2013-02-17 14:55 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-04 04:43 . 2013-02-17 14:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-04 04:43 . 2013-02-17 14:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-04 04:43 . 2013-02-17 14:55 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-04 04:43 . 2013-02-17 14:55 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-04 04:43 . 2013-02-17 14:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-04 04:43 . 2013-02-17 14:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-04 04:43 . 2013-02-17 14:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-04 04:43 . 2013-02-17 14:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-04 04:43 . 2013-02-17 14:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-04 04:43 . 2013-02-17 14:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-04 03:00 . 2013-02-17 14:56 2345984 ----a-w- c:\windows\system32\win32k.sys
2013-01-04 02:59 . 2013-02-17 14:55 271360 ----a-w- c:\windows\system32\conhost.exe
2013-01-04 02:43 . 2013-02-17 14:55 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-04 02:43 . 2013-02-17 14:55 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-04 02:43 . 2013-02-17 14:55 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-04 02:43 . 2013-02-17 14:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-05 03:45 . 2013-03-18 13:04 262704 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{553318DA-D010-469E-84B1-496563CAE1BF}]
2012-10-01 09:36 71168 ----a-w- c:\users\giovanni\AppData\Local\fbDownloader\Extensions\FBDownloader.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-11-11 12:49 1796552 ----a-w- c:\program files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll" [2012-11-11 1796552]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00Zecter]
@="{D25B32FE-CB96-491A-98FF-AD59DA382D69}"
[HKEY_CLASSES_ROOT\CLSID\{D25B32FE-CB96-491A-98FF-AD59DA382D69}]
2010-03-28 22:22 718848 ----a-w- c:\program files\Hewlett-Packard\HP CloudDrive\ShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\01Zecter]
@="{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}"
[HKEY_CLASSES_ROOT\CLSID\{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}]
2010-03-28 22:22 718848 ----a-w- c:\program files\Hewlett-Packard\HP CloudDrive\ShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\02Zecter]
@="{B3C78E40-6B64-47C3-AE34-60B770881EB8}"
[HKEY_CLASSES_ROOT\CLSID\{B3C78E40-6B64-47C3-AE34-60B770881EB8}]
2010-03-28 22:22 718848 ----a-w- c:\program files\Hewlett-Packard\HP CloudDrive\ShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\03Zecter]
@="{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}"
[HKEY_CLASSES_ROOT\CLSID\{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}]
2010-03-28 22:22 718848 ----a-w- c:\program files\Hewlett-Packard\HP CloudDrive\ShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\04Zecter]
@="{855156F0-2A0F-11DE-8C30-0800200C9A66}"
[HKEY_CLASSES_ROOT\CLSID\{855156F0-2A0F-11DE-8C30-0800200C9A66}]
2010-03-28 22:22 718848 ----a-w- c:\program files\Hewlett-Packard\HP CloudDrive\ShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Syncables"="c:\program files\Hewlett-Packard\HP QuickSync\QuickSync.exe" [2010-05-18 530736]
"Protector"="wscript.exe" [2009-07-14 141824]
"ares"="c:\program files\Ares\Ares.exe" [2012-02-02 3209216]
"Facebook Update"="c:\users\giovanni\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-12-06 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-10-13 186904]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-23 150552]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-06-09 495708]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272]
"HP Quick Launch"="c:\program files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-07-02 602680]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"ZumoDrive"="c:\program files\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnk" [2010-08-15 2038]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-06-18 8192]
"MobileConnect"="c:\program files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe" [2008-11-04 2087424]
"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2012-12-11 3147384]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-11-11 997320]
"ROC_ROC_NT"="c:\program files\AVG Secure Search\ROC_ROC_NT.exe" [2012-10-09 856160]
"PosService"="c:\users\Public\Documents\AppData\PoApp\PLauncher.exe" [2011-12-16 218624]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-12-12 152544]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Media Suite.lnk - c:\program files\Hewlett-Packard\HP Media Suite\Home\ArcStart.exe [2010-4-1 91648]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 SoftwareUpd;Software Upd;c:\users\giovanni\AppData\Local\SoftwareUpdater\SoftwareUpdService.exe [x]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x]
R3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\DRIVERS\ZTEusbnet.sys [x]
R3 ZTEusbvoice;ZTE VoUSB Port;c:\windows\system32\DRIVERS\ZTEusbvoice.sys [x]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [x]
S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [x]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1207020.003\SYMDS.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1207020.003\SYMEFA.SYS [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [x]
S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [x]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [x]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [x]
S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20100522.001\BHDrvx86.sys [x]
S1 DVMIO;DeviceVM IO Service;c:\windows\system32\DRIVERS\dvmio.sys [x]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20100518.002\IDSVix86.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1207020.003\Ironx86.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NIS\1207020.003\SYMNETS.SYS [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\aestsrv.exe [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DvmMDES;DeviceVM Meta Data Export Service;c:\swsetup\HPQWMM\QuickWeb\QW.SYS\config\DVMExportService.exe [x]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4FB2407C-C8E4-BBC8-BB1C-FCCB2EF5914B}]
2010-06-23 17:47 687104 ----a-w- c:\program files\Hewlett-Packard\HP Media Suite\Home\HPMediaSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4FB2AA7C-C8E4-BBC8-BB1C-FAAB2EF5914B}]
2009-07-14 01:14 141824 ----a-w- c:\windows\System32\wscript.exe
.
Contenuto della cartella 'Scheduled Tasks'
.
2013-04-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 13:03]
.
2013-04-02 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-662080258-2386126110-3319390825-1000Core.job
- c:\users\giovanni\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-06 15:57]
.
2013-04-02 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-662080258-2386126110-3319390825-1000UA.job
- c:\users\giovanni\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-06 15:57]
.
2013-04-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-662080258-2386126110-3319390825-1000Core.job
- c:\users\giovanni\AppData\Local\Google\Update\GoogleUpdate.exe [2012-10-09 15:21]
.
2013-04-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-662080258-2386126110-3319390825-1000UA.job
- c:\users\giovanni\AppData\Local\Google\Update\GoogleUpdate.exe [2012-10-09 15:21]
.
2013-04-03 c:\windows\Tasks\HPCeeScheduleForgiovanni.job
- c:\program files\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 02:22]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://search.fbdownloader.com/?channel=sfit202fbdgy11
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 188.135.143.246 188.135.200.246
TCP: Interfaces\{1E1473F9-BB2A-46F2-B4E0-A65DDD340990}: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{4CDBFEC0-D0B6-4F37-B8A8-35E0F767B6F9}: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{B3B52A05-E5A8-4D31-A823-37538587B68D}: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{B74969CE-A853-4792-A496-89610BEDEB9D}: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{C7C16111-361C-4AC9-9CB9-6F8E7ADFF039}: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{e29ac6c2-7037-11de-816d-806e6f6e6963}: NameServer = 8.8.8.8,8.8.4.4
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
FF - ProfilePath - c:\users\giovanni\AppData\Roaming\Mozilla\Firefox\Profiles\dw5q0q69.default\
FF - ExtSQL: 2013-03-18 13:41; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\coFFPlgn_2011_7_13_2
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
HKCU-Run-Power2GoExpress - (no file)
SafeBoot-00203686.sys
SafeBoot-66125849.sys
SafeBoot-90668800.sys
AddRemove-{0B500125-92A7-40BF-ACF0-45A9221ADE21}_is1 - c:\users\giovanni\AppData\Local\unins000.exe
AddRemove-{FC17E0A7-EAA9-4902-92F8-C83B9FD02246} - c:\program files\InstallShield Installation Information\{FC17E0A7-EAA9-4902-92F8-C83B9FD02246}\setup.exe
AddRemove-lollipop - c:\users\giovanni\appdata\local\lollipop\lollipop.bat
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\18.7.2.3\diMaster.dll\" /prefetch:1"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @DenieD: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @DenieD: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @DenieD: (A) (Users) @DenieD: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @DenieD: (A) (Users) @DenieD: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @DenieD: (Full) (Everyone)
.
Ora fine scansione: 2013-04-03 18:33:39
ComboFix-quarantined-files.txt 2013-04-03 16:33
.
Pre-Run: 169.625.415.680 byte disponibili
Post-Run: 169.850.642.432 byte disponibili
.
- - End Of File - - 2D7D88A881774B97C7DA1406F1E3BDB1
 
e_ale92

e_ale92

Utente Èlite
17,011
5,013
CPU
Intel® Core™ i7-920 Processor - @3.33GHz
Dissipatore
Stock Intel
Scheda Madre
Asus P6T - socket LGA 1366
HDD
Samsung 830 128GB + Samsung Spinpoint F4 320GB + Seagate Barracuda 1,5 TB
RAM
Corsair DDR3 1333MHz CL9 XMS3 DHX (3x2GB) - @1674MHz
GPU
MSI R6970 Lightning
Audio
Realtek ALC 1200
Monitor
HP 2310i
PSU
XFX Pro 750W Core Edition
Case
Cooler Master HAF 922
Periferiche
R.A.T. 5 Cyborg Mad Catz - Keycool KC84
OS
Arch Linux + Windows 10 Pro
scarica hijackthis e posta il log ;)
 
A

aleblabla

Nuovo Utente
10
1
chiedo scusa per il ritardo a rispondere però ora il pc non si connette ad internet e sto scansionando per l'ultima volta con avira e il prossimo passo sarà una formattazione completa e l'installazione di una distro di linux adatta al netbook
 
  • Mi piace
Reazioni: e_ale92
e_ale92

e_ale92

Utente Èlite
17,011
5,013
CPU
Intel® Core™ i7-920 Processor - @3.33GHz
Dissipatore
Stock Intel
Scheda Madre
Asus P6T - socket LGA 1366
HDD
Samsung 830 128GB + Samsung Spinpoint F4 320GB + Seagate Barracuda 1,5 TB
RAM
Corsair DDR3 1333MHz CL9 XMS3 DHX (3x2GB) - @1674MHz
GPU
MSI R6970 Lightning
Audio
Realtek ALC 1200
Monitor
HP 2310i
PSU
XFX Pro 750W Core Edition
Case
Cooler Master HAF 922
Periferiche
R.A.T. 5 Cyborg Mad Catz - Keycool KC84
OS
Arch Linux + Windows 10 Pro
aleblabla ha detto:
chiedo scusa per il ritardo a rispondere però ora il pc non si connette ad internet e sto scansionando per l'ultima volta con avira e il prossimo passo sarà una formattazione completa e l'installazione di una distro di linux adatta al netbook
Clicca per espandere...

addirittura una distro linux? wooooooooooooow graaaandeeeeeeee :love: :lol:
 
A

aleblabla

Nuovo Utente
10
1
si un cambio radicale che tanto prima o poi dovrei fare e poi windows 7 starter fa alquanto schifo e dovevo cambiarlo..dato che ci sei mi potresti consigliare?:D è un netbook HP Mini con 1gb di RAM :D
 
e_ale92

e_ale92

Utente Èlite
17,011
5,013
CPU
Intel® Core™ i7-920 Processor - @3.33GHz
Dissipatore
Stock Intel
Scheda Madre
Asus P6T - socket LGA 1366
HDD
Samsung 830 128GB + Samsung Spinpoint F4 320GB + Seagate Barracuda 1,5 TB
RAM
Corsair DDR3 1333MHz CL9 XMS3 DHX (3x2GB) - @1674MHz
GPU
MSI R6970 Lightning
Audio
Realtek ALC 1200
Monitor
HP 2310i
PSU
XFX Pro 750W Core Edition
Case
Cooler Master HAF 922
Periferiche
R.A.T. 5 Cyborg Mad Catz - Keycool KC84
OS
Arch Linux + Windows 10 Pro
aleblabla ha detto:
si un cambio radicale che tanto prima o poi dovrei fare e poi windows 7 starter fa alquanto schifo e dovevo cambiarlo..dato che ci sei mi potresti consigliare?:D è un netbook HP Mini con 1gb di RAM :D
Clicca per espandere...

hai mai avuto esperienza con una distro linux?

se è la prima volta, direi che una linux mint xfce/cinnamon andrebbe bene... oppure lubuntu :sisi:
 
A

aleblabla

Nuovo Utente
10
1
sarebbe il mio primo incontro ravvicinato con lui e avevo già letto che come prima esperienza quello andrebbe bene..grazie mille!
 
e_ale92

e_ale92

Utente Èlite
17,011
5,013
CPU
Intel® Core™ i7-920 Processor - @3.33GHz
Dissipatore
Stock Intel
Scheda Madre
Asus P6T - socket LGA 1366
HDD
Samsung 830 128GB + Samsung Spinpoint F4 320GB + Seagate Barracuda 1,5 TB
RAM
Corsair DDR3 1333MHz CL9 XMS3 DHX (3x2GB) - @1674MHz
GPU
MSI R6970 Lightning
Audio
Realtek ALC 1200
Monitor
HP 2310i
PSU
XFX Pro 750W Core Edition
Case
Cooler Master HAF 922
Periferiche
R.A.T. 5 Cyborg Mad Catz - Keycool KC84
OS
Arch Linux + Windows 10 Pro
aleblabla ha detto:
sarebbe il mio primo incontro ravvicinato con lui e avevo già letto che come prima esperienza quello andrebbe bene..grazie mille!
Clicca per espandere...

:lol: tranquilla, non morde :lol:

cmq, se hai problemi c'è la sezione dedicata oppure chiedi a me :asd:... e se è una cosa impossibile li smuovo io i nerd di quella sezione :asd: :P :lol:
 
e_ale92

e_ale92

Utente Èlite
17,011
5,013
CPU
Intel® Core™ i7-920 Processor - @3.33GHz
Dissipatore
Stock Intel
Scheda Madre
Asus P6T - socket LGA 1366
HDD
Samsung 830 128GB + Samsung Spinpoint F4 320GB + Seagate Barracuda 1,5 TB
RAM
Corsair DDR3 1333MHz CL9 XMS3 DHX (3x2GB) - @1674MHz
GPU
MSI R6970 Lightning
Audio
Realtek ALC 1200
Monitor
HP 2310i
PSU
XFX Pro 750W Core Edition
Case
Cooler Master HAF 922
Periferiche
R.A.T. 5 Cyborg Mad Catz - Keycool KC84
OS
Arch Linux + Windows 10 Pro
prego :P

- - - Updated - - -
@aleblabla: metti mint con xfce ;)
 
Devi accedere o registrarti per rispondere qui.

Ci sono discussioni simili a riguardo, dai un'occhiata!

sannythebest
HDD funziona ma mostra primi segni di malfunzionamento
Risposte
4
Visualizzazioni
407
Storage (HDD, SSD, M2, RAID e NAS)
Liupen
Liupen

Entra

Hai dimenticato la password?
oppure Accedi utilizzando
Discord Ufficiale Entra ora!

Discussioni Simili