I have windows 7 Service Pack 1 updated.
This happened to me: http://www.bleepingcomputer.com/virus-r ... ransomware
I'm no expert and I turn to you.
The antivirus does not detect anything.
Symptoms: slow pc, slow internet, use the internet without my permission, ecc.
Please help me. QQ
I do not know how to attach multiple files and place here.
I'm post HiJackThis and Combofix log file.
HiJackThis
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:12:43, on 06/11/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\explorer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
--
End of file - 3306 bytes
ComboFix
ComboFix 13-11-04.01 - pcmeu 06/11/2013 13:36:00.1.4 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.39.1040.18.3062.2220 [GMT 1:00]
Eseguito da: c:\users\pcmeu\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Creato nuovo punto di ripristino
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\WinRAR\Leggimi.Txt
c:\program files\WinRAR\Leggimi_1a.Txt
c:\program files\WinRAR\Licenza.Txt
c:\program files\WinRAR\Ordin.htm
c:\program files\WinRAR\Ordina.htm
c:\windows\system32\drivers\etc\hosts.ics
.
.
((((((((((((((((((((((((( Files Creati Da 2013-10-06 al 2013-11-06 )))))))))))))))))))))))))))))))))))
.
.
2013-11-06 12:42 . 2013-11-06 12:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-05 18:30 . 2013-10-15 23:20 7796464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EA89A63B-70F1-4367-B300-43BBD96A083E}\mpengine.dll
2013-11-01 09:06 . 2013-11-01 09:06 -------- d-----w- c:\programdata\InterAction studios
2013-10-30 22:07 . 2013-10-30 22:07 -------- d-----w- c:\program files\AIMP3
2013-10-29 17:19 . 2013-09-22 23:27 109056 ----a-w- c:\windows\system32\iesysprep.dll
2013-10-29 17:19 . 2013-09-21 02:39 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-10-29 17:19 . 2013-09-22 23:28 817664 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-10-29 17:19 . 2013-09-22 23:54 770648 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2013-10-29 17:19 . 2013-09-22 23:28 1767936 ----a-w- c:\windows\system32\wininet.dll
2013-10-29 17:13 . 2013-10-29 17:18 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-10-29 17:12 . 2013-10-29 17:12 -------- d-----w- c:\programdata\Malwarebytes
2013-10-29 15:46 . 2013-10-29 15:46 -------- d-----w- c:\program files\HitmanPro
2013-10-29 13:23 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\system32\DWrite.dll
2013-10-28 22:13 . 2013-10-28 22:13 49152 ----a-w- c:\windows\system32\taskhost.exe
2013-10-28 16:14 . 2013-10-28 17:38 -------- d-----w- c:\programdata\HitmanPro
2013-10-28 15:25 . 2013-07-09 05:03 3913664 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-10-28 15:24 . 2013-08-28 01:04 2348544 ----a-w- c:\windows\system32\win32k.sys
2013-10-28 15:23 . 2013-08-02 01:48 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-10-27 18:18 . 2012-05-09 11:43 74752 ----a-w- c:\windows\system32\drivers\lgvzandnetndis.sys
2013-10-27 18:17 . 2012-05-09 11:46 28032 ----a-w- c:\windows\system32\drivers\lgvzandnetmdm.sys
2013-10-27 18:17 . 2012-05-09 11:46 23168 ----a-w- c:\windows\system32\drivers\lgvzandnetdiag.sys
2013-10-27 18:17 . 2012-05-09 11:46 22400 ----a-w- c:\windows\system32\drivers\lgvzandnetgps.sys
2013-10-27 18:16 . 2010-01-25 05:11 19968 ----a-w- c:\windows\system32\drivers\lgandgps.sys
2013-10-27 18:16 . 2010-01-25 05:11 20864 ----a-w- c:\windows\system32\drivers\lganddiag.sys
2013-10-27 18:16 . 2010-01-25 05:11 24960 ----a-w- c:\windows\system32\drivers\lgandmodem.sys
2013-10-27 18:16 . 2010-01-25 05:11 14336 ----a-w- c:\windows\system32\drivers\lgandbus.sys
2013-10-27 18:07 . 2013-10-27 22:32 -------- d-----w- c:\program files\LG Electronics
2013-10-27 11:07 . 2013-10-27 11:07 -------- d-----w- c:\windows\system32\SPReview
2013-10-27 11:06 . 2013-10-27 11:06 -------- d-----w- c:\windows\system32\EventProviders
2013-10-27 11:04 . 2010-11-20 12:36 1077248 ----a-w- c:\windows\system32\Narrator.exe
2013-10-27 11:03 . 2010-11-20 12:21 363008 ----a-w- c:\windows\system32\wbemcomn.dll
2013-10-27 11:03 . 2010-11-20 12:21 189952 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2013-10-27 11:03 . 2010-11-20 12:19 606208 ----a-w- c:\windows\system32\wbem\fastprox.dll
2013-10-27 11:03 . 2010-11-20 12:21 189952 ----a-w- c:\windows\system32\sqmapi.dll
2013-10-26 18:42 . 2013-10-26 18:42 -------- d-----w- c:\windows\system32\Wat
2013-10-26 18:26 . 2013-10-26 18:26 -------- d-----w- c:\windows\system32\wbem\en-US
2013-10-26 17:04 . 2013-10-26 17:04 -------- d-----w- c:\program files\Synaptics
2013-10-26 17:04 . 2013-10-26 17:04 -------- d-----w- c:\program files\alaplaya
2013-10-26 17:04 . 2013-10-27 18:17 -------- d--h--w- c:\program files\InstallShield Installation Information
2013-10-26 17:02 . 2013-10-26 17:04 -------- d-----w- c:\program files\Common Files\InstallShield
2013-10-26 16:50 . 2013-10-26 16:51 -------- d-----w- c:\windows\system32\MRT
2013-10-26 16:43 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-10-26 16:43 . 2012-03-01 05:33 159232 ----a-w- c:\windows\system32\imagehlp.dll
2013-10-26 16:43 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll
2013-10-26 16:42 . 2013-10-26 17:04 -------- d-----w- c:\programdata\Solid State Networks
2013-10-26 16:41 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2013-10-26 16:36 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\system32\msxml6.dll
2013-10-26 16:33 . 2011-06-15 08:55 86016 ----a-w- c:\windows\system32\odbccu32.dll
2013-10-26 16:33 . 2011-06-15 08:55 81920 ----a-w- c:\windows\system32\odbccr32.dll
2013-10-26 16:33 . 2011-06-15 08:55 319488 ----a-w- c:\windows\system32\odbcjt32.dll
2013-10-26 16:33 . 2011-06-15 08:55 163840 ----a-w- c:\windows\system32\odbctrac.dll
2013-10-26 16:33 . 2011-06-15 08:55 122880 ----a-w- c:\windows\system32\odbccp32.dll
2013-10-26 16:33 . 2011-06-15 08:54 94208 ----a-w- c:\program files\Common Files\System\Ole DB\msdaosp.dll
2013-10-26 16:32 . 2013-03-19 04:48 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-10-26 16:32 . 2013-03-19 02:49 69632 ----a-w- c:\windows\system32\smss.exe
2013-10-26 16:32 . 2011-07-09 02:30 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2013-10-26 16:32 . 2011-04-27 02:17 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2013-10-26 16:32 . 2011-04-27 02:17 123904 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2013-10-26 16:32 . 2012-06-06 05:05 1236992 ----a-w- c:\windows\system32\msxml3.dll
2013-10-26 16:32 . 2010-06-26 03:24 2048 ----a-w- c:\windows\system32\msxml3r.dll
2013-10-26 16:30 . 2011-04-25 02:18 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2013-10-26 16:30 . 2011-03-03 05:38 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
2013-10-26 16:30 . 2011-03-03 05:36 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
2013-10-26 16:30 . 2011-08-27 04:26 571904 ----a-w- c:\windows\system32\oleaut32.dll
2013-10-26 16:30 . 2011-08-27 04:26 233472 ----a-w- c:\windows\system32\oleacc.dll
2013-10-26 16:30 . 2012-06-06 05:05 352256 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2013-10-26 16:30 . 2012-06-06 05:05 1019904 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2013-10-26 16:30 . 2012-06-06 05:03 805376 ----a-w- c:\windows\system32\cdosys.dll
2013-10-26 16:30 . 2012-06-06 05:05 143360 ----a-w- c:\program files\Common Files\System\ado\msjro.dll
2013-10-26 16:30 . 2012-06-06 05:05 372736 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2013-10-26 16:30 . 2012-06-06 05:05 57344 ----a-w- c:\program files\Common Files\System\ado\msador15.dll
2013-10-26 16:30 . 2012-06-06 05:05 212992 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2013-10-26 16:29 . 2013-04-12 13:45 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-10-26 16:29 . 2012-08-22 17:16 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2013-10-26 16:29 . 2013-01-03 05:04 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-10-26 16:27 . 2011-05-03 04:30 741376 ----a-w- c:\windows\system32\inetcomm.dll
2013-10-26 16:27 . 2011-05-24 10:44 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2013-10-26 16:27 . 2010-11-20 12:18 145920 ----a-w- c:\windows\system32\cfgmgr32.dll
2013-10-26 16:24 . 2011-03-11 05:33 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2013-10-26 16:24 . 2011-03-11 05:33 1137664 ----a-w- c:\windows\system32\mfc42.dll
2013-10-26 16:21 . 2011-02-23 04:47 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2013-10-26 14:26 . 2013-10-26 13:33 -------- d-----w- c:\windows\Panther
2013-10-26 14:18 . 2013-10-26 14:18 -------- d-----w- c:\program files\VideoLAN
2013-10-26 14:10 . 2013-10-26 14:11 -------- d-----w- c:\program files\Google
2013-10-26 14:10 . 2013-10-26 14:09 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-10-26 14:10 . 2013-10-26 14:09 403440 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-10-26 14:10 . 2013-10-26 14:09 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-10-26 14:10 . 2013-10-26 14:09 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-10-26 14:10 . 2013-10-26 14:09 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-10-26 14:10 . 2013-10-26 14:09 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-10-26 14:10 . 2013-10-26 14:09 35656 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-10-26 14:10 . 2013-10-26 14:09 79720 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-10-26 14:10 . 2013-10-26 14:09 26136 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-10-26 14:09 . 2013-10-26 14:09 269216 ----a-w- c:\windows\system32\aswBoot.exe
2013-10-26 14:09 . 2013-10-26 14:09 43152 ----a-w- c:\windows\avastSS.scr
2013-10-26 14:09 . 2013-10-26 14:09 259928 ----a-w- c:\windows\system32\drivers\aswNdisFlt.sys
2013-10-26 14:09 . 2013-10-26 14:09 -------- d-----w- c:\program files\AVAST Software
2013-10-26 14:07 . 2013-10-26 14:07 -------- d-----w- c:\programdata\AVAST Software
2013-10-26 14:02 . 2012-02-17 05:34 826880 ----a-w- c:\windows\system32\rdpcore.dll
2013-10-26 14:02 . 2012-02-17 04:13 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2013-10-26 14:02 . 2010-11-20 10:24 134656 ----a-w- c:\windows\system32\rdpudd.dll
2013-10-26 14:02 . 2010-11-20 10:21 15872 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2013-10-26 14:02 . 2010-11-20 10:21 18432 ----a-w- c:\windows\system32\drivers\tdpipe.sys
2013-10-26 13:58 . 2013-10-26 13:58 -------- d-----w- c:\programdata\ATI
2013-10-26 13:57 . 2013-10-26 13:57 0 ----a-w- c:\windows\ativpsrm.bin
2013-10-26 13:52 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2013-10-26 13:52 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2013-10-26 13:52 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2013-10-26 13:52 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2013-10-26 13:52 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2013-10-26 13:52 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2013-10-26 13:52 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2013-10-26 13:52 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2013-10-26 13:52 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2013-10-26 13:50 . 2013-10-26 16:15 -------- d-sh--w- c:\windows\Installer
2013-10-26 13:50 . 2013-10-26 13:50 -------- d-----w- c:\program files\ATI
2013-10-26 13:49 . 2013-10-26 13:52 -------- d-----w- c:\program files\ATI Technologies
2013-10-26 13:39 . 2013-10-26 13:39 -------- d-----w- C:\swsetup
2013-10-26 13:37 . 2013-11-06 12:31 -------- d-----w- c:\windows\system32\wbem\Performance
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-27 11:11 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-10-26 14:09 321752 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-26 98304]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-10-26 3567800]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-10-14 2299176]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2013-10-27 280576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
R3 Andbus;LGE Android Composite USB Device;c:\windows\system32\DRIVERS\lgandbus.sys [2010-01-25 14336]
R3 AndDiag;LGE Android USB Serial Port;c:\windows\system32\DRIVERS\lganddiag.sys [2010-01-25 20864]
R3 AndGps;LGE Android USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps.sys [2010-01-25 19968]
R3 ANDModem;LGE Android USB Modem;c:\windows\system32\DRIVERS\lgandmodem.sys [2010-01-25 24960]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-10-29 40776]
R3 netr28u;Driver scheda LAN wireless USB RT2870 per Vista;c:\windows\system32\DRIVERS\netr28u.sys [2009-07-13 657408]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 vzandnetdiag;LGE AndroidNet for VZW USB Serial Port;c:\windows\system32\DRIVERS\lgvzandnetdiag.sys [2012-05-09 23168]
R3 vzandnetgps;LGE AndroidNet for VZW USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgvzandnetgps.sys [2012-05-09 22400]
R3 vzandnetmodem;LGE AndroidNet for VZW USB Modem;c:\windows\system32\DRIVERS\lgvzandnetmdm.sys [2012-05-09 28032]
R3 vzandnetndis;LGE AndroidNet for VZW NDIS Ethernet Adapter;c:\windows\system32\DRIVERS\lgvzandnetndis.sys [2012-05-09 74752]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2013-10-26 1343400]
R3 XDva405;XDva405;c:\windows\system32\XDva405.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2013-10-26 26136]
S1 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys [2013-10-26 259928]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-10-26 774392]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-10-26 403440]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-01-26 176128]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-10-26 35656]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-10-26 70384]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2013-10-26 179088]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2010-11-16 101392]
S3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28.sys [2012-12-06 2046560]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-26 14:11 1185744 ----a-w- c:\program files\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Contenuto della cartella 'Scheduled Tasks'
.
2013-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-10-26 14:10]
.
2013-11-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-10-26 14:10]
.
.
------- Scansione supplementare -------
.
TCP: DhcpNameServer = 192.168.43.1
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Ora fine scansione: 2013-11-06 13:43:45
ComboFix-quarantined-files.txt 2013-11-06 12:43
.
Pre-Run: 83.197.747.200 byte disponibili
Post-Run: 83.087.659.008 byte disponibili
.
- - End Of File - - C1C6248175D8A4EA0680D6CB2893F40D
A36C5E4F47E84449FF07ED3517B43A31