Valutazione 4.87/ 5 (100.00%) 5838 voti

Condividi:        

Log combofix

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: kadosh, Luke57

Log combofix

Postdi marybring » 04/12/13 12:14

Il mio pc non si connette a internet (chiavetta errore 730) e antivirus e firewall sono bloccati.Grazie dell'aiuto

ComboFix 13-12-01.01 - marianna 03/12/2013 17.57.12.1.2 - x86 Microsoft� Windows Vista� Home Basic 6.0.6002.2.1252.39.1040.18.3071.1963 [GMT 1:00] Eseguito da: c:\users\marianna\Desktop\abc.exe.exe AV: avast! Internet Security *Disabled/Outdated* {17AD7D40-BA12-9C46-7131-94903A54AD8B} FW: avast! Internet Security *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0} SP: avast! Internet Security *Disabled/Outdated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Creato nuovo punto di ripristino . . ((((((((((((((((((((((((((((((((((((( Altre eliminazioni ))))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\Windows Service c:\users\marianna\AppData\Local\assembly\tmp . . ((((((((((((((((((((((((((((((((((((((( Driver/Servizi ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_WsysSvc . . ((((((((((((((((((((((((( Files Creati Da 2013-11-03 al 2013-12-03 ))))))))))))))))))))))))))))))))))) . . 2013-12-03 17:05 . 2013-12-03 17:05 -------- d-----w- c:\users\Mark Child\AppData\Local\temp 2013-12-03 17:05 . 2013-12-03 17:12 -------- d-----w- c:\users\marianna\AppData\Local\temp 2013-12-03 17:05 . 2013-12-03 17:05 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-11-29 09:52 . 2013-11-08 01:15 7772552 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{98C10C92-9B20-497F-AC04-057C39E84233}\mpengine.dll 2013-11-25 10:07 . 2013-11-25 10:07 -------- d-----w- c:\program files\iPod 2013-11-25 10:07 . 2013-11-25 10:09 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1 2013-11-25 10:07 . 2013-11-25 10:09 -------- d-----w- c:\program files\iTunes 2013-11-14 10:24 . 2013-10-03 12:45 297984 ----a-w- c:\windows\system32\gdi32.dll 2013-11-14 10:24 . 2013-10-03 12:45 993792 ----a-w- c:\windows\system32\crypt32.dll 2013-11-14 10:23 . 2013-10-11 02:08 444928 ----a-w- c:\windows\system32\IKEEXT.DLL 2013-11-14 10:23 . 2013-10-11 02:07 596480 ----a-w- c:\windows\system32\FWPUCLNT.DLL 2013-11-13 08:39 . 2013-11-15 09:25 -------- d-----w- c:\users\Mark Child\AppData\Local\Smartbar 2013-11-12 16:15 . 2013-11-12 16:15 -------- d-----w- c:\program files\Nosibay 2013-11-12 16:14 . 2013-11-13 08:41 -------- d-----w- c:\users\Mark Child\AppData\Roaming\Nosibay 2013-11-12 16:11 . 2013-11-12 16:13 -------- d-----w- c:\program files\Common Files\DVDVideoSoft 2013-11-12 16:11 . 2013-11-12 16:11 -------- d-----w- c:\users\Mark Child\AppData\Roaming\OpenCandy 2013-11-12 16:06 . 2013-11-12 16:13 -------- d-----w- c:\users\Mark Child\AppData\Roaming\DVDVideoSoft 2013-11-10 16:02 . 2013-11-10 16:02 -------- d-----w- c:\users\Mark Child\AppData\Roaming\AVAST Software 2013-11-08 09:36 . 2013-11-08 09:36 -------- d-----w- c:\users\marianna\AppData\Roaming\AVAST Software 2013-11-08 09:22 . 2013-11-08 09:22 -------- d-----w- c:\programdata\AVAST Software 2013-11-08 09:15 . 2013-10-31 06:46 104752 ----a-w- c:\windows\system32\drivers\aswFW.sys 2013-11-08 09:15 . 2013-09-25 12:15 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-11-11 04:50 . 2011-01-11 17:17 230048 ------w- c:\windows\system32\MpSigStub.exe 2013-11-08 10:02 . 2011-01-15 13:36 403440 ----a-w- c:\windows\system32\drivers\aswsp.sys 2013-11-08 09:27 . 2013-03-20 14:52 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2013-11-08 09:27 . 2013-03-20 14:52 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2013-11-08 09:27 . 2011-06-30 14:37 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-11-08 09:27 . 2011-01-15 13:36 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2013-11-08 09:27 . 2011-01-15 13:36 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2013-11-08 09:27 . 2011-01-15 13:36 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2013-11-08 09:27 . 2011-01-15 13:36 35656 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2013-11-08 09:27 . 2011-01-15 15:36 43152 ----a-w- c:\windows\avastSS.scr 2013-11-08 09:27 . 2011-01-15 13:36 269216 ----a-w- c:\windows\system32\aswBoot.exe 2013-10-12 07:26 . 2013-03-04 13:46 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-10-12 07:26 . 2011-07-01 13:15 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-10-08 06:50 . 2013-10-28 08:18 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2013-09-12 14:29 . 2013-09-12 14:29 82432 ----a-w- c:\users\Mark Child\AppData\Roaming\Microsoft\MSXML2\msxml4r.dll 2013-09-12 14:29 . 2013-09-12 14:29 44544 ----a-w- c:\users\Mark Child\AppData\Roaming\Microsoft\MSXML2\msxml4a.dll 2013-09-12 14:29 . 2013-09-12 14:29 348160 ----a-w- c:\windows\system32\msvcr71.dll 2013-09-12 14:29 . 2013-09-12 14:29 1275392 ----a-w- c:\users\Mark Child\AppData\Roaming\Microsoft\MSXML2\msxml4.dll 2011-03-28 08:27 . 2011-03-28 08:27 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* i valori vuoti & legittimi/default non sono visualizzati. REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] 2013-10-31 21:08 277560 ----a-w- c:\program files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2013-11-08 09:27 321752 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2013-06-05 17:17 130736 ----a-w- c:\users\marianna\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2013-06-05 17:17 130736 ----a-w- c:\users\marianna\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2013-06-05 17:17 130736 ----a-w- c:\users\marianna\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SmpcSys"="c:\program files\Packard Bell\SetUpMyPC\SmpSys.exe" [2008-02-04 1038136] "iCloudServices"="c:\program files\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-04-05 59720] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2008-05-07 6139904] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2013-05-01 421888] "AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2013-11-08 3568312] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-11-01 152392] . c:\users\marianna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\marianna\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-6-5 27370808] Monitora avvisi inchiostro - HP Deskjet 3050A J611 series.lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Deskjet 3050A J611 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN266142DZ05WK;CONNECTION=USB;MONITOR=1; [2006-11-2 44544] Stickies.lnk - c:\program files\Stickies\stickies.exe [2008-8-28 765952] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKLM\~\startupfolder\C:^Users^marianna^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk] path=c:\users\marianna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk backup=c:\windows\pss\OpenOffice.org 3.2.lnk.Startup backupExtension=.Startup . [HKLM\~\startupfolder\C:^Users^marianna^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Widget vodafone.lnk] path=c:\users\marianna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Widget vodafone.lnk backup=c:\windows\pss\Widget vodafone.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApplePhotoStreams] 2013-04-05 10:58 59720 ----a-w- c:\program files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon] 2013-04-21 19:43 59720 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2013-11-01 23:29 152392 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload] 2013-03-28 09:32 1511792 ----a-w- c:\program files\Samsung\Kies\Kies.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent] 2013-03-28 09:32 310640 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel] 2007-11-20 16:15 1826816 ----a-w- c:\windows\SkyTel.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\toolbar_eula_launcher] 2007-02-20 16:20 28672 ----a-w- c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "Google Update"="c:\users\marianna\AppData\Local\Google\Update\GoogleUpdate.exe" /c . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "HP Software Update"=c:\program files\Hp\HP Software Update\HPWuSchd2.exe "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" . --- Altri Servizi/Drivers In Memoria --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Contenuto della cartella 'Scheduled Tasks' . 2013-12-03 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-04 07:26] . 2013-12-03 c:\windows\Tasks\AutoKMS.job - c:\windows\AutoKMS.exe [2013-04-04 13:38] . 2013-12-03 c:\windows\Tasks\Garanzia estesa-marianna.job - c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2008-08-15 09:13] . 2013-12-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-03-06 13:35] . 2013-12-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-03-06 13:35] . 2013-12-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3894304167-2661753477-3684089030-1000Core.job - c:\users\marianna\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-14 16:27] . 2013-12-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3894304167-2661753477-3684089030-1000UA.job - c:\users\marianna\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-14 16:27] . 2013-11-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3894304167-2661753477-3684089030-1001Core.job - c:\users\Mark Child\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-21 10:02] . 2013-12-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3894304167-2661753477-3684089030-1001UA.job - c:\users\Mark Child\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-21 10:02] . 2013-12-03 c:\windows\Tasks\HP Photo Creations Messager.job - c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11] . . ------- Scansione supplementare ------- . uStart Page = hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1378216942 mStart Page = hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1378216942 uSearchURL,(Default) = hxxp://www.google.com/keyword/%s IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: I&nvia a OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll TCP: Interfaces\{160CA22D-EB26-4100-8250-271A53F81BA7}: NameServer = 8.8.8.8,8.8.4.4 TCP: Interfaces\{5CACA4F0-4D3E-4A02-9975-9BD3E5056EF8}: NameServer = 8.8.8.8,8.8.4.4 TCP: Interfaces\{6B8F825E-7530-4ADA-ACBC-37708EFF666E}: NameServer = 8.8.8.8,8.8.4.4 TCP: Interfaces\{BBFF079E-F254-4B5C-932F-329D26EBD5EB}: NameServer = 8.8.8.8,8.8.4.4 TCP: Interfaces\{C92392FB-741A-4BE1-83E2-6C91DD7CCBB5}: NameServer = 8.8.8.8,8.8.4.4 . - - - - CHIAVI ORFANE RIMOSSE - - - - . URLSearchHooks-{4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - (no file) Toolbar-10 - (no file) SafeBoot-WudfPf SafeBoot-WudfRd MSConfigStartUp-CLMLServer - c:\program files\CyberLink\PowerCinema\Kernel\CLML\CLMLSvc.exe MSConfigStartUp-PlayMovie - c:\program files\CyberLink\PlayMovie\PMVService.exe . . . ************************************************************************** scansione processi nascosti ... . scansione entrate autostart nascoste ... . Scansione files nascosti ... . Scansione completata con successo Files nascosti: . ************************************************************************** . --------------------- CHIAVI DI REGISTRO BLOCCATE --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- Dlls caricate dai processi in esecuzione --------------------- . - - - - - - - > 'Explorer.exe'(1956) c:\users\marianna\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll . ------------------------ Altri processi in esecuzione ------------------------ . c:\windows\system32\nvvsvc.exe c:\windows\system32\rundll32.exe c:\program files\Alwil Software\Avast5\AvastSvc.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\system32\IoctlSvc.exe c:\users\marianna\AppData\Local\ServUpdater\ServiceUpd.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\System32\WUDFHost.exe c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE c:\windows\system32\conime.exe c:\\?\c:\windows\system32\wbem\WMIADAP.EXE . ************************************************************************** . Ora fine scansione: 2013-12-03 18:16:27 - Il pc � stato riavviato ComboFix-quarantined-files.txt 2013-12-03 17:16 . Pre-Run: 84.220.674.048 byte disponibili Post-Run: 83.737.956.352 byte disponibili . - - End Of File - - EFD5541EEB773A370C3991039825F406 5C616939100B85E558DA92B899A0FC36
marybring
Utente Junior
 
Post: 18
Iscritto il: 04/12/13 10:50

Sponsor
 

Re: Log combofix

Postdi shel » 04/12/13 12:19

ciao messo cosi' e' illegibile, prova a caricarlo su wikisend
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: Log combofix

Postdi marybring » 04/12/13 14:29

marybring
Utente Junior
 
Post: 18
Iscritto il: 04/12/13 10:50

Re: Log combofix

Postdi shel » 04/12/13 16:45

hai qualche adware da togliere vediamo di rimuoverlo

scarica adwcleaner
Chiudi tutti i browser (è importante che siano chiusi: IE,Firefox, Chrome ecc...)
Clicca sul pulsante "Scan".
Finita la scansione clicca su "Clean"
Conferma con OK le varie finestre che ti compariranno.
Il pc si riavvierà, e uscirà il log con le eliminazioni.
Postalo qui nel forum

per la connessione prova cosi'

vai su start>pannello di controllo> connessioni di rete fai click destro sulla tua connessione> proprietà fai doppio click su Protocollo Internet(TCP/IP) e seleziona "ottieni indirizzo server DNS automaticamente" clicca ok e riavvia

fammi sapere
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: Log combofix

Postdi marybring » 05/12/13 09:31

Questo è il log della scansione:
http://wikisend.com/download/334690/log AdwCleaner[S0].txt

Per la connessione ho provato il tuo suggerimento, ma "ottieni indirizzo server DNS automaticamente" era già selezionato e ancora il pc non si connette (dà ancora errore 730).
marybring
Utente Junior
 
Post: 18
Iscritto il: 04/12/13 10:50

Re: Log combofix

Postdi shel » 05/12/13 09:51

scarica OTL
Metti la spunta su SCAN ALL USERS.
Sotto output spunta minimal output
Clicca sulla freccettina di File Age e seleziona 60 Days
Metti la spunta a LOP Check and Purity Check.
A fine scansione OTL produrrà due file di log (OTL.txt ed Extras.txt)
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56


Re: Log combofix

Postdi marybring » 05/12/13 15:16

marybring
Utente Junior
 
Post: 18
Iscritto il: 04/12/13 10:50

Re: Log combofix

Postdi shel » 05/12/13 19:19

adesso apri otl e copia incolla questo testo

Codice: Seleziona tutto
:OTL
PRC - C:\Users\marianna\AppData\Local\ServUpdater\ServiceUpd.exe (ServiceUpd)
SRV - (SoftwareUpd) -- C:\Users\marianna\AppData\Local\SoftwareUpdater\SoftwareUpdService.exe File not found
SRV - (ServUpdater) -- C:\Users\marianna\AppData\Local\ServUpdater\ServiceUpd.exe (ServiceUpd)
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKU\S-1-5-21-3894304167-2661753477-3684089030-1000\..\SearchScopes\{E067ED7B-ADDD-4A36-BA72-A53984CC5E8A}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYIT&apn_uid=DB233E38-5105-4E88-ACD0-4EAA969BC2D5&apn_sauid=56BCE31C-E698-4597-B5E9-50EB3110BC9D
[2013/12/03 17.53.35 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/06/07 14.38.40 | 000,000,128 | ---- | C] () -- C:\Users\marianna\AppData\Roaming\wklnhst.dat


:Files
ipconfig /flushdns /c

:commands
[Reboot]


premi RUN FIX a ellega il log


cotrolla anche se conosci questa cartella

C:\Users\marianna\AppData\Roaming\2BrightSparks
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: Log combofix

Postdi marybring » 05/12/13 20:42

Purtroppo ho perso il log perchè l'ho chiuso pensando fosse già salvato in automatico sul desktop e invece no! Come posso fare?
Per quanto riguarda quella cartella, ho visto che contiene un'altra cartella (vuota) avente il nome di un programma che uso (SyncBackFree), ma non ho idea di cosa ci faccia lì.
marybring
Utente Junior
 
Post: 18
Iscritto il: 04/12/13 10:50

Re: Log combofix

Postdi shel » 05/12/13 20:54

il log delle leiminazioni puoi trovarlo nella cartella C:\_OTL\MovedFiles\ tipo ggMMaaaa_hhmmss.log
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: Log combofix

Postdi marybring » 05/12/13 21:03

marybring
Utente Junior
 
Post: 18
Iscritto il: 04/12/13 10:50

Re: Log combofix

Postdi shel » 05/12/13 21:08

come va il pc?
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: Log combofix

Postdi marybring » 05/12/13 21:25

Presenta sempre gli stessi problemi: chiavetta errore 730, Avast impossibilitato ad abilitare il firewall.
marybring
Utente Junior
 
Post: 18
Iscritto il: 04/12/13 10:50

Re: Log combofix

Postdi shel » 05/12/13 21:46

usi la wireless o la connessione via cavo normale? per caso hai una chiavetta vodafone?
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: Log combofix

Postdi marybring » 06/12/13 08:46

Uso solo una chiavetta Tim.
marybring
Utente Junior
 
Post: 18
Iscritto il: 04/12/13 10:50

Re: Log combofix

Postdi shel » 06/12/13 10:49

Scarica Farbar Service


Spunta
"internet service"
"windows firewall"
Clicca su "Scan".
Si aprirà un log , allegalo nel forum.
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: Log combofix

Postdi marybring » 06/12/13 16:18

marybring
Utente Junior
 
Post: 18
Iscritto il: 04/12/13 10:50

Re: Log combofix

Postdi shel » 07/12/13 10:23

sempre col programmino che hai usato ora,( Farbar Service) aprilo e copia/ incolla nel box questo = > Ndisuio clicca su export service

alleg ail log che ottieni
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: Log combofix

Postdi marybring » 07/12/13 11:17

marybring
Utente Junior
 
Post: 18
Iscritto il: 04/12/13 10:50

Prossimo

Torna a Sicurezza e Privacy


Topic correlati a "Log combofix":

Aiuto log Combofix
Autore: cariu
Forum: Sicurezza e Privacy
Risposte: 4

Chi c’è in linea

Visitano il forum: Nessuno e 9 ospiti