Condividi:        

Connessione internet bloccata, forse virus

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

Connessione internet bloccata, forse virus

Postdi marck » 22/01/16 15:07

Salve, purtroppo ho la connessione internet bloccata, all' inizio pensavo fosse un problema di router o linea ADSL ma quando ho visto che ho diversi software fuori uso mi sono convinto che la causa di tutto sia un virus, vi sto contattando da uno smartphone dunque mi scuso per eventuali errori . Come posso risolvere il problema ?

Come dicevo diversi programmi non aprono, l'errore visualizzato durante l'apertura e' : WSAStartup fallied, yuour have the incorrent versione of WinScok installed

Quando apro la pagina internet mi dice DNS PROBE FINISHED NO INTERNET.
Avatar utente
marck
Utente Senior
 
Post: 751
Iscritto il: 13/07/08 15:38

Sponsor
 

Re: Connessione internet bloccata, forse virus

Postdi quizface » 22/01/16 19:16

Apri una linea di comando con privilegi d' amministratore e prova il comando netsh winsock reset se non risolvi, prova con sfc /scannow per vedere se ci sono dei file di sistema corrotti.
Se non siete sicuri di quello che scrivete, non scrivete niente, nessuno vi obbliga ed eviterete di confondere chi gia' e' confuso. Ciao..ciao
Avatar utente
quizface
Utente Senior
 
Post: 15071
Iscritto il: 03/10/04 00:36

Re: Connessione internet bloccata, forse virus

Postdi marck » 22/01/16 21:36

Ciao, prima di tutto ti ringrazio per avermi risposto e per la disponibilità, adesso provo subito e ti faccio sapere il risultato, ieri come accennavo mi e arrivato questo smartphone, l'ho collegato via WiFi al PC , e ho l'impressione che il virus sia penetrato attraverso il telefono, infatti anche sullo smartphone si apre una pagina web segnalata come un virus.
Avatar utente
marck
Utente Senior
 
Post: 751
Iscritto il: 13/07/08 15:38

Re: Connessione internet bloccata, forse virus

Postdi marck » 22/01/16 22:00

Dunque ho provato il primo comando netesh winsok reset ho riavviato il PC ma non ho risolto, il secondo comando sfc/ scannow mi dice : Protezione windows : nessuna violazione di integrità del sistema trovata. Quando tento di aprire la pagina web chrome mi suggerisce : Consenti a chrome di accedere alla rete nelle impostazioni del firewall o del software antivirus. Come procediamo ?
Avatar utente
marck
Utente Senior
 
Post: 751
Iscritto il: 13/07/08 15:38

Re: Connessione internet bloccata, forse virus

Postdi Luke57 » 23/01/16 09:43

Ciao, non hai detto quale sistema operativo hai, comunque:
Scarica ADWCLEANER.
http://www.bleepingcomputer.com/download/adwcleaner/
1) chiudi tutti i browser, avvia il programma e clicca sul tasto ANALISI;
2) al termine della scansione, clicca sul tasto ELIMINA;
3)il computer si riavvierà; al riavvio, salva il REPORT [Sx] rilasciato dopo l’eliminazione e copialo in un post

2) scarica malwarebytes:
http://www.malwarebytes.org/products/
Durante l'installazione togli la spunta da attiva malwarebytes premium(di prova).
•Una volta installato avvia il programma.Controlla che nella pagina iniziale(controllo) la versione del database sia aggiornata(spunta verde) altrimenti clicca su aggiornamento.
•Portati in alto e clicca su setting.Alla voce "lingua" setta l'italiano.
•Portati alla voce rilevamento e protezione:metti la spunta a "ricerca rootkit"
•Riportati alla pagina iniziale(controllo) e clicca su scansiona.

Se vengono rilevate minacce clicca sul pulsante APPLICA.MBAM ti chiederà di riavviare il pc.
Al riavvio riapri il programma.Clicca su cronologia-log applicazione.Fai doppio click su log scansione-clicca su esporta in formato txt.
copialo in un post
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Re: Connessione internet bloccata, forse virus

Postdi quizface » 23/01/16 10:02

marck ha scritto:Dunque ho provato il primo comando netesh winsok reset ho riavviato il PC ma non ho risolto, il secondo comando sfc/ scannow mi dice : Protezione windows : nessuna violazione di integrità del sistema trovata. Quando tento di aprire la pagina web chrome mi suggerisce : Consenti a chrome di accedere alla rete nelle impostazioni del firewall o del software antivirus. Come procediamo ?


Se usi Chrome come browser ovviamente devi dire si
Se non siete sicuri di quello che scrivete, non scrivete niente, nessuno vi obbliga ed eviterete di confondere chi gia' e' confuso. Ciao..ciao
Avatar utente
quizface
Utente Senior
 
Post: 15071
Iscritto il: 03/10/04 00:36

Re: Connessione internet bloccata, forse virus

Postdi marck » 23/01/16 13:57

@Luke57
Ciao, grazie infinite per la disponibilità, ho windows 7 64 bit, ho già scaricato i programmi, ora faccio le scansioni con i software, adesso vedo se riesco a recuperare un'altro PC , con lo smartphone con cui sto scrivendo sul forum non so se riesco a postare i file log

@quizface

Si chrome sul firewall e impostato per consentire l'accesso alle reti, adesso se recupero un altro PC ti mostro alcuni screenshot.
Avatar utente
marck
Utente Senior
 
Post: 751
Iscritto il: 13/07/08 15:38

Re: Connessione internet bloccata, forse virus

Postdi marck » 23/01/16 16:28

Allora ho messo in funzione un'altro pc fisso che avevo, adesso vi sto contattando appunto dal pc.

Questi sono i risultati di AdwCleaner :

# AdwCleaner v5.030 - Creato file registro eventi 23/01/2016 in 14:31:23
# Aggiornato 17/01/2016 da Xplode
# Database : 2016-01-11.2 [Locale]
# Sistema operativo : Windows 7 Ultimate Service Pack 1 (x64)
# Nome utente : mITX 4330 - MITX4330-PC
# In esecuzione da : C:\_OTL\MovedFiles\01142015_173240\C_Users\mITX 4330\Desktop\AdwCleaner.exe
# Opzione : Pulizia
# Supporto : http://toolslib.net/forum

***** [ Servizi ] *****


***** [ Cartelle ] *****


***** [ File ] *****


***** [ DLLs ] *****


***** [ Collegamenti ] *****


***** [ Attività pianificate ] *****


***** [ Registry ] *****

[-] Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Chiave Eliminata : [x64] HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Chiave Eliminata : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}

***** [ Browser web ] *****

[-] [C:\Users\mITX 4330\AppData\Roaming\Mozilla\Firefox\Profiles\smtj56pb.default-1450807224066\prefs.js] [Preference] Eliminata : user_pref("browser.safebrowsing.appRepURL", "hxxps://sb-ssl.google.com/safebrowsing/clientreport/download?key=%GOOGLE_API_KEY%");

*************************

:: Chiavi "Tracing" eliminatas
:: Impostazioni Winsock azzerate

########## EOF - C:\AdwCleaner\AdwCleaner[C7].txt - [1375 byte] ##########

Immagine

Immagine

Riguardo malwarebyte l'avevo già installato nel pc, quello attualmente installato non riesco ad'aprirlo, ho provato a reinstallarlo ma senza esito, questo è il messaggio di errore :

Immagine

Ecco l'avviso su chrome quando tento di aprire la pagina web :

Immagine

Sul firewall chrome ovviamente è impostato per avere libero accesso alle reti :

Immagine

Il mio router è un TD W8970, sull'altro pc tramite questo indirizzo : http://192.168.1.1/ non riesco ad'accedere neanche al router
Avatar utente
marck
Utente Senior
 
Post: 751
Iscritto il: 13/07/08 15:38

Re: Connessione internet bloccata, forse virus

Postdi Luke57 » 23/01/16 17:02

Scarica Combofix,
http://www.bleepingcomputer.com/downloa ... fix/dl/12/
prima di salvarlo sul desktop rinominalo in abc.exe
sconnetti fisicamente il computer dalla rete (stacca il cavo / spegni il router);
una volta al desktop: tasto destro del mouse su abc.exe, scegli ESEGUI COME AMMINISTRATORE;
5) durante la scansione con Combofix non eseguire alcuna operazione (se viene rilasciato un messaggio relativo alla presenza di antivirus, ignora il messaggio e prosegui).
Al termine apparirà a schermo il log di combofix che potrai anche trovare in C:\combofix.txt . copialo e incollalo in un post
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Re: Connessione internet bloccata, forse virus

Postdi marck » 23/01/16 19:20

Ecco il risultato :

ComboFix 16-01-22.01 - mITX 4330 23/01/2016 18:56:10.6.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.39.1040.18.3964.2237 [GMT 1:00]
Eseguito da: c:\_otl\MovedFiles\01142015_173240\C_Users\mITX 4330\Desktop\abc.exe
AV: Avira Antivirus *Disabled/Outdated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Disabled/Outdated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\mITX 4330\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\MITX43~1\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
.
.
((((((((((((((((((((((((( Files Creati Da 2015-12-23 al 2016-01-23 )))))))))))))))))))))))))))))))))))
.
.
2016-01-23 17:59 . 2016-01-23 17:59 -------- d-----w- c:\users\Public\AppData\Local\temp
2016-01-23 17:59 . 2016-01-23 17:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-01-23 17:59 . 2016-01-23 17:59 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2016-01-22 12:18 . 2016-01-22 12:18 -------- d-----w- c:\program files (x86)\VS Revo Group
2016-01-22 12:17 . 2016-01-22 12:17 -------- d-----w- c:\programdata\IObit
2016-01-22 12:17 . 2016-01-22 12:17 -------- d-----w- c:\program files (x86)\IObit
2016-01-22 11:07 . 2016-01-22 11:07 -------- d-----w- c:\users\mITX 4330\AppData\Roaming\Avira
2016-01-22 11:06 . 2015-12-04 06:38 75472 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2016-01-22 11:06 . 2015-12-04 06:38 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2016-01-22 11:06 . 2015-12-04 06:38 162072 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2016-01-22 11:06 . 2015-12-04 06:38 140448 ----a-w- c:\windows\system32\drivers\avipbb.sys
2016-01-22 03:40 . 2016-01-22 12:24 -------- d-----w- c:\users\mITX 4330\AppData\Roaming\AntiLogger
2016-01-20 01:51 . 2016-01-20 01:51 -------- d-----w- c:\users\Public\Speedup Sessions
2016-01-13 06:28 . 2016-01-13 06:28 -------- d-----w- c:\users\mITX 4330\AppData\Local\Avira
2016-01-13 01:54 . 2015-12-11 18:57 1164800 ----a-w- c:\windows\system32\aeinv.dll
2016-01-09 13:17 . 2016-01-09 15:03 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2016-01-07 17:37 . 2016-01-07 17:38 -------- d-----w- c:\program files (x86)\Video Capture
2016-01-03 23:43 . 2016-01-03 23:43 -------- d-----w- c:\program files (x86)\SpyShelter Premium
2016-01-03 23:43 . 2015-03-13 23:13 43272 ----a-w- c:\windows\system32\SpyShelterShellExt.dll
2015-12-31 20:42 . 2015-12-31 20:42 49752 ----a-w- c:\windows\system32\drivers\AntiLog64.sys
2015-12-31 20:41 . 2015-12-31 20:41 -------- d-----w- c:\windows\SysWow64\ZALSDK_uninst
2015-12-31 20:41 . 2015-12-31 20:41 -------- d-----w- c:\program files (x86)\KeyCryptSDK
2015-12-31 20:41 . 2014-12-30 12:31 7039960 ----a-w- c:\windows\SysWow64\ZALSDKCore.dll
2015-12-31 20:41 . 2014-12-30 12:31 76520 ----a-w- c:\windows\system32\drivers\KeyCrypt64.sys
2015-12-31 20:41 . 2015-12-31 20:42 -------- d-----w- c:\users\mITX 4330\AppData\Local\Zemana
2015-12-31 19:03 . 2015-03-13 23:13 34568 ----a-w- c:\windows\SysWow64\SpyShelterShellExt.dll
2015-12-31 19:03 . 2016-01-22 03:50 -------- d-----w- c:\users\mITX 4330\AppData\Roaming\SpyShelter
2015-12-31 19:03 . 2015-12-31 19:03 -------- d-----w- c:\program files (x86)\SpyShelter Firewall
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-01-22 13:25 . 2015-01-14 03:47 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2016-01-19 19:28 . 2014-07-23 18:36 796864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-01-19 19:28 . 2014-07-23 18:36 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-01-13 02:02 . 2015-01-18 19:43 143671360 ----a-w- c:\windows\system32\MRT.exe
2016-01-07 17:50 . 2014-09-04 07:14 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-12-30 18:37 . 2016-01-13 01:54 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-12-09 18:58 . 2015-12-09 18:58 1070232 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
2015-12-08 19:07 . 2009-07-14 00:22 1393152 ----a-w- c:\windows\system32\WMALFXGFXDSP.dll
2015-12-02 12:18 . 2010-11-21 03:27 301728 ------w- c:\windows\system32\MpSigStub.exe
2015-11-25 11:02 . 2015-12-22 12:11 11154520 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A10B595D-A86E-4A91-A13A-37985C509743}\mpengine.dll
2015-11-20 18:54 . 2015-12-08 21:48 98816 ----a-w- c:\windows\system32\wudriver.dll
2015-11-20 18:54 . 2015-12-08 21:48 37888 ----a-w- c:\windows\system32\wups2.dll
2015-11-20 18:54 . 2015-12-08 21:48 36864 ----a-w- c:\windows\system32\wups.dll
2015-11-20 18:54 . 2015-12-08 21:48 3170304 ----a-w- c:\windows\system32\wucltux.dll
2015-11-20 18:54 . 2015-12-08 21:48 2609152 ----a-w- c:\windows\system32\wuaueng.dll
2015-11-20 18:54 . 2015-12-08 21:48 192512 ----a-w- c:\windows\system32\wuwebv.dll
2015-11-20 18:54 . 2015-12-08 21:48 709632 ----a-w- c:\windows\system32\wuapi.dll
2015-11-20 18:54 . 2015-12-08 21:48 91136 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-11-20 18:54 . 2015-12-08 21:48 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-11-20 18:54 . 2015-12-08 21:48 37888 ----a-w- c:\windows\system32\wuapp.exe
2015-11-20 18:54 . 2015-12-08 21:48 140288 ----a-w- c:\windows\system32\wuauclt.exe
2015-11-20 18:34 . 2015-12-08 21:48 93696 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-11-20 18:34 . 2015-12-08 21:48 30208 ----a-w- c:\windows\SysWow64\wups.dll
2015-11-20 18:34 . 2015-12-08 21:48 174080 ----a-w- c:\windows\SysWow64\wuwebv.dll
2015-11-20 18:34 . 2015-12-08 21:48 573440 ----a-w- c:\windows\SysWow64\wuapi.dll
2015-11-20 18:33 . 2015-12-08 21:48 35328 ----a-w- c:\windows\SysWow64\wuapp.exe
2015-11-11 18:53 . 2015-12-08 21:46 1735680 ----a-w- c:\windows\system32\comsvcs.dll
2015-11-11 18:53 . 2015-12-08 21:46 525312 ----a-w- c:\windows\system32\catsrvut.dll
2015-11-11 18:39 . 2015-12-08 21:46 1242624 ----a-w- c:\windows\SysWow64\comsvcs.dll
2015-11-11 18:39 . 2015-12-08 21:46 487936 ----a-w- c:\windows\SysWow64\catsrvut.dll
2015-11-10 18:55 . 2015-12-08 21:47 1648128 ----a-w- c:\windows\system32\DWrite.dll
2015-11-10 18:55 . 2015-12-08 21:47 1180160 ----a-w- c:\windows\system32\FntCache.dll
2015-11-10 18:55 . 2015-12-08 21:47 1008640 ----a-w- c:\windows\system32\user32.dll
2015-11-10 18:39 . 2015-12-08 21:47 1251328 ----a-w- c:\windows\SysWow64\DWrite.dll
2015-11-10 18:37 . 2015-12-08 21:47 833024 ----a-w- c:\windows\SysWow64\user32.dll
2015-11-05 19:05 . 2015-12-08 21:46 17408 ----a-w- c:\windows\system32\wshrm.dll
2015-11-05 19:02 . 2015-12-08 21:46 14848 ----a-w- c:\windows\SysWow64\wshrm.dll
2015-11-05 19:02 . 2015-12-08 21:48 2048 ----a-w- c:\windows\system32\tzres.dll
2015-11-05 19:00 . 2015-12-08 21:48 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2015-11-05 09:53 . 2015-12-08 21:46 146944 ----a-w- c:\windows\system32\drivers\rmcast.sys
2015-11-03 19:04 . 2015-12-08 21:48 802304 ----a-w- c:\windows\system32\usp10.dll
2015-11-03 19:04 . 2015-12-08 21:45 241664 ----a-w- c:\windows\system32\els.dll
2015-11-03 18:56 . 2015-12-08 21:48 627712 ----a-w- c:\windows\SysWow64\usp10.dll
2015-11-03 18:55 . 2015-12-08 21:45 179712 ----a-w- c:\windows\SysWow64\els.dll
2015-10-29 17:50 . 2015-11-11 09:05 6656 ----a-w- c:\windows\system32\shimeng.dll
2015-10-29 17:50 . 2015-11-11 09:05 342016 ----a-w- c:\windows\system32\apphelp.dll
2015-10-29 17:50 . 2015-11-11 09:05 72192 ----a-w- c:\windows\system32\aelupsvc.dll
2015-10-29 17:50 . 2015-11-11 09:05 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2015-10-29 17:50 . 2015-11-11 09:05 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-10-29 17:50 . 2015-11-11 09:05 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2015-10-29 17:50 . 2015-11-11 09:05 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-10-29 17:50 . 2015-11-11 09:05 5120 ----a-w- c:\windows\SysWow64\shimeng.dll
2015-10-29 17:50 . 2015-11-11 09:05 23552 ----a-w- c:\windows\system32\sdbinst.exe
2015-10-29 17:49 . 2015-11-11 09:05 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
2015-10-29 17:49 . 2015-11-11 09:05 562176 ----a-w- c:\windows\apppatch\AcLayers.dll
2015-10-29 17:49 . 2015-11-11 09:05 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-10-29 17:49 . 2015-11-11 09:05 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-10-29 17:49 . 2015-11-11 09:05 211968 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2015-10-29 17:49 . 2015-11-11 09:05 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe
2015-10-29 17:39 . 2015-11-11 09:05 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2014-03-07 10:03 3109520 --sha-r- c:\windows\SysWOW64\avcodec-lav-55.dll
2014-03-07 10:03 98960 --sha-r- c:\windows\SysWOW64\avfilter-lav-4.dll
2014-03-07 10:03 550032 --sha-r- c:\windows\SysWOW64\avformat-lav-55.dll
2015-03-31 06:40 401920 --sha-w- c:\windows\SysWOW64\avisynth.dll
2014-03-07 10:03 59536 --sha-r- c:\windows\SysWOW64\avresample-lav-1.dll
2005-07-14 11:31 32256 --sha-w- c:\windows\SysWOW64\AVSredirect.dll
2014-03-07 10:03 181392 --sha-r- c:\windows\SysWOW64\avutil-lav-52.dll
2004-05-26 13:37 719872 --sha-w- c:\windows\SysWOW64\devil.dll
2014-03-07 10:03 122512 --sha-r- c:\windows\SysWOW64\HLaudio.dll
2014-03-07 10:03 203408 --sha-r- c:\windows\SysWOW64\HLsplit.dll
2014-03-07 10:03 313520 --sha-r- c:\windows\SysWOW64\HLvideo.dll
2004-01-24 23:00 70656 --sha-w- c:\windows\SysWOW64\i420vfw.dll
2014-03-07 10:03 166544 --sha-r- c:\windows\SysWOW64\IntelQuickSyncDecoder.dll
2014-03-07 10:03 109712 --sha-r- c:\windows\SysWOW64\libbluray.dll
2011-02-11 09:26 112128 --sha-r- c:\windows\SysWOW64\OptimFROG.dll
2014-03-07 10:03 118416 --sha-r- c:\windows\SysWOW64\swscale-lav-2.dll
2010-01-06 23:00 107520 --sha-r- c:\windows\SysWOW64\TAKDSDecoder.dll
2012-10-05 18:54 188416 --sha-r- c:\windows\SysWOW64\winDCE32.dll
2004-01-24 23:00 70656 --sha-w- c:\windows\SysWOW64\yv12vfw.dll
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpyShelter"="c:\program files (x86)\SpyShelter Premium\SpyShelter.exe" [2015-05-21 3539720]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-10-19 8551848]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\Antivirus\avgnt.exe" [2015-12-04 803200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sh4native Sh4Removal
.
R2 AntiVirMailService;Avira Protezione email;c:\program files (x86)\Avira\Antivirus\avmailc7.exe;c:\program files (x86)\Avira\Antivirus\avmailc7.exe [x]
R2 AntiVirWebService;Avira Protezione web;c:\program files (x86)\Avira\Antivirus\avwebg7.exe;c:\program files (x86)\Avira\Antivirus\avwebg7.exe [x]
R2 Avira.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R2 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [x]
R2 XTU3SERVICE;Intel(R) Extreme Tuning Utility Service;c:\program files (x86)\Intel\Extreme Tuning Utility\XtuService.exe;c:\program files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [x]
R3 AMPPAL;Scheda virtuale Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
R3 AVerAF35;AVerMedia A867 USB DVB-T;c:\windows\system32\Drivers\AVerAF35.sys;c:\windows\SYSNATIVE\Drivers\AVerAF35.sys [x]
R3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys;c:\windows\SYSNATIVE\drivers\btmaud.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 hcw95bda;Hauppauge MOD7700 Tuner Driver;c:\windows\system32\Drivers\hcw95bda.sys;c:\windows\SYSNATIVE\Drivers\hcw95bda.sys [x]
R3 hcw95rc;Hauppauge MOD7700 IR Driver;c:\windows\system32\DRIVERS\hcw95rc.sys;c:\windows\SYSNATIVE\DRIVERS\hcw95rc.sys [x]
R3 ibtusb;Intel(R) Wireless Bluetooth(R) 4.0 + scheda HS;c:\windows\system32\DRIVERS\ibtusb.sys;c:\windows\SYSNATIVE\DRIVERS\ibtusb.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 jakndis;Jaksta Service;c:\windows\system32\DRIVERS\jakndis.sys;c:\windows\SYSNATIVE\DRIVERS\jakndis.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 NPF;WinPcap Packet Driver (NPF);c:\windows\system32\drivers\NPF.sys;c:\windows\SYSNATIVE\drivers\NPF.sys [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update\NTIOLib_X64.sys;c:\program files (x86)\MSI\Live Update\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIClock_CC;NTIOLib_MSIClock_CC;c:\program files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys [x]
R3 NTIOLib_MSICOMM_CC;NTIOLib_MSICOMM_CC;c:\program files (x86)\MSI\Command Center\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\NTIOLib_X64.sys [x]
R3 NTIOLib_MSICPU_CC;NTIOLib_MSICPU_CC;c:\program files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIDDR_CC;NTIOLib_MSIDDR_CC;c:\program files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIFrequency_CC;NTIOLib_MSIFrequency_CC;c:\program files (x86)\MSI\Command Center\ClockGen\CPU_Frequency\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\ClockGen\CPU_Frequency\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIRatio_CC;NTIOLib_MSIRatio_CC;c:\program files (x86)\MSI\Command Center\CPU\CPU_Ratio\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\CPU\CPU_Ratio\NTIOLib_X64.sys [x]
R3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC;c:\program files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys [x]
R3 NTIOLib_MSISuperIO_CC;NTIOLib_MSISuperIO_CC;c:\program files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;Supporto digitalizzazione WSD tramite UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R4 AdAppMgrSvc;Autodesk Application Manager Service;c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe ;c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [x]
R4 AdvancedSystemCareService8;Advanced SystemCare Service 8;c:\program files (x86)\IObit\Advanced SystemCare 8\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [x]
R4 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:\program files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64;c:\program files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [x]
R4 amwrtdrv;amwrtdrv;c:\windows\system32\amwrtdrv.sys;c:\windows\SYSNATIVE\amwrtdrv.sys [x]
R4 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
R4 ArcCtrl;ArcCtrl;c:\windows\system32\drivers\ArcCtrl.sys;c:\windows\SYSNATIVE\drivers\ArcCtrl.sys [x]
R4 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
R4 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
R4 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R4 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
R4 esgiguard;esgiguard;c:\_otl\MovedFiles\01142015_173240\C_Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys;c:\_otl\MovedFiles\01142015_173240\C_Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R4 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [x]
R4 HauppaugeTVServer;HauppaugeTVServer;c:\program files (x86)\WinTV\TVServer\HauppaugeTVServer.exe;c:\program files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [x]
R4 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R4 Intelliservice;Intelliservice;c:\program files (x86)\Melloware\Intelliremote\Intelliservice.exe;c:\program files (x86)\Melloware\Intelliremote\Intelliservice.exe [x]
R4 Launch TotalMedia Theatre 6 Driver;Launch TotalMedia Theatre 6 Driver;c:\program files (x86)\ArcSoft\TotalMedia Theatre 6\TMTLaunchDriverServer.exe;c:\program files (x86)\ArcSoft\TotalMedia Theatre 6\TMTLaunchDriverServer.exe [x]
R4 MSI_LiveUpdate_Service;MSI_LiveUpdate_Service;c:\program files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe;c:\program files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [x]
R4 MSIBIOSData_CC;MSIBIOSData_CC;c:\program files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe;c:\program files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe [x]
R4 MSIClock_CC;MSIClock_CC;c:\program files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe;c:\program files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [x]
R4 MSICOMM_CC;MSICOMM_CC;c:\program files (x86)\MSI\Command Center\MSICommService.exe;c:\program files (x86)\MSI\Command Center\MSICommService.exe [x]
R4 MSICPU_CC;MSICPU_CC;c:\program files (x86)\MSI\Command Center\CPU\MSICPUService.exe;c:\program files (x86)\MSI\Command Center\CPU\MSICPUService.exe [x]
R4 MSICTL_CC;MSICTL_CC;c:\program files (x86)\MSI\Command Center\MSIControlService.exe;c:\program files (x86)\MSI\Command Center\MSIControlService.exe [x]
R4 MSIDDR_CC;MSIDDR_CC;c:\program files (x86)\MSI\Command Center\DDR\MSIDDRService.exe;c:\program files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [x]
R4 MSISMB_CC;MSISMB_CC;c:\program files (x86)\MSI\Command Center\SMBus\MSISMBService.exe;c:\program files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [x]
R4 MSISuperIO_CC;MSISuperIO_CC;c:\program files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe;c:\program files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [x]
R4 NPVR Recording Service;NPVR Recording Service;c:\program files (x86)\NPVR\NRecord.exe;c:\program files (x86)\NPVR\NRecord.exe [x]
R4 PAExec;PAExec;c:\windows\PAExec.exe;c:\windows\PAExec.exe [x]
R4 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
R4 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
R4 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
R4 WinRing0_1_2_0;WinRing0_1_2_0;c:\users\MITX43~1\AppData\Local\Temp\Rar$EXa0.867\WinRing0x64.sys;c:\users\MITX43~1\AppData\Local\Temp\Rar$EXa0.867\WinRing0x64.sys [x]
R4 ZoomText Helper Service;ZoomText Helper Service;c:\program files (x86)\ZoomText 10\ZoomTextHelperService.exe;c:\program files (x86)\ZoomText 10\ZoomTextHelperService.exe [x]
S0 file_tracker;file_tracker;c:\windows\system32\DRIVERS\file_tracker.sys;c:\windows\SYSNATIVE\DRIVERS\file_tracker.sys [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Driver dello switch Controller Host Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 tib;Acronis TIB Manager;c:\windows\system32\DRIVERS\tib.sys;c:\windows\SYSNATIVE\DRIVERS\tib.sys [x]
S0 tib_mounter;Acronis TIB Mounter;c:\windows\system32\DRIVERS\tib_mounter.sys;c:\windows\SYSNATIVE\DRIVERS\tib_mounter.sys [x]
S1 Ai2Chroniker;Ai2Chroniker;c:\windows\system32\DRIVERS\Ai2Chroniker.sys;c:\windows\SYSNATIVE\DRIVERS\Ai2Chroniker.sys [x]
S1 AntiLog32;AntiLog32;c:\windows\system32\drivers\AntiLog64.sys;c:\windows\SYSNATIVE\drivers\AntiLog64.sys [x]
S1 appliand;Applian LightWeight Filter;c:\windows\system32\DRIVERS\appliand.sys;c:\windows\SYSNATIVE\DRIVERS\appliand.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 Spyshelter;Spyshelter;c:\program files (x86)\SpyShelter Premium\SpyShelter.sys;c:\program files (x86)\SpyShelter Premium\SpyShelter.sys [x]
S1 SpyshelterKb;SpyshelterKb;c:\program files (x86)\SpyShelter Premium\SpyshelterKb.sys;c:\program files (x86)\SpyShelter Premium\SpyshelterKb.sys [x]
S2 {C5F942FD-1110-4664-86CE-0C6BDA305235};Power Control [2014/10/18 02:52];c:\program files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl;c:\program files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [x]
S2 ADExchange;ArcSoft Exchange Service;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [x]
S2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
S2 AntiVirSchedulerService;Avira Pianificatore;c:\program files (x86)\Avira\Antivirus\sched.exe;c:\program files (x86)\Avira\Antivirus\sched.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 iocbios2;iocbios2;c:\program files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys;c:\program files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [x]
S2 ISCTAgent;Intel(R) Smart Connect Technology Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe ;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
S2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
S2 SpeedupService;Avira System Speedup;c:\program files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe;c:\program files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [x]
S2 SpyshelterFw;SpyshelterFw;c:\program files (x86)\SpyShelter Firewall\SpyshelterWFP.sys;c:\program files (x86)\SpyShelter Firewall\SpyshelterWFP.sys [x]
S2 SpyShelterSrv;SpyShelterSrv;c:\program files (x86)\SpyShelter Premium\SpyShelterSrv.exe;c:\program files (x86)\SpyShelter Premium\SpyShelterSrv.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 AcpiCtlDrv;AcpiCtlDrv;c:\windows\system32\DRIVERS\AcpiCtlDrv.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiCtlDrv.sys [x]
S3 Ai2Mmpd;Ai2Mmpd;c:\windows\system32\DRIVERS\Ai2Mmpd.sys;c:\windows\SYSNATIVE\DRIVERS\Ai2Mmpd.sys [x]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys;c:\windows\SYSNATIVE\drivers\Apowersoft_AudioDevice.sys [x]
S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
S3 INETMON;INETMON;c:\windows\System32\Drivers\INETMON.sys;c:\windows\SYSNATIVE\Drivers\INETMON.sys [x]
S3 IntcDAud;Audio Intel(R) per schermi;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD.sys [x]
S3 iusb3hub;Driver hub Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Driver Controller Host estendibile Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 jakndisMP;jakndisMP;c:\windows\system32\DRIVERS\jakndis.sys;c:\windows\SYSNATIVE\DRIVERS\jakndis.sys [x]
S3 keycrypt;keycrypt;c:\windows\system32\DRIVERS\KeyCrypt64.sys;c:\windows\SYSNATIVE\DRIVERS\KeyCrypt64.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-01-15 01:07 1006920 ----a-w- c:\program files (x86)\Google\Chrome\Application\47.0.2526.111\Installer\chrmstp.exe
.
Contenuto della cartella 'Scheduled Tasks'
.
2016-01-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-23 19:28]
.
2016-01-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-07-22 12:44]
.
2016-01-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-07-22 12:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncError]
@="{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}"
[HKEY_CLASSES_ROOT\CLSID\{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}]
2014-09-09 09:00 2825312 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncInProgress]
@="{00F848DC-B1D4-4892-9C25-CAADC86A215D}"
[HKEY_CLASSES_ROOT\CLSID\{00F848DC-B1D4-4892-9C25-CAADC86A215D}]
2014-09-09 09:00 2825312 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncOk]
@="{71573297-552E-46fc-BE3D-3DFAF88D47B7}"
[HKEY_CLASSES_ROOT\CLSID\{71573297-552E-46fc-BE3D-3DFAF88D47B7}]
2014-09-09 09:00 2825312 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2014-05-12 7575256]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2013-11-13 184632]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshellex.dll" [2013-11-07 7818552]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2014-10-14 12697368]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2014-08-14 570152]
.
------- Scansione supplementare -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
TCP: DhcpNameServer = 192.168.1.1 0.0.0.0
TCP: Interfaces\{61BAB829-CFC6-433D-9B65-5E5D02788350}: NameServer = 8.8.8.8,8.8.4.4
FF - ProfilePath - c:\users\mITX 4330\AppData\Roaming\Mozilla\Firefox\Profiles\smtj56pb.default-1450807224066\
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
AddRemove-5513-1208-7298-9440 - c:\program files (x86)\JDownloader\JDUninstall.exe
AddRemove-553E35CD-0415-41bc-B39A-410375E88534 - c:\program files (x86)\Intel\ACPI Driver Installer\Uninstall\setup.exe
AddRemove-Applian Network Monitor - c:\program files (x86)\Applian Technologies\Applian Network Monitor\uninstall.exe
AddRemove-Replay Media Catcher 5 - c:\program files (x86)\Applian Technologies\Replay Media Catcher 5\uninstall.exe
AddRemove-{3FD0C489-0F02-481a-A3E1-9754CD396761} - c:\program files (x86)\Intel\Intel® Watchdog Timer Driver (Intel® WDT)\Uninstall\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AIDA64Driver]
"ImagePath"="\??\c:\program files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{C5F942FD-1110-4664-86CE-0C6BDA305235}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_286_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_286_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_286_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_286_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_286.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.20"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_286.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_286.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_286.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\Antivirus\avguard.exe
c:\program files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
c:\program files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
.
**************************************************************************
.
Ora fine scansione: 2016-01-23 19:02:33 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2016-01-23 18:02
ComboFix2.txt 2016-01-22 13:30
ComboFix3.txt 2015-01-13 18:45
ComboFix4.txt 2014-10-27 01:23
ComboFix5.txt 2016-01-23 17:55
.
Pre-Run: 4.257.890.304 byte disponibili
Post-Run: 2.502.500.352 byte disponibili
.
- - End Of File - - C61E286A3E48F7E0094834619B04FE68
A36C5E4F47E84449FF07ED3517B43A31
Avatar utente
marck
Utente Senior
 
Post: 751
Iscritto il: 13/07/08 15:38

Re: Connessione internet bloccata, forse virus

Postdi Luke57 » 23/01/16 19:50

Ciao, non ci vedo niente...
da start>esegui digita cmd >Ok, dove batte il cursore digita
ipconfig /flushdns
premi Invio
Poi riprova ad aprire chrome

Inoltre scarica HIJACKTHIS PORTABLE.
http://sourceforge.net/projects/hjt/fil ... e/download
1) tasto destro del mouse sull’icona e scegli ESEGUI COME AMMINISTRATORE;
2) clicca su DO A SYSTEM SCAN AND SAVE A LOGFILE;
3) copia e incolla il report in un post
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Re: Connessione internet bloccata, forse virus

Postdi quizface » 23/01/16 19:53

Ti sei dato per caso un IP fisso che cozza con il router? 192.168.1.1 ??

Fai per favore un ipconfig /all
Se non siete sicuri di quello che scrivete, non scrivete niente, nessuno vi obbliga ed eviterete di confondere chi gia' e' confuso. Ciao..ciao
Avatar utente
quizface
Utente Senior
 
Post: 15071
Iscritto il: 03/10/04 00:36

Re: Connessione internet bloccata, forse virus

Postdi marck » 23/01/16 23:39

Intanto vi ringrazio per l'aiuto e la disponibilità.

Allora, ho eseguito tutti i test ma non riesco ancora a collegarmi alla rete

Test ipconfig /flushdns :

Immagine

Test HIJACKTHIS :

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 22:52:04, on 23/01/2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.17606)

FIREFOX: 43.0.4 (x86 it)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
D:\Download Cartella download di windows\FreeVK.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\_OTL\MovedFiles\01142015_173240\C_Users\mITX 4330\Desktop\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe

O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
O4 - HKCU\..\Run: [SpyShelter] C:\Program Files (x86)\SpyShelter Premium\SpyShelter.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O10 - Broken Internet access because of LSP chain gap (#2 in chain of 9 missing)
O17 - HKLM\System\CCS\Services\Tcpip\..\{61BAB829-CFC6-433D-9B65-5E5D02788350}: NameServer = 8.8.8.8,8.8.4.4
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: ArcSoft Exchange Service (ADExchange) - ArcSoft, Inc. - C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Protezione email (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Pianificatore (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Protezione in tempo reale (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Protezione web (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Avira System Speedup (SpeedupService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SpyShelterSrv - Datpol - C:\Program Files (x86)\SpyShelter Premium\SpyShelterSrv.exe
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) Extreme Tuning Utility Service (XTU3SERVICE) - Intel(R) Corporation - C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 8198 bytes

Test ipconfig /all :

Immagine

Immagine

Si ieri ho provato ad' inserire un indirizzo fisso, giusto per fare un tentativo, ho inserito su DNS preferito 8.8.8.8 e su DNS alternativo 8.8.4.4. L'indirizzo 192.168.1.1 lo digito nel browser per entrare nel menu del router.

Immagine
Avatar utente
marck
Utente Senior
 
Post: 751
Iscritto il: 13/07/08 15:38

Re: Connessione internet bloccata, forse virus

Postdi Luke57 » 24/01/16 00:57

scarica FRST sul desktop (versione 64 bit)
http://www.bleepingcomputer.com/downloa ... scan-tool/
Seleziona il programma, tasto destro del mouse e selezioni l'opzione "esegui come amministratore", seleziona tutte le opzioni(metti le spunte nelle caselle)
Clicca su "Scan" , al termine ti troverai 2 files FRST.txt e Addition.txt ; inseriscili su wikisend o altro sito di hosting
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Re: Connessione internet bloccata, forse virus

Postdi marck » 24/01/16 01:43

Adesso provo subito.
Avatar utente
marck
Utente Senior
 
Post: 751
Iscritto il: 13/07/08 15:38

Re: Connessione internet bloccata, forse virus

Postdi marck » 24/01/16 02:01

Ecco i risultati del test :

http://wikisend.com/download/569376/Addition.txt

http://wikisend.com/download/675308/FRST.txt

http://wikisend.com/download/734462/Shortcut.txt

Scusatemi se ci metto un po di tempo ma devo scollegare e attaccare i cavi da un pc all' altro.
Avatar utente
marck
Utente Senior
 
Post: 751
Iscritto il: 13/07/08 15:38

Re: Connessione internet bloccata, forse virus

Postdi shel » 24/01/16 09:14

ciao scarica questo file .txt sul desktop apri frst e clicca una sola volta fix, a fine scansione verra' rilasciato un log fixlog.txt che dovrai allegare

riavvia il pc e prova a connetterti
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56

Re: Connessione internet bloccata, forse virus

Postdi marck » 24/01/16 13:43

shel ha scritto:ciao scarica questo file .txt sul desktop apri frst e clicca una sola volta fix, a fine scansione verra' rilasciato un log fixlog.txt che dovrai allegare

riavvia il pc e prova a connetterti


Ciao, purtroppo ho provato ma non riesco ancora a connettermi, ho seguito tutto alla lettera, spero di non aver sbagliato qualcosa, questo è il log :

http://wikisend.com/download/303468/Fixlog.txt
Avatar utente
marck
Utente Senior
 
Post: 751
Iscritto il: 13/07/08 15:38

Re: Connessione internet bloccata, forse virus

Postdi Luke57 » 24/01/16 14:58

Ciao, clic su Start e quindi digita cmd nella casella Cerca programmi e file .
Pulsante destro del mouse sull'icona di CMD.exe in programmi e quindi clic su Esegui come amministratore.
Quando viene visualizzata la casella di Controllo Account utente , clic su Sì.
Al prompt dei comandi, dove batte il cursore, digita il comando seguente e premi INVIO:
netsh int ip reset c:\resetlog.txt

Riavvia il computer e prova a connetterti.
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Re: Connessione internet bloccata, forse virus

Postdi marck » 24/01/16 15:18

Luke57 ha scritto:Ciao, clic su Start e quindi digita cmd nella casella Cerca programmi e file .
Pulsante destro del mouse sull'icona di CMD.exe in programmi e quindi clic su Esegui come amministratore.
Quando viene visualizzata la casella di Controllo Account utente , clic su Sì.
Al prompt dei comandi, dove batte il cursore, digita il comando seguente e premi INVIO:
netsh int ip reset c:\resetlog.txt

Riavvia il computer e prova a connetterti.


Ciao, ho provato la procedura ma purtroppo ancora niente da fare :

Immagine
Avatar utente
marck
Utente Senior
 
Post: 751
Iscritto il: 13/07/08 15:38

Prossimo

Torna a Sicurezza e Privacy


Topic correlati a "Connessione internet bloccata, forse virus":


Chi c’è in linea

Visitano il forum: Nessuno e 39 ospiti