|
Rank: AiutAmico
Iscritto dal : 1/4/2010 Posts: 118
|
Da qualche tempo il mio pc è molto lento. Ho provato a fare una scansione con SpyHunter che mi ha rilevato il trojan Bitcoinminer Ho quindi lanciato hijackthis che vi chiedo cortesemente di analizzare Il programma SpyHunter promette di rimuovere il trojan se acquisto il programma, vorrei sapere se è l'unica soluzione o se ci sono altre possibilità di rimozione del trojan Vi ringrazio per l'attenzione Giancarlo Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 16:20:32, on 26/01/2020 domenica Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.18362.0001)
FIREFOX: 45.0 (x86 it) Boot mode: Normal
Running processes: C:\Program Files (x86)\LibreOffice 5\program\scalc.exe C:\Program Files (x86)\LibreOffice 5\program\soffice.exe C:\Program Files (x86)\LibreOffice 5\program\soffice.bin C:\Users\gipan\Desktop\PROGRAMMI installati\SICUREZZA\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit= O4 - HKLM\..\Run: [MalTray] C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe /autorun O4 - HKCU\..\Run: [Google Update] C:\Users\gipan\AppData\Local\Google\Update\1.3.35.422\GoogleUpdateCore.exe O4 - HKCU\..\RunOnce: [Application Restart #0] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing) O23 - Service: CredentialEnrollmentManagerUserSvc_4a8dd - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing) O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: SpyHunter 5 Kernel (EsgShKernel) - EnigmaSoft Limited - C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\elevation_service.exe O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @oem0.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing) O23 - Service: iFunSoft Updater (iFunSoftUpdaterSvc) - iFunSoft - C:\Program Files (x86)\iFunSoft\iFunSoft Updater\iFunSoftUpdater.exe O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: IObit Uninstaller Service (IObitUnSvr) - IObit - C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing) O23 - Service: SpyHunter 5 Kernel Monitor (ShMonitor) - EnigmaSoft Limited - C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
-- End of file - 7959 bytes
|
|
|
|
|
Rank: AiutAmico
Iscritto dal : 11/28/2009 Posts: 93
|
scarica: https://filehippo.com/it/download_malwarebytes_3/è un programma a pagamento, però ti da due settimane per provarlo. quando ha fatto, rimuovilo.
|
|
Rank: AiutAmico
Iscritto dal : 1/4/2010 Posts: 118
|
purtroppo non ha risolto nulla tra l'altro google chrome non funziona più, ho provato a disinstallarlo e installarlo ma non è cambiato nulla, quando lo apro appare la videata di google chrome con scritto:
"UFFA? si è verificato un problema durante la visualizzazione della pagina web RICARICA" invece Microsoft edge funziona
|
|
Rank: AiutAmico
Iscritto dal : 2/15/2009 Posts: 15,955
|
|
|
Rank: AiutAmico
Iscritto dal : 11/8/2008 Posts: 13,964
|
giancarlo52 ha scritto:Da qualche tempo il mio pc è molto lento. Ho provato a fare una scansione con SpyHunter che mi ha rilevato il trojan Bitcoinminer Ho quindi lanciato hijackthis che vi chiedo cortesemente di analizzare Il programma SpyHunter promette di rimuovere il trojan se acquisto il programma, vorrei sapere se è l'unica soluzione o se ci sono altre possibilità di rimozione del trojan Vi ringrazio per l'attenzione Giancarlo Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 16:20:32, on 26/01/2020 domenica Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.18362.0001)
FIREFOX: 45.0 (x86 it) Boot mode: Normal
Running processes: C:\Program Files (x86)\LibreOffice 5\program\scalc.exe C:\Program Files (x86)\LibreOffice 5\program\soffice.exe C:\Program Files (x86)\LibreOffice 5\program\soffice.bin C:\Users\gipan\Desktop\PROGRAMMI installati\SICUREZZA\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit= O4 - HKLM\..\Run: [MalTray] C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe /autorun O4 - HKCU\..\Run: [Google Update] C:\Users\gipan\AppData\Local\Google\Update\1.3.35.422\GoogleUpdateCore.exe O4 - HKCU\..\RunOnce: [Application Restart #0] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing) O23 - Service: CredentialEnrollmentManagerUserSvc_4a8dd - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing) O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: SpyHunter 5 Kernel (EsgShKernel) - EnigmaSoft Limited - C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\elevation_service.exe O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @oem0.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing) O23 - Service: iFunSoft Updater (iFunSoftUpdaterSvc) - iFunSoft - C:\Program Files (x86)\iFunSoft\iFunSoft Updater\iFunSoftUpdater.exe O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: IObit Uninstaller Service (IObitUnSvr) - IObit - C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing) O23 - Service: SpyHunter 5 Kernel Monitor (ShMonitor) - EnigmaSoft Limited - C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
-- End of file - 7959 bytes Il log che hai messo non va bene, hai usato la vecchia versione di HJT, scarica la nuova vs la trovi su aiutamici qui: http://software.aiutamici.com/software?ID=11175 poi posta il nuovo log, elimina il vecchio che hai messo. SpyHunter lascialo perdere è solo una fregatura, ti presenta dei virus per costringere ad acquistare il software. Disinstallalo. Lascia perdere altre operazioni, dopo aver visto il nuovo log ti dico cosa fare. Devi aggiornare firefox hai una vs vecchia ora siamo alla vs 72.0.2. Ciao
|
|
Rank: AiutAmico
Iscritto dal : 11/8/2008 Posts: 13,964
|
Una domanda, volevi acquistare i bitcoin? stai attento sei su un terreno minato.
|
|
Rank: AiutAmico
Iscritto dal : 1/4/2010 Posts: 118
|
cbbusto ha scritto:Una domanda, volevi acquistare i bitcoin? stai attento sei su un terreno minato. per quanto riguarda i bitcoin, mai avuto la minima intenzione di comprarli detto questo ho aspettato 2 giorni per avere la procedura gratuita di RIMOZIONE di SPYHUNTER La rimozione è avvenuta e tutto sembra andare bene Ti ringrazio per i consigli e la disponibilità, ho utilizzato il link che mi hai dato per scaricare la nuova versione di HijacKthis ed ecco il risultato della scansione Ti ringrazio se la controlli per vedere se effettivamente ora il mio PC è a posto " Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18
Platform: x64 Windows 10 (Home), 10.0.18362.592 (ReleaseId: 1903), Service Pack: 0 Time: 30.01.2020 - 20:27 (UTC+01:00) Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410) Elevated: Yes Ran by: gipan (group: Administrator) on DESKTOP-R9H00RN, FirstRun: yes
Chrome: 79.0.3945.130 Edge: 11.0.18362.476 Internet Explorer: 11.0.18362.1 Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)
Boot mode: Normal
Running processes: Number | Path 1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 30 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 1 C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe 1 C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe 1 C:\Program Files (x86)\LibreOffice 5\program\scalc.exe 1 C:\Program Files (x86)\LibreOffice 5\program\soffice.bin 1 C:\Program Files (x86)\LibreOffice 5\program\soffice.exe 1 C:\Program Files (x86)\iFunSoft\iFunSoft Updater\iFunSoftUpdater.exe 1 C:\Program Files\Bonjour\mDNSResponder.exe 1 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 1 C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe 1 C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe 1 C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe 1 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.55.131.0_x64__kzf8qxf38zg5c\SkypeApp.exe 1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.55.131.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe 1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19122.89.0_x64__8wekyb3d8bbwe\YourPhone.exe 1 C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe 1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe 1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe 1 C:\Users\gipan\Desktop\PortableApps\HiJackThis\HiJackThis.exe 1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe 1 C:\Windows\System32\ApplicationFrameHost.exe 1 C:\Windows\System32\CastSrv.exe 6 C:\Windows\System32\RuntimeBroker.exe 1 C:\Windows\System32\SearchFilterHost.exe 1 C:\Windows\System32\SearchIndexer.exe 1 C:\Windows\System32\SearchProtocolHost.exe 1 C:\Windows\System32\SecurityHealthService.exe 1 C:\Windows\System32\SecurityHealthSystray.exe 1 C:\Windows\System32\SettingSyncHost.exe 1 C:\Windows\System32\SgrmBroker.exe 1 C:\Windows\System32\WWAHost.exe 1 C:\Windows\System32\audiodg.exe 2 C:\Windows\System32\csrss.exe 1 C:\Windows\System32\ctfmon.exe 1 C:\Windows\System32\dasHost.exe 1 C:\Windows\System32\dllhost.exe 1 C:\Windows\System32\dwm.exe 2 C:\Windows\System32\fontdrvhost.exe 1 C:\Windows\System32\ibtsiva.exe 1 C:\Windows\System32\igfxCUIService.exe 1 C:\Windows\System32\igfxEM.exe 1 C:\Windows\System32\igfxHK.exe 1 C:\Windows\System32\igfxTray.exe 1 C:\Windows\System32\lsass.exe 1 C:\Windows\System32\services.exe 1 C:\Windows\System32\sihost.exe 1 C:\Windows\System32\smartscreen.exe 1 C:\Windows\System32\smss.exe 1 C:\Windows\System32\spoolsv.exe 80 C:\Windows\System32\svchost.exe 1 C:\Windows\System32\taskhostw.exe 1 C:\Windows\System32\wininit.exe 1 C:\Windows\System32\winlogon.exe 1 C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe 1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe 1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe 1 C:\Windows\explorer.exe 1 C:\Windows\splwow64.exe
O1 - Hosts.ICS: 192.168.137.1 DESKTOP-R9H00RN.mshome.net # 2024 5 5 24 9 51 46 782 O1 - Hosts.ICS: 192.168.137.10 LGwebOSTV.mshome.net # 2019 6 0 2 9 51 46 782 O1 - Hosts.ICS: 6 O2 - HKLM\..\BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll O4 - HKCU\..\Run: [Google Update] = C:\Users\gipan\AppData\Local\Google\Update\1.3.35.422\GoogleUpdateCore.exe O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s O4 - HKLM\..\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe O4 - HKLM\..\StartupApproved\Run: [iTunesHelper] = C:\Program Files\iTunes\iTunesHelper.exe O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade O17 - DHCP DNS 1: 192.168.1.1 O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveBlacklisted: Google Drive Shell extension - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} - C:\Program Files\Google\Drive\googledrivesync64.dll O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveSynced: Google Drive Shell extension - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} - C:\Program Files\Google\Drive\googledrivesync64.dll O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveSyncing: Google Drive Shell extension - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} - C:\Program Files\Google\Drive\googledrivesync64.dll O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file) O21 - HKLM\..\ShellIconOverlayIdentifiers\00avast: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file) O23 - Service R2: Servizio Bonjour - (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service R2: Apple Mobile Device Service - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service R2: Intel Bluetooth Service - (ibtsiva) - C:\WINDOWS\system32\ibtsiva.exe O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\WINDOWS\system32\igfxCUIService.exe O23 - Service R2: SpyHunter 5 Kernel - (EsgShKernel) - C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe O23 - Service R2: SpyHunter 5 Kernel Monitor - (ShMonitor) - C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe O23 - Service R2: iFunSoft Updater - (iFunSoftUpdaterSvc) - C:\Program Files (x86)\iFunSoft\iFunSoft Updater\iFunSoftUpdater.exe O23 - Service S2: IObit Uninstaller Service - (IObitUnSvr) - C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\elevation_service.exe O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc O23 - Service S3: Servizio iPod - (iPod Service) - C:\Program Files\iPod\bin\iPodService.exe
-- End of file - Time spent: 69.5 sec. - 15038 bytes, CRC32: FFFFFFFF. Sign: 뉩⚳"
|
|
Rank: AiutAmico
Iscritto dal : 1/4/2010 Posts: 118
|
evidentemente siete impegnati con problemi più gravi visto che vi ho detto che mi pare che ora tutto vada bene speravo in una risposta ma capisco che è un impegno che svolgete nel tempo libero per cui vi ringrazio ugualmente per l'aiuto che mi avete dato nei giorni scorsi alla prossima e grazie ancora
|
|
Rank: AiutAmico
Iscritto dal : 11/8/2008 Posts: 13,964
|
Io da venerdì sono stato impegnato. Dal log non si vedono infezioni gravi, comunque io eliminerei alcuni dile, te li elenco: O1 - Hosts.ICS: 192.168.137.1 DESKTOP-R9H00RN.mshome.net # 2024 5 5 24 9 51 46 782 O1 - Hosts.ICS: 192.168.137.10 LGwebOSTV.mshome.net # 2019 6 0 2 9 51 46 782 O1 - Hosts.ICS: 6 - N.B. i file 01 non dovrebbero esserci O4 - HKCU\..\Run: [Google Update] = C:\Users\gipan\AppData\Local\Google\Update\1.3.35.422\GoogleUpdateCore.exe O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s O4 - HKLM\..\StartupApproved\Run: [iTunesHelper] = C:\Program Files\iTunes\iTunesHelper.exe O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade I file 04 sono tutti programmi in Avvio automatico inutili. Alla fine pulizia del Registro con Ccleaner e sei a posto. Ciao
|
|
Rank: AiutAmico
Iscritto dal : 1/4/2010 Posts: 118
|
Tutto fatto grazie ancora dell'aiuto Buona Domenica
|
|
Guest |