In "task manager" mi appare il file WPFFONTcache_v0400.exe che consuma CPU;sono costretto ogni volta, ad eliminarlo manualmente. Temo che ci sia un malware. Ho provato con ANTIMALWARE ma senza successo. Vorrei sottoporvi questo log per verificare se ci sono problematiche:
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18
Platform: x32 Windows XP (Professional), 5.1.2600.0, Service Pack: 3
Time: 28.01.2020 - 12:26 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Ran by: carlo (group: Administrator) on CASA, FirstRun: no
Chrome: 49.0.2623.112
Firefox: 52.9.0.6746
Internet Explorer: 8.0.6001.18702
Default: "C:\Programmi\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)
Boot mode: Normal
Running processes:
Number | Path
1 C:\Documents and Settings\carlo\Desktop\HijackThis.exe
1 C:\Programmi\Agnitum\Outpost Firewall\acs.exe
1 C:\Programmi\Agnitum\Outpost Firewall\feedback.exe
1 C:\Programmi\Agnitum\Outpost Firewall\op_mon.exe
1 C:\Programmi\Avira\Antivirus\avgnt.exe
1 C:\Programmi\Avira\Antivirus\avguard.exe
1 C:\Programmi\Avira\Antivirus\avshadow.exe
1 C:\Programmi\Avira\Antivirus\sched.exe
1 C:\Programmi\Avira\Launcher\Avira.ServiceHost.exe
1 C:\Programmi\Avira\Launcher\Avira.Systray.exe
1 C:\Programmi\Bonjour\mDNSResponder.exe
1 C:\Programmi\CCleaner\CCleaner.exe
1 C:\Programmi\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
1 C:\Programmi\Canon\Quick Menu\CNQMMAIN.EXE
1 C:\Programmi\Canon\Quick Menu\CNQMSWCS.exe
1 C:\Programmi\Canon\Quick Menu\CNQMUPDT.EXE
1 C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1 C:\Programmi\Fujitsu\Wireless_Utility\Wireless Selector.exe
7 C:\Programmi\Google\Chrome\Application\chrome.exe
1 C:\Programmi\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
1 C:\Programmi\SUPERAntiSpyware\SASCORE.EXE
1 C:\Programmi\Softland\FBackup 5\bService.exe
1 C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
1 C:\Programmi\Telecom Italia\WanMiniport1st\WanMiniport1st_srv.exe
1 C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
1 C:\WINDOWS\Explorer.EXE
1 C:\WINDOWS\System32\alg.exe
1 C:\WINDOWS\System32\smss.exe
6 C:\WINDOWS\System32\svchost.exe
1 C:\WINDOWS\system32\csrss.exe
1 C:\WINDOWS\system32\ctfmon.exe
1 C:\WINDOWS\system32\lsass.exe
1 C:\WINDOWS\system32\nvsvc32.exe
1 C:\WINDOWS\system32\services.exe
1 C:\WINDOWS\system32\spoolsv.exe
1 C:\WINDOWS\system32\taskmgr.exe
1 C:\WINDOWS\system32\winlogon.exe
1 C:\WINDOWS\system32\wscntfy.exe
1 c:\programmi\WiperSoft\WiperSoft.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Search Bar] =
https://it.yahoo.com?fr=hp-avast&type=avastbcl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar: [LinksFolderName] = Collegamenti
R3 - HKU\S-1-5-21-1343024091-1801674531-839522115-1005: Default URLSearchHook is missing
O2 - HKLM\..\BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programmi\Canon\Easy-WebPrint EX\ewpexbho.dll
O3 - HKLM\..\Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programmi\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] = C:\Programmi\CCleaner\CCleaner.exe /MONITOR
O4 - HKCU\..\Run: [FBackup 5 Tray Agent] = C:\Programmi\Softland\FBackup 5\bTray.exe
O4 - HKLM\..\Run: [Adobe ARM] = C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] = C:\Programmi\Avira\Launcher\Avira.SystrayStartTrigger.exe
O4 - HKLM\..\Run: [CanonQuickMenu] = C:\Programmi\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] = C:\Programmi\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [KernelFaultCheck] = C:\WINDOWS\system32\dumprep.exe 0 -k
O4 - HKLM\..\Run: [NvCplDaemon] = C:\WINDOWS\system32\NvCpl.dll C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [OutpostFeedBack] = C:\Programmi\Agnitum\Outpost Firewall\feedback.exe /dump:os_startup
O4 - HKLM\..\Run: [OutpostMonitor] = C:\Programmi\Agnitum\Outpost Firewall\op_mon.exe /tray /noservice
O4 - HKLM\..\Run: [SynTPEnh] = C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Wireless_Selector] = C:\Programmi\Fujitsu\Wireless_Utility\Wireless Selector.exe
O4 - HKLM\..\Run: [avgnt] = C:\Programmi\Avira\Antivirus\avgnt.exe /min
O4 - HKLM\..\Run: [nwiz] = C:\Programmi\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - MSConfig\startupfolder: C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^McAfee Security Scan Plus.lnk [backup] => C:\Programmi\McAfee Security Scan\3.11.500\SSScheduler.exe (2018/02/22) (file missing)
O5 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\don't load: [nvcpl.cpl] (NVIDIA Control Panel Applet 2.2.225.00)
O10 - Unknown file in Winsock LSP: C:\Programmi\Bonjour\mdnsNSP.dll
O16 - DPF: HKLM\..\DirectAnimation Java Classes\DownloadInformation: [CODEBASE] = file://C:\WINDOWS\Java\classes\dajava.cab
O16 - DPF: HKLM\..\Microsoft XML Parser for Java\DownloadInformation: [CODEBASE] = file://C:\WINDOWS\Java\classes\xmldso.cab
O16 - DPF: HKLM\..\{8AD9C840-044E-11D1-B3E9-00805F499D93}\DownloadInformation: (no name) [CODEBASE] =
http://java.sun.com/update/1.8.0/jinstall-1_8_0_111-windows-i586.cabO16 - DPF: HKLM\..\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}\DownloadInformation: (no name) [CODEBASE] =
http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cabO16 - DPF: HKLM\..\{CAFEEFAC-0017-0000-0071-ABCDEFFEDCBA}\DownloadInformation: (no name) [CODEBASE] =
http://java.sun.com/update/1.7.0/jinstall-1_7_0_71-windows-i586.cabO16 - DPF: HKLM\..\{CAFEEFAC-0018-0000-00111-ABCDEFFEDCBA}\DownloadInformation: (no name) [CODEBASE] =
http://java.sun.com/update/1.8.0/jinstall-1_8_0_111-windows-i586.cabO16 - DPF: HKLM\..\{CAFEEFAC-0018-0000-0040-ABCDEFFEDCBA}\DownloadInformation: (no name) [CODEBASE] =
http://java.sun.com/update/1.8.0/jinstall-1_8_0_40-windows-i586.cabO16 - DPF: HKLM\..\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\DownloadInformation: (no name) [CODEBASE] =
http://java.sun.com/update/1.8.0/jinstall-1_8_0_111-windows-i586.cabO17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellExecuteHooks: [{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}] - SABShellExecuteHook Class - C:\Programmi\SUPERAntiSpyware\SASSEH.DLL
O22 - ScheduledTask: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O22 - ScheduledTask: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - Task (.job): (Ready) (update) Notifica di interruzione del servizio per Microsoft Windows XP - Accesso.job - C:\WINDOWS\system32\xp_eos.exe -c
O22 - Task (.job): (Ready) (update) Notifica di interruzione del servizio per Microsoft Windows XP - Mensile.job - C:\WINDOWS\system32\xp_eos.exe
O22 - Task (.job): (Ready) AppleSoftwareUpdate.job - C:\Programmi\Apple Software Update\SoftwareUpdate.exe -task
O22 - Task (.job): (Ready) Avast TUNEUP Update.job - C:\Programmi\AVAST Software\Avast Cleanup\TUNEUpdate.exe (file missing)
O22 - Task (.job): (Ready) CCleaner Update.job - C:\Programmi\CCleaner\CCUpdate.exe
O22 - Task (.job): (Ready) User_Feed_Synchronization-{6012A4B6-F73B-4C81-8E49-2F8741D8FF4B}.job - C:\WINDOWS\system32\msfeedssync.exe sync
O22 - Task (.job): (disabled) (Ready) Adobe Flash Player NPAPI Notifier.job - C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_321_Plugin.exe -check plugin
O22 - Task (.job): (disabled) (Ready) Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O22 - Task (.job): (disabled) (Ready) GoogleUpdateTaskMachineCore.job - C:\Programmi\Google\Update\GoogleUpdate.exe /c
O22 - Task (.job): (disabled) (Ready) GoogleUpdateTaskMachineUA.job - C:\Programmi\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task (.job): DriverCure.job - C:\Programmi\ParetoLogic\DriverCure\DriverCure.exe (file missing) -scan
O23 - Service R2: Servizio Bonjour - (Bonjour Service) - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service R2: Agnitum Client Security Service - (acssrv) - C:\Programmi\Agnitum\Outpost Firewall\acs.exe
O23 - Service R2: Apple Mobile Device - C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service R2: Avira Pianificatore - (AntiVirSchedulerService) - C:\Programmi\Avira\Antivirus\sched.exe
O23 - Service R2: Avira Protezione in tempo reale - (AntiVirService) - C:\Programmi\Avira\Antivirus\avguard.exe
O23 - Service R2: Avira Service Host - (Avira.ServiceHost) - C:\Programmi\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service R2: FBackup 5 Service - (FBackup5Srv) - C:\Programmi\Softland\FBackup 5\bService.exe -name:"FBackup5Srv" -disp:"FBackup 5 Service"
O23 - Service R2: NVIDIA Driver Helper Service - (NVSvc) - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service R2: NVIDIA Update Service Daemon - (nvUpdatusService) - C:\Programmi\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service R2: Network WanMiniport First Position - C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
O23 - Service R2: SAS Core Service - (!SASCORE) - C:\Programmi\SUPERAntiSpyware\SASCORE.EXE
O23 - Service S2: Avira Protezione email - (AntiVirMailService) - C:\Programmi\Avira\Antivirus\avmailc.exe
O23 - Service S2: Avira Protezione web - (AntiVirWebService) - C:\Programmi\Avira\Antivirus\AVWEBGRD.EXE
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Programmi\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: Malwarebytes Service - (MBAMService) - C:\Programmi\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service S3: Office Source Engine - (ose) - C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Programmi\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: iPod Service - C:\Programmi\iPod\bin\iPodService.exe
--