Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

controllo log grazie Opzioni
FraCro
Inviato: Tuesday, March 24, 2020 6:22:51 PM
Rank: AiutAmico

Iscritto dal : 10/1/2003
Posts: 220
salve ho preso un virus molto antipatico, che dà diversi problemi, non riesco a rimuoverli con i classici programmi.
non vorrei formattare mi controllate il log grazie.Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform: x64 Windows 8.1 (Pro), 6.3.9600.19652, Service Pack: 0
Time: 24.03.2020 - 18:13 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: xyz (group: Administrator) on ADCNET, FirstRun: yes

Chrome: 80.0.3987.149
Internet Explorer: 11.0.9600.19036
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
1 C:\Program Files (x86)\AnyDesk\AnyDesk.exe
1 C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
1 C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
1 C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
1 C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
1 C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
1 C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
1 C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
1 C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
1 C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
1 C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
1 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
7 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1 C:\Program Files (x86)\HiJackThis Fork\HiJackThis.exe
1 C:\Program Files (x86)\Internet Explorer\iexplore.exe
1 C:\Program Files (x86)\Photodex\ProShowProducer\scsiaccess.exe
1 C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
1 C:\Program Files\Bonjour\mDNSResponder.exe
1 C:\Program Files\Classic Shell\ClassicStartMenu.exe
1 C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
1 C:\Program Files\Internet Explorer\iexplore.exe
1 C:\Program Files\OO Software\Defrag\oodag.exe
1 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
1 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
1 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\System32\WWAHost.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
10 C:\Windows\System32\svchost.exe
2 C:\Windows\System32\taskhost.exe
1 C:\Windows\System32\taskhostex.exe
1 C:\Windows\System32\wbem\unsecapp.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\explorer.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyOverride] = *.a*.*;*.b*.*;*.c*.*;*.d*.*;*.e*.*;*.f*.*;*.h*.*;*.i*.*;*.j*.*;*.k*.*;*.l*.*;*.m*.*;*.n*.*;*.o*.*;*.p*.*;*.q*.*;*.r*.*;*.s*.*;*.u*.*;*.v*.*;*.w*.*;*.x*.*;*.y*.*;*.z*.*;*.0*.*;*.1*.*;*.2*.*;*.3*.*;*.4*.*;*.5*.*;*.6*.*;*.7*.*;*.8*.*;*.9*.*;*.*a.*;*.*b.*;*.*d.*;*.*f.*;*.*g.*;*.*h.*;*.*i.*;*.*j.*;*.*k.*;*.*l.*;*.*m.*;*.*n.*;*.*o.*;*.*p.*;*.*q.*;*.*r.*;*.*t.*;*.*u.*;*.*v.*;*.*w.*;*.*x.*;*.*y.*;*.*z.*;*.*0.*;*.*1.*;*.*2.*;*.*3.*;*.*4.*;*.*5.*;*.*6.*;*.*7.*;*.*8.*;*.*9.*;*.g0*.*;*.g1*.*;*.g2*.*;*.g3*.*;*.g4*.*;*.g5*.*;*.g6*.*;*.g7*.*;*.g8*.*;*.g9*.*;*.t0*.*;*.t1*.*;*.t2*.*;*.t3*.*;*.t4*.*;*.t5*.*;*.t6*.*;*.t7*.*;*.t8*.*;*.t9*.*;*.ga*.*;*.gb*.*;*.gc*.*;*.gd*.*;*.ge*.*;*.gf*.*;*.gg*.*;*.gh*.*;*.gi*.*;*.gj*.*;*.gk*.*;*.gl*.*;*.gm*.*;*.gn*.*;*.gp*.*;*.gq*.*;*.gr*.*;*.gs*.*;*.gt*.*;*.gu*.*;*.gv*.*;*.gw*.*;*.gx*.*;*.gy*.*;*.gz*.*;*.ta*.*;*.tc*.*;*.td*.*;*.te*.*;*.tf*.*;*.tg*.*;*.th*.*;*.ti*.*;*.tj*.*;*.tk*.*;*.tl*.*;*.tm*.*;*.tn*.*;*.to*.*;*.tp*.*;*.tq*.*;*.tr*.*;*.ts*.*;*.tt*.*;*.tu*.*;*.tv*.*;*.tw*.*;*.tx*.*;*.ty*.*;*.tz*.*;*ae.*;*be.*;*ce.*;*de.*;*ee.*;*fe.*;*ge.*;*he.*;*ie.*;*je.*;*ke.*;*me.*;*ne.*;*oe.*;*pe.*;*qe.*;*re.*;*se.*;*te.*;*ue.*;*ve.*;*we.*;*xe.*;*ye.*;*ze.*;*as.*;*bs.*;*cs.*;*ds.*;*fs.*;*gs.*;*hs.*;*js.*;*ks.*;*ls.*;*ms.*;*ns.*;*os.*;*ps.*;*qs.*;*rs.*;*ss.*;*ts.*;*us.*;*vs.*;*ws.*;*xs.*;*ys.*;*zs.*;*ac.*;*bc.*;*cc.*;*dc.*;*ec.*;*fc.*;*gc.*;*hc.*;*jc.*;*kc.*;*lc.*;*mc.*;*nc.*;*oc.*;*pc.*;*qc.*;*rc.*;*sc.*;*tc.*;*uc.*;*vc.*;*wc.*;*xc.*;*yc.*;*zc.*;*.*0e.*;*.*1e.*;*.*2e.*;*.*3e.*;*.*4e.*;*.*5e.*;*.*6e.*;*.*7e.*;*.*8e.*;*.*9e.*;*.*0s.*;*.*1s.*;*.*2s.*;*.*3s.*;*.*4s.*;*.*5s.*;*.*6s.*;*.*7s.*;*.*8s.*;*.*9s.*;*.*0c.*;*.*1c.*;*.*2c.*;*.*3c.*;*.*4c.*;*.*5c.*;*.*6c.*;*.*7c.*;*.*8c.*;*.*9c.*;0*;1*;2*;3*;4*;5*;6*;7*;8*;9*;*0;*1;*2;*3;*4;*5;*6;*7;*8;*9;b*.*;c*.*;d*.*;f*.*;h*.*;i*.*;j*.*;k*.*;l*.*;n*.*;m*.*;o*.*;p*.*;q*.*;r*.*;s*.*;t*.*;u*.*;v*.*;x*.*;y*.*;z*.*;*a.*;*b.*;*f.*;*g.*;*h.*;*j.*;*k.*;*l.*;*m.*;*n.*;*o.*;*p.*;*q.*;*r.*;*t.*;*u.*;*v.*;*x.*;*y.*;*z.*
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyServer] = 127.0.0.1:8080 (enabled)
R1 - HKLM\System\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies: (default) = 1127.0.0.1:8080
R1 - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyServer] = 127.0.0.1:8080 (enabled)
R1 - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyServer] = 127.0.0.1:8080 (enabled)
O1 - Hosts: Reset contents to default
O1 - Hosts: 0.0.0.0 activation.acronis.com
O1 - Hosts: 0.0.0.0 web-api-tih.acronis.com
O1 - Hosts: 0.0.0.0 web-api-tie.acronis.com
O1 - Hosts: 0.0.0.0 web-api-vmp.acronis.com
O1 - Hosts: 0.0.0.0 cloud-rs-ru2.acronis.com
O1 - Hosts: 0.0.0.0 cloud-fes-ru2.acronis.com
O1 - Hosts: 0.0.0.0 rpc.acronis.com127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 lmlicenses.wip4.adobe.com
O1 - Hosts: 127.0.0.1 lm.licenses.adobe.com
O1 - Hosts: 127.0.0.1 na1r.services.adobe.com
O1 - Hosts: 127.0.0.1 hlrcv.stage.adobe.com
O2 - HKLM\..\BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll
O2 - HKLM\..\BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll
O2-32 - HKLM\..\BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O2-32 - HKLM\..\BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - HKLM\..\Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll
O3-32 - HKLM\..\Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] = C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
O4 - HKCU\..\StartupApproved\Run: [ABBYY Screenshot Reader Bonus] = C:\Program Files (x86)\ABBYY PDF Transformer 3.0\Bonus.ScreenshotReader.exe -autorun (file missing) (2020/03/22)
O4 - HKCU\..\StartupApproved\Run: [Corel Photo Downloader] = c:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe -startup (file missing) (2020/03/22)
O4 - HKCU\..\StartupApproved\Run: [WebcamMaxAutoRun] = C:\Program Files (x86)\WebcamMax\WebcamMax.exe -a (2020/03/22)
O4 - HKLM\..\Run: [Classic Start Menu] = C:\Program Files\Classic Shell\ClassicStartMenu.exe -autorun
O4 - HKLM\..\Run: [SynTPEnh] = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Session Manager: [BootExecute] = C:\Windows\system32\OODBS.exe
O4 - HKLM\..\StartupApproved\Run32: [Acrobat Assistant 8.0] = C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe (2020/03/22)
O4 - HKLM\..\StartupApproved\Run32: [AcronisTibMounterMonitor] = C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe (2020/03/22)
O4 - HKLM\..\StartupApproved\Run32: [Nero BackItUp] = C:\Program Files (x86)\Nero\Nero 2019\Nero BackItup\BackItUp.exe /WinStart (file missing) (2020/03/22)
O4 - HKLM\..\StartupApproved\Run32: [QuickTime Task] = C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime (2020/03/22)
O4 - HKLM\..\StartupApproved\Run32: [Standby] = c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe -START (2020/03/22)
O4 - HKLM\..\StartupApproved\Run32: [TrueImageMonitor.exe] = C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (2020/03/22)
O4 - HKLM\..\StartupApproved\Run: [Acronis Scheduler2 Service] = C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (2020/03/22)
O4 - HKLM\..\StartupApproved\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (2020/03/22)
O4 - HKLM\..\StartupApproved\Run: [AdobeGCInvoker-1.0] = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (2020/03/22)
O4 - HKLM\..\StartupApproved\Run: [HotKeysCmds] = C:\Windows\system32\hkcmd.exe (2020/03/22)
O4 - HKLM\..\StartupApproved\Run: [IgfxTray] = C:\Windows\system32\igfxtray.exe (2020/03/22)
O4 - HKLM\..\StartupApproved\Run: [Logitech Download Assistant] = C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch (2020/03/22)
O4 - HKLM\..\StartupApproved\Run: [OODefragTray] = C:\Program Files\OO Software\Defrag\oodtray.exe (2020/03/22)
O4 - HKLM\..\StartupApproved\Run: [Persistence] = C:\Windows\system32\igfxpers.exe (2020/03/22)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe --control (2020/03/22)
O4 - User Startup: C:\Users\xyz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Startup.event
O4-32 - HKLM\..\Run: [TrayServer] = C:\Program Files (x86)\MAGIX\Video_deluxe_17_Premium_Version_para_descargar\TrayServer_es.exe (file missing)
O4-32 - HKLM\..\Run: [winhlp] = C:\Windows\winhlp.exe (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Add Web Page to Existing PDF: (default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Append Lin&k Target to Existing PDF: (default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Convert &Web Page to Adobe PDF: (default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Convert Link Target to Adobe PDF: (default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O10 - Unknown file in Winsock LSP: C:\Program Files (x86)\Bonjour\mdnsNSP.dll
O17 - DHCP DNS 1: 192.168.1.1
O18 - HKLM\Software\Classes\Protocols\Handler\ms-help: [CLSID] = {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AcronisDrive: (no name) - {5D74FD4B-4EFB-4586-8022-8637BBE40970} - C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_5_22510.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AcronisSyncError: (no name) - {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} - C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_5_22510.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AcronisSyncInProgress: (no name) - {00F848DC-B1D4-4892-9C25-CAADC86A215D} - C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_5_22510.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AcronisSyncOk: (no name) - {71573297-552E-46fc-BE3D-3DFAF88D47B7} - C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_5_22510.dll
O22 - Task: \Microsoft\Windows\ApplicationData\CleanupTemporaryState - C:\Windows\system32 (file missing)
O23 - Service R2: Servizio Bonjour - (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service R2: Acronis Managed Machine Service Mini - (mmsminisrv) - C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
O23 - Service R2: Acronis Nonstop Backup Service - (afcdpsrv) - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service R2: Acronis Scheduler2 Service - (AcrSch2Svc) - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service R2: Acronis Sync Agent Service - (syncagentsrv) - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Adobe Genuine Monitor Service - (AGMService) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service R2: Adobe Genuine Software Integrity Service - (AGSService) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service R2: AdobeUpdateService - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service R2: AnyDesk Service - (AnyDesk) - C:\Program Files (x86)\AnyDesk\AnyDesk.exe --service
O23 - Service R2: Diagnostics Tracking Service - (DiagTrack) - C:\Windows\System32\svchost.exe -k utcsvc; "ServiceDll" = C:\Windows\system32\diagtrack.dll
O23 - Service R2: FABS - Helping agent for MAGIX media database - (Fabs) - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe /DisableUI
O23 - Service R2: O&O Defrag - (OODefragAgent) - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service R2: Protexis Licensing V2 - (PSI_SVC_2) - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service R2: ScsiAccess - C:\Program Files (x86)\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service R2: TeamViewer - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service R3: NMIndexingService - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service S2: A0418FC8 - C:\Windows\system32\svchost.exe -k LocalService; "ServiceDll" = C:\ProgramData\A0418FC8\87FCCAFA.dll (file missing)
O23 - Service S2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Acronis Mobile Backup Server - (mobile_backup_server) - C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe "--config-path=C:\ProgramData\Acronis\MobileBackupServer\Conf\WRM.conf"
O23 - Service S3: Acronis Mobile Backup Status Server - (mobile_backup_status_server) - C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe
O23 - Service S3: Firebird Server - MAGIX Instance - (FirebirdServerMAGIXInstance) - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\elevation_service.exe
O23 - Service S3: Microsoft SharePoint Workspace Audit Service - C:\Program Files\Microsoft Office\Office14\GROOVE.EXE /auditservice
O23 - Service S3: NBService - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Tib Mounter Service - C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe



Debug information:

- 24.03.2020 18:13:22 - CryptCATAdminCalcHashFromFileHandle - #0 LastDllError = 193 (%1 non è un'applicazione di Win32 valida.) TRUST_E_NOSIGNATURE: Not signed File: C:\Windows\system32

--
End of file - Time spent: 29 sec. - 33622 bytes, CRC32: FFFFFFFF. Sign: ಁ
____________________________________________________________________________________________________________________


Sponsor
Inviato: Tuesday, March 24, 2020 6:22:51 PM

 
cbbusto
Inviato: Tuesday, March 24, 2020 10:34:02 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Dei problemi ci sono.

inserisci il segno di spunta nel quadratino davanti alle righe sotto elencate, una volta selezionate clicca il tasto Fix checked per procedere all'eliminazione, comparirà una finestra clicca su SI per accettare e l'operazione è conclusa.

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyOverride] = *.a*.*;*.b*.*;*.c*.*;*.d*.*;*.e*.*;*.f*.*;*.h*.*;*.i*.*;*.j*.*;*.k*.*;*.l*.*;*.m*.*;*.n*.*;*.o*.*;*.p*.*;*.q*.*;*.r*.*;*.s*.*;*.u*.*;*.v*.*;*.w*.*;*.x*.*;*.y*.*;*.z*.*;*.0*.*;*.1*.*;*.2*.*;*.3*.*;*.4*.*;*.5*.*;*.6*.*;*.7*.*;*.8*.*;*.9*.*;*.*a.*;*.*b.*;*.*d.*;*.*f.*;*.*g.*;*.*h.*;*.*i.*;*.*j.*;*.*k.*;*.*l.*;*.*m.*;*.*n.*;*.*o.*;*.*p.*;*.*q.*;*.*r.*;*.*t.*;*.*u.*;*.*v.*;*.*w.*;*.*x.*;*.*y.*;*.*z.*;*.*0.*;*.*1.*;*.*2.*;*.*3.*;*.*4.*;*.*5.*;*.*6.*;*.*7.*;*.*8.*;*.*9.*;*.g0*.*;*.g1*.*;*.g2*.*;*.g3*.*;*.g4*.*;*.g5*.*;*.g6*.*;*.g7*.*;*.g8*.*;*.g9*.*;*.t0*.*;*.t1*.*;*.t2*.*;*.t3*.*;*.t4*.*;*.t5*.*;*.t6*.*;*.t7*.*;*.t8*.*;*.t9*.*;*.ga*.*;*.gb*.*;*.gc*.*;*.gd*.*;*.ge*.*;*.gf*.*;*.gg*.*;*.gh*.*;*.gi*.*;*.gj*.*;*.gk*.*;*.gl*.*;*.gm*.*;*.gn*.*;*.gp*.*;*.gq*.*;*.gr*.*;*.gs*.*;*.gt*.*;*.gu*.*;*.gv*.*;*.gw*.*;*.gx*.*;*.gy*.*;*.gz*.*;*.ta*.*;*.tc*.*;*.td*.*;*.te*.*;*.tf*.*;*.tg*.*;*.th*.*;*.ti*.*;*.tj*.*;*.tk*.*;*.tl*.*;*.tm*.*;*.tn*.*;*.to*.*;*.tp*.*;*.tq*.*;*.tr*.*;*.ts*.*;*.tt*.*;*.tu*.*;*.tv*.*;*.tw*.*;*.tx*.*;*.ty*.*;*.tz*.*;*ae.*;*be.*;*ce.*;*de.*;*ee.*;*fe.*;*ge.*;*he.*;*ie.*;*je.*;*ke.*;*me.*;*ne.*;*oe.*;*pe.*;*qe.*;*re.*;*se.*;*te.*;*ue.*;*ve.*;*we.*;*xe.*;*ye.*;*ze.*;*as.*;*bs.*;*cs.*;*ds.*;*fs.*;*gs.*;*hs.*;*js.*;*ks.*;*ls.*;*ms.*;*ns.*;*os.*;*ps.*;*qs.*;*rs.*;*ss.*;*ts.*;*us.*;*vs.*;*ws.*;*xs.*;*ys.*;*zs.*;*ac.*;*bc.*;*cc.*;*dc.*;*ec.*;*fc.*;*gc.*;*hc.*;*jc.*;*kc.*;*lc.*;*mc.*;*nc.*;*oc.*;*pc.*;*qc.*;*rc.*;*sc.*;*tc.*;*uc.*;*vc.*;*wc.*;*xc.*;*yc.*;*zc.*;*.*0e.*;*.*1e.*;*.*2e.*;*.*3e.*;*.*4e.*;*.*5e.*;*.*6e.*;*.*7e.*;*.*8e.*;*.*9e.*;*.*0s.*;*.*1s.*;*.*2s.*;*.*3s.*;*.*4s.*;*.*5s.*;*.*6s.*;*.*7s.*;*.*8s.*;*.*9s.*;*.*0c.*;*.*1c.*;*.*2c.*;*.*3c.*;*.*4c.*;*.*5c.*;*.*6c.*;*.*7c.*;*.*8c.*;*.*9c.*;0*;1*;2*;3*;4*;5*;6*;7*;8*;9*;*0;*1;*2;*3;*4;*5;*6;*7;*8;*9;b*.*;c*.*;d*.*;f*.*;h*.*;i*.*;j*.*;k*.*;l*.*;n*.*;m*.*;o*.*;p*.*;q*.*;r*.*;s*.*;t*.*;u*.*;v*.*;x*.*;y*.*;z*.*;*a.*;*b.*;*f.*;*g.*;*h.*;*j.*;*k.*;*l.*;*m.*;*n.*;*o.*;*p.*;*q.*;*r.*;*t.*;*u.*;*v.*;*x.*;*y.*;*z.*
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyServer] = 127.0.0.1:8080 (enabled)
R1 - HKLM\System\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies: (default) = 1127.0.0.1:8080
R1 - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyServer] = 127.0.0.1:8080 (enabled)
R1 - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyServer] = 127.0.0.1:8080 (enabled)
O1 - Hosts: Reset contents to default
O1 - Hosts: 0.0.0.0 activation.acronis.com
O1 - Hosts: 0.0.0.0 web-api-tih.acronis.com
O1 - Hosts: 0.0.0.0 web-api-tie.acronis.com
O1 - Hosts: 0.0.0.0 web-api-vmp.acronis.com
O1 - Hosts: 0.0.0.0 cloud-rs-ru2.acronis.com
O1 - Hosts: 0.0.0.0 cloud-fes-ru2.acronis.com
O1 - Hosts: 0.0.0.0 rpc.acronis.com127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 lmlicenses.wip4.adobe.com
O1 - Hosts: 127.0.0.1 lm.licenses.adobe.com
O1 - Hosts: 127.0.0.1 na1r.services.adobe.com
O1 - Hosts: 127.0.0.1 hlrcv.stage.adobe.com
O3 - HKLM\..\Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll
O3-32 - HKLM\..\Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll

Poi hai un sacco di programmi in Avvio Automatico che non servono, basta solo l'antivirus che però non vedo, ti posso dire che in win 8.1 il migliore è Defender che fa parte del S.O.

Per disattivarli il metodo più semplice è usare ccleaner, aprilo poi vai in Strumenti/Avvio, seleziona uno alla volta tutti i programmi che vedi, escluso l'antivirus, fai doppio clic su ogni voce e il programma viene disattivato, i programmi non vengono toccati.
Alla fine riavvia il pc e vedi se ci sono migliorie.
Fai una pulizia del registro,

Per una pulizia profonda del registro, usa Eusing Free Registry Cleaner sw da usare saltuariamente, lo scarichi da qui: http://www.eusing.com/free_registry_cleaner/registry_cleaner.htm
clic su Download Site1, una volta lanciato appare una finestra che chiede il codice, clic su ignora e procedi, poi in alto a sinistra clic su Analizza Registro, lascia fare fino alla fine non ti preoccupare se trova molte voci, poi clicca su Ripara Registro, il sw è sicuro comunque crea un punto di ripristino e fa anche il backup dei file eliminati infatti in alto sotto ripara registro si trova la voce Ripristina Registro.

Ora rifai una scansione con HJT e posta il nuovo log.
Dimmi come va il pc, dimmi anche che antivirus usi. Ciao



FraCro
Inviato: Tuesday, March 24, 2020 11:20:56 PM
Rank: AiutAmico

Iscritto dal : 10/1/2003
Posts: 220
scusami esiste un sito (come nel passato per analizzare i log files)
se si quale grazie
sabbb
Inviato: Wednesday, March 25, 2020 11:26:40 AM
Rank: AiutAmico

Iscritto dal : 9/12/2009
Posts: 6,632
Il sito è questo ma non funziona più https://www.hijackthis.de/index.php?langselect=english

Non mi sono neanche messo a cercarne altri, il lavoro che ti sta facendo cbbusto non lo faceva il sito,inoltre era molto ma molto interpretabile.

cbbusto
Inviato: Wednesday, March 25, 2020 7:20:16 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Esisteva ma ora non funziona più, il log va analizzato bene e capire quali sono i file da eliminare.
io ti ho detto cosa devi eliminare senza problemi e cosa fare altro.
Se non ti fidi o hai dei dubbi, non so cosa fare.
Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.