Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » controllo log

controllo log Opzioni
Topic Precedente · Topic Sucessivo
nckx83
Inviato: Monday, January 13, 2020 7:26:08 PM

Rank: AiutAmico

Iscritto dal : 10/1/2009
Posts: 258
Buonasera, il mio pc sembra un po' più lento del solito a caricare le pagine web.
allego una scansione di hijackthis.

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.11

Platform: x64 Windows 8.1 (Home), 6.3.9600.19573, Service Pack: 0
Time: 13.01.2020 - 19:21 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: Io (group: Administrator) on IO-PC, FirstRun: yes

Chrome: 79.0.3945.117
Internet Explorer: 11.0.9600.19036
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
1 C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
1 C:\Program Files (x86)\Launch Manager\LManager.exe
1 C:\Program Files (x86)\Launch Manager\LMutilps32.exe
1 C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
1 C:\Program Files (x86)\Launch Manager\dsiwmis.exe
1 C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
1 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
1 C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
1 C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
1 C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
1 C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
1 C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
1 C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
1 C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
1 C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
1 C:\Program Files\Bitdefender Agent\DiscoverySrv.exe
1 C:\Program Files\Bitdefender Agent\ProductAgentService.exe
1 C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe
2 C:\Program Files\Bitdefender\Bitdefender 2017\bdservicehost.exe
1 C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
1 C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
1 C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe
1 C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnService.exe
1 C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
1 C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
1 C:\Program Files\Intel\iCLS Client\HeciServer.exe
1 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
1 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1 C:\Users\Io\Desktop\HiJackThis.exe
1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
1 C:\Windows\RfBtnSvc64.exe
1 C:\Windows\SysWOW64\WWAHost.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\igfxCUIService.exe
1 C:\Windows\System32\igfxEM.exe
1 C:\Windows\System32\igfxHK.exe
1 C:\Windows\System32\igfxTray.exe
1 C:\Windows\System32\igfxext.exe
1 C:\Windows\System32\lsass.exe
2 C:\Windows\System32\nvvsvc.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
12 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostex.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
3 C:\Windows\System32\wbem\unsecapp.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19537_none_fa5691419b168859\TiWorker.exe
1 C:\Windows\explorer.exe
1 C:\Windows\servicing\TrustedInstaller.exe

O1 - Hosts: is empty
O2 - HKLM\..\BHO: Bitdefender Trackers Blocking - {159ff5d5-55f1-4d2f-b706-767a55f77abb} - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbie.dll
O2 - HKLM\..\BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - HKLM\..\BHO: Portafoglio di Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll
O2-32 - HKLM\..\BHO: Bitdefender Trackers Blocking - {159ff5d5-55f1-4d2f-b706-767a55f77abb} - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdtbie.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll
O2-32 - HKLM\..\BHO: Portafoglio di Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll
O4 - HKLM\..\Run: [BdVpnApp] = C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe
O4 - HKLM\..\Run: [Bdagent] = C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe
O9 - Button: HKLM\..\{159ff5d5-55f1-4d2f-b706-767a55f77abb}: Bitdefender Anti-tracker - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbie.dll
O9 - Button: HKLM\..\{7815BE26-237D-41A8-A98F-F7BD75F71086}: (no name) - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Tools menu item: HKLM\..\{7815BE26-237D-41A8-A98F-F7BD75F71086}: Send by Bluetooth to - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9-32 - Button: HKLM\..\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}: (no name) - (no file)
O9-32 - Button: HKLM\..\{159ff5d5-55f1-4d2f-b706-767a55f77abb}: Bitdefender Anti-tracker - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdtbie.dll
O9-32 - Tools menu item: HKLM\..\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}: Sun Java Console - (no file)
O17 - HKLM\System\CCS\Services\Tcpip\..\{60ED0A7F-0DF4-4BE1-A0CF-35F960B6F176}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{60ED0A7F-0DF4-4BE1-A0CF-35F960B6F176}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O20 - HKLM\..\Windows: [AppInit_DLLs] = C:\Windows\System32\nvinitx.dll (disabled by registry) (disabled by SecureBoot)
O21 - HKLM\..\ShellIconOverlayIdentifiers\00avast: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\DropboxExt1: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Io\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\DropboxExt2: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Io\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\DropboxExt3: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Io\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\DropboxExt4: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Io\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\DropboxExt1: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Io\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\DropboxExt2: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Io\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\DropboxExt3: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Users\Io\AppData\Roaming\Dropbox\bin\DropboxExt.26.0.dll
O22 - Task (.job): (Ready) DropboxUpdateTaskUserS-1-5-21-1747496577-2780195079-3748254225-1002Core.job - C:\Users\Io\AppData\Local\Dropbox\Update\DropboxUpdate.exe (file missing) /c
O22 - Task (.job): (Ready) DropboxUpdateTaskUserS-1-5-21-1747496577-2780195079-3748254225-1002UA.job - C:\Users\Io\AppData\Local\Dropbox\Update\DropboxUpdate.exe (file missing) /ua /installsource scheduler
O22 - Task: \Microsoft\Windows\ApplicationData\CleanupTemporaryState - C:\WINDOWS\system32 (file missing)
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: AtherosSvc - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service R2: Bitdefender Auxiliary Service - (BDAuxSrv) - C:\Program Files\Bitdefender\Bitdefender 2017\bdservicehost.exe "settings\services\configs\bdauxsrv_config.json"
O23 - Service R2: Bitdefender Desktop Update Service - (UPDATESRV) - C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe /service
O23 - Service R2: Bitdefender Device Management Service - (DevMgmtService) - C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
O23 - Service R2: Bitdefender RedLine Service - (bdredline) - C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
O23 - Service R2: Bitdefender Virus Shield - (VSSERV) - C:\Program Files\Bitdefender\Bitdefender 2017\bdservicehost.exe "settings/services/configs/bdshieldsrv_config.json"
O23 - Service R2: Broadcom Card Reader Service - (BrcmCardReader) - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
O23 - Service R2: CCDMonitorService - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service R2: Diagnostics Tracking Service - (DiagTrack) - C:\WINDOWS\System32\svchost.exe -k utcsvc; "ServiceDll" = C:\WINDOWS\system32\diagtrack.dll
O23 - Service R2: Dritek RF Button Command Service - (RfButtonDriverService) - C:\Windows\RfBtnSvc64.exe
O23 - Service R2: Dritek WMI Service - (DsiWMIService) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service R2: GamesAppIntegrationService - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service R2: HuaweiHiSuiteService64.exe - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe -/service
O23 - Service R2: Intel(R) Capability Licensing Service Interface - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService1.0.0.0) - C:\WINDOWS\system32\igfxCUIService.exe
O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service R2: Intel(R) Management and Security Application User Notification Service - (UNS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service R2: NTI IScheduleSvc - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service R2: NVIDIA Display Driver Service - (nvsvc) - C:\Windows\system32\nvvsvc.exe
O23 - Service R2: NVIDIA Update Service Daemon - (nvUpdatusService) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service R2: ProductAgentService - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service R2: Servizio Vpn Bitdefender - (BdVpnService) - C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe "service"
O23 - Service R2: ZAtheros Wlan Agent - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
O23 - Service R3: ePower Service - (ePowerSvc) - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: AfVpnService - C:\Program Files\Bitdefender\Bitdefender VPN\vpnservice.exe
O23 - Service S3: Device Fast-lane Service - (DeviceFastLaneService) - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service S3: EgisTec Ticket Service - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service S3: FLEXnet Licensing Service - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service S3: GamesAppService - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.117\elevation_service.exe
O23 - Service S3: InstallDriver Table Manager - (IDriverT) - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc



Debug information:

- 13.01.2020 19:20:44 - CryptCATAdminCalcHashFromFileHandle - #0 LastDllError = 193 (%1 non è un'applicazione di Win32 valida.) TRUST_E_NOSIGNATURE: Not signed File: C:\WINDOWS\system32

--
End of file - Time spent: 82,1 sec. - 27706 bytes, CRC32: FFFFFFFF. Sign: 㮂滽
Torna in alto
 
Sponsor
Inviato: Monday, January 13, 2020 7:26:08 PM

 
Torna in alto
 
cbbusto
Inviato: Thursday, January 16, 2020 12:54:29 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Dal log non risulta niente. La lentezza nel caricare pagine dipende dalla connessione che hai, se è ADSL o wifi può essere lenta.
Fai queste 2 scansioni per vedere se trovani qualcosa. Poi pulisci il Registro puoi usare il seguente sw :
Per una pulizia profonda del registro, usa Eusing Free Registry Cleaner sw da usare saltuariamente, lo scarichi da qui: http://www.eusing.com/free_registry_cleaner/registry_cleaner.htm
clic su Download Site1, una volta lanciato appare una finestra che chiede il codice, clic su ignora e procedi, poi in alto a sinistra clic su Analizza Registro, lascia fare fino alla fine non ti preoccupare se trova molte voci, poi clicca su Ripara Registro, il sw è sicuro comunque crea un punto di ripristino e fa anche il backup dei file eliminati infatti in alto sotto ripara registro si trova la voce Ripristina Registro.
Per fare questa pulizia meglio chiudere tutti i programmi e disconnesso.
Il programma è compatibile con tutti i S.O. windows compreso win 10.
Ciao
Torna in alto
 
nckx83
Inviato: Sunday, January 19, 2020 2:14:14 PM

Rank: AiutAmico

Iscritto dal : 10/1/2009
Posts: 258
Ciao, non ho capito, le due scansioni con quale software le devo fare?, me ne hai indicato solo uno.
Grazie.
Torna in alto
 
wolfestein
Inviato: Sunday, January 19, 2020 4:07:31 PM

Rank: AiutAmico

Iscritto dal : 2/15/2009
Posts: 15,948
nckx83 ha scritto:
Ciao, non ho capito, le due scansioni con quale software le devo fare?, me ne hai indicato solo uno.Grazie.

Questa per il registro:
http://www.eusing.com/free_registry_cleaner/registry_cleaner.htm
L'altra che l'amico cbbusto forse consigliava può essere questa:
http://www.aiutamici.com/software?ID=11168
Torna in alto
 
giza
Inviato: Sunday, January 19, 2020 5:51:51 PM

Rank: AiutAmico

Iscritto dal : 10/27/2006
Posts: 9,612
eusing free è meglio evitarlo, corrompe dei file.
Torna in alto
 
cbbusto
Inviato: Monday, January 20, 2020 10:46:59 AM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
giza ha scritto:
eusing free è meglio evitarlo, corrompe dei file.

Questo è assolutamente falso.
Torna in alto
 
cbbusto
Inviato: Monday, January 20, 2020 10:50:14 AM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
nckx83 ha scritto:
Ciao, non ho capito, le due scansioni con quale software le devo fare?, me ne hai indicato solo uno.
Grazie.

Scusami ho dimenticato di mettere i nomi, purtroppo non posso essere presente nel forum spesso, i software sono i seguenti:

Scarica Adwcleaner sul desktop: http://www.bleepingcomputer.com/download/adwcleaner/
Per il download cliccare su: Download now
Chiudi tutti i browser (è importante IE,Firefox Chrome ecc...)
Clicca sul pulsante "Analisi".
Finita la scansione clicca su "Pulizia"
Conferma con OK le varie finestre che ti compariranno.
Riavvia il pc e uscirà il log con le eliminazioni.
Postalo qui.
ADW crea un backup dei files e delle impostazioni eliminati, si trova in "C:\AdwCleaner\Quarantine" in modo da consentire l'eventuale ripristino di dati erroneamente cancellati.
Per il ripristino, aprire il programma>Strumenti>Gestione quarantena>Ripristino.

Scarica Junkware Removal Tool sul desktop.
http://junkware-removal-tool.it.uptodown.com/download
Il download dovrebbe partire entro 5 secondi
Disattiva temporaneamente l'antivirus per evitare potenziali conflitti.
Doppio click su JRT
Lo strumento si aprirà e avvierà la scansione del sistema.
Devi avere pazienza in quanto questo tool può richiedere del tempo per completare la scansione .
Al termine, un log (JRT.txt) viene salvato sul desktop e si aprirà automaticamente.
Postalo qui.
Per la pulizia del Registro ti avevo già dati il software. Ciao
Torna in alto
 
cbbusto
Inviato: Monday, January 20, 2020 11:24:39 AM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
giza ha scritto:
eusing free è meglio evitarlo, corrompe dei file.


Ti ho risposto nel post che hai inviato ad alfonso. Ciao
Torna in alto
 
nckx83
Inviato: Monday, January 20, 2020 7:13:27 PM

Rank: AiutAmico

Iscritto dal : 10/1/2009
Posts: 258
ha scritto:
Scusami ho dimenticato di mettere i nomi, purtroppo non posso essere presente nel forum spesso, i software sono i seguenti:


Nessun problema, ci mancherebbe ;)

Ho fatto le scansioni come mi hai indicato, disattivato antivirus e disconnesso internet.

Qualcosa è stata trovata, prima di eliminare i files ti faccio dare un occhiata.

Ecco i log:

# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2019-12-17.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-20-2020
# Duration: 00:00:50
# OS: Windows 8.1
# Scanned: 35232
# Detected: 90


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Legacy C:\Program Files (x86)\Free FLV Converter

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Amonetize HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{57F72B10-1D7C-4526-9F05-2C5FEF13775B}
PUP.Optional.Amonetize HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57F72B10-1D7C-4526-9F05-2C5FEF13775B}
PUP.Optional.Amonetize HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UpdaterEX
PUP.Optional.Iminent HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
PUP.Optional.Iminent HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{58124A0B-DC32-4180-9BFF-E0E21AE34026}
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{58124A0B-DC32-4180-9BFF-E0E21AE34026}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Eusing Free Registry Cleaner

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

Preinstalled.AcerCloud Folder C:\Program Files (x86)\ACER\ACER CLOUD
Preinstalled.AcerDeviceFast-lane File C:\Users\Io\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acer Device Fast-lane.lnk
Preinstalled.AcerDeviceFast-lane Folder C:\Program Files\ACER\ACER DEVICE FAST-LANE
Preinstalled.AcerGames Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent acer Master Uninstall
Preinstalled.AcerIdentityCard Folder C:\Program Files (x86)\ACER\IDENTITY CARD
Preinstalled.AcerIdentityCard Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{3D9CB654-99AD-4301-89C6-0D12A790767C}
Preinstalled.AcerInstantUpdateService Folder C:\Program Files\ACER\ACER INSTANT SERVICE\INSTANTUPDATE
Preinstalled.AcerInstantUpdateService Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB407D31-3406-4419-B424-703A519A04E0}
Preinstalled.AcerInstantUpdateService Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\iuBrowserIEAgent
Preinstalled.AcerInstantUpdateService Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8215A318-CC27-435E-B3EA-2E3443C8998C}
Preinstalled.AcerInstantUpdateService Task C:\Windows\System32\Tasks\IUBROWSERIEAGENT
Preinstalled.AcerLiveUpdater Folder C:\Program Files (x86)\ACER\LIVE UPDATER
Preinstalled.AcerPortal Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}
Preinstalled.AcerPowerManagement File C:\Users\Io\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acer Power Button.lnk
Preinstalled.AcerPowerManagement Folder C:\Program Files\ACER\ACER POWER MANAGEMENT
Preinstalled.AcerSleepMemoryOptimizer Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B350D20-A675-41C5-85A9-D27862EBA789}
Preinstalled.AcerSleepMemoryOptimizer Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\iuEmailOutlookAgent
Preinstalled.AcerSleepMemoryOptimizer Task C:\Windows\System32\Tasks\IUEMAILOUTLOOKAGENT
Preinstalled.AcerabDocs Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}
Preinstalled.Acerclear.fiMovie Folder C:\Program Files (x86)\ACER\CLEAR.FI SDK21\MOVIE
Preinstalled.Acerclear.fiMovie Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{35DA427D-BB23-49B8-9AFD-CFFCFE3B708D}
Preinstalled.CyberLinkMediaEspresso Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4AC8B08D-B527-49D5-9DFF-AD3169366ABD}
Preinstalled.CyberLinkMediaEspresso Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DeviceDetector
Preinstalled.CyberLinkMediaEspresso Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}
Preinstalled.CyberLinkMediaEspresso Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{E3739848-5329-48E3-8D28-5BBD6E8BE384}
Preinstalled.CyberLinkMediaEspresso Task C:\Windows\System32\Tasks\DEVICEDETECTOR
Preinstalled.GatewayDeviceFast-lane Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}
Preinstalled.GatewayLiveUpdater Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8D8D8DC8-12B5-42A1-9978-70747734D13A}
Preinstalled.GatewayLiveUpdater Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{521FF5A1-FA4F-4838-AA7C-D083919EFFFE}
Preinstalled.GatewayLiveUpdater Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D8D8DC8-12B5-42A1-9978-70747734D13A}
Preinstalled.GatewayLiveUpdater Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ALU
Preinstalled.GatewayLiveUpdater Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ALUAgent
Preinstalled.GatewayLiveUpdater Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{EE26E302-876A-48D9-9058-3129E5B99999}
Preinstalled.GatewayLiveUpdater Task C:\Windows\System32\Tasks\ALU
Preinstalled.GatewayLiveUpdater Task C:\Windows\System32\Tasks\ALUAGENT
Preinstalled.GatewayPowerManagement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BB620E1-26CA-463B-9B42-1FF0D5FBBD9D}
Preinstalled.GatewayPowerManagement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Management
Preinstalled.GatewayPowerManagement Task C:\Windows\System32\Tasks\POWER MANAGEMENT
Preinstalled.HPCleanFLC File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
Preinstalled.PackardBellPowerManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{91F52DE4-B789-42B0-9311-A349F10E5479}
Preinstalled.WildTangentGamesBundle File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - acer.lnk
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\AGATHA CHRISTIE - DEATH ON THE NILE
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\ALOHA TRIPEAKS
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\BEJEWELED 3
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\DELICIOUS EMILYS TRUE LOVE PREMIUM EDITION
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\GOVERNOR OF POKER 2 PREMIUM EDITION
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\ISLAND TRIBE
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\JEWEL MATCH 3
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\MAGIC ACADEMY
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\PENGUINS!
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\PLANTS VS ZOMBIES - GAME OF THE YEAR
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\POLAR BOWLER
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\TALES OF LAGOONA
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\ZUMAS REVENGE
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES\APP
Preinstalled.WildTangentGamesBundle Registry HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-acer-main
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer
Preinstalled.WildTangentGamesBundle Registry HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKU\S-1-5-21-1747496577-2780195079-3748254225-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 8.1 x64
Ran by Io (Administrator) on 20/01/2020 at 19.02.56,43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1

Successfully deleted: C:\ProgramData\1494930478.bdinstall.bin (File)



Registry: 4

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{249A18B4-2AC6-C845-9639-73EBA4F980FE} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6261FA12-87CF-4711-93F2-2AABFE1F0E87} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{159ff5d5-55f1-4d2f-b706-767a55f77abb} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{159ff5d5-55f1-4d2f-b706-767a55f77abb} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20/01/2020 at 19.06.41,88
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Torna in alto
 
cbbusto
Inviato: Tuesday, January 28, 2020 3:41:56 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Devi eliminare tutto quanto è stato trovato. Speak to the hand
Torna in alto
 
giza
Inviato: Tuesday, January 28, 2020 4:14:53 PM

Rank: AiutAmico

Iscritto dal : 10/27/2006
Posts: 9,612
cbbusto, nel dubbio ho fatto un altra prova, ho aggiornato thunderbird, aggiornato sumatra e controllato gli allegati. si sono aperti normalmente.
fatto girare eusing free.
ricontrollato gli allegati e no si aprivano più. sarà qualche impostazione del mio pc ma è così
Torna in alto
 
cbbusto
Inviato: Tuesday, January 28, 2020 11:36:17 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
giza ha scritto:
cbbusto, nel dubbio ho fatto un altra prova, ho aggiornato thunderbird, aggiornato sumatra e controllato gli allegati. si sono aperti normalmente.
fatto girare eusing free.
ricontrollato gli allegati e no si aprivano più. sarà qualche impostazione del mio pc ma è così


E' probabile, perchè a me non è mai successo e a tutti quelli che ho consigliato il sw non è mai successo niente.
So che c'è un altro programma che fa la pulizia del Registro ma non lo conosco.Speak to the hand
Torna in alto
 
Utenti presenti in questo topic
Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » controllo log


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.