Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Controllo log Grazie

Controllo log Grazie Opzioni
Topic Precedente · Topic Sucessivo
booble
Inviato: Thursday, January 16, 2020 9:18:23 AM
Rank: AiutAmico

Iscritto dal : 10/15/2006
Posts: 59
Mi potreste controllare il Log ? Grazie mille

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform: x64 Windows 10 (Pro), 10.0.18362.535 (ReleaseId: 1903), Service Pack: 0
Time: 16.01.2020 - 09:16 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: Kundalini (group: Administrator) on DESKTOP-I7LVQQ7, FirstRun: yes

Chrome: 79.0.3945.117
Firefox: 71.0.0.7275
Edge: 11.0.18362.476
Internet Explorer: 11.0.18362.1
Default: "C:\WINDOWS\system32\LaunchWinApp.exe" "%1" (Microsoft Edge)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
1 C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
1 C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2 C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
2 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.55.131.0_x64__kzf8qxf38zg5c\SkypeApp.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.55.131.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19112.115.0_x64__8wekyb3d8bbwe\YourPhone.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe
1 C:\Users\Kundalini\Desktop\HiJackThis\HiJackThis.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\MicrosoftEdgeCP.exe
1 C:\Windows\System32\MicrosoftEdgeSH.exe
6 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
2 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\browser_broker.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\drivers\AdminService.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\igfxCUIService.exe
1 C:\Windows\System32\igfxEM.exe
1 C:\Windows\System32\igfxHK.exe
1 C:\Windows\System32\igfxTray.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
77 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WmiApSrv.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\explorer.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-c78031797b0599b6
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-c78031797b0599b6
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{bce42d98-b1cd-493f-a64c-107aae7521be}: [SuggestionsURL] = '{{CYA_IE_SUGGEST_URL}}' - Bing Search Engine
O2 - HKLM\..\BHO: (no name) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - (no file)
O2-32 - HKLM\..\BHO: (no name) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - (no file)
O2-32 - HKLM\..\BHO: (no name) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - (no file)
O4 - HKCU\..\StartupApproved\Run: [GarminExpress] = C:\Program Files (x86)\Garmin\Express\express.exe /minimized (2019/12/30)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe (2020/01/10)
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Se&nd to OneNote: (default) = C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll (file missing)
O9 - Button: HKLM\..\{22CC3EBD-C286-43aa-B8E6-06B115F74162}: HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Button: HKLM\..\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}: (no name) - (no file)
O9 - Tools menu item: HKLM\..\{22CC3EBD-C286-43aa-B8E6-06B115F74162}: HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9-32 - Button: HKLM\..\{22CC3EBD-C286-43aa-B8E6-06B115F74162}: HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9-32 - Button: HKLM\..\{2670000A-7350-4f3c-8081-5663EE0C6C49}: (no name) - C:\Users\Kundalini\AppData\Local\Temp\{01817307-171e-4f35-9926-091C1D72001C}\{7B28E39C-883C-4f49-ABFB-5D16796F2DD9}\APAX.dll (file missing)
O9-32 - Button: HKLM\..\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}: (no name) - C:\Users\Kundalini\AppData\Local\Temp\{01817307-171e-4f35-9926-091C1D72001C}\{7B28E39C-883C-4f49-ABFB-5D16796F2DD9}\APAX.dll (file missing)
O9-32 - Button: HKLM\..\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}: (no name) - C:\Users\Kundalini\AppData\Local\Temp\{01817307-171e-4f35-9926-091C1D72001C}\{7B28E39C-883C-4f49-ABFB-5D16796F2DD9}\APAX.dll (file missing)
O9-32 - Tools menu item: HKLM\..\{22CC3EBD-C286-43aa-B8E6-06B115F74162}: HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O17 - DHCP DNS 1: 192.168.1.1
O18 - HKLM\Software\Classes\Protocols\Handler\mso-minsb-roaming.16: [CLSID] = (no CLSID) - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ SkyDrivePro1 (ErrorConflict): (no name) - - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ SkyDrivePro2 (SyncInProgress): (no name) - - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ SkyDrivePro3 (InSync): (no name) - - (no file)
O23 - Service R2: ASLDR Service - (ASLDRService) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: AtherosSvc - C:\WINDOWS\System32\drivers\AdminService.exe
O23 - Service R2: HuaweiHiSuiteService64.exe - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe -/service
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService1.0.0.0) - C:\WINDOWS\system32\igfxCUIService.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.117\elevation_service.exe
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Wondershare Driver Install Service - (WsDrvInst) - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe


--
End of file - Time spent: 34,4 sec. - 18238 bytes, CRC32: FFFFFFFF. Sign: 䕚俐
Torna in alto
 
Sponsor
Inviato: Thursday, January 16, 2020 9:18:23 AM

 
Torna in alto
 
cbbusto
Inviato: Thursday, January 16, 2020 12:57:54 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Il log è a posto. Per controllare un log dovresti avere dei problemi e descriverli altrimenti cosa controlliamo. Ciao
Torna in alto
 
booble
Inviato: Thursday, January 16, 2020 5:47:03 PM
Rank: AiutAmico

Iscritto dal : 10/15/2006
Posts: 59
GRAZIE!! era per vedere se era pulito... dopo aver installato un programmino strano mi sono arrivate email fake di pagamento con pay pal ...
Torna in alto
 
cbbusto
Inviato: Monday, January 20, 2020 10:55:09 AM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
booble ha scritto:
GRAZIE!! era per vedere se era pulito... dopo aver installato un programmino strano mi sono arrivate email fake di pagamento con pay pal ...

Cestina quelle mail se non conosci il mittente.
Torna in alto
 
Utenti presenti in questo topic
Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Controllo log Grazie


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.