Ciao a tutti posso chiedere aiuto per interpretare il log di HijackThis?
Firefox: 80.0.1.7548
Internet Explorer: 11.0.9600.19597
Default: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)
Boot mode: Normal
Running processes:
Number | Path
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
7 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
1 C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
1 C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe
1 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
2 C:\Program Files\AVAST Software\Avast\AvastUI.exe
1 C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
1 C:\Program Files\Bonjour\mDNSResponder.exe
1 C:\Program Files\CCleaner\CCleaner64.exe
1 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1 C:\Program Files\Microsoft Security Client\MsMpEng.exe
1 C:\Program Files\Microsoft Security Client\NisSrv.exe
1 C:\Program Files\Microsoft Security Client\msseces.exe
1 C:\Program Files\Windows Media Player\wmpnetwk.exe
2 C:\Users\Maria\Desktop\Applicazioni\HiJackThis.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\hkcmd.exe
1 C:\Windows\System32\igfxext.exe
1 C:\Windows\System32\igfxpers.exe
1 C:\Windows\System32\igfxtray.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\lsm.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
12 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskeng.exe
1 C:\Windows\System32\taskhost.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\explorer.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] =
http://www.google.it/R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyOverride] = *.local
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR
O4 - HKLM\..\Run: [AvastUI.exe] = C:\Program Files\AVAST Software\Avast\AvLaunch.exe /gui
O4 - HKLM\..\Run: [HotKeysCmds] = C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [IgfxTray] = C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [MSC] = c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey
O4 - HKLM\..\Run: [Persistence] = C:\Windows\system32\igfxpers.exe
O4 - MSConfig\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk [backup] => C:\Program Files\McAfee Security Scan\3.11.1924\SSScheduler.exe (2020/09/17) (file missing)
O4 - MSConfig\startupfolder: C:^Users^Maria^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Registration THE SETTLERS - L'Eredità dei Re.LNK [backup] => (lnk is corrupted) (2019/08/04) (file missing)
O4 - MSConfig\startupreg: CCleaner Smart Cleaning [command] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (HKCU) (2020/05/13)
O4 - MSConfig\startupreg: Dropbox [command] = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup (HKLM) (2019/08/04) (file missing)
O4 - MSConfig\startupreg: GoogleDriveSync [command] = C:\Program Files\Google\Drive\googledrivesync.exe /autostart (HKCU) (2019/08/04)
O4 - MSConfig\startupreg: cacaoweb [command] = C:\Users\Maria\AppData\Roaming\cacaoweb\cacaoweb.exe -noplayer (HKCU) (2020/05/13)
O4 - MSConfig\startupreg: iTunesHelper [command] = C:\Program Files\iTunes\iTunesHelper.exe (HKLM) (2019/08/04)
O4-32 - HKLM\..\Run: [GrooveMonitor] = C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O10 - Unknown file in Winsock LSP: C:\Program Files (x86)\Bonjour\mdnsNSP.dll
O17 - DHCP DNS 1: 213.205.32.70
O17 - DHCP DNS 2: 213.205.36.70
O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveBlacklisted: Google Drive Shell extension - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} - C:\Program Files\Google\Drive\googledrivesync64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveSynced: Google Drive Shell extension - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} - C:\Program Files\Google\Drive\googledrivesync64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveSyncing: Google Drive Shell extension - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} - C:\Program Files\Google\Drive\googledrivesync64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVAST Software\Avast\ashShell.dll
O21-32 - HKLM\..\ShellExecuteHooks: [{B5A7F190-DDA6-4420-B3BA-52453494E6CD}] - Groove GFS Stub Execution Hook - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (disabled)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub): Groove Explorer Icon Overlay 1 (GFS Unread Stub) - {99FD978C-D287-4F50-827F-B2C658EDA8E7} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub): Groove Explorer Icon Overlay 2 (GFS Stub) - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder): Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) - {920E6DB1-9907-4370-B3A0-BAFC03D81399} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder): Groove Explorer Icon Overlay 3 (GFS Folder) - {16F3DD56-1AF5-4347-846D-7C10C4192619} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark): Groove Explorer Icon Overlay 4 (GFS Unread Mark) - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O22 - Task: (activation) \Microsoft\Windows\Windows Activation Technologies\ValidationTask - C:\Windows\system32\Wat\WatAdminSvc.exe /run (Microsoft)
O22 - Task: (activation) \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - C:\Windows\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
O22 - Task: (disabled) McAfee Remediation (Prepare) - C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe /prepare (file missing)
O22 - Task: (disabled) Synaptics TouchPad Enhancements - \Program Files\Synaptics\SynTP\SynTPEnh.exe
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\CompatTelRunner.exe (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\ProgramDataUpdater - C:\Windows\system32\compattelrunner.exe -maintenance (Microsoft)
O22 - Task: (update) \Microsoft\Windows\End Of Support\Notify1 - C:\Windows\system32\sipnotify.exe -LogonOrUnlock (Microsoft)
O22 - Task: (update) \Microsoft\Windows\End Of Support\Notify2 - C:\Windows\system32\sipnotify.exe -Daily (Microsoft)
O22 - Task: (update) \Microsoft\Windows\Setup\EOSNotify - C:\Windows\system32\EOSNotify.exe (Microsoft)
O22 - Task: (update) \Microsoft\Windows\Setup\EOSNotify2 - C:\Windows\system32\EOSNotify.exe -Daily (Microsoft)
O22 - Task: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Task: Adobe Flash Player NPAPI Notifier - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_Plugin.exe -check plugin
O22 - Task: Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O22 - Task: Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
O22 - Task: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
O22 - Task: CCleanerSkipUAC - C:\Program Files\CCleaner\CCleaner.exe $(Arg0)
O22 - Task: Driver Booster SkipUAC (Maria) - C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe /skipuac (file missing)
O22 - Task: EasyDisplayMgr - C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: \Avast Software\Overseer - C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe /from_scheduler:1
O22 - Task: \Mozilla\Firefox Default Browser Agent E7CF176E110C211B - C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
O23 - Service R2: Servizio Bonjour - (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Apple Mobile Device Service - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service R2: Avast Antivirus - (avast! Antivirus) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe /runassvc
O23 - Service R2: Diagnostics Tracking Service - (DiagTrack) - C:\Windows\System32\svchost.exe -k utcsvc; "ServiceDll" = C:\Windows\system32\diagtrack.dll
O23 - Service R2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service R2: Wondershare Application Framework Service - (WsAppService) - C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe
O23 - Service S2: Origin Web Helper Service - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Origin Client Service - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Servizio iPod - (iPod Service) - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service S3: aswbIDSAgent - C:\Program Files\AVAST Software\Avast\aswidsagent.exe