Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » scansione Hijack

scansione Hijack Opzioni
Topic Precedente · Topic Sucessivo
rene
Inviato: Saturday, August 27, 2022 1:45:56 PM
Rank: AiutAmico

Iscritto dal : 6/16/2004
Posts: 412
qualcuno può controllare grazie

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26

Platform: x64 Windows 10 (Pro), 10.0.19043.1889 (ReleaseId: 2009), Service Pack: 0
Time: 27.08.2022 - 13:43 (UTC+02:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: utente (group: Administrator) on DESKTOP-QM6QDTP, FirstRun: yes

Chrome: 104.0.5112.102
Firefox: 104.0.0.8265
Internet Explorer: 11.0.19041.1566
Default: "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Advanced System Repair Pro 1.9.3.8.0\AdvancedSystemRepairPro.exe
1 C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe
1 C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe
1 C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe
1 C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe
1 C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe
1 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\HiJackThis Fork\HiJackThis.exe
1 C:\Program Files (x86)\IObit\Driver Booster\9.5.0\Pub\PubPlatform.exe
1 C:\Program Files\AVG\Antivirus\AVGSvc.exe
4 C:\Program Files\AVG\Antivirus\AVGUI.exe
1 C:\Program Files\AVG\Antivirus\aswEngSrv.exe
1 C:\Program Files\AVG\Antivirus\aswidsagent.exe
1 C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
1 C:\Program Files\AVG\Antivirus\wsc_proxy.exe
1 C:\Program Files\AdBlocker Ultimate\AdBlockerUltimateService.exe
1 C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
1 C:\Program Files\Classic Shell\ClassicStartMenu.exe
9 C:\Program Files\Mozilla Firefox\firefox.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22052.136.0_x64__8wekyb3d8bbwe\YourPhone.exe
1 C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.22041.10091.0_x64__8wekyb3d8bbwe\Video.UI.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
5 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SgrmBroker.exe
3 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\System32\WirelessKB850NotificationService.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
2 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\oobe\UserOOBEBroker.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
72 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\unsecapp.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
2 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\explorer.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://internet/
O1 - Hosts: Reset contents to default
O1 - Hosts: 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
O1 - Hosts: 0.0.0.0 media.opencandy.com
O1 - Hosts: 0.0.0.0 cdn.opencandy.com
O1 - Hosts: 0.0.0.0 tracking.opencandy.com
O1 - Hosts: 0.0.0.0 api.opencandy.com
O1 - Hosts: 0.0.0.0 api.recommendedsw.com
O1 - Hosts: 0.0.0.0 rp.yefeneri2.com
O1 - Hosts: 0.0.0.0 os.yefeneri2.com
O1 - Hosts: 0.0.0.0 os2.yefeneri2.com
O1 - Hosts: 0.0.0.0 installer.betterinstaller.com
O1 - Hosts: 0.0.0.0 installer.filebulldog.com
O1 - Hosts: 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
O1 - Hosts: 0.0.0.0 inno.bisrv.com
O1 - Hosts: 0.0.0.0 nsis.bisrv.com
O1 - Hosts: 0.0.0.0 cdn.file2desktop.com
O1 - Hosts: 0.0.0.0 cdn.goateastcach.us
O1 - Hosts: 0.0.0.0 cdn.guttastatdk.us
O1 - Hosts: 0.0.0.0 cdn.inskinmedia.com
O1 - Hosts: 0.0.0.0 cdn.insta.oibundles2.com
O1 - Hosts: 0.0.0.0 cdn.insta.playbryte.com
O1 - Hosts: 0.0.0.0 cdn.llogetfastcach.us
O1 - Hosts: 0.0.0.0 cdn.montiera.com
O1 - Hosts: 0.0.0.0 cdn.msdwnld.com
O1 - Hosts: 0.0.0.0 cdn.mypcbackup.com
O1 - Hosts: 0.0.0.0 cdn.ppdownload.com
O1 - Hosts: 0.0.0.0 cdn.riceateastcach.us
O1 - Hosts: 0.0.0.0 cdn.shyapotato.us
O1 - Hosts: 0.0.0.0 cdn.solimba.com
O1 - Hosts: 0.0.0.0 cdn.tuto4pc.com
O1 - Hosts: 0.0.0.0 cdn.appround.biz
O1 - Hosts: 0.0.0.0 cdn.bigspeedpro.com
O1 - Hosts: 0.0.0.0 cdn.bispd.com
O1 - Hosts: 0.0.0.0 cdn.bisrv.com
O1 - Hosts: 0.0.0.0 cdn.cdndp.com
O1 - Hosts: 0.0.0.0 cdn.download.sweetpacks.com
O1 - Hosts: 0.0.0.0 cdn.dpdownload.com
O1 - Hosts: 0.0.0.0 cdn.visualbee.net
O2 - HKLM\..\BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll
O2 - HKLM\..\BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\104.0.1293.70\BHO\ie_to_edge_bho_64.dll
O2 - HKLM\..\BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll
O2-32 - HKLM\..\BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O2-32 - HKLM\..\BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\104.0.1293.70\BHO\ie_to_edge_bho.dll
O2-32 - HKLM\..\BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O3 - HKLM\..\Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
O3-32 - HKLM\..\Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKCU\..\StartupApproved\Run: [Advanced SystemCare] = C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe /Auto
O4 - HKCU\..\StartupApproved\Run: [GUDelayStartup] = C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe -delayrun
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_77749F74DDE9AA2B9F9BBD414407089B] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (2022/08/06)
O4 - HKLM\..\Run: [AVGUI.exe] = C:\Program Files\AVG\Antivirus\AvLaunch.exe /gui
O4 - HKLM\..\Run: [Classic Start Menu] = C:\Program Files\Classic Shell\ClassicStartMenu.exe -autorun
O4 - HKLM\..\Session Manager: [BootExecute] = C:\Windows\system32\autochk.exe *
O4 - HKLM\..\StartupApproved\Run32: [GrooveMonitor] = C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (2021/05/30)
O4 - HKLM\..\StartupApproved\Run32: [ZaAntiRansomware] = C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe (2022/08/06)
O4 - HKLM\..\StartupApproved\Run32: [ZoneAlarm] = C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (2022/08/06)
O4 - HKLM\..\StartupApproved\Run: [AdBlocker Ultimate] = C:\Program Files\AdBlocker Ultimate\AdblockerUltimateGUI.exe /minimized
O9 - Button: HKLM\..\{48A61126-9A19-4C50-A214-FF08CB94995C}: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll
O9 - Button: HKLM\..\{56753E59-AF1D-4FBA-9E15-31557124ADA2}: (no name) - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Tools menu item: HKLM\..\{48A61126-9A19-4C50-A214-FF08CB94995C}: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll
O9 - Tools menu item: HKLM\..\{56753E59-AF1D-4FBA-9E15-31557124ADA2}: Classic IE Settings - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9-32 - Button: HKLM\..\{48A61126-9A19-4C50-A214-FF08CB94995C}: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O9-32 - Button: HKLM\..\{56753E59-AF1D-4FBA-9E15-31557124ADA2}: (no name) - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9-32 - Tools menu item: HKLM\..\{48A61126-9A19-4C50-A214-FF08CB94995C}: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O9-32 - Tools menu item: HKLM\..\{56753E59-AF1D-4FBA-9E15-31557124ADA2}: Classic IE Settings - C:\Program Files\Classic Shell\ClassicIE_32.exe
O15 - Trusted Zone: *.localhost
O15 - Trusted Zone: http://webcompanion.com
O16-32 - DPF: HKLM\..\{D27CDB6E-AE6D-11CF-96B8-444553540000}\DownloadInformation: (no name) [CODEBASE] = http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - DHCP DNS 1: 8.8.8.8 (Well-known DNS: Google)
O17 - DHCP DNS 2: 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{44d96b11-fb5f-430e-b737-15634f9d9969}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{44d96b11-fb5f-430e-b737-15634f9d9969}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O21 - HKLM\..\ShellIconOverlayIdentifiers\00avg: AVG - {472083B1-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVG\Antivirus\ashShell.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ShareOverlay: ShareOverlay Class - {594D4122-1F87-41E2-96C7-825FB4796516} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
O21-32 - HKLM\..\ShellExecuteHooks: [{B5A7F190-DDA6-4420-B3BA-52453494E6CD}] - Groove GFS Stub Execution Hook - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (disabled)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\00avg: AVG - {472083B1-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVG\Antivirus\x86\ashShell.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub): Groove Explorer Icon Overlay 1 (GFS Unread Stub) - {99FD978C-D287-4F50-827F-B2C658EDA8E7} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub): Groove Explorer Icon Overlay 2 (GFS Stub) - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder): Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) - {920E6DB1-9907-4370-B3A0-BAFC03D81399} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder): Groove Explorer Icon Overlay 3 (GFS Folder) - {16F3DD56-1AF5-4347-846D-7C10C4192619} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark): Groove Explorer Icon Overlay 4 (GFS Unread Mark) - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ShareOverlay: ShareOverlay Class - {594D4122-1F87-41E2-96C7-825FB4796516} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O22 - Task: (disabled) (telemetry) \Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880 (Microsoft)
O22 - Task: (disabled) (telemetry) \Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\Windows\system32\MusNotification.exe /RunOnAC RebootDialog (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\Windows\system32\MusNotification.exe /RunOnBattery RebootDialog (Microsoft)
O22 - Task: (disabled) AdvancedUpdater - C:\Program Files (x86)\AW Manager\Windows Manager\Windows Updater.exe /silentall -nofreqcheck -nogui (file missing)
O22 - Task: (disabled) HPCustParticipation HP ColorLaserJet MFP M278-M281 - C:\Program Files\HP\HP ColorLaserJet MFP M278-M281\Bin\HPCustPartic.exe /UA 19.5
O22 - Task: (disabled) \Agent Activation Runtime\S-1-5-21-1228454775-1351149315-2638755757-1001 - C:\Windows\System32\AgentActivationRuntimeStarter.exe
O22 - Task: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\Windows\system32\fclip.exe (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\Windows\system32\MusNotification.exe (Microsoft)
O22 - Task: ASC_SkipUac_utente - C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe /SkipUac
O22 - Task: ASR-Startup - C:\Program Files (x86)\Advanced System Repair Pro 1.9.3.8.0\AdvancedSystemRepairPro.exe /minimize
O22 - Task: AdBlocker Ultimate Sync - C:\Program Files\AdBlocker Ultimate\AdBlockerUltimateGUI.exe /verify
O22 - Task: AdBlocker Ultimate Updater - C:\Program Files\AdBlocker Ultimate\AdBlockerUltimateUpdater.exe hidden
O22 - Task: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Task: Antivirus Emergency Update - C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
O22 - Task: BlueStacksHelper_nxt - C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe -sr
O22 - Task: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
O22 - Task: CCleanerSkipUAC - utente - C:\Program Files\CCleaner\CCleaner.exe $(Arg0)
O22 - Task: Driver Booster Scheduler - C:\Program Files (x86)\IObit\Driver Booster\9.5.0\Scheduler.exe /scheduler
O22 - Task: Driver Booster SkipUAC (utente) - C:\Program Files (x86)\IObit\Driver Booster\9.5.0\DriverBooster.exe /skipuac
O22 - Task: Driver Booster Update - C:\Program Files (x86)\IObit\Driver Booster\9.5.0\AutoUpdate.exe /auto
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: GoogleUpdateTaskUserS-1-5-21-1228454775-1351149315-2638755757-1001Core - C:\Users\utente\AppData\Local\Google\Update\GoogleUpdate.exe /c (file missing)
O22 - Task: GoogleUpdateTaskUserS-1-5-21-1228454775-1351149315-2638755757-1001UA - C:\Users\utente\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (file missing)
O22 - Task: HPCustParticipation HP LaserJet MFP M28-M31 - C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\HPCustPartic.exe /UA 20.6
O22 - Task: Intel PTT EK Recertification - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe
O22 - Task: PrivaZer_SkipUAC - C:\Program Files (x86)\PrivaZer\PrivaZer.exe $(Arg0)
O22 - Task: Sump Task (One-Time) - C:\Program Files (x86)\IObit\Driver Booster\9.5.0\sump.exe /sup2
O22 - Task: \AVG\Overseer - C:\Program Files\Common Files\AVG\Overseer\overseer.exe /from_scheduler:1
O22 - Task: \Microsoft\Windows\AppListBackup\Backup - {E0DCC2CC-3354-45F2-8914-519E07809082} - C:\Windows\system32\AppListBackupLauncher.dll (Microsoft)
O22 - Task: \Microsoft\Windows\Printing\PrinterCleanupTask - {C56F065E-DE49-4E42-BE7C-305C45609D25} - C:\Windows\System32\PrinterCleanupTask.dll (Microsoft)
O22 - Task: \Microsoft\Windows\Shell\ThemesSyncedImageDownload - {79F8E185-4E45-4B74-8182-02AA430661E4} - C:\Windows\System32\Themes.SsfDownload.ScheduledTask.dll (Microsoft)
O22 - Task: \Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
O22 - Task: \Mozilla\Firefox Default Browser Agent FDC0B92858AB8E31 - C:\Users\utente\AppData\Local\Mozilla Firefox\default-browser-agent.exe do-task "FDC0B92858AB8E31"
O22 - Task: klcp_update - C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe /verysilent /update /freq=30
O23 - Service R2: AVG Antivirus - C:\Program Files\AVG\Antivirus\AVGSvc.exe /runassvc
O23 - Service R2: AVG Tools - C:\Program Files\AVG\Antivirus\avgToolsSvc.exe /runassvc
O23 - Service R2: AdBlocker Ultimate Service - (ABUService) - C:\Program Files\AdBlocker Ultimate\AdBlockerUltimateService.exe
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: AvgWscReporter - C:\Program Files\AVG\Antivirus\wsc_proxy.exe /runassvc /rpcserver
O23 - Service R2: CCleaner Performance Optimizer Service - (CCleanerPerformanceOptimizerService) - C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
O23 - Service R2: Check Point Endpoint EFR - (CPEFR) - C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe
O23 - Service R2: Check Point Endpoint Remediation - (RemediationService) - C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe
O23 - Service R2: Check Point Sandblast Agent Cipolla - (CpSbaCipolla) - C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe
O23 - Service R2: Check Point Sandblast Agent Updater - (CpSbaUpdater) - C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe
O23 - Service R2: TrueVector Internet Monitor - (vsmon) - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe -service
O23 - Service R2: Wireless Keyboard 850 Notification Service - (WirelessKB850NotificationService) - C:\Windows\system32\WirelessKB850NotificationService.exe
O23 - Service R2: ZAAR Update Service - (ZAARUpdateService) - C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe
O23 - Service R2: ZoneAlarm ICM NET Service - (ZA NET ICM Service) - C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe
O23 - Service R3: avgbIDSAgent - C:\Program Files\AVG\Antivirus\aswidsagent.exe
O23 - Service S2: Check Point SandBlast Agent Threat Emulation - (TESvc) - C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe -s
O23 - Service S2: Intel(R) TPM Provisioning Service - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\104.0.5112.102\elevation_service.exe
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: ZoneAlarm Privacy Service - (ZAPrivacyService) - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe


--
End of file - Time spent: 13,8 sec. - 42494 bytes, CRC32: FFFFFFFF. Sign: 篵틖
Torna in alto
 
Sponsor
Inviato: Saturday, August 27, 2022 1:45:56 PM

 
Torna in alto
 
alexs
Inviato: Saturday, August 27, 2022 4:27:09 PM
Rank: AiutAmico

Iscritto dal : 12/12/2008
Posts: 1,277
Posso solo informarti che l'ultima versione di HThis è 2.10.0.18, puoi eliminare le voci: 01-Hosts o.o.o., qualche esperto ti darà indicazioni precise.
Torna in alto
 
Utenti presenti in questo topic
Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » scansione Hijack


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.