Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » mi controllereste il log

mi controllereste il log Opzioni
Topic Precedente · Topic Sucessivo
booble
Inviato: Saturday, September 15, 2018 8:23:16 PM
Rank: AiutAmico

Iscritto dal : 10/15/2006
Posts: 59
Ciao Mi controllereste il log , mi sa che ho qualche virus... Graziee

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 20:11:12, on 15/09/2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Diverted\ensues.exe
C:\Program Files (x86)\cannily\batons.exe
C:\Users\Cris73\Downloads\HijackThis.exe
C:\WINDOWS\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE11ITIT/MCM_WCP
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
O4 - HKLM\..\Run: [Churns] "C:\Program Files (x86)\Smother\Droste.exe" lawwlawwlawwlaw.lawslawnlawhlaw.lawplawwlaw/laws2hw0hw1hwlaw8hw0t9t1s5lawshwhtmlqlilaw4wgr0lleP3lawhFWQsay
O4 - HKLM\..\Run: [Johannes] "C:\Program Files (x86)\pearson\Hatless.exe" lawwlawwlawwlaw.lawslawnlawhlaw.lawplawwlaw/laws2hw0hw1hwlaw8hw0t9t1s5lawshwhtmlqlilaw4wgr0lleP3lawhFWQsay
O4 - HKLM\..\Run: [Cac] "C:\Program Files (x86)\Frenchwoman\Droste.exe" lawwlawwlawwlaw.lawslawnlawhlaw.lawplawwlaw/laws2hw0hw1hwlaw8hw0t9t1s5lawshwhtmlqlilaw4wgr0lleP3lawhFWQsay
O4 - HKCU\..\Run: [Cockiness] "C:\Program Files (x86)\Smother\Droste.exe" lawwlawwlawwlaw.lawslawnlawhlaw.lawplawwlaw/laws2hw0hw1hwlaw8hw0t9t1s5lawshwhtmlqlilaw4wgr0lleP3lawhFWQsay
O4 - HKCU\..\Run: [Clan] "C:\Program Files (x86)\pearson\Hatless.exe" lawwlawwlawwlaw.lawslawnlawhlaw.lawplawwlaw/laws2hw0hw1hwlaw8hw0t9t1s5lawshwhtmlqlilaw4wgr0lleP3lawhFWQsay
O4 - HKCU\..\Run: [Milliseconds] "C:\Program Files (x86)\Frenchwoman\Droste.exe" lawwlawwlawwlaw.lawslawnlawhlaw.lawplawwlaw/laws2hw0hw1hwlaw8hw0t9t1s5lawshwhtmlqlilaw4wgr0lleP3lawhFWQsay
O4 - HKCU\..\Run: [Derrida] "C:\Program Files (x86)\Smother\Droste.exe" lawwlawwlawwlaw.lawslawnlawhlaw.lawplawwlaw/laws2hw0hw1hwlaw8hw0t9t1s5lawshwhtmlqlilaw4wgr0lleP3lawhFWQsay
O4 - HKCU\..\Run: [Rebooting] "C:\Program Files (x86)\pearson\Hatless.exe" lawwlawwlawwlaw.lawslawnlawhlaw.lawplawwlaw/laws2hw0hw1hwlaw8hw0t9t1s5lawshwhtmlqlilaw4wgr0lleP3lawhFWQsay
O4 - HKCU\..\Run: [Troupes] "C:\Program Files (x86)\Frenchwoman\Droste.exe" lawwlawwlawwlaw.lawslawnlawhlaw.lawplawwlaw/laws2hw0hw1hwlaw8hw0t9t1s5lawshwhtmlqlilaw4wgr0lleP3lawhFWQsay
O4 - HKCU\..\Run: [batons] "C:\Program Files (x86)\cannily\batons.exe" lawwlawwlawwlaw.lawslawnlawhlaw.lawplawwlaw/laws2hw0hw1hwlaw8hw0t9t1s5lawshwhtmlqlilaw4wgr0lleP3lawhFWQsay
O4 - HKCU\..\Run: [blancmange] "C:\Program Files (x86)\Smother\Droste.exe" lawwlawwlawwlaw.lawslawnlawhlaw.lawplawwlaw/laws2hw0hw1hwlaw8hw0t9t1s5lawshwhtmlqlilaw4wgr0lleP3lawhFWQsay
O4 - Startup: compensates.lnk = ?
O4 - Startup: compensatescompensates.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.hola.org
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hola Better Internet Engine (hola_svc) - Hola Networks Ltd. - C:\Program Files\Hola\app\hola_svc.exe
O23 - Service: Hola Better Internet Updater (hola_updater) - Hola Networks Ltd. - C:\Program Files\Hola\app\hola_updater.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Luminati Net Updater (luminati_net_updater_win_hola_org) - Luminati Networks Ltd. - C:/Program Files/Hola/app/net_updater64.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) Common Connectivity Framework (STCServ) - Intel Corporation - C:\Program Files\Intel\STCServ\STCServ.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 12035 bytes
Torna in alto
 
Sponsor
Inviato: Saturday, September 15, 2018 8:23:16 PM

 
Torna in alto
 
maopapof
Inviato: Saturday, September 15, 2018 9:16:21 PM

Rank: AiutAmico

Iscritto dal : 10/31/2004
Posts: 7,178
ciao ( pagine non gradite da hj )

scansiona con advcleanear ed elimina tutto …. poi

modalità provvisoria e scansione con tuo antivirus ……. elimina tutto

riposta scansione hj e scrivi che problemi hai ancora sul pc
Torna in alto
 
booble
Inviato: Sunday, September 16, 2018 4:58:18 PM
Rank: AiutAmico

Iscritto dal : 10/15/2006
Posts: 59
Grazie Maopapof! Eccolo :
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 20:11:12, on 15/09/2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Diverted\ensues.exe
C:\Program Files (x86)\cannily\batons.exe
C:\Users\Cris73\Downloads\HijackThis.exe
C:\WINDOWS\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE11ITIT/MCM_WCP
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
O4 - HKLM\..\Run: [Churns] "C:\Program Files (x86)\Smother\Droste.exe" lawwlawwlawwlaw.lawslawnlawhlaw.lawplawwlaw/laws2hw0hw1hwlaw8hw0t9t1s5lawshwhtmlqlilaw4wgr0lleP3lawhFWQsay
O4 - HKLM\..\Run: [Johannes] "C:\Program Files (x86)\pearson\Hatless.exe" lawwlawwlawwlaw.lawslawnlawhlaw.lawplawwlaw/laws2hw0hw1hwlaw8hw0t9t1s5lawshwhtmlqlilaw4wgr0lleP3lawhFWQsay
O4 - HKLM\..\Run: [Cac] "C:\Program Files (x86)\Frenchwoman\Droste.exe" lawwlawwlawwlaw.lawslawnlawhlaw.lawplawwlaw/laws2hw0hw1hwlaw8hw0t9t1s5lawshwhtmlqlilaw4wgr0lleP3lawhFWQsay
O4 - HKCU\..\Run: [Cockiness] "C:\Program Files (x86)\Smother\Droste.exe" lawwlawwlawwlaw.lawslawnlawhlaw.lawplawwlaw/laws2hw0hw1hwlaw8hw0t9t1s5lawshwhtmlqlilaw4wgr0lleP3lawhFWQsay
O4 - HKCU\..\Run: [Clan] "C:\Program Files (x86)\pearson\Hatless.exe" lawwlawwlawwlaw.lawslawnlawhlaw.lawplawwlaw/laws2hw0hw1hwlaw8hw0t9t1s5lawshwhtmlqlilaw4wgr0lleP3lawhFWQsay
O4 - HKCU\..\Run: [Milliseconds] "C:\Program Files (x86)\Frenchwoman\Droste.exe" lawwlawwlawwlaw.lawslawnlawhlaw.lawplawwlaw/laws2hw0hw1hwlaw8hw0t9t1s5lawshwhtmlqlilaw4wgr0lleP3lawhFWQsay
O4 - HKCU\..\Run: [Derrida] "C:\Program Files (x86)\Smother\Droste.exe" lawwlawwlawwlaw.lawslawnlawhlaw.lawplawwlaw/laws2hw0hw1hwlaw8hw0t9t1s5lawshwhtmlqlilaw4wgr0lleP3lawhFWQsay
O4 - HKCU\..\Run: [Rebooting] "C:\Program Files (x86)\pearson\Hatless.exe" lawwlawwlawwlaw.lawslawnlawhlaw.lawplawwlaw/laws2hw0hw1hwlaw8hw0t9t1s5lawshwhtmlqlilaw4wgr0lleP3lawhFWQsay
O4 - HKCU\..\Run: [Troupes] "C:\Program Files (x86)\Frenchwoman\Droste.exe" lawwlawwlawwlaw.lawslawnlawhlaw.lawplawwlaw/laws2hw0hw1hwlaw8hw0t9t1s5lawshwhtmlqlilaw4wgr0lleP3lawhFWQsay
O4 - HKCU\..\Run: [batons] "C:\Program Files (x86)\cannily\batons.exe" lawwlawwlawwlaw.lawslawnlawhlaw.lawplawwlaw/laws2hw0hw1hwlaw8hw0t9t1s5lawshwhtmlqlilaw4wgr0lleP3lawhFWQsay
O4 - HKCU\..\Run: [blancmange] "C:\Program Files (x86)\Smother\Droste.exe" lawwlawwlawwlaw.lawslawnlawhlaw.lawplawwlaw/laws2hw0hw1hwlaw8hw0t9t1s5lawshwhtmlqlilaw4wgr0lleP3lawhFWQsay
O4 - Startup: compensates.lnk = ?
O4 - Startup: compensatescompensates.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.hola.org
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hola Better Internet Engine (hola_svc) - Hola Networks Ltd. - C:\Program Files\Hola\app\hola_svc.exe
O23 - Service: Hola Better Internet Updater (hola_updater) - Hola Networks Ltd. - C:\Program Files\Hola\app\hola_updater.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Luminati Net Updater (luminati_net_updater_win_hola_org) - Luminati Networks Ltd. - C:/Program Files/Hola/app/net_updater64.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) Common Connectivity Framework (STCServ) - Intel Corporation - C:\Program Files\Intel\STCServ\STCServ.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 12035 bytes
Torna in alto
 
booble
Inviato: Monday, September 17, 2018 8:39:39 AM
Rank: AiutAmico

Iscritto dal : 10/15/2006
Posts: 59
quando sono in internet mi parte una musica ma non si apre nessuna pagina web a riguardo....
Torna in alto
 
giza
Inviato: Monday, September 17, 2018 9:11:57 AM

Rank: AiutAmico

Iscritto dal : 10/27/2006
Posts: 9,424
http://forum.aiutamici.com/yaf_postst96025_ELIMINARE-PAGINE-PUBBLICITARIE-E-PORCHERIE-VARIE-E-PULIRE-SISTEMA.aspx

fai quanto sopra.
con ccleaner /strumenti/avvio disattiva tutte le voci tranne l'antivirus
Torna in alto
 
cbbusto
Inviato: Monday, September 17, 2018 5:18:41 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
booble ha scritto:
quando sono in internet mi parte una musica ma non si apre nessuna pagina web a riguardo....


Non hai fatto niente e hai postato lo stesso log di prima, stessa data e stessa ora.
Controlla fra i motori di ricerca se c'è qualche motore che non conosci e lo elimini, poi controlla se la home page del browser è quella tua o è stata cambiata.
Fai le scansioni che ti sono state suggerite sopra, aggiungi questa che è importante:
Scarica JRT da qui: https://filehippo.com/it/download_junkware_removal_tool/
Disattiva temporaneamente l'antivirus per evitare potenziali conflitti.
Doppio click su JRT
Lo strumento si aprirà e avvierà la scansione del sistema.
Devi avere pazienza in quanto questo tool può richiedere del tempo per completare la scansione .
Al termine, un log (JRT.txt) viene salvato sul desktop e si aprirà automaticamente.
Postalo qui.
Torna in alto
 
booble
Inviato: Monday, October 01, 2018 8:05:32 PM
Rank: AiutAmico

Iscritto dal : 10/15/2006
Posts: 59
Ciao , grazie mille , ho solo il problema che se sono in internet sento parlare anche se chiudo il browser....
cosa posso fare??
grazie
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by Cris73 (Administrator) on 01/10/2018 at 19:51:52,69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01/10/2018 at 20:00:28,28
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Torna in alto
 
cbbusto
Inviato: Tuesday, October 02, 2018 4:21:37 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
booble ha scritto:
Ciao , grazie mille , ho solo il problema che se sono in internet sento parlare anche se chiudo il browser....
cosa posso fare??
grazie


Probabile che si sia aperta qualche pagina con dei video, alle volte leggendo delle notizie in allegato hanno dei video, controlla bene perchè se senti parlare qualcosa è aperto,
niente di pericoloso, le scansioni non hanno trovato niente ?
Quando senti parlare chiudi il browser e fai un riavvio, non dovreti sentire più nulla.

Controllando il log di HIJ ho notato questi programmi che potrebbero essere i responsabili:
C: \ Program Files (x86) \ deviata \ ensues.exe che dovrebbe aprire dei videogames, questo potrebbe essere il responsabile.
C: \ Program Files (x86) \ astutamente \ batons.exe
Se non li hai installati tu vanno eliminati.
Poi vedo che non hai fatto niente di quello che ti è stato suggerito, ti avevano detto di disattivare tutte le voci in avvio automatico tranne l'antivirus, invece vedo in avvio dei programmi che sono assolutamente inutili e strani.
Poi non si vede l'antivirus, con win 10 dovrebbe essere attivo Defender, lascia quello e non metterne altri.
Sotto ti elenco i programmi che sono in Avvio Automatico che vanno disattivati, sono inutile e rallentano il pc:

O4 - HKLM \ .. \ Run: [bidoni] "C: \ Program Files (x86) \ Smother \ Droste.exe" lawwlawwlawwlaw.lawslawnlawhlaw.lawplawwlaw / laws2hw0hw1hwlaw8hw0t9t1s5lawshwhtmlqlilaw4wgr0lleP3lawhFWQsay
O4 - HKLM \ .. \ Run: [Johannes] "C: \ Program Files (x86) \ Pearson \ Hatless.exe" lawwlawwlawwlaw.lawslawnlawhlaw.lawplawwlaw / laws2hw0hw1hwlaw8hw0t9t1s5lawshwhtmlqlilaw4wgr0lleP3lawhFWQsay
O4 - HKLM \ .. \ Run: [CAC] "C: \ Program Files (x86) \ francese \ Droste.exe" lawwlawwlawwlaw.lawslawnlawhlaw.lawplawwlaw / laws2hw0hw1hwlaw8hw0t9t1s5lawshwhtmlqlilaw4wgr0lleP3lawhFWQsay
O4 - HKCU \ .. \ Run: [sfrontatezza] "C: \ Program Files (x86) \ Smother \ Droste.exe" lawwlawwlawwlaw. lawslawnlawhlaw.lawplawwlaw / laws2hw0hw1hwlaw8hw0t9t1s5lawshwhtmlqlilaw4wgr0lleP3lawhFWQsay
O4 - HKCU \ .. \ Run: [Clan] "C: \ Program Files (x86) \ Pearson \ Hatless.exe" lawwlawwlawwlaw.lawslawnlawhlaw.lawplawwlaw / laws2hw0hw1hwlaw8hw0t9t1s5lawshwhtmlqlilaw4wgr0lleP3lawhFWQsay
O4 - HKCU \ .. \ Run: [millisecondi] "C: \ Program Files (x86) \ francese \ Droste.exe" lawwlawwlawwlaw.lawslawnlawhlaw.lawplawwlaw / laws2hw0hw1hwlaw8hw0t9t1s5lawshwhtmlqlilaw4wgr0lleP3lawhFWQsay
O4 - HKCU \ .. \ Run: [Derrida] "C: \ Program Files (x86) \ Smother \ Droste.exe" lawwlawwlawwlaw.lawslawnlawhlaw.lawplawwlaw / laws2hw0hw1hwlaw8hw0t9t1s5lawshwhtmlqlilaw4wgr0lleP3lawhFWQsay
O4 - HKCU \ .. \ Run: [Riavvio] "C: \ Program Files (x86) \ Pearson \ Hatless.exe" lawwlawwlawwlaw. lawslawnlawhlaw.lawplawwlaw / laws2hw0hw1hwlaw8hw0t9t1s5lawshwhtmlqlilaw4wgr0lleP3lawhFWQsay
O4 - HKCU \ .. \ Run: [Troupes] "C: \ Program Files (x86) \ francese \ Droste.exe" lawwlawwlawwlaw.lawslawnlawhlaw.lawplawwlaw / laws2hw0hw1hwlaw8hw0t9t1s5lawshwhtmlqlilaw4wgr0lleP3lawhFWQsay
O4 - HKCU \ .. \ Run: [manganelli] "C: \ Program Files (x86) \ astutamente \ batons.exe" lawwlawwlawwlaw.lawslawnlawhlaw.lawplawwlaw / laws2hw0hw1hwlaw8hw0t9t1s5lawshwhtmlqlilaw4wgr0lleP3lawhFWQsay
O4 - HKCU \ .. \ Run: [biancomangiare] "C: \ Program Files (x86) \ Smother \ Droste.exe" lawwlawwlawwlaw.lawslawnlawhlaw.lawplawwlaw / laws2hw0hw1hwlaw8hw0t9t1s5lawshwhtmlqlilaw4wgr0lleP3lawhFWQsay
O4 - Startup: compensates.lnk =?
O4 - Startup: compensatescompensates.lnk =?

Volendo lo puoi fare anche con Ccleaner, vai in strumenti/Avvio e vedrai tutto quello che hai in Avvio, fai doppio clic su ogni voce, una alla volta e vedrai la voce SI alla sinistra diventare No disattivata, non disattivare se vedi l'antivirus.
Se hai dei dubbi, scrivi. Dimmi che antivirus usi.Ciao
Torna in alto
 
Utenti presenti in questo topic
Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » mi controllereste il log


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.