Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Banner publicitari

Banner publicitari Opzioni
Topic Precedente · Topic Sucessivo
autodidatta
Inviato: Monday, January 13, 2025 6:59:56 PM
Rank: AiutAmico

Iscritto dal : 2/20/2005
Posts: 200
Ciao a tutti vi invio il log me lo controllate per favore sono invaso dalla publicita. Grazie
HiJackThis.log
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform: x64 Windows 10 (Pro), 10.0.26100.2605 (ReleaseId: 2009), Service Pack: 0
Time: 13.01.2025 - 17:51 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: bibri (group: Administrator) on DESKTOP-Q8INUHB, FirstRun: yes

Chrome: 131.0.6778.265
Internet Explorer: 11.0.26100.1882
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
1 C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
1 C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
1 C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
1 C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
1 C:\Program Files (x86)\IObit\IObit Uninstaller\Pub\PubPlatform.exe
1 C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
8 C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.112\msedgewebview2.exe
1 C:\Program Files (x86)\Nero\Nero 2020\Nero BackItUp\NBService.exe
1 C:\Program Files (x86)\Nero\Update\NASvc.exe
1 C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
1 C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
1 C:\Program Files\McAfee\WebAdvisor\servicehost.exe
1 C:\Program Files\McAfee\WebAdvisor\uihost.exe
1 C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
1 C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\AI\ai.exe
1 C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2451.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe
2 C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.220.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
1 C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.6.1.0_x64__8wekyb3d8bbwe\WidgetService\WidgetService.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.24112.110.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
1 C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.34401.20.0_x64__cw5n1h2txyewy\WidgetBoard.exe
1 C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24112.22.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
1 C:\Users\bibri\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe
1 C:\Users\bibri\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
2 C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe
7 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\ShellHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
3 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\oobe\UserOOBEBroker.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
74 C:\Windows\System32\svchost.exe
2 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\explorer.exe
1 H:\Programmi Vari\Antivirus\HijackThis\HijackThis\HiJackThis.exe

O1 - Hosts: Reset contents to default
O1 - Hosts: 0.0.0.0 activation.acronis.com
O1 - Hosts: 0.0.0.0 web-api-tih.acronis.com
O1 - Hosts: 0.0.0.0 web-api-tie.acronis.com
O1 - Hosts: 0.0.0.0 web-api-vmp.acronis.com
O1 - Hosts: 0.0.0.0 cloud-rs-ru2.acronis.com
O1 - Hosts: 0.0.0.0 cloud-fes-ru2.acronis.com
O1 - Hosts: 0.0.0.0 rpc.acronis.com127.0.0.1 i2am.nero.com
O1 - Hosts: 127.0.0.1 ocsp2.globalsign.com
O1 - Hosts: 127.0.0.1 iam.nero.com
O1 - Hosts: 127.0.0.1 2.19.38.243
O1 - Hosts: 127.0.0.1 account.wondershare.com
O1 - Hosts: 0.0.0.0 lm.licenses.adobe.com
O1 - Hosts: 0.0.0.0 lmlicenses.wip4.adobe.com
O1 - Hosts: 0.0.0.0 lm-prd-da1.licenses.adobe.com
O1 - Hosts: 0.0.0.0 activate.adobe.com
O1 - Hosts: 0.0.0.0 activate.wip4.adobe.com
O1 - Hosts: 0.0.0.0 practivate.adobe.com
O1 - Hosts: 0.0.0.0 practivate-da1.adobe.com
O1 - Hosts: 0.0.0.0 na1r.services.adobe.com
O1 - Hosts: 0.0.0.0 hlrcv.stage.adobe.com
O1 - Hosts: 0.0.0.0 uds.licenses.adobe.com
O1 - Hosts: 0.0.0.0 licenses.adobe.com
O1 - Hosts: 0.0.0.0 license.adobe.com
O1 - Hosts: 0.0.0.0 helpexamples.com
O1 - Hosts: 0.0.0.0 activate-sea.adobe.com
O1 - Hosts: 0.0.0.0 activate-sjc0.adobe.com
O1 - Hosts: 0.0.0.0 ereg.adobe.com
O1 - Hosts: 0.0.0.0 activate.wip3.adobe.com
O1 - Hosts: 0.0.0.0 wip3.adobe.com
O1 - Hosts: 0.0.0.0 ereg.wip3.adobe.com
O1 - Hosts: 0.0.0.0 wwis-dubc1-vip60.adobe.com
O2 - HKLM\..\BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll
O2 - HKLM\..\BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\131.0.2903.146\BHO\ie_to_edge_bho_64.dll
O2 - HKLM\..\BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll
O2-32 - HKLM\..\BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\131.0.2903.146\BHO\ie_to_edge_bho.dll
O2-32 - HKLM\..\BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - HKLM\..\Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll
O3-32 - HKLM\..\Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O4 - HKCU\..\StartupApproved\Run: [CCXProcess] = C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (2023/04/05)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_F4BAF9803FB9BD7B1094F54CA2E5DF5D] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start (2023/04/05)
O4 - HKLM\..\StartupApproved\Run32: [Acrobat Assistant 8.0] = C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe (2024/11/05)
O4 - HKLM\..\StartupApproved\Run32: [AcronisTibMounterMonitor] = C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe (2023/04/05)
O4 - HKLM\..\StartupApproved\Run32: [Adobe CCXProcess] = C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (2023/04/05)
O4 - HKLM\..\StartupApproved\Run32: [CloneCDTray] = C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe /s (2023/04/05)
O4 - HKLM\..\StartupApproved\Run32: [DriveSpan] = C:\Program Files (x86)\Nero\Transfer\Transfer.exe (2023/04/05)
O4 - HKLM\..\StartupApproved\Run32: [Nero BackItUp] = C:\Program Files (x86)\Nero\Nero 2020\Nero BackItUp\BackItUp.exe /WinStart (2023/04/05)
O4 - HKLM\..\StartupApproved\Run32: [TrueImageMonitor.exe] = C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (2023/04/05)
O4 - HKLM\..\StartupApproved\Run: [Acronis Scheduler2 Service] = C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (2023/04/05)
O4 - HKLM\..\StartupApproved\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (2023/04/05)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe (2023/04/05)
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft)
O4 - HKU\S-1-5-19\..\RunOnce: [OneDrive] = C:\Program Files\Microsoft OneDrive\OneDrive.exe /background /setautostart (Microsoft)
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft)
O4 - HKU\S-1-5-20\..\RunOnce: [OneDrive] = C:\Program Files\Microsoft OneDrive\OneDrive.exe /background /setautostart (Microsoft)
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Se&nd to OneNote: (default) = C:\Program Files\Microsoft Office\root\Office16\ONBttnIE.dll (file missing)
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\nlansp_c.dll
O17 - DHCP DNS 1: 192.168.1.254
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AcronisDrive: (no name) - {5D74FD4B-4EFB-4586-8022-8637BBE40970} - C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AcronisSyncError: (no name) - {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} - C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AcronisSyncInProgress: (no name) - {00F848DC-B1D4-4892-9C25-CAADC86A215D} - C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AcronisSyncOk: (no name) - {71573297-552E-46fc-BE3D-3DFAF88D47B7} - C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco1: AccExtIco1 Class - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco2: AccExtIco2 Class - {853B7E05-C47D-4985-909A-D0DC5C6D7303} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco3: AccExtIco3 Class - {42D38F2E-98E9-4382-B546-E24E4D6D04BB} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O23 - Service R2: Acronis Active Protection (TM) Service - (AcronisActiveProtectionService) - C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
O23 - Service R2: Acronis Managed Machine Service Mini - (mmsminisrv) - C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
O23 - Service R2: Acronis Nonstop Backup Service - (afcdpsrv) - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service R2: Acronis Scheduler2 Service - (AcrSch2Svc) - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service R2: Acronis Sync Agent Service - (syncagentsrv) - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service R2: HP Print Scan Doctor Service - (HPPrintScanDoctorService) - C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service R2: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe
O23 - Service R2: Microsoft Office Click-to-Run Service - (ClickToRunSvc) - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe /service
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
O23 - Service R2: Nero BackItUp Background Service 2021 - (NeroBackItUpBackgroundService2021) - C:\Program Files (x86)\Nero\Nero 2020\Nero BackItUp\NBService.exe
O23 - Service R2: Nero Update - (NAUpdate) - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service R2: Wondershare Native Push Service - (NativePushService) - C:\Users\bibri\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe
O23 - Service S2: IObit Uninstaller Service - (IObitUnSvr) - C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
O23 - Service S2: Microsoft Edge Update Service (edgeupdate) - (edgeupdate) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /svc
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Servizio di Google Updater (GoogleUpdaterService132.0.6833.0) - (GoogleUpdaterService132.0.6833.0) - C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe --system --windows-service --service=update
O23 - Service S2: Servizio interno di Google Updater (GoogleUpdaterInternalService132.0.6833.0) - (GoogleUpdaterInternalService132.0.6833.0) - C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe --system --windows-service --service=update-internal
O23 - Service S3: Acronis Mobile Backup Server - (mobile_backup_server) - C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe "--config-path=C:\ProgramData\Acronis\MobileBackupServer\Conf\WRM.conf"
O23 - Service S3: Acronis Mobile Backup Status Server - (mobile_backup_status_server) - C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe
O23 - Service S3: FileSyncHelper - C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncHelper.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\131.0.6778.265\elevation_service.exe
O23 - Service S3: Microsoft Edge Elevation Service (MicrosoftEdgeElevationService) - (MicrosoftEdgeElevationService) - C:\Program Files (x86)\Microsoft\Edge\Application\131.0.2903.146\elevation_service.exe
O23 - Service S3: Microsoft Edge Update Service (edgeupdatem) - (edgeupdatem) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /medsvc
O23 - Service S3: OneDrive Updater Service - C:\Program Files\Microsoft OneDrive\24.226.1110.0004\OneDriveUpdaterService.exe
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Servizio di base di Microsoft Defender - (MDCoreSvc) - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
O23 - Service S3: Tib Mounter Service - C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe


--
End of file - Time spent: 37,1 sec. - 32288 bytes, CRC32: FFFFFFFF. Sign: �⧪
Torna in alto
 
Sponsor
Inviato: Monday, January 13, 2025 6:59:56 PM

 
Torna in alto
 
Utenti presenti in questo topic
Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Banner publicitari


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.