Eseguito regolarmente JRT
ecco LOG~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Microsoft Windows XP x86
Ran by PINO AL (Administrator) on 16/03/2020 at 9.54.53,59
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 3
Successfully deleted: C:\Documents and Settings\PINO AL\Dati applicazioni\Mozilla\Firefox\Profiles\6l3flwwl.default\searchplugins\avast-search.xml (File)
Successfully deleted: C:\Documents and Settings\PINO AL\Start Menu\Programs\browser manager (Folder)
Successfully deleted: C:\WINDOWS\wininit.ini (File)
Deleted the following from C:\Documents and Settings\PINO AL\Dati applicazioni\Mozilla\Firefox\Profiles\6l3flwwl.default\prefs.js
user_pref(browser.uiCustomization.state, {\placements\:{\PanelUI-contents\:[\edit-controls\,\zoom-controls\,\new-window-button\,\privatebrowsing-button\,\save-
user_pref(browser.search.selectedEngine, Search The Web);
user_pref(browser.startup.homepage, hxxp://pandasecurity.mystart.com/?pr=vmn&id=pandasafeweb&v=2_0&utm_campaign=675&idate=2020-03-15&ent=hp_675&u=BABBCEA3F465AEC68C5E545E6D
Registry: 3
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16/03/2020 at 10.00.39,28
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rettificato OPZIONI AVVIO con CCleaner
rifatto LOG HJLogfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18
Platform: x32 Windows XP (Media Center Edition), 5.1.2600.0, Service Pack: 3
Time: 16.03.2020 - 10:04 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Ran by: PINO AL (group: Administrator) on PINODESKTOP, FirstRun: yes
Chrome: 49.0.2623.112
Firefox: 48.0.2.6079
Internet Explorer: 8.0.6001.18702
Default: "C:\Programmi\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)
Boot mode: Normal
Running processes:
Number | Path
1 C:\Documents and Settings\PINO AL\Desktop\ANTVIRUS - SPYWARE MALWARE\HiJackThis.exe
1 C:\Programmi\File comuni\EPSON\eEBAPI\SAgent2.exe
1 C:\Programmi\File comuni\EPSON\eEBAPI\eEBSVC.exe
5 C:\Programmi\Google\Chrome\Application\chrome.exe
1 C:\Programmi\Google\Update\1.3.35.442\GoogleCrashHandler.exe
1 C:\Programmi\Google\Update\GoogleUpdate.exe
1 C:\Programmi\IObit\Advanced SystemCare\ASCService.exe
1 C:\Programmi\IObit\Advanced SystemCare\Monitor.exe
1 C:\Programmi\IObit\IObit Uninstaller\UninstallMonitor.exe
1 C:\Programmi\Panda Security\Panda Devices Agent\AgentSvc.exe
1 C:\Programmi\Panda Security\Panda Security Protection\PSANHost.exe
1 C:\Programmi\Panda Security\Panda Security Protection\PSUAService.exe
1 C:\WINDOWS\Explorer.EXE
1 C:\WINDOWS\System32\smss.exe
1 C:\WINDOWS\eHome\ehRecvr.exe
1 C:\WINDOWS\eHome\ehSched.exe
1 C:\WINDOWS\system32\FsUsbExService.Exe
1 C:\WINDOWS\system32\SecUPDUtilSvc.exe
1 C:\WINDOWS\system32\csrss.exe
1 C:\WINDOWS\system32\dllhost.exe
1 C:\WINDOWS\system32\hasplms.exe
1 C:\WINDOWS\system32\lsass.exe
1 C:\WINDOWS\system32\services.exe
1 C:\WINDOWS\system32\spdsvc.exe
1 C:\WINDOWS\system32\spoolsv.exe
7 C:\WINDOWS\system32\svchost.exe
1 C:\WINDOWS\system32\winlogon.exe
1 C:\WINDOWS\system32\wuauclt.exe
R0 - HKCU\Software\Microsoft\Internet Connection Wizard: [ShellNext] = iexplore
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page Redirect Cache] =
http://it.msn.com/?ocid=iehpR3 - HKCU\..\URLSearchHooks: (no name) - {b60873b9-51aa-4566-b2fc-c16de2ec8bff} - (no file)
R3 - HKU\.DEFAULT\..\URLSearchHooks: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E91284D3-4CE8-4AB4-8679-57737269AD33}: [URL] =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 - Google
R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{E91284D3-4CE8-4AB4-8679-57737269AD33}: [SuggestionsURL] =
http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding} - Google
R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{E91284D3-4CE8-4AB4-8679-57737269AD33}: [URL] =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 - Google
O1 - Hosts: is empty
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre1.8.0_60\bin\jp2ssv.dll
O2 - HKLM\..\BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.8.0_60\bin\ssv.dll
O4 - HKCU\Control Panel\Desktop: [SCRNSAVE.EXE] = C:\WINDOWS\system32\Acquario.scr
O4 - MSConfig\startupfolder: C:^Documents and Settings^PINO AL^Menu Avvio^Programmi^Esecuzione automatica^Spamihilator.lnk [backup] => C:\Programmi\Spamihilator\spamihilator.exe (2015/02/12) (file missing)
O4 - MSConfig\startupreg: Adobe ARM [command] = C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe (HKLM) (2014/09/30)
O4 - MSConfig\startupreg: Advanced SystemCare [command] = C:\Programmi\IObit\Advanced SystemCare\ASCTray.exe /Auto (HKCU) (2020/03/15)
O4 - MSConfig\startupreg: CCleaner Monitoring [command] = C:\Programmi\CCleaner\ccleaner.exe /MONITOR (HKCU) (2017/01/05)
O4 - MSConfig\startupreg: EEDSpeedLauncher [command] = C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\eed_ec.dll,SpeedLauncher (HKCU) (2017/01/05)
O4 - MSConfig\startupreg: MSMSGS [command] = C:\Programmi\Messenger\msmsgs.exe /background (HKCU) (2015/02/12)
O4 - MSConfig\startupreg: PSUAMain [command] = C:\Programmi\Panda Security\Panda Security Protection\PSUAMain.exe /LaunchSysTray (HKLM) (2020/03/15)
O4 - MSConfig\startupreg: QuickTime Task [command] = C:\Programmi\QuickTime\qttask.exe -atboottime (HKLM) (2017/01/05)
O4 - MSConfig\startupreg: SunJavaUpdateSched [command] = C:\Programmi\File comuni\Java\Java Update\jusched.exe (HKLM) (2014/11/26)
O4 - MSConfig\startupreg: WallpaperHd [command] = C:\Documents and Settings\PINO AL\Impostazioni locali\Dati applicazioni\WallpaperHd\WallpaperHd.exe /regrun (HKCU) (2020/03/15)
O4 - MSConfig\startupreg: ctfmon.exe [command] = C:\WINDOWS\system32\ctfmon.exe (HKCU) (2015/02/12)
O14 - IERESET.INF: [Strings] START_PAGE_URL = file://C:\APPS\IE\offline\it.htm
O15 - Trusted Zone:
http://www.samsungsetup.comO15 - Trusted Zone:
https://www.fiscoetasse.comO16 - DPF: HKLM\..\{8AD9C840-044E-11D1-B3E9-00805F499D93}\DownloadInformation: Java Plug-in 11.60.2 [CODEBASE] =
http://java.sun.com/update/1.8.0/jinstall-1_8_0_60-windows-i586.cabO16 - DPF: HKLM\..\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}\DownloadInformation: Java Plug-in 1.5.0_16 [CODEBASE] =
http://java.sun.com/update/1.5.0/jinstall-1_5_0_16-windows-i586.cabO16 - DPF: HKLM\..\{CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA}\DownloadInformation: Java Plug-in 1.7.0_67 [CODEBASE] =
http://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cabO16 - DPF: HKLM\..\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\DownloadInformation: Java Plug-in 11.60.2 [CODEBASE] =
http://java.sun.com/update/1.8.0/jinstall-1_8_0_60-windows-i586.cabO17 - DHCP DNS 1: 192.168.1.254
O21 - HKLM\..\ShellExecuteHooks: [{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}] - ShellExecuteHook antimalware di Microsoft - C:\Programmi\Windows Defender\MpShHook.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\DropboxExt1: DropboxExt - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Documents and Settings\PINO AL\Dati applicazioni\Dropbox\bin\DropboxExt.22.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\DropboxExt2: DropboxExt - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Documents and Settings\PINO AL\Dati applicazioni\Dropbox\bin\DropboxExt.22.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\DropboxExt3: DropboxExt - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Documents and Settings\PINO AL\Dati applicazioni\Dropbox\bin\DropboxExt.22.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\DropboxExt4: DropboxExt - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Documents and Settings\PINO AL\Dati applicazioni\Dropbox\bin\DropboxExt.22.dll
O22 - ScheduledTask: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O22 - ScheduledTask: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - Task (.job): (Ready) (update) Notifica di interruzione del servizio per Microsoft Windows XP - Accesso.job - C:\WINDOWS\system32\xp_eos.exe -c
O22 - Task (.job): (Ready) (update) Notifica di interruzione del servizio per Microsoft Windows XP - Mensile.job - C:\WINDOWS\system32\xp_eos.exe
O22 - Task (.job): (Ready) ASC_PerformanceMonitor.job - C:\Programmi\IObit\Advanced SystemCare\Monitor.exe /Task
O22 - Task (.job): (Ready) User_Feed_Synchronization-{ACA043C2-7F69-48FC-AD8A-6F994006E6E9}.job - C:\WINDOWS\system32\msfeedssync.exe sync
O22 - Task (.job): (disabled) (Ready) Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O22 - Task (.job): (disabled) Adobe Flash Player NPAPI Notifier.job - C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_344_Plugin.exe -check plugin
O22 - Task (.job): (disabled) GoogleUpdateTaskMachineUA.job - C:\Programmi\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task (.job): AppleSoftwareUpdate.job - C:\Programmi\Apple Software Update\SoftwareUpdate.exe -task
O22 - Task (.job): CCleaner Update.job - C:\CCUpdate.exe
O22 - Task (.job): GoogleUpdateTaskMachineCore.job - C:\Programmi\Google\Update\GoogleUpdate.exe /c
O22 - Task (.job): GoogleUpdateTaskMachineCore1cff0ef48e92e48.job - C:\Programmi\Google\Update\GoogleUpdate.exe /c
O22 - Task (.job): GoogleUpdateTaskMachineCore1d0007f4717f686.job - C:\Programmi\Google\Update\GoogleUpdate.exe /c
O22 - Task (.job): GoogleUpdateTaskMachineCore1d0421fa823f9b6.job - C:\Programmi\Google\Update\GoogleUpdate.exe /c
O22 - Task (.job): GoogleUpdateTaskMachineCore1d09163ee4a3598.job - C:\Programmi\Google\Update\GoogleUpdate.exe /c
O22 - Task (.job): GoogleUpdateTaskMachineCore1d0f14230708d44.job - C:\Programmi\Google\Update\GoogleUpdate.exe /c
O22 - Task (.job): GoogleUpdateTaskMachineCore1d12d068d639f28.job - C:\Programmi\Google\Update\GoogleUpdate.exe /c
O22 - Task (.job): GoogleUpdateTaskMachineCore1d15e24c783ba2c.job - C:\Programmi\Google\Update\GoogleUpdate.exe /c
O22 - Task (.job): GoogleUpdateTaskMachineCore1d1ab54d2c771c6.job - C:\Programmi\Google\Update\GoogleUpdate.exe /c
O22 - Task (.job): GoogleUpdateTaskMachineCore1d20f45463c1f0e.job - C:\Programmi\Google\Update\GoogleUpdate.exe /c
O22 - Task (.job): GoogleUpdateTaskMachineCore1d2592212d50078.job - C:\Programmi\Google\Update\GoogleUpdate.exe /c
O22 - Task (.job): GoogleUpdateTaskMachineCore1d2b107d64426e6.job - C:\Programmi\Google\Update\GoogleUpdate.exe /c
O22 - Task (.job): GoogleUpdateTaskMachineCore1d2c19e8a429f82.job - C:\Programmi\Google\Update\GoogleUpdate.exe /c
O22 - Task (.job): GoogleUpdateTaskMachineCore1d35d2b3c84ca3e.job - C:\Programmi\Google\Update\GoogleUpdate.exe /c
O22 - Task (.job): GoogleUpdateTaskMachineCore1d3edf9c9b7ca42.job - C:\Programmi\Google\Update\GoogleUpdate.exe /c
O22 - Task (.job): GoogleUpdateTaskMachineCore1d49833c9f14b98.job - C:\Programmi\Google\Update\GoogleUpdate.exe /c
O22 - Task (.job): GoogleUpdateTaskMachineCore1d4e55155b48996.job - C:\Programmi\Google\Update\GoogleUpdate.exe /c
O22 - Task (.job): GoogleUpdateTaskMachineCore1d50adac2432028.job - C:\Programmi\Google\Update\GoogleUpdate.exe /c
O22 - Task (.job): GoogleUpdateTaskMachineCore1d57d534fbe769c.job - C:\Programmi\Google\Update\GoogleUpdate.exe /c
O22 - Task (.job): GoogleUpdateTaskMachineCore1d593a734a307be.job - C:\Programmi\Google\Update\GoogleUpdate.exe /c
O22 - Task (.job): GoogleUpdateTaskMachineCore1d5b2024ce4acd2.job - C:\Programmi\Google\Update\GoogleUpdate.exe /c
O22 - Task (.job): GoogleUpdateTaskMachineCore1d5dc1193da0c4b.job - C:\Programmi\Google\Update\GoogleUpdate.exe /c
O22 - Task (.job): MP Scheduled Scan.job - C:\Programmi\Windows Defender\MpCmdRun.exe Scan -RestrictPrivileges
O22 - Task (.job): MyDefrag v4.3.1 Daily.job - C:\Programmi\MyDefrag v4.3.1\Scripts\AutomaticDaily.MyD
O22 - Task (.job): MyDefrag v4.3.1 Monthly.job - C:\Programmi\MyDefrag v4.3.1\Scripts\AutomaticMonthly.MyD
O23 - Service R2: Advanced SystemCare Service 13 - (AdvancedSystemCareService13) - C:\Programmi\IObit\Advanced SystemCare\ASCService.exe
O23 - Service R2: EPSON Printer Status Agent2 - (EPSONStatusAgent2) - C:\Programmi\File comuni\EPSON\eEBAPI\SAgent2.exe
O23 - Service R2: EpsonBidirectionalService - C:\Programmi\File comuni\EPSON\eEBAPI\eEBSVC.exe
O23 - Service R2: FsUsbExService - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service R2: Panda Devices Agent - (PandaAgent) - C:\Programmi\Panda Security\Panda Devices Agent\AgentSvc.exe
O23 - Service R2: Panda Product Service - (PSUAService) - C:\Programmi\Panda Security\Panda Security Protection\PSUAService.exe
O23 - Service R2: Panda Protection Service - (NanoServiceMain) - C:\Programmi\Panda Security\Panda Security Protection\PSANHost.exe
O23 - Service R2: Samsung Printer Dianostics Service - C:\WINDOWS\system32\\spdsvc.exe
O23 - Service R2: Samsung UPD Utility Service - (SamsungUPDUtilSvc) - C:\WINDOWS\system32\SecUPDUtilSvc.exe
O23 - Service R2: Sentinel LDK License Manager - (hasplms) - C:\WINDOWS\system32\hasplms.exe -run
O23 - Service S2: Google Update Service (gupdate1c9e667abcd1cc0) - (gupdate1c9e667abcd1cc0) - C:\Programmi\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: IObit Uninstaller Service - (IObitUnSvr) - C:\Programmi\IObit\IObit Uninstaller\IUService.exe
O23 - Service S2: Media Center Extender Service - (McrdSvc) - C:\WINDOWS\ehome\mcrdsvc.exe
O23 - Service S2: NVIDIA Display Driver Service - (NVSvc) - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Office Source Engine - (ose) - C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Programmi\Google\Update\GoogleUpdate.exe /medsvc
--
End of file - Time spent: 49,3 sec. - 26782 bytes, CRC32: FFFFFFFF. Sign: 诅
DOPO QUESTE OPPORTUNE CORREZIONI
MA SOPRATUTTO SOSTITUZIONE DI AVAST CHE APPESANTIVA NOTEVOLMENTE IL SISTEMA
MI SEMBRA SI SIA MOLTO VELOCIZZATO
