Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » videomixable.ru

videomixable.ru Opzioni
Topic Precedente · Topic Sucessivo
Bella.destate
Inviato: Tuesday, October 12, 2021 11:40:58 AM

Rank: AiutAmico

Iscritto dal : 2/2/2006
Posts: 62
Buongiorno
sul PC di mio figlio si deve essere annidato uno spyware che non riesco a debellare con i soliti CCleaner - MB - Adwcleaner ecc ecc.
Posto il LOG nella speranza che qualcuno (Claudio) mi possa dare una mano
Grazie

Platform: x64 Windows 7 (Pro), 6.1.7601.24443, Service Pack: 1
Time: 11.10.2021 - 19:43 (UTC+02:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: end user (group: Administrator) on ENDUSER-PC, FirstRun: no

Chrome: 94.0.4606.71
Firefox: 87.0.0.7747
Internet Explorer: 11.0.9600.19355
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
1 C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
1 C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
9 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
1 C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
1 C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
1 C:\Program Files (x86)\Skype\Phone\Skype.exe
1 C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
2 C:\Program Files (x86)\WinRAR\WinRAR.exe
1 C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
1 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
1 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
1 C:\Program Files\Intel\iCLS Client\HeciServer.exe
1 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
1 C:\Program Files\Windows Media Player\wmpnetwk.exe
1 C:\Users\end user\AppData\Local\Cisco\VideoGuardPlayer\VideoGuardMonitor\CiscoVideoGuardMonitor.exe
2 C:\Users\end user\Desktop\HiJackThis\HiJackThis.exe
1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\igfxCUIService.exe
1 C:\Windows\System32\igfxEM.exe
1 C:\Windows\System32\igfxHK.exe
1 C:\Windows\System32\igfxTray.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\lsm.exe
2 C:\Windows\System32\notepad.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
13 C:\Windows\System32\svchost.exe
2 C:\Windows\System32\taskhost.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\wuauclt.exe
2 C:\Windows\explorer.exe
1 C:\Windows\splwow64.exe

O1 - Hosts: 127.0.0.1 validation.sls.microsoft.com
O2 - HKLM\..\BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2-32 - HKLM\..\BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O3 - HKLM\..\Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3-32 - HKLM\..\Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKCU\..\Run: [CCleaner Monitoring] = E:\Memoria PC Vecchio\Programmi\CCleaner\CCleaner.exe /MONITOR (file missing)
O4 - HKCU\..\Run: [Skype] = C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun
O4 - HKCU\..\Run: [VideoGuardMonitor] = C:\Users\end user\AppData\Local\Cisco\VideoGuardPlayer\VideoGuardMonitor\CiscoVideoGuardMonitor.exe
O4 - HKLM\..\Run: [CanonMyPrinter] = C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [IAStorIcon] = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [IgfxTray] = C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4-32 - HKLM\..\Run: [CanonSolutionMenuEx] = C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4-32 - HKLM\..\Run: [GrooveMonitor] = C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
O4-32 - HKLM\..\Run: [USB3MON] = C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
O17 - DHCP DNS 1: 8.8.8.8 (Well-known DNS: Google)
O17 - DHCP DNS 2: 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{4C0201FA-3786-43B6-8384-A1B8A401552C}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{4C0201FA-3786-43B6-8384-A1B8A401552C}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{4C0201FA-3786-43B6-8384-A1B8A401552C}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{4C0201FA-3786-43B6-8384-A1B8A401552C}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21-32 - HKLM\..\ShellExecuteHooks: [{B5A7F190-DDA6-4420-B3BA-52453494E6CD}] - Groove GFS Stub Execution Hook - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (disabled)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub): Groove Explorer Icon Overlay 1 (GFS Unread Stub) - {99FD978C-D287-4F50-827F-B2C658EDA8E7} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub): Groove Explorer Icon Overlay 2 (GFS Stub) - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder): Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) - {920E6DB1-9907-4370-B3A0-BAFC03D81399} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder): Groove Explorer Icon Overlay 3 (GFS Folder) - {16F3DD56-1AF5-4347-846D-7C10C4192619} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark): Groove Explorer Icon Overlay 4 (GFS Unread Mark) - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O22 - Task: (activation) \Microsoft\Windows\Windows Activation Technologies\ValidationTask - C:\Windows\system32\Wat\WatAdminSvc.exe /run (Microsoft)
O22 - Task: (activation) \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - C:\Windows\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\CompatTelRunner.exe (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\ProgramDataUpdater - C:\Windows\system32\compattelrunner.exe -maintenance (Microsoft)
O22 - Task: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Task: Adobe Flash Player NPAPI Notifier - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe -check plugin
O22 - Task: Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O22 - Task: CCleanerSkipUAC - E:\Memoria PC Vecchio\Programmi\CCleaner\CCleaner.exe $(Arg0) (file missing)
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: \Mozilla\Firefox Default Browser Agent E7CF176E110C211B - C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
O22 - Task: {354DF292-BEC1-41D9-AEDB-AC3E3097CA72} - C:\Windows\system32\pcalua.exe -a "C:\Users\end user\Downloads\wmp11-windowsxp-x86-it-it(1).exe" -d "C:\Users\end user\Downloads"
O22 - Task: {512E3FD0-0910-43C2-B6D3-5361D3A070CC} - C:\Users\end user\AppData\Local\Songr\Songr.exe
O22 - Task: {842BA028-809B-4C4C-B86C-7CE6FBD7CA96} - C:\Users\end user\AppData\Local\Songr\Songr.exe
O22 - Task: {A9388B56-62D4-46FF-BA34-E122A67A7CA8} - C:\Users\end user\AppData\Local\Songr\Songr.exe
O22 - Task: {C55D94E2-5550-4B4F-A85B-DA25C8950A40} - C:\Users\end user\AppData\Local\Songr\Songr.exe
O23 - Service R2: ASUS Com Service - (asComSvc) - C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Diagnostics Tracking Service - (DiagTrack) - C:\Windows\System32\svchost.exe -k utcsvc; "ServiceDll" = C:\Windows\system32\diagtrack.dll
O23 - Service R2: HuaweiHiSuiteService64.exe - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe -/service
O23 - Service R2: Intel(R) Capability Licensing Service Interface - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService1.0.0.0) - C:\Windows\system32\igfxCUIService.exe
O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service R2: Intel(R) Rapid Storage Technology - (IAStorDataMgrSvc) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service R2: TeamViewer 12 - (TeamViewer) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: Canon Inkjet Printer/Scanner/Fax Extended Survey Program - (IJPLMSVC) - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\94.0.4606.71\elevation_service.exe
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service S3: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: NBService - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service S3: NMIndexingService - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc


--
End of file - Time spent: 5,1 sec. - 25100 bytes, CRC32: FFFFFFFF. Sign: ➨㩱
Torna in alto
 
Sponsor
Inviato: Tuesday, October 12, 2021 11:40:58 AM

 
Torna in alto
 
Bella.destate
Inviato: Tuesday, October 12, 2021 11:43:11 AM

Rank: AiutAmico

Iscritto dal : 2/2/2006
Posts: 62
ad ogni accensione del PC gli compaiono delle schermate con la scritta VIDEOMIXABLE.RU -- con delle donnine nude .. IL PC NON E' PROTETTO ....ed altre proposte di altro genere
Sara' annidato fra i programmi di avvio ?
Torna in alto
 
sabbb
Inviato: Tuesday, October 12, 2021 2:24:21 PM
Rank: AiutAmico

Iscritto dal : 9/12/2009
Posts: 6,622
Già il sistema (quel sistema operativo Windows 7) mantenuto all'eccellenza è obsoleto e non più aggiornato.
Ma lei ha fatto addirittura meglio: neanche il service pack 2 è installato.

Cosa si aspettava? Speak to the hand

Qui c'è una sorta di guida,strano malwarebytes non lo ha visto (va beh,se è aggiornata come il PC si spiega tutto) https://malware-remove.com/it/come-rimuovere-videomixable-ru
Torna in alto
 
wolfestein
Inviato: Tuesday, October 12, 2021 4:38:23 PM

Rank: AiutAmico

Iscritto dal : 2/15/2009
Posts: 15,787
Prova a fare una scansione con ADWCleaner http://software.aiutamici.com/software?ID=11168
Se non hai un antivirus installa Panda antivirus free https://panda-cloud-antivirus.download.it/ è l'unico che supporta ancora XP e W7.
Se non risolvi con ADW o Panda chiedi ancora.
Metti le caratteristiche del computer con pochi euro si trovano licenze per W8.1 e W10.
Per il sevice pack 2:
https://www.navigaweb.net/2016/05/aggiornare-windows-7-con-il-service.html
Torna in alto
 
cbbusto
Inviato: Wednesday, October 13, 2021 3:51:47 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Ciao, prima cosa -questo programma VideoGuardMonitor\CiscoVideoGuardMonitor.exe se lo ha installato tuo figlio va bene, altrimenti è da eliminare.
Aggiorna al service pack 2 e metti un antivirus, come già suggerito, per il resto ci sentiamo questa sera.
Torna in alto
 
cbbusto
Inviato: Wednesday, October 13, 2021 8:17:06 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
non mi hai ancora risposto.
Apri Hijack This poi fixa e rimuovi i seguenti file:

O4 - HKCU\..\Run: [CCleaner Monitoring] = E:\Memoria PC Vecchio\Programmi\CCleaner\CCleaner.exe /MONITOR (file missing)
O4 - HKCU\..\Run: [Skype] = C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun
O4 - HKCU\..\Run: [VideoGuardMonitor] = C:\Users\end user\AppData\Local\Cisco\VideoGuardPlayer\VideoGuardMonitor\CiscoVideoGuardMonitor.exe
O4 - HKLM\..\Run: [CanonMyPrinter] = C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [IAStorIcon] = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [IgfxTray] = C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4-32 - HKLM\..\Run: [CanonSolutionMenuEx] = C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4-32 - HKLM\..\Run: [GrooveMonitor] = C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
O4-32 - HKLM\..\Run: [USB3MON] = C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

Sono tutti programmi in avvio automatico che non servono.
quando hai finito fammi sapere come va il pc. Speak to the hand
Torna in alto
 
Bella.destate
Inviato: Wednesday, October 13, 2021 8:21:53 PM

Rank: AiutAmico

Iscritto dal : 2/2/2006
Posts: 62
Grazie a tutti per i consigli sempre preziosi
Quanto prima gli faccio aggiornare il PACK2 ed installare un buon antivirus
( Pensavo che WS 7 lo desse di serie )
Conviene WS 10 ?
Torna in alto
 
Bella.destate
Inviato: Wednesday, October 13, 2021 8:23:57 PM

Rank: AiutAmico

Iscritto dal : 2/2/2006
Posts: 62
Ciao CBBUSTO
sai mi sto interessando per mio figlio che non abita con me
studia fuori e quindi debbo prendere tempo.
Appena lo contatto gli diro' di leggere il tuo post
sperando che sia capace di eseguire i comandi opportuni
Torna in alto
 
wolfestein
Inviato: Wednesday, October 13, 2021 9:35:33 PM

Rank: AiutAmico

Iscritto dal : 2/15/2009
Posts: 15,787
Bella.destate ha scritto:
Quanto prima gli faccio aggiornare il PACK2 ed installare un buon antivirus( Pensavo che WS 7 lo desse di serie )

Lo dava quando era supportato.
Bella.destate ha scritto:
Conviene WS 10 ?

Si!
Come ho detto sopra si trovano licenze a pochi euro,
Torna in alto
 
Bella.destate
Inviato: Thursday, October 14, 2021 2:50:42 PM

Rank: AiutAmico

Iscritto dal : 2/2/2006
Posts: 62
cbbusto ha scritto:


Sono tutti programmi in avvio automatico che non servono.
quando hai finito fammi sapere come va il pc. Speak to the hand


grazie
gli ho fatto fixare quel che mi hai indicato ... adesso quel sito molesto e' andato via
quanto prima gli faccio aggiornare il PACK2 e installare un buon antivirus
ecco il nuovo LOG

Platform: x64 Windows 7 (Pro), 6.1.7601.24443, Service Pack: 1

Time: 14.10.2021 - 11:44 (UTC+02:00)

Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)

Elevated: Yes

Ran by: end user (group: Administrator) on ENDUSER-PC, FirstRun: no



Chrome: 94.0.4606.81

Firefox: 93.0.0.7940

Internet Explorer: 11.0.9600.19355

Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)



Boot mode: Normal



Running processes:

Number | Path

1 C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe

1 C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE.bak

1 C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE

1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

8 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

1 C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe

1 C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe

1 C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe

1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

1 C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe.bak

1 C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE

1 C:\Program Files (x86)\Skype\Phone\Skype.exe

1 C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

1 C:\Program Files\Canon\MyPrinter\BJMyPrt.exe.bak

1 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

1 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

1 C:\Program Files\Intel\iCLS Client\HeciServer.exe

1 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

1 C:\Program Files\Windows Media Player\wmpnetwk.exe

2 C:\Users\end user\Desktop\CARTELLA ANTIVIRUS\HiJackThis\HiJackThis.exe

1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

1 C:\Windows\SysWOW64\SearchProtocolHost.exe

1 C:\Windows\System32\SearchFilterHost.exe

1 C:\Windows\System32\SearchIndexer.exe

1 C:\Windows\System32\WUDFHost.exe

1 C:\Windows\System32\audiodg.exe

2 C:\Windows\System32\csrss.exe

1 C:\Windows\System32\dwm.exe

1 C:\Windows\System32\igfxCUIService.exe

1 C:\Windows\System32\igfxEM.exe

1 C:\Windows\System32\igfxHK.exe

1 C:\Windows\System32\igfxTray.exe

1 C:\Windows\System32\lsass.exe

1 C:\Windows\System32\lsm.exe

1 C:\Windows\System32\notepad.exe

1 C:\Windows\System32\services.exe

1 C:\Windows\System32\smss.exe

1 C:\Windows\System32\spoolsv.exe

13 C:\Windows\System32\svchost.exe

1 C:\Windows\System32\taskhost.exe

1 C:\Windows\System32\wbem\WmiPrvSE.exe

1 C:\Windows\System32\wininit.exe

1 C:\Windows\System32\winlogon.exe

1 C:\Windows\System32\wuauclt.exe

1 C:\Windows\explorer.exe

1 C:\Windows\splwow64.exe



O1 - Hosts: 127.0.0.1 validation.sls.microsoft.com

O2 - HKLM\..\BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll

O2-32 - HKLM\..\BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll

O3 - HKLM\..\Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll

O3-32 - HKLM\..\Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll

O17 - DHCP DNS 1: 8.8.8.8 (Well-known DNS: Google)

O17 - DHCP DNS 2: 8.8.4.4 (Well-known DNS: Google)

O17 - HKLM\System\CCS\Services\Tcpip\..\{4C0201FA-3786-43B6-8384-A1B8A401552C}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)

O17 - HKLM\System\CCS\Services\Tcpip\..\{4C0201FA-3786-43B6-8384-A1B8A401552C}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)

O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{4C0201FA-3786-43B6-8384-A1B8A401552C}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)

O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{4C0201FA-3786-43B6-8384-A1B8A401552C}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)

O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)

O21-32 - HKLM\..\ShellExecuteHooks: [{B5A7F190-DDA6-4420-B3BA-52453494E6CD}] - Groove GFS Stub Execution Hook - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (disabled)

O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub): Groove Explorer Icon Overlay 1 (GFS Unread Stub) - {99FD978C-D287-4F50-827F-B2C658EDA8E7} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub): Groove Explorer Icon Overlay 2 (GFS Stub) - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder): Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) - {920E6DB1-9907-4370-B3A0-BAFC03D81399} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder): Groove Explorer Icon Overlay 3 (GFS Folder) - {16F3DD56-1AF5-4347-846D-7C10C4192619} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark): Groove Explorer Icon Overlay 4 (GFS Unread Mark) - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O22 - Task: (activation) \Microsoft\Windows\Windows Activation Technologies\ValidationTask - C:\Windows\system32\Wat\WatAdminSvc.exe /run (Microsoft)

O22 - Task: (activation) \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - C:\Windows\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"

O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\CompatTelRunner.exe (Microsoft)

O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly (Microsoft)

O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\ProgramDataUpdater - C:\Windows\system32\compattelrunner.exe -maintenance (Microsoft)

O22 - Task: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

O22 - Task: Adobe Flash Player NPAPI Notifier - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe -check plugin

O22 - Task: Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O22 - Task: CCleanerSkipUAC - E:\Memoria PC Vecchio\Programmi\CCleaner\CCleaner.exe $(Arg0) (file missing)

O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c

O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

O22 - Task: \Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"

O22 - Task: \NCH Software\ScribeSevenDays - C:\Program Files (x86)\NCH Software\Scribe\Scribe.exe -sevendays

O22 - Task: {354DF292-BEC1-41D9-AEDB-AC3E3097CA72} - C:\Windows\system32\pcalua.exe -a "C:\Users\end user\Downloads\wmp11-windowsxp-x86-it-it(1).exe" -d "C:\Users\end user\Downloads"

O22 - Task: {512E3FD0-0910-43C2-B6D3-5361D3A070CC} - C:\Users\end user\AppData\Local\Songr\Songr.exe (file missing)

O22 - Task: {842BA028-809B-4C4C-B86C-7CE6FBD7CA96} - C:\Users\end user\AppData\Local\Songr\Songr.exe (file missing)

O22 - Task: {A9388B56-62D4-46FF-BA34-E122A67A7CA8} - C:\Users\end user\AppData\Local\Songr\Songr.exe (file missing)

O22 - Task: {C55D94E2-5550-4B4F-A85B-DA25C8950A40} - C:\Users\end user\AppData\Local\Songr\Songr.exe (file missing)

O23 - Service R2: ASUS Com Service - (asComSvc) - C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe

O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service R2: Diagnostics Tracking Service - (DiagTrack) - C:\Windows\System32\svchost.exe -k utcsvc; "ServiceDll" = C:\Windows\system32\diagtrack.dll

O23 - Service R2: HuaweiHiSuiteService64.exe - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe -/service

O23 - Service R2: Intel(R) Capability Licensing Service Interface - C:\Program Files\Intel\iCLS Client\HeciServer.exe

O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService1.0.0.0) - C:\Windows\system32\igfxCUIService.exe

O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

O23 - Service R2: Intel(R) Rapid Storage Technology - (IAStorDataMgrSvc) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service R2: TeamViewer 12 - (TeamViewer) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc

O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service S3: Canon Inkjet Printer/Scanner/Fax Extended Survey Program - (IJPLMSVC) - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\94.0.4606.81\elevation_service.exe

O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe

O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\SysWow64\IntelCpHeciSvc.exe

O23 - Service S3: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service S3: NBService - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service S3: NMIndexingService - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc





--

End of file - Time spent: 5,1 sec. - 22904 bytes, CRC32: FFFFFFFF. Sign: ኣ⧇

Se ci fosse ancora qualcosa dui malevolo dimmelo che glielo faccio ripulire
Grazie ancora
Torna in alto
 
cbbusto
Inviato: Friday, October 15, 2021 2:05:26 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Perfetto tutto a posto. Il programma che ti ho indicato da eliminare, se si installa da solo si tratta di un trojan.
Un saluto
Torna in alto
 
wardrose
Inviato: Thursday, September 08, 2022 11:22:32 AM
Rank: Newbie

Iscritto dal : 9/8/2022
Posts: 1
Torna in alto
 
emmausa
Inviato: Tuesday, June 13, 2023 10:17:29 AM
Rank: Newbie

Iscritto dal : 6/13/2023
Posts: 4
Torna in alto
 
Utenti presenti in questo topic
Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » videomixable.ru


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.