Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Controllo log HijackThis Opzioni
micheleprc
Inviato: Monday, September 15, 2014 12:34:34 PM
Rank: AiutAmico

Iscritto dal : 11/16/2011
Posts: 80
Ciao Ragazzi,

è da molti mesi che non faccio un po' di pulizia e di scan sul mio pc portatile.
Vi riporto il log di HijackThis; potreste, cortesemente, darci un occhio e indicarmi cosa mi conviene
rimuovere e quali programmi utilizzare per fare un po' di pulizia?
I programmi di cui dispongo sono: Malwarebyte's, Ccleaner, Avast.

Grazie a tutti

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:32:58, on 15/09/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
D:\Battle.net\Battle.net.5011\Battle.net.exe
D:\Notepad++\notepad++.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Michele\Application Data\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.co.uninsubria.it:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - D:\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - Startup: ETDCtrl - collegamento.lnk = C:\Program Files\Elantech\ETDCtrl.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://D:\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - D:\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - D:\Bluetooth Suite\IEPlugIn.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\Windows\SysWOW64\nvinit.dll, C:\Windows\SysWOW64\nvinit.dll
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: AtherosSvc - Atheros Commnucations - D:\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Tor Win32 Service (tor) - Unknown owner - C:\Program Files (x86)\Tor\tor.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Servizio Vodafone Mobile Broadband (VmbService) - Vodafone - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: wampapache - Apache Software Foundation - D:\wamp\bin\apache\apache2.2.22\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - D:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9024 bytes


Quelle sotto indicate sono le specifiche del mio pc:

Riepilogo
Sistema Operativo
MS Windows 7 Home Premium 64-bit SP1
CPU
Intel Core i5 450M @ 2.40GHz 63 °C
Tecnologia Arrandale 32nm
RAM
3.8 GB Canale Doppio DDR3 @ 548 MHz (7-7-7-20)
Scheda Madre
ASUSTeK Computer Inc. K52Jc (Socket 989)
Grafica
Generic PnP Monitor @ 1366x768
(Illegal Vendor ID)
Dischi Drive
625 GB Seagate ST9640320AS (SATA) 43 °C
Drive Ottici
DTSOFT Virtual CdRom Device
Slimtype DVD A DS8A4S
Audio
Conexant CX20671 SmartAudio HD
Sponsor
Inviato: Monday, September 15, 2014 12:34:34 PM

 
cbbusto
Inviato: Tuesday, September 16, 2014 3:15:30 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Il log è a posto, per le pulizie va bene Ccleaner, usalo spesso per pulire anche il Registro.
Malwarebytes da usare quando noti delle anomalie o rallentamenti.
Per una pulizia approfondita di Adware e dirottatori usa ADWclaner e fai la scansione.

Scarica Adwcleaner sul desktop:
http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner
Chiudi tutti i browser (è importante IE,Firefox Chrome ecc...)
Clicca sul pulsante "Scan".
Finita la scansione clicca su "Clean"
Conferma con OK le varie finestre che ti compariranno.
Il pc si riavvierà, e uscirà il log con le eliminazioni.
Postalo qui.

Ciao
micheleprc
Inviato: Tuesday, September 16, 2014 3:58:36 PM
Rank: AiutAmico

Iscritto dal : 11/16/2011
Posts: 80
Grazie mille, ti posto il log di ADWcleaner:

# AdwCleaner v3.310 - Rapporto creato 16/09/2014 in 15:54:28
# Aggiornato 12/09/2014 di Xplode
# Sistema operativo : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nome utente : Michele - MICHELE-PC
# In esecuzione da : D:\Downloads\AdwCleaner.exe
# Opzione : Pulisci

***** [ Servizi ] *****


***** [ File / Cartelle ] *****

Cartella Eliminato : C:\ProgramData\Ask
Cartella Eliminato : C:\Program Files (x86)\SmartTweak
Cartella Eliminato : C:\Users\Michele\AppData\Local\PackageAware
Cartella Eliminato : C:\Users\Michele\AppData\Roaming\Uniblue
Cartella Eliminato : C:\Users\Michele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software

***** [ Compiti ] *****


***** [ Collegamenti ] *****


***** [ Registro ] *****

Chiave Eliminati : HKLM\SOFTWARE\Google\Chrome\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf
Chiave Eliminati : HKLM\SOFTWARE\Google\Chrome\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh
Chiave Eliminati : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Chiave Eliminati : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\offerbox_RASAPI32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\offerbox_RASMANCS
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\OfferBoxhxxpProxy_RASAPI32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\OfferBoxhxxpProxy_RASMANCS
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\registrybooster_RASAPI32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\registrybooster_RASMANCS
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_per_malwarebytes-anti-malware_RASAPI32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_per_malwarebytes-anti-malware_RASMANCS
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_per_speccy_RASAPI32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_per_speccy_RASMANCS
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_per_windows-live-messenger-2012_RASAPI32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_per_windows-live-messenger-2012_RASMANCS
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_per_winrar_RASAPI32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_per_winrar_RASMANCS
Chiave Eliminati : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Chiave Eliminati : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Chiave Eliminati : [x64] HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Chiave Eliminati : HKCU\Software\smarttweak
Chiave Eliminati : HKCU\Software\YahooPartnerToolbar
Chiave Eliminati : HKLM\SOFTWARE\Solvusoft
Chiave Eliminati : HKLM\SOFTWARE\Uniblue
Chiave Eliminati : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v31.0 (x86 it)

[ File : C:\Users\Michele\AppData\Roaming\Mozilla\Firefox\Profiles\xwdd7430.default\prefs.js ]


-\\ Google Chrome v37.0.2062.120

[ File : C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Eliminati [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10011&barid={825B7966-9F8F-11E1-860D-485B398F377F}
Eliminati [Search Provider] : hxxp://isearch.avg.com/search?cid={D6EBC863-F0D4-4C05-BFCE-129BED71B1CC}&mid=3b5a1d3f9e1747d0a24099127f6bde8c-6798c7c46a4b396ebc7ec3b4ddc0d50c7f17b182&lang=it&ds=od011&pr=sa&d=2012-05-27 17:02:36&v=11.1.0.7&sap=dsp&q={searchTerms}
Eliminati [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&affID=114747&tt=270912_cln_3912_8&babsrc=SP_ss&mntrId=42ad462600000000000072f06d30b844
Eliminati [Search Provider] : hxxp://search.easylifeapp.com/?q={searchTerms}&pid=628&src=ch2&r=2013/02/21&hid=1018051152&lg=EN&cc=IT
Eliminati [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=3BA306FF-5EC6-4AC6-A151-FD5630A424C6&apn_ptnrs=U3&apn_sauid=35C304C2-4DBD-49CF-BFD3-C9165FDFA366&apn_dtid=OSJ000YYIT&q={searchTerms}
Eliminati [Extension] : aaaaojmikegpiepcfdkkjaplodkpfmlo
Eliminati [Extension] : bpegkgagfojjbcpkihigfmkojdmmimdf
Eliminati [Extension] : dednnpigldgdbpgcdpfppmlcnnbjciel
Eliminati [Extension] : ehgldbbpchgpcfagfpfjgoomddhccfgh
Eliminati [Extension] : jcdgjdiieiljkfkdcloehkohchhpekkn
Eliminati [Extension] : niapdbllcanepiiimjjndipklodoedlc

*************************

AdwCleaner[R0].txt - [4178 octets] - [16/09/2014 15:49:41]
AdwCleaner[S0].txt - [5018 octets] - [16/09/2014 15:54:28]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5078 octets] ##########
cbbusto
Inviato: Tuesday, September 16, 2014 5:20:02 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
ADW ha fatto una bella pulizia eliminando chiavi infette e altro, un consiglio, se puoi evita di scaricare dal sito Softonic o non usare il loro Downloader perchè è facile ritrovarsi con degli Adware e dirottatori vari tipo Offerbox, websearch.ask e sweetim che ADW ti ha eliminato.
Ciao
Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.