|
|||||||
|
|
|
 |
|
|
Strumenti |
30-07-2020, 12:58
|
#1 |
|
Junior Member
Iscritto dal: Jul 2020
Messaggi: 3
|
Ero (e forse lo sono ancora) infetta da Wondershare: log HiJackThis
.
Ultima modifica di piripacchia : 31-07-2020 alle 13:13. |
|
|
|
30-07-2020, 13:30
|
#2 |
|
Junior Member
Iscritto dal: Jul 2020
Messaggi: 3
|
.
Ultima modifica di piripacchia : 31-07-2020 alle 13:14. |
|
|
|
|
31-07-2020, 12:53
|
#3 |
|
Junior Member
Iscritto dal: Jul 2020
Messaggi: 3
|
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18
Platform: x64 Windows 7 (Home Premium), 6.1.7601.24544, Service Pack: 1 Time: 31.07.2020 - 11:38 (UTC+02:00) Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410) Elevated: Yes Chrome: 84.0.4147.105 Firefox: 78.0.2.7494 Internet Explorer: 11.0.9600.19596 Default: "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox) Boot mode: Normal Running processes: Number | Path 1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 1 C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe 1 C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe 1 C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe 1 C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe 1 C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe 1 C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe 1 C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe 1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe 1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe 1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 1 C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe 1 C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE 1 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe 1 C:\Program Files (x86)\SafeExamBrowser\SebWindowsServiceWCF\SebWindowsServiceWCF.exe 1 C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe 1 C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe 1 C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe 1 C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe 1 C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe 1 C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe 1 C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe 1 C:\Program Files (x86)\WinRAR\WinRAR.exe 1 C:\Program Files\AVAST Software\Avast\AvastSvc.exe 3 C:\Program Files\AVAST Software\Avast\AvastUI.exe 1 C:\Program Files\AVAST Software\Avast\aswEngSrv.exe 1 C:\Program Files\AVAST Software\Avast\aswidsagent.exe 1 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 1 C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe 1 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 1 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE 1 C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe 1 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe 1 C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe 1 C:\Program Files\Intel\WiFi\bin\EvtEng.exe 1 C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe 1 C:\Program Files\Intel\iCLS Client\HeciServer.exe 1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe 1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe 1 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 1 C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe 1 C:\Program Files\Windows Media Player\wmpnetwk.exe 1 C:\Users\---\Downloads\HiJackThis.exe 1 C:\Windows\SysWOW64\irstrtsv.exe 1 C:\Windows\System32\SearchIndexer.exe 1 C:\Windows\System32\audiodg.exe 1 C:\Windows\System32\conhost.exe 2 C:\Windows\System32\csrss.exe 1 C:\Windows\System32\dllhost.exe 1 C:\Windows\System32\dwm.exe 1 C:\Windows\System32\escsvc64.exe 1 C:\Windows\System32\hkcmd.exe 1 C:\Windows\System32\igfxext.exe 1 C:\Windows\System32\igfxpers.exe 1 C:\Windows\System32\igfxsrvc.exe 1 C:\Windows\System32\lsass.exe 1 C:\Windows\System32\lsm.exe 2 C:\Windows\System32\rundll32.exe 1 C:\Windows\System32\services.exe 1 C:\Windows\System32\smss.exe 1 C:\Windows\System32\spoolsv.exe 14 C:\Windows\System32\svchost.exe 3 C:\Windows\System32\taskeng.exe 1 C:\Windows\System32\taskhost.exe 1 C:\Windows\System32\wbem\WmiApSrv.exe 2 C:\Windows\System32\wbem\WmiPrvSE.exe 1 C:\Windows\System32\wbem\unsecapp.exe 1 C:\Windows\System32\wininit.exe 1 C:\Windows\System32\winlogon.exe 1 C:\Windows\System32\wlanext.exe 1 C:\Windows\explorer.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = http://samsung.msn.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://samsung.msn.com/ O2 - HKLM\..\BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2-32 - HKLM\..\BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll O2-32 - HKLM\..\BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - (no file) O2-32 - HKLM\..\BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - HKLM\..\Toolbar: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - (no file) O3-32 - HKLM\..\Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll O4 - HKCU\..\Run: [Google Update] = C:\Users\---\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe O4 - HKCU\..\Run: [ISUSPM] = C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler (file missing) O4 - HKLM\..\Run: [AvastUI.exe] = C:\Program Files\AVAST Software\Avast\AvLaunch.exe /gui O4 - HKLM\..\Run: [BLEServicesCtrl] = C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe O4 - HKLM\..\Run: [BTMTrayAgent] = C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp O4 - HKLM\..\Run: [ETDCtrl] = C:\Program Files\Elantech\ETDCtrl.exe O4 - HKLM\..\Run: [HotKeysCmds] = C:\windows\system32\hkcmd.exe O4 - HKLM\..\Run: [IgfxTray] = C:\windows\system32\igfxtray.exe O4 - HKLM\..\Run: [Persistence] = C:\windows\system32\igfxpers.exe O4 - HKLM\..\Run: [RtHDVCpl] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s O4 - HKLM\..\Session Manager: [BootExecute] = (no file) O4 - HKU\S-1-5-19\..\Run: [Sidebar] = C:\Program Files\Windows Sidebar\Sidebar.exe /autoRun (file missing) O4 - HKU\S-1-5-20\..\Run: [Sidebar] = C:\Program Files\Windows Sidebar\Sidebar.exe /autoRun (file missing) O4 - MSConfig\startupfolder: C:^Users^---^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk [backup] => C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (2019/09/02) O4 - MSConfig\startupreg: PDFPrint [command] = C:\Program Files (x86)\PDF24\pdf24.exe (HKLM) (2019/09/02) O4-32 - HKLM\..\Run: [USB3MON] = C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&sporta in Microsoft Excel: (default) = C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (file missing) O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\I&nvia a OneNote: (default) = C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (file missing) O9-32 - Button: HKLM\..\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Inserisci blog - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9-32 - Tools menu item: HKLM\..\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Pubblica su un &blog in Windows Live Writer - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O18 - HKLM\Software\Classes\Protocols\Handler\wlpg: [CLSID] = {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVAST Software\Avast\ashShell.dll O21 - HKLM\..\ShellIconOverlayIdentifiers\00avast: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVAST Software\Avast\ashShell.dll O22 - Task (.job): (Ready) ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe --domain-id 4e00205a-2ab1-4423-8f77-cc25b82cde1d --caller winlogon-impersonate O22 - Task (.job): (Ready) ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe --domain-id 4e00205a-2ab1-4423-8f77-cc25b82cde1d --caller scheduler-impersonate O22 - Task (.job): (Ready) Xerox PhotoCafe Communicator.job - C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service R2: Avast Antivirus - (avast! Antivirus) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe /runassvc O23 - Service R2: Bluetooth Device Monitor - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe O23 - Service R2: Bluetooth OBEX Service - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe O23 - Service R2: Diagnostics Tracking Service - (DiagTrack) - C:\windows\System32\svchost.exe -k utcsvc; "ServiceDll" = C:\windows\system32\diagtrack.dll O23 - Service R2: Epson Scanner Service - (EpsonScanSvc) - C:\windows\system32\EscSvc64.exe O23 - Service R2: ExpressCache - C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe O23 - Service R2: HuaweiHiSuiteService64.exe - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe -/service O23 - Service R2: Intel(R) Capability Licensing Service Interface - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service R2: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service - (BTHSSecurityMgr) - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service R2: Intel(R) ME Service - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service R2: Intel(R) Management and Security Application User Notification Service - (UNS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service R2: Intel(R) PROSet/Wireless Event Log - (EvtEng) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service R2: Intel(R) PROSet/Wireless Registry Service - (RegSrvc) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service R2: Intel(R) PROSet/Wireless Zero Configuration Service - (ZeroConfigService) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe O23 - Service R2: Intel(R) Rapid Start Technology Service - (irstrtsv) - C:\windows\SysWOW64\irstrtsv.exe O23 - Service R2: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service - (AMPPALR3) - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe O23 - Service R2: SEB Windows Service - (SebWindowsServiceWCF) - C:\Program Files (x86)\SafeExamBrowser\SebWindowsServiceWCF\SebWindowsServiceWCF.exe O23 - Service R2: SamsungDeviceConfiguration - (SamsungDeviceConfigurationWinService) - C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe O23 - Service R2: SeaPort - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE O23 - Service R2: Servizio A portata di clic di Microsoft Office - (ClickToRunSvc) - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe /service O23 - Service R3: Bluetooth Media Service - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe O23 - Service R3: aswbIDSAgent - C:\Program Files\AVAST Software\Avast\aswidsagent.exe O23 - Service S2: Servizio Aggiornamento Microsoft Edge (edgeupdate) - (edgeupdate) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /svc O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service S3: Bing Bar Update Service - (BBSvc) - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE O23 - Service S3: GameConsoleService - C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\windows\SysWow64\IntelCpHeciSvc.exe O23 - Service S3: Microsoft Edge Elevation Service (MicrosoftEdgeElevationService) - (MicrosoftEdgeElevationService) - C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.50\elevation_service.exe O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service S3: Office 64 Source Engine - (ose64) - c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE O23 - Service S3: Servizio Aggiornamento Microsoft Edge (edgeupdatem) - (edgeupdatem) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /medsvc O23 - Service S3: Wireless PAN DHCP Server - (MyWiFiDHCPDNS) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- End of file - Time spent: 76,9 sec. - 28202 bytes, CRC32: FFFFFFFF. Sign: ɍ幔 |
|
|
|
|
|
| Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 17:35.
