|
|
|
|
Strumenti |
06-10-2018, 12:24 | #14601 |
Member
Iscritto dal: Jan 2007
Messaggi: 276
|
Ciao
scusate che versione si usa oggi di hijackthis e da dove scaricarla grazie |
06-10-2018, 13:00 | #14602 |
Member
Iscritto dal: Jan 2007
Messaggi: 276
|
ok, penso di averla trovata sul sito trend micro
cmq. quando lo metto in esecuzione mi da questo avviso: https://imgur.com/a/X59ZNne |
06-10-2018, 13:09 | #14603 |
Member
Iscritto dal: Jan 2007
Messaggi: 276
|
Allora ho provato a farlo andare avanti premendo "OK"
ed è venuto fuori questo, potreste controllare se c'è qualcosa che non va per cortesia? Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 14:03:27, on 06/10/2018 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.17134.0001) Boot mode: Normal Running processes: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Program Files (x86)\Avira\Antivirus\avgnt.exe C:\Users\Giuseppe\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe C:\Users\Giuseppe\Downloads\HijackThis.exe C:\Program Files (x86)\MWSnap\MWSnap.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp15-comm.msn.com/?pc=HRTE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit= O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe O4 - HKLM\..\Run: [Avira System Speedup User Starter] "C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe" O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe" O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKCU\..\Run: [OneDrive] "C:\Users\Giuseppe\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\RunOnce: [Application Restart #3] C:\Program Files\Elantech\VolumeControl.exe /RestartByRestartManager:06E4E3B8-8E58-405a-B7F8-428702A1B3A4 /RestartByRestartManager:040E85D0-9836-4f05-96CC-DB5B22328BF3 /RestartByRestartManager3123B29-FE30-4f6f-A6BE-BFE2AE30379A /RestartByRestartManager:BF996660-7079-40af-92A0-57093C99E5AE O4 - Startup: hide.me VPN.lnk = C:\Program Files (x86)\hide.me VPN\Hide.me.exe O4 - Startup: Lotus QuickStart.lnk = C:\lotus\wordpro\ltsstart.exe O4 - Startup: Lotus SmartCenter 97.lnk = C:\lotus\smartctr\smartctr.exe O4 - Startup: Lotus SuiteStart 97.lnk = C:\lotus\smartctr\suitest.exe O4 - Startup: Ritaglio schermata e avvio di OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: HP Audio Switch.lnk = C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitchLC.vbs O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\..\{044D986A-A0DB-4D8E-81AE-C60386CEE403}: NameServer = 95.211.171.165 95.211.171.166 O17 - HKLM\System\CCS\Services\Tcpip\..\{24b3ff31-1abb-4992-8f11-9beb087cdf45}: NameServer = 1.1.1.1,1.0.0.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{68b5e157-6516-4941-be4f-aa2d45cd3845}: NameServer = 1.1.1.1 1.0.0.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{a62d31f4-d909-495e-86ef-9c48c4fe8276}: NameServer = 1.1.1.1 1.0.0.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{c06038ba-5c3a-465b-814e-7e8d681e464a}: NameServer = 1.1.1.1 1.0.0.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{eb0eed38-c80c-4ed5-9951-c5490ff822c7}: NameServer = 1.1.1.1 1.0.0.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{044D986A-A0DB-4D8E-81AE-C60386CEE403}: NameServer = 95.211.171.165 95.211.171.166 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O21 - SSODL: EldosMountNotificator-cbfs6 - {5AE22332-4DC2-48E6-9272-739291207FC7} - C:\WINDOWS\SysWOW64\cbfsMntNtf6.dll O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5AE22332-4DC2-48E6-9272-739291207FC7} - C:\WINDOWS\SysWOW64\cbfsMntNtf6.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Avira Protezione email (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe O23 - Service: Avira Pianificatore (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe O23 - Service: Avira Protezione in tempo reale (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe O23 - Service: Avira Protezione web (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe O23 - Service: Avira Optimizer Host (AviraOptimizerHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe O23 - Service: Avira Phantom VPN (AviraPhantomVPN) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe O23 - Service: Avira Updater Service (AviraUpdaterService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: Servizio Aggiornamento Dropbox (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe O23 - Service: Servizio Aggiornamento Dropbox (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: DraftSight API Service - Dassault Systèmes - C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @oem61.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Unknown owner - C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe (file missing) O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe O23 - Service: Foxit Reader Service (FoxitReaderService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: hide.me VPN Service (hmevpnsvc) - eVenture Limited - C:\Program Files (x86)\hide.me VPN\hidemesvc.exe O23 - Service: HP Comm Recovery (HP Comm Recover) - HP Inc. - C:\Program Files\HPCommRecovery\HPCommRecovery.exe O23 - Service: HP JumpStart Bridge (HPJumpStartBridge) - HP Inc. - C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe O23 - Service: HP Touchpoint Analytics (HPTouchpointAnalyticsService) - HP Inc. - C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe O23 - Service: HPWMISVC - HP Inc. - c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe O23 - Service: @oem67.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: RTK IIS Codec Service (RtkI2SCodec) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\IIS\RtkI2SAudioService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Servizio Scout Update (scupdate) (scupdate) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe O23 - Service: Servizio Scout Update (scupdatem) (scupdatem) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe O23 - Service: Intel Security True Key Helper Service (TrueKeyServiceHelper) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- End of file - 17483 bytes |
15-10-2018, 12:30 | #14604 |
Senior Member
Iscritto dal: Jan 2010
Messaggi: 37051
|
Purtroppo la pagina di analisi automatica dei log online non è più attiva, quindi devi analizzartelo da solo
https://www.bleepingcomputer.com/tut...se-hijackthis/ |
21-10-2018, 20:08 | #14605 | |
Senior Member
Iscritto dal: Feb 2003
Città: Torino
Messaggi: 3695
|
Quote:
HijackThis originariamente di Merijn Bellekom e successivamente acquisito da parte di Trend Micro con la versione beta 2.0.5 non è più supportato da Trend Micro, è comunque rinato per opera di Polshyn Stanislav sotto il nome di HiJackThis Fork v3 L'ultima versione attualmente è la 2.9.0.1 Articolo con alcune spiegazioni https://github.com/dragokas/hijackthis Pagina dello sviluppatore https://dragokas.com/tools/HiJackThis.zip File .zip ultima versione 2.9.0.1 Change log versione 2.9.0.1 Tutorial |
|
15-11-2018, 14:45 | #14606 |
Member
Iscritto dal: Jan 2014
Messaggi: 200
|
raga dov'è possibile reperire l'ultima versoine?
|
17-11-2018, 13:27 | #14607 |
Senior Member
Iscritto dal: Feb 2003
Città: Torino
Messaggi: 3695
|
Nuova versione 2.9.0.7
Fixed false positives (e.g. O26) due to problems with buffer cleaning in registry operations. Pagina sviluppatore con tutti i dettagli Download file .zip Qui |
26-04-2019, 01:09 | #14608 |
Senior Member
Iscritto dal: Aug 2008
Città: casa mia??
Messaggi: 2928
|
non più in funzione?
salve, è da un pò che non utilizzo questo tool...
non funziona più il link all'analizzatore del log, quello indicato al primo post nella prima pagina... come mai?
__________________
vivo con 1/4 di buon vinello al colpo |
26-04-2019, 11:43 | #14609 |
Senior Member
Iscritto dal: Mar 2008
Messaggi: 18713
|
Letti i due post poco prima del tuo?
|
27-09-2019, 18:40 | #14610 |
Junior Member
Iscritto dal: Sep 2019
Messaggi: 1
|
Io sono stato infettato con un non ben precisato virus, io credo un Trojan horse che mi controllava il pc da remoto. Ho disistallato Windows 8.1 pro e reinizializato il pc ma credo che il problema non sia completamente risolto. Ho fatto vari tentativi di disinfezione seguendo varie guide ma il problema è sicuramente diminuito ma non credo he sia tutto risolto. Volevo chiedere aiuto anche a voi postando qui il log di Hijackthis in quanto io non saprei quali voci fixare. Procede
Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 18:41:03, on 27/09/2019 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.19036) Boot mode: Normal Running processes: E:\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?Li...9&ocid=UE09DHP R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O4 - HKCU\..\Run: [SUPERAntiSpyware] G:\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "G:\Programmi Secondo HD\CCleaner\CCleaner64.exe" /MONITOR O4 - Startup: MEGAsync.lnk = C:\ProgramData\MEGAsync\MEGAsync.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - G:\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\elevation_service.exe O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMService - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 5464 bytes |
04-04-2020, 14:53 | #14611 |
Junior Member
Iscritto dal: Apr 2020
Messaggi: 2
|
Analisi Log
Ciao a tutti, ho appena fatto un po' di pulizia sul PC, scansioni con SuperAntiSpyware, CCleaner, Malwarebytes. Potete darmi qualche indicazione sul log di HijackThis, grazie!
...lascio in allegato |
06-04-2020, 23:29 | #14612 | |
Senior Member
Iscritto dal: Jan 2009
Messaggi: 2741
|
Quote:
superantispyware non lo vedo utile, prova a pulire con: https://it.malwarebytes.com/adwcleaner/ |
|
07-04-2020, 08:55 | #14613 | |
Junior Member
Iscritto dal: Apr 2020
Messaggi: 2
|
Quote:
|
|
07-04-2020, 09:13 | #14614 |
Junior Member
Iscritto dal: Jun 2007
Messaggi: 13
|
Salve.
Volevo chiedervi un aiuto nell'analisi del file di HijackThis. Grazie mille in anticipo Giovanni Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 09:52:40, on 07/04/2020 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.18362.0001) Boot mode: Normal Running processes: C:\Program Files (x86)\TeamViewer\TeamViewer.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avpui.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_tray.exe C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files (x86)\Benubird PDF\BenubirdAssistant.exe C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Users\Giovanni Tessitore\Desktop\HijackThis (1).exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit= O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file) O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe O4 - HKLM\..\Run: [Benubird PDF] C:\Program Files (x86)\Benubird PDF\BenubirdAssistant.exe O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN O4 - HKLM\..\Run: [BrHelp] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN O4 - HKLM\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe" O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe" O4 - HKLM\..\Run: [PDFProHook] "C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\RunOnce: [Application Restart #1] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files (x86)\Adobe\Acrobat 5.0\Distillr\AcroTray.exe O4 - Global Startup: SafeEraser Service.lnk = C:\Program Files (x86)\Wondershare\SafeEraser\SafeEraserNotifier.exe O8 - Extra context menu item: Aggiungi a PDF esistente - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Aggiungi destinazione link a PDF esistente - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Apri con PDF Viewer 7 - res://C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm O8 - Extra context menu item: Converti destinazione link in Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Converti in Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: I&nvia a OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Spedire a Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Spedire a Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (file missing) (HKCU) O9 - Extra 'Tools' menuitem: Spedire a Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (file missing) (HKCU) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing) O23 - Service: Servizio %1!s! Update (avast) (avast) - Unknown owner - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (file missing) O23 - Service: Servizio %1!s! Update (avastm) (avastm) - Unknown owner - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (file missing) O23 - Service: Kaspersky Anti-Virus Service 20.0 (AVP20.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\avp.exe O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing) O23 - Service: CredentialEnrollmentManagerUserSvc_1f9fc7 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing) O23 - Service: Servizio Aggiornamento Dropbox (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe O23 - Service: Servizio Aggiornamento Dropbox (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe O23 - Service: DbxSvc - Unknown owner - C:\WINDOWS\system32\DbxSvc.exe (file missing) O23 - Service: Dell Customer Connect - Unknown owner - C:\Program Files (x86)\Dell Customer Connect\DCCService.exe (file missing) O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Unknown owner - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe (file missing) O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: Digital Wave Update Service (DigitalWave.Update.Service) - Digital Wave Ltd. - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\elevation_service.exe O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe O23 - Service: Tecnologia Intel(R) Rapid Storage (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Kaspersky Volume Shadow Copy Service Bridge 20.0 (klvssbridge64_20.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 20.0\x64\vssbridge64.exe O23 - Service: Kaspersky Password Manager Service (kpm_launch_service) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe O23 - Service: Kaspersky Secure Connection Service 4.0 (KSDE4.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksde.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: Rivet Dynamic Bandwidth Management (RNDBWM) - Unknown owner - C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing) O23 - Service: SmartByte Network Service (SmartByte Network Service x64) - Unknown owner - C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe (file missing) O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.6 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Wondershare Driver Install Service (WsDrvInst) - Wondershare - C:\Program Files (x86)\Wondershare\SafeEraser\DriverInstall.exe -- End of file - 18446 bytes |
10-04-2020, 00:42 | #14615 | |
Senior Member
Iscritto dal: Jan 2009
Messaggi: 2741
|
Quote:
allegate il file di log.... detto questo, il log pare pulito |
|
11-04-2020, 11:50 | #14616 |
Member
Iscritto dal: Oct 2006
Messaggi: 219
|
Buongiorno, qualcuno potrebbe darmi una mano a controllare il file log di HiJackThis?
sul link c'è il mio file log https://send.firefox.com/download/d4...JwCq1bxct2kSeg Vi ringrazio anticipatamente |
11-04-2020, 22:48 | #14617 | |
Senior Member
Iscritto dal: Jan 2009
Messaggi: 2741
|
Quote:
|
|
19-04-2020, 13:51 | #14618 | |
Member
Iscritto dal: Oct 2006
Messaggi: 219
|
Quote:
https://send.firefox.com/download/57...nvFxCmHbmj4T4A posto nuovamente il link. Vorrei che controllaste il mio file log per 2 semplici motivi. Il primo è che è da tempo che non viene controllato. Il secondo è che quando ho iniziato l'istallazione di un simulatore android LD PLayer per l'esattezza l'antivirus mi ha messo in allarme e prima che potesse finire l'istallazione ho terminato il processo. |
|
19-04-2020, 17:37 | #14619 | |
Senior Member
Iscritto dal: Jan 2009
Messaggi: 2741
|
Quote:
senti prova a caricare qui https://gofile.io/?t=uploadFiles e anche qui http://www.wikifortio.com/ uno dei 2 funzionerà spero ma da quello che dici allora è meglio che fai una scansione con https://it.malwarebytes.com/adwcleaner/ e dopo una scansione completa con https://it.malwarebytes.com/ |
|
20-04-2020, 16:55 | #14620 | |
Member
Iscritto dal: Oct 2006
Messaggi: 219
|
Quote:
https://gofile.io/?c=HpAb1s Ho provato adwcleaner mi escono alcune chiavi di registro https://gofile.io/?c=vc8Tpm Un file chiamato securityXploded. Comunque dovrebbe esserci l'immagine della scansione fatta, i 41 file trovati sono chiavi di registro. Malwarebytes mi da sempre errore di istallazione, non capisco perché forse è più recente della mia versione di S.O. |
|
Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 17:59.