Importante Richiesta controllo Logfile of HijackThis (Versione 2.10.0.31) del 06/05/2023

scarfacecik84 · 29 Marzo 2019

salve ragazzi ho da poco un pc fisso che uso per il gaming e altro
ho installato un gioco su hdd esterno l'ho avviato e mi è uscito un messaggio dove tentavo di aprire un file dll che poteva comportare comportamenti anomali del sistema (non so se sia effettivamente quello il problema o se inavvertitamente è stata colpa mia)
dopo 10 minuti di gioco iniziare a suonare il gruppo di continuità spengo subito (non era andata via la luce) riavvio defender non rileva virus ne sul pc ne sull hdd esterno
secondo cosa è successo colpa del gioco o anomalia temporanea?
questo è il log del pc:

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform: x64 Windows 10 (Pro N), 10.0.17763.379 (ReleaseId: 1809), Service Pack: 0
Time: 29.03.2019 - 15:54 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes

Chrome: 73.0.3683.86
Edge: 11.0.17763.379
Internet Explorer: 11.0.17763.1

Boot mode: Normal

Running processes:
Number | Path
1 C:\MSI\MSIRegister\MSIRegister.exe
1 C:\MSI\MSIRegister\MSIRegisterService.exe
1 C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe
1 C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
1 C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
1 C:\Program Files (x86)\MSI\Live Update\Live Update.exe
1 C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
1 C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
1 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19031.57.0_x64__8wekyb3d8bbwe\YourPhone.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\NisSrv.exe
1 C:\ProgramData\ZDSupport\ZDServ\CancelAutoPlay_Server.exe
1 C:\ProgramData\ZDSupport\ZDServ\ZDServ.exe
1 C:\Users\user\Desktop\HiJackThis\HiJackThis.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\DriverStore\FileRepository\c0326405.inf_amd64_81e392e158d6e1ff\B326184\atieclxx.exe
1 C:\Windows\System32\DriverStore\FileRepository\c0326405.inf_amd64_81e392e158d6e1ff\B326184\atiesrxx.exe
1 C:\Windows\System32\MicrosoftEdgeCP.exe
1 C:\Windows\System32\MicrosoftEdgeSH.exe
6 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\browser_broker.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
2 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
77 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\explorer.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://google.it/
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 lmlicenses.wip4.adobe.com
O1 - Hosts: 127.0.0.1 lm.licenses.adobe.com
O1 - Hosts: 127.0.0.1 na1r.services.adobe.com
O1 - Hosts: 127.0.0.1 hlrcv.stage.adobe.com
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll
O4 - HKCU\..\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\user\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2018/08/28)
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4 - HKLM\..\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe
O4 - HKLM\..\StartupApproved\Run32: [Adobe Creative Cloud] = C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true (2018/08/28)
O4 - HKLM\..\StartupApproved\Run32: [GrooveMonitor] = C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (2018/08/28)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2018/08/28)
O4 - HKLM\..\StartupApproved\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (2018/08/28)
O4-32 - HKLM\..\Run: [Live Update] = C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
O4-32 - HKLM\..\Run: [MSIRegister] = C:\MSI\MSIRegister\MSIRegister.exe
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco1: AccExtIco1 Class - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco2: AccExtIco2 Class - {853B7E05-C47D-4985-909A-D0DC5C6D7303} - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco3: AccExtIco3 Class - {42D38F2E-98E9-4382-B546-E24E4D6D04BB} - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
O21-32 - HKLM\..\ShellExecuteHooks: [{B5A7F190-DDA6-4420-B3BA-52453494E6CD}] - Groove GFS Stub Execution Hook - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (disabled)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub): Groove Explorer Icon Overlay 1 (GFS Unread Stub) - {99FD978C-D287-4F50-827F-B2C658EDA8E7} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub): Groove Explorer Icon Overlay 2 (GFS Stub) - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder): Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) - {920E6DB1-9907-4370-B3A0-BAFC03D81399} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder): Groove Explorer Icon Overlay 3 (GFS Folder) - {16F3DD56-1AF5-4347-846D-7C10C4192619} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark): Groove Explorer Icon Overlay 4 (GFS Unread Mark) - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\System32\DriverStore\FileRepository\c0326405.inf_amd64_81e392e158d6e1ff\B326184\atiesrxx.exe
O23 - Service R2: ASUS Com Service - (asComSvc) - C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe
O23 - Service R2: ASUS System Control Service - (AsSysCtrlService) - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
O23 - Service R2: MSI Live Update Service - (MSI_LiveUpdate_Service) - C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
O23 - Service R2: MSIREGISTER_MR - C:\MSI\MSIRegister\MSIRegisterService.exe
O23 - Service R2: Machine Debug Manager - (MDM) - C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
O23 - Service R2: ZDServ - C:\ProgramData\ZDSupport\ZDServ\ZDServ.exe
O23 - Service S2: Service_21 - C:\Windows\System32\Service_21.exe
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Microsoft Office Diagnostics Service - (odserv) - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
O23 - Service S3: Microsoft Office Groove Audit Service - C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService

--
End of file - Time spent: 27,1 sec. - 18050 bytes, CRC32: FFFFFFFF. Sign: 哗飻

ERCOLINO · 29 Marzo 2019

Il log mi sembra OK.

Riguardo l'UPS bisogna capire per quale motivo si è messo a suonare, ovviamente giocando i consumi salgono e bisogna vedere da quanto è l'UPS

Servirebbe sapere esattamente il messaggio che ti usciva su quella dll

Aggiona le Java

Riguardo gli 01 hai messo te quei siti nel file HOST?

Se non sei stato tu, seleziona gli 01 e poi premi fix

scarfacecik84 · 29 Marzo 2019

ERCOLINO ha scritto:
Il log mi sembra OK.

Riguardo l'UPS bisogna capire per quale motivo si è messo a suonare, ovviamente giocando i consumi salgono e bisogna vedere da quanto è l'UPS

Servirebbe sapere esattamente il messaggio che ti usciva su quella dll

Aggiona le Java

Riguardo gli 01 hai messo te quei siti nel file HOST?

Se non sei stato tu, seleziona gli 01 e poi premi fix

L'ups è da 750VA
quei siti non li ho messi io...
come faccio ad aggiornare le java?

magari riprovo ad avviare il gioco e salvare il messaggio se dovesse uscire

neanche malwarebytes rileva anomalie

ERCOLINO · 29 Marzo 2019

Elimina gli O1

Per Java

https://www.digital-forum.it/showthread.php?167048-Java-8-Update-201-(16-01-19)

L'ultima versione è la 8 upate 201

A vedere i log hai una versione vecchia

scarfacecik84 · 29 Marzo 2019

ERCOLINO ha scritto:
Elimina gli O1

Per Java

https://www.digital-forum.it/showthread.php?167048-Java-8-Update-201-(16-01-19)

L'ultima versione è la 8 upate 201

A vedere i log hai una versione vecchia

java aggiornate...11.02 LTS finalmente funziona anche YouTube su edge
purtroppo chi mi ha assemblato il pc non l'ha aggiornato
cmq rimanendo al problema di prima...il messaggio dll non mi è uscito solo che dopo neanche 5 minuti ha iniziato a suonare l'UPS ho subito spento e rimosso il gioco (f1 2018)
che dipenda dal fatto che il gioco l'ho scaricato tramite torrent e mi surriscalda il pc per colpa di qualche file corrotto?

già tempo fa scaricai pes2018 ed ebbi problemi di coinminer sul notebook che si surriscaldava parecchio...mi sa che mi conviene prenderli su steam se effettivamente è questo il problema

ERCOLINO · 29 Marzo 2019

Non so esattamente che Pc hai, ma 750 VA sono circa 500 W

Sinceramente non so perchè si metta a suonare l'UPS, sicuramente ci sarà qualche led sull'UPS che ti segnala il problema e probabile che il gioco faccia andare al massimo la CPU, da non escludere coinminer

Non centra nulla file corrotti e surriscaldamento

In ogni caso per gli UPS c'è la discussione apposita

https://www.digital-forum.it/showthread.php?39523

Il problema è che non dovete scaricare dove non si dovrebbe Scaricare.......

scarfacecik84 · 29 Marzo 2019

ERCOLINO ha scritto:
Non so esattamente che Pc hai, ma 750 VA sono circa 500 W

Sinceramente non so perchè si metta a suonare l'UPS, sicuramente ci sarà qualche led sull'UPS che ti segnala il problema e probabile che il gioco faccia andare al massimo la CPU, da non escludere coinminer

Non centra nulla file corrotti e surriscaldamento

In ogni caso per gli UPS c'è la discussione apposita

https://www.digital-forum.it/showthread.php?39523

Il problema è che non dovete scaricare dove non si dovrebbe Scaricare.......

Hai perfettamente ragione...questa è la seconda volta che mi serva da lezione.
come posso tener d'occhio la temperatura della cpu e degli altri componenti?

scusa la curiosità 750VA equivalgono a circa 500watt come mai chi mi ha assemblato il pc mi ha messo un alimentatore da 700w e un UPS da 500w ?
onestamente per la configurazione che ho scelto pensavo che 550 sarebbero stati più che sufficienti

per quanto riguarda l' UPS ha un solo led blu e quando mi ha dato quel problema ha solo emesso un suono

ERCOLINO · 29 Marzo 2019

Per UPS e alimentatore passa nel 3d che ti ho linkato, qui ormai siamo OT

giollo63 · 13 Maggio 2019

mi date gentilmente una controllata? Grazie

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.11

Platform: x64 Windows 7 (Home Premium), 6.1.7601.24417, Service Pack: 1
Time: 13.05.2019 - 17:40 (UTC+02:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes

Chrome: 74.0.3729.131
Firefox: 66.0.5.7066
Internet Explorer: 11.0.9600.19326
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
5 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
1 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
1 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
1 C:\Program Files\Alwil Software\Avast5\aswidsagent.exe
1 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
1 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
1 C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
1 C:\Program Files\Windows Media Player\wmpnetwk.exe
1 C:\Windows\SysWOW64\PnkBstrA.exe
1 C:\Windows\SysWOW64\ezSharedSvcHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\lsm.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
14 C:\Windows\System32\svchost.exe
2 C:\Windows\System32\taskhost.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\wlanext.exe
1 C:\Windows\explorer.exe
1 J:\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://www.google.it/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Default_Search_URL] = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Search Page] = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Start Page] = www.google.com
R0-32 - HKLM\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = www.google.com
R0-32 - HKLM\Software\Microsoft\Internet Explorer\Main: [Default_Search_URL] = www.google.com
R0-32 - HKLM\Software\Microsoft\Internet Explorer\Main: [Search Page] = www.google.com
R0-32 - HKLM\Software\Microsoft\Internet Explorer\Main: [Start Page] = www.google.com
O2 - HKLM\..\BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
O2 - HKLM\..\BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2-32 - HKLM\..\BHO: Guida per l'accesso a Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2-32 - HKLM\..\BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2-32 - HKLM\..\BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE

\rndlbrowserrecordplugin.dll
O2-32 - HKLM\..\BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O4 - HKLM\..\Run: [AvastUI.exe] = C:\Program Files\Alwil Software\Avast5\AvLaunch.exe /gui
O4 - MSConfig\startupreg: Adobe ARM [command] = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (HKLM) (2016/04/13)
O4 - MSConfig\startupreg: Adobe Reader Speed Launcher [command] = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (HKLM) (2011/03/09) (file missing)
O4 - MSConfig\startupreg: AlcoholAutomount [command] = C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe -automount (HKCU) (2012/05/08)
O4 - MSConfig\startupreg: Avast [command] = C:\Program Files\Alwil Software\Avast5\AvastUI.exe (HKLM) (2015/01/24)
O4 - MSConfig\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} [command] = C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (HKCU) (2010/10/30)
O4 - MSConfig\startupreg: Bing Bar [command] = C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe (HKLM) (2010/10/30) (file missing)
O4 - MSConfig\startupreg: Easybits Recovery [command] = C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (HKLM) (2011/12/27)
O4 - MSConfig\startupreg: HP Quick Launch [command] = C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (HKLM) (2012/02/29)
O4 - MSConfig\startupreg: HPAdvisorDock [command] = C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe (HKCU) (2015/09/17)
O4 - MSConfig\startupreg: HPWirelessAssistant [command] = C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe

/hidden (HKLM) (2011/12/27) (file missing)
O4 - MSConfig\startupreg: HotKeysCmds [command] = C:\Windows\system32\hkcmd.exe (HKLM) (2011/12/27)
O4 - MSConfig\startupreg: IgfxTray [command] = C:\Windows\system32\igfxtray.exe (HKLM) (2011/12/26)
O4 - MSConfig\startupreg: LightScribe Control Panel [command] = C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (HKCU) (2011/12/27)
O4 - MSConfig\startupreg: Magic Desktop for HP notification [command] = C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe (HKLM) (2014/09/30)
O4 - MSConfig\startupreg: Microsoft Default Manager [command] = C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe -resume (HKLM) (2012/07/28)
O4 - MSConfig\startupreg: Persistence [command] = C:\Windows\system32\igfxpers.exe (HKLM) (2011/12/26)
O4 - MSConfig\startupreg: RTHDVCPL [command] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s (HKLM) (2017/08/24)
O4 - MSConfig\startupreg: SunJavaUpdateSched [command] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (HKLM) (2012/12/16) (file missing)
O4 - MSConfig\startupreg: SynTPEnh [command] = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (HKLM) (2012/03/16)
O4 - MSConfig\startupreg: TkBellExe [command] = C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe -osboot (HKLM) (2016/06/06)
O4 - MSConfig\startupreg: Uninstall Adobe Download Manager [command] = C:\Windows\system32\rundll32.exe "C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7

/Get1noarp (HKLM) (2010/10/30)
O4 - MSConfig\startupreg: msnmsgr [command] = C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background (HKCU) (2012/03/31)
O4 - MSConfig\startupreg: uTorrent [command] = C:\Users\Alessandro\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED (HKCU) (2015/06/09)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Free YouTube Download: (default) = C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Free YouTube to MP3 Converter: (default) = C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O9 - Button: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: Viene lanciato HP Network Check, che aiuta a risolvere i problemi di connessione - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources

\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Button: HKLM\..\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}: Free YouTube Download - (no file)
O9 - Tools menu item: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: HP Network Check (Controllo rete HP) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck

\NCLauncherFromIE.exe
O9 - Tools menu item: HKLM\..\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}: Free YouTube Download - (no file)
O9-32 - Button: HKLM\..\{0000036B-C524-4050-81A0-243669A86B9F}: Messenger Companion (CTRL+MAIUSC+C) - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9-32 - Button: HKLM\..\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Inserisci blog - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9-32 - Button: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: Viene lanciato HP Network Check, che aiuta a risolvere i problemi di connessione - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework

\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9-32 - Tools menu item: HKLM\..\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Pubblica su un &blog in Windows Live Writer - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9-32 - Tools menu item: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: HP Network Check (Controllo rete HP) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck

\NCLauncherFromIE.exe
O16-32 - DPF: HKLM\..\{166B1BCA-3F9C-11CF-8075-444553540000}\DownloadInformation: (no name) [CODEBASE] = http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16-32 - DPF: HKLM\..\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\DownloadInformation: (no name) [CODEBASE] = http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - DHCP DNS 1: 192.168.43.1
O18 - HKLM\Software\Classes\Protocols\Handler\wlpg: [CLSID] = {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\Alwil Software\Avast5\ashShell.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00avast: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\Alwil Software\Avast5\ashShell.dll
O21-32 - HKLM\..\ShellExecuteHooks: [{E54729E8-BB3D-4270-9D49-7389EA579090}] - EasyBits ShellExecute Hook - C:\Windows\SysWOW64\ezUPBHook.dll (disabled)
O22 - Task (.job): (Ready) HPCeeScheduleForAlessandro.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForAlessandro (null)
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Avast Antivirus - (avast! Antivirus) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service R2: Diagnostics Tracking Service - (DiagTrack) - C:\Windows\System32\svchost.exe -k utcsvc; "ServiceDll" = C:\Windows\system32\diagtrack.dll
O23 - Service R2: Easybits Services for Windows - (ezSharedSvc) - C:\Windows\SysWow64\ezSharedSvcHost.exe
O23 - Service R2: HP Support Solutions Framework Service - (HPSupportSolutionsFrameworkService) - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service R2: HP Touchpoint Analytics - (HPTouchpointAnalyticsService) - C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
O23 - Service R2: PnkBstrA - C:\Windows\SysWow64\PnkBstrA.exe
O23 - Service R3: aswbIDSAgent - C:\Program Files\Alwil Software\Avast5\aswidsagent.exe
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.131\elevation_service.exe
O23 - Service S3: HP CASL Framework Service - (hpqcaslwmiex) - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Windows Live Family Safety Service - (fsssvc) - C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

--
End of file - Time spent: 24,8 sec. - 25508 bytes, CRC32: FFFFFFFF. Sign: 硂ꊭ

ERCOLINO · 13 Maggio 2019

Mi sembra ok

Elimina O9 - Button: HKLM\..\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}: Free YouTube Download - (no file)

Aggiorna HiJackThis alla versione 2.9.0.18

carontel · 24 Giugno 2019

Per favore mi controllate il log, perchè ho problemi di spazzatura.
Ho scaricato un file da dailymotion tramite savefrom e da quest'ultimo credo di aver preso spazzatura, in quanto sul'angolo destro in basso dello schermo spunta di tutto e di più, signorine che ti fanno proposte, pubblicità della qualunque cosa eccetera eccetera.

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform: x64 Windows 10 (Pro), 10.0.17134.829 (ReleaseId: 1803), Service Pack: 0
Time: 24.06.2019 - 16:22 (UTC+02:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: Utente (group: Administrator) on DESKTOP-FT2JQLB, FirstRun: yes

Chrome: 75.0.3770.100
Firefox: 16.0.1.4666
Edge: 11.0.17134.799
Internet Explorer: 11.0.17134.1
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
1 C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
15 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1 C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\Polaris Office\Office8\Binary\POSyncCenter.exe
1 C:\Program Files (x86)\Polaris Office\Office8\Binary\PSNoticeChecker.exe
1 C:\Program Files (x86)\Polaris Office\Office8\Binary\PViewManager.exe
1 C:\Program Files (x86)\WinRAR\WinRAR.exe
1 C:\Program Files (x86)\WinZip\WZQKPICK.EXE
1 C:\Program Files\Windows Defender\MSASCuiL.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
1 C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19041.16510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
1 C:\Program Files\rempl\sedsvc.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\NisSrv.exe
1 C:\Users\Utente\AppData\Local\Microsoft\OneDrive\OneDrive.exe
1 C:\Users\Utente\Desktop\HiJackThis\HiJackThis.exe
1 C:\Windows\KMS-R@1n.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
5 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
2 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\SystemSettingsBroker.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
2 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\igfxCUIService.exe
1 C:\Windows\System32\igfxEM.exe
1 C:\Windows\System32\igfxHK.exe
1 C:\Windows\System32\igfxTray.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
68 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\explorer.exe

O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll
O2-32 - HKLM\..\BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O4 - HKCU\..\Run: [Free Download Manager] = C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe --minimized (file missing)
O4 - HKCU\..\Run: [OneDrive] = C:\Users\Utente\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (Microsoft)
O4 - HKCU\..\Run: [PolarisOffice] = C:\Program Files (x86)\Polaris Office\Office8\Binary\POSyncCenter.exe
O4 - HKCU\..\RunOnce: [Application Restart #1] = C:\Program Files (x86)\Polaris Office\Office8\Binary\PViewManager.exe -Embedding /RestartByRestartManager:6B9F6E9A-13CB-4e9e-96BF-033CF1C78937 /RestartByRestartManager:71C85F79-E683-45bd-ADE4-F0EE40E6F532 /RestartByRestartManager:A2A125CE-B710-4484-84C8-44E5E4FF34D9
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s (file missing)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk -> C:\Program Files (x86)\WinZip\WZQKPICK.EXE (1601/01/01)
O4-32 - HKLM\..\Run: [DivXUpdate] = C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe /CHECKNOW
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ 0FileIconSyncOn: FileIconOverlayExt Class - {62E15A97-5651-41E4-95C4-706D30C86A4B} - C:\Program Files (x86)\Polaris Office\Office8\Binary\SyncOverlay\X64\0FileIconSyncOn64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ 1FileIconSyncAlert: FileIconOverlayExt Class - {BF741CA6-27BF-4B49-A3A3-1C39415582D8} - C:\Program Files (x86)\Polaris Office\Office8\Binary\SyncOverlay\X64\1FileIconSyncAlert64.dll
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService1.0.0.0) - C:\WINDOWS\system32\igfxCUIService.exe
O23 - Service R2: KMS-R@1n - C:\Windows\KMS-R@1n.exe
O23 - Service R2: Windows Remediation Service - (sedsvc) - C:\Program Files\rempl\sedsvc.exe
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\elevation_service.exe
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc

--
End of file - Time spent: 82,9 sec. - 13952 bytes, CRC32: FFFFFFFF. Sign: 鋎朾

ERCOLINO · 24 Giugno 2019

Quando si installano programmi non legittimi (non so se mi spiego) poi escono casini

Uno dei problemi potrebbe essere, basta che cerchi su google a cosa si riferisce...

C:\Windows\KMS-R@1n.exe

carontel · 24 Giugno 2019

Ercolino io non ho installato niente, o meglio ho scaricato un file musicale da dailymotion tramite savefrom (ed è proprio quest'ultimo che penso mi ha creato i casini) questo pomeriggio e mi sono spuntati questi avvisi pubblicitari donnine comprese.
Che cose c'è da fare adesso per risolvere sto casino.

ERCOLINO · 24 Giugno 2019

C:\Windows\KMS-R@1n.exe

Win 10 è originale?.....

Quello va rimosso

Controlla tra i programmi installati se c'è qualcosa di strano con quel nome o che si è installato di recentr.

Cancella il contenuto della cartella Temp

C:windows/temp

Cancella cache e cookies dei browser.

carontel · 24 Giugno 2019

Win 10 credo sia originale (come sai ci capisco poco in materia) ho acquistato a settembre un assemblato da un venditore veneto online, dovrebbe essere originale.
I programmi installati nel pc da dove li vedo :eusa_wall:

Per te sarà una domanda scema m con windows 10 non lo so

carontel · 24 Giugno 2019

Intanto ho cancellato il contenuto della cartella temp e svuotato cache e cookies dei browser
Ho rifatto il log e quella voce che segnalavi rimane sempre.
Nei programmi, da cui sono arrivato dal pannello di controllo e programmi e funzionalità (non so se è giusto) non ho trovato programmi strani, sembra tutto normale
Per togliere quella voce cosa bisogna fare? aprò thread specifico?

VIANELLO_85 · 25 Giugno 2019

Spunta la casella/riga relativa e premi fix

carontel · 25 Giugno 2019

Vianello ho fatto come hai detto, pare sia andata via, così ho risolto oppure devo fare altre procedure per non aver più problemi? Rimetto il log per favore ricontrolla se ci sta qualche altra cosa da togliere. Grazie

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform: x64 Windows 10 (Pro), 10.0.17134.829 (ReleaseId: 1803), Service Pack: 0
Time: 25.06.2019 - 13:58 (UTC+02:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: Utente (group: Administrator) on DESKTOP-FT2JQLB, FirstRun: yes

Chrome: 75.0.3770.100
Firefox: 16.0.1.4666
Edge: 11.0.17134.799
Internet Explorer: 11.0.17134.1
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
1 C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
7 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1 C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\Polaris Office\Office8\Binary\POSyncCenter.exe
1 C:\Program Files (x86)\Polaris Office\Office8\Binary\PSNoticeChecker.exe
1 C:\Program Files (x86)\Polaris Office\Office8\Binary\PViewManager.exe
1 C:\Program Files (x86)\WinZip\WZQKPICK.EXE
1 C:\Program Files\Windows Defender\MSASCuiL.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
1 C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19041.16510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsStore_11905.1001.4.0_x64__8wekyb3d8bbwe\WinStore.App.exe
1 C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
1 C:\Program Files\rempl\sedsvc.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\NisSrv.exe
4 C:\Users\Utente\AppData\Local\Google\Chrome\User Data\SwReporter\42.206.200.3\software_reporter_tool.exe
1 C:\Users\Utente\AppData\Local\Microsoft\OneDrive\OneDrive.exe
1 C:\Users\Utente\Desktop\HiJackThis\HiJackThis.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
8 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\browser_broker.exe
2 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
2 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\igfxCUIService.exe
1 C:\Windows\System32\igfxEM.exe
1 C:\Windows\System32\igfxHK.exe
1 C:\Windows\System32\igfxTray.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
1 C:\Windows\System32\sppsvc.exe
62 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
2 C:\Windows\System32\wbem\WMIC.exe
1 C:\Windows\System32\wbem\WmiApSrv.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
2 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\explorer.exe

O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll
O2-32 - HKLM\..\BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O4 - HKCU\..\Run: [Free Download Manager] = C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe --minimized (file missing)
O4 - HKCU\..\Run: [OneDrive] = C:\Users\Utente\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (Microsoft)
O4 - HKCU\..\Run: [PolarisOffice] = C:\Program Files (x86)\Polaris Office\Office8\Binary\POSyncCenter.exe
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s (file missing)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk -> C:\Program Files (x86)\WinZip\WZQKPICK.EXE (1601/01/01)
O4-32 - HKLM\..\Run: [DivXUpdate] = C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe /CHECKNOW
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ 0FileIconSyncOn: FileIconOverlayExt Class - {62E15A97-5651-41E4-95C4-706D30C86A4B} - C:\Program Files (x86)\Polaris Office\Office8\Binary\SyncOverlay\X64\0FileIconSyncOn64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ 1FileIconSyncAlert: FileIconOverlayExt Class - {BF741CA6-27BF-4B49-A3A3-1C39415582D8} - C:\Program Files (x86)\Polaris Office\Office8\Binary\SyncOverlay\X64\1FileIconSyncAlert64.dll
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService1.0.0.0) - C:\WINDOWS\system32\igfxCUIService.exe
O23 - Service R2: Windows Remediation Service - (sedsvc) - C:\Program Files\rempl\sedsvc.exe
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\elevation_service.exe
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc

--
End of file - Time spent: 80,9 sec. - 14168 bytes, CRC32: FFFFFFFF. Sign: ḃ홝

VIANELLO_85 · 25 Giugno 2019

Da una rapida occhiata, e non vedendo più la riga incriminata direi che ora è ok.

Non noto altre righe degne di segnalazione.

carontel · 25 Giugno 2019

Ti ringrazio. Ma sta robaccia da dove salta fuori? Io programmi non ne scarico, anche perchè non sono capace e chiedo sempre aiuto qua, scarico soltanto qualche file di musica dal tubo, oppure è possibile prenderla soltanto navigando in siti poco sicuri?

Importante Richiesta controllo Logfile of HijackThis (Versione 2.10.0.31) del 06/05/2023

scarfacecik84

Digital-Forum Senior

ERCOLINO

scarfacecik84

Digital-Forum Senior

ERCOLINO

scarfacecik84

Digital-Forum Senior

ERCOLINO

scarfacecik84

Digital-Forum Senior

ERCOLINO

giollo63

Digital-Forum Gold Master

ERCOLINO

carontel

Digital-Forum Senior Master

ERCOLINO

carontel

Digital-Forum Senior Master

ERCOLINO

carontel

Digital-Forum Senior Master

carontel

Digital-Forum Senior Master

VIANELLO_85

carontel

Digital-Forum Senior Master

VIANELLO_85

carontel

Digital-Forum Senior Master