Importante Richiesta controllo Logfile of HijackThis (Versione 2.10.0.31) del 06/05/2023

scarfacecik84 · 20 Dicembre 2020

VIANELLO_85 ha scritto:
Sulla tua domanda se il rischio è solo il tuo pc ti rispondo NI, in quanto bisogna capire cosa hai preso.

Se mettiamo è dovuto a un virus, che non è stato prontamente rilevato, o eliminato successivamente, potrebbe aver compromesso anche altri dispositivi.

ho fatto la scansione non ho trovato virus sul pc
su windows defender c'era la cronologia della protezione (minacce consentite) e me ne uscivano alcuni bloccati riferiti a questo programma che ho usato in questi giorni e che avevo rimosso ieri:
file: F:\DOWNLOADS\BACKUP\PES 2021\TOOLS\PESEDIT\Pes 2020 Editor V0.11.1 by Ejogc327\Pes 2020 Editor V0.11.1 by Ejogc327\PES2020Editor.exe

Malwarebytes
www.malwarebytes.com

-Dettagli log-
Data scansione: 20/12/20
Ora scansione: 07:57
File di log: a40ee0d4-4290-11eb-94a9-40b07642d9ac.json

-Informazioni software-
Versione: 4.3.0.98
Versione componenti: 1.0.1130
Aggiorna versione pacchetto: 1.0.34537
Licenza: Trial

-Informazioni sistema-
SO: Windows 10 (Build 19041.685)
CPU: x64
File system: NTFS
Utente: DESKTOP-FLAUC24\Lorenzo

-Riepilogo scansione-
Tipo di scansione: Ricerca elementi nocivi
Scansione avviata da: Manuale
Risultati: Completata
Elementi analizzati: 273702
Minacce rilevate: 0
Minacce messe in quarantena: 0
Tempo impiegato: 2 min, 0 sec

-Opzioni di scansione-
Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Attivata
Analisi euristica: Attivata
PUP: Rilevare
PUM: Rilevare

-Dettagli scansione-
Processo: 0
(Nessun elemento nocivo rilevato)

Modulo: 0
(Nessun elemento nocivo rilevato)

Chiave di registro: 0
(Nessun elemento nocivo rilevato)

Valore di registro: 0
(Nessun elemento nocivo rilevato)

Dati di registro: 0
(Nessun elemento nocivo rilevato)

Flusso di dati: 0
(Nessun elemento nocivo rilevato)

Cartella: 0
(Nessun elemento nocivo rilevato)

File: 0
(Nessun elemento nocivo rilevato)

Settore fisico: 0
(Nessun elemento nocivo rilevato)

WMI: 0
(Nessun elemento nocivo rilevato)

(end)

VIANELLO_85 · 20 Dicembre 2020

Mi raccomando usate programmi originali, se modificati potrebbero contenere qualche sgradita sorpresa.

L'ultimo tuo log è ok, così come il successivo controllo

Direi che sei ok.

scarfacecik84 · 20 Dicembre 2020

VIANELLO_85 ha scritto:
Mi raccomando usate programmi originali, se modificati potrebbero contenere qualche sgradita sorpresa.

L'ultimo tuo log è ok, così come il successivo controllo

Direi che sei ok.

Ho anche scansionato il secondo hdd interno e quello esterni anche li tutto ok
Sarebbe opportuna una formattazione e un reset del router visto che si parlava di DNS hajking (che nn so cosa sia nello specifico) per ora ho solo cambiato la chiave

Mentre per controllare il cellulare quale programma/app mi consigliate di usare pee vedere se malauguratamente ci sia qualcosa?

Grazie per l'aiuto

VIANELLO_85 · 20 Dicembre 2020

Non credo che un cell venga intaccato, da un programma nato per pc, comunque sia anche lì sempre bene avere un antivirus.

Per controllare i dns del router, accedi al tuo router, e verifichi.

scarfacecik84 · 20 Dicembre 2020

VIANELLO_85 ha scritto:
Non credo che un cell venga intaccato, da un programma nato per pc, comunque sia anche lì sempre bene avere un antivirus.

Per controllare i dns del router, accedi al tuo router, e verifichi.

Alla fine il problema non era quel programma ma alcuni 01 del primo log (nella pagina precedente)
Che ho eliminato come consigliato
Erano questi:

Start Page] = http://google.it/
O1 - Hosts: 109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repack.com # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files

scarfacecik84 · 23 Dicembre 2020

Formattato dispositivo e resettato router
Nuova situazione…

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26

Platform: x64 Windows 10 (Pro), 10.0.19041.685 (ReleaseId: 2004), Service Pack: 0
Time: 23.12.2020 - 17:34 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: Lorenzo (group: Administrator) on DESKTOP-56U03H3, FirstRun: no

Chrome: 87.0.4280.88
Edge: 11.0.19041.546
Internet Explorer: 11.0.19041.1
Default: "C:\WINDOWS\system32\LaunchWinApp.exe" "%1" (Microsoft Edge)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
7 C:\Program Files\Google\Chrome\Application\chrome.exe
1 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
1 C:\Program Files\Windows Defender\MsMpEng.exe
1 C:\Program Files\Windows Defender\NisSrv.exe
1 C:\Program Files\WindowsApps\microsoft.windows.photos_2020.20110.11001.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
1 C:\Users\Lorenzo\AppData\Local\Microsoft\OneDrive\OneDrive.exe
1 C:\Users\Lorenzo\Desktop\HiJackThis\HiJackThis.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\CloudExperienceHostBroker.exe
1 C:\Windows\System32\DriverStore\FileRepository\c0359518.inf_amd64_20c585088e1e4b33\B359297\atieclxx.exe
1 C:\Windows\System32\DriverStore\FileRepository\c0359518.inf_amd64_20c585088e1e4b33\B359297\atiesrxx.exe
4 C:\Windows\System32\MicrosoftEdgeCP.exe
1 C:\Windows\System32\MicrosoftEdgeSH.exe
6 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\System32\amdfendrsr.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\browser_broker.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
3 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
83 C:\Windows\System32\svchost.exe
3 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\vds.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\explorer.exe

O4 - HKCU\..\RunOnce: [Delete Cached Standalone Update Binary] = C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Lorenzo\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
O4 - HKCU\..\RunOnce: [Delete Cached Update Binary] = C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Lorenzo\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\Lorenzo\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2020/12/23)
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O17 - DHCP DNS 1: 192.168.1.1
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (Microsoft)
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: \Microsoft\Windows\RetailDemo\CleanupOfflineContent - {61f77d5e-afe9-400b-a5e6-e9e80fc8e601} - C:\Windows\System32\RDXTaskFactory.dll (Microsoft)
O23 - Service R2: AMD Crash Defender Service - C:\WINDOWS\system32\amdfendrsr.exe
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\System32\DriverStore\FileRepository\c0359518.inf_amd64_20c585088e1e4b33\B359297\atiesrxx.exe
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\87.0.4280.88\elevation_service.exe
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc

--
End of file - Time spent: 5,8 sec. - 11722 bytes, CRC32: FFFFFFFF. Sign: 䀂纸

VIANELLO_85 · 23 Dicembre 2020

Direi che il log è ok

Shark81 · 4 Febbraio 2021

Buon pomeriggio a tutti. E' da ieri che ho problemi di lentezza navigazione con Firefox mentre fila tutto liscio con Chrome ed Edge. Ho cancellato cookie, cache e tutta la cronologia ma non ho risolto. Nel log c'è magari qualcosa di strano? Grazie

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform: x64 Windows 10 (Home), 10.0.19042.746 (ReleaseId: 2009), Service Pack: 0
Time: 04.02.2021 - 14:24 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: Crotone1 (group: Administrator) on CROTONE1-PC, FirstRun: yes

Chrome: 88.0.4324.104
Firefox: 85.0.0.7688
Edge: 11.0.19041.546
Internet Explorer: 11.0.19041.1
Default: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\AK910SwitchService\svc\AK910SwitchService.exe
1 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
1 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
2 C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe
1 C:\Program Files (x86)\Athena\IDProtect Client\Utils\IDProtect Monitor.exe
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
1 C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
1 C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNMON.EXE
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
1 C:\Program Files (x86)\Nero\Update\NASvc.exe
1 C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
1 C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
1 C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe
1 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
6 C:\Program Files\AVAST Software\Avast\AvastUI.exe
1 C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
1 C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
1 C:\Program Files\AVAST Software\Avast\aswidsagent.exe
1 C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
1 C:\Program Files\CCleaner\CCleaner64.exe
1 C:\Program Files\Intel\iCLS Client\HeciServer.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
1 C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
1 C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
1 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
1 C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
1 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
1 C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
1 C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
1 C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
1 C:\Program Files\TOSHIBA\Teco\TecoResident.exe
1 C:\Program Files\TOSHIBA\Teco\TecoService.exe
1 C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20110.11001.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2012.21.0_x64__8wekyb3d8bbwe\Calculator.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21011.101.0_x64__8wekyb3d8bbwe\YourPhone.exe
1 C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20112.10111.0_x64__8wekyb3d8bbwe\Video.UI.exe
1 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20566.0_x64__8wekyb3d8bbwe\HxOutlook.exe
1 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20566.0_x64__8wekyb3d8bbwe\HxTsr.exe
1 C:\Users\Crotone1\AppData\Local\Facebook\Update\FacebookUpdate.exe
1 C:\Users\Crotone1\Desktop\HiJackThis.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\RtkBtManServ.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
2 C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_652655c5335c62da\DSDFunctionKeyCtlService.exe
1 C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_652655c5335c62da\RMService.exe
1 C:\Windows\System32\MoUsoCoreWorker.exe
9 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\SystemSettingsBroker.exe
1 C:\Windows\System32\TODDSrv.exe
1 C:\Windows\System32\atieclxx.exe
1 C:\Windows\System32\atiesrxx.exe
5 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\escsvc64.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\oobe\UserOOBEBroker.exe
1 C:\Windows\System32\rundll32.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spool\drivers\x64\3\E_IATIILE.EXE
1 C:\Windows\System32\spoolsv.exe
84 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wbem\unsecapp.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\explorer.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = http://toshiba13.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://www.google.it/
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\88.0.705.56\BHO\ie_to_edge_bho_64.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\88.0.705.56\BHO\ie_to_edge_bho.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_281\bin\jp2ssv.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_281\bin\ssv.dll
O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] = C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIILE.EXE /EPT "EPLTarget\P0000000000000001" /M "XP-205 207 Series"
O4 - HKCU\..\Run: [EPSDNMON] = C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE
O4 - HKCU\..\Run: [Facebook Update] = C:\Users\Crotone1\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
O4 - HKCU\..\StartupApproved\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (2020/11/14)
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O4 - HKLM\..\Run: [AvastUI.exe] = C:\Program Files\AVAST Software\Avast\AvLaunch.exe /gui
O4 - HKLM\..\Run: [RtHDVCpl] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
O4 - HKLM\..\Run: [SRS Premium Sound HD] = C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe /f="C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_HD.zip" /h
O4 - HKLM\..\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe
O4 - HKLM\..\Run: [TCrdMain] = C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
O4 - HKLM\..\Run: [TODDMain] = C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe
O4 - HKLM\..\Run: [TecoResident] = C:\Program Files\TOSHIBA\Teco\TecoResident.exe
O4 - HKLM\..\Run: [TosWaitSrv] = C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe
O4 - HKLM\..\Run: [bit4id csp store register (M x64)] = C:\WINDOWS\system32\bit4upki-store.dll "C:\WINDOWS\system32\bit4upki-store.dll",RunImportServer
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Image Transfer Utility.lnk -> C:\Program Files (x86)\Canon\ImageTransferUtility\ImageTransferUtility.exe (2015/08/26)
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4-32 - HKLM\..\Run: [IDProtect Monitor] = C:\Program Files (x86)\Athena\IDProtect Client\Utils\IDProtect Monitor.exe
O4-32 - HKLM\..\Run: [Intel AppUp(SM) center] = C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4-32 - HKLM\..\Run: [StartCCC] = C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4-32 - HKLM\..\Run: [TPUReg] = C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe /Retimes
O4-32 - HKLM\..\Run: [bit4id csp store register (M)] = C:\WINDOWS\SysWOW64\RUNDLL32.EXE "C:\WINDOWS\system32\bit4upki-store.dll",RunImportServer
O17 - DHCP DNS 1: 192.168.43.1
O18 - HKLM\Software\Classes\Protocols\Handler\skype4com: [CLSID] = {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVAST Software\Avast\ashShell.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00avast: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVAST Software\Avast\ashShell.dll
O22 - Task (.job): (Not scheduled) EPSON XP-225 Series Update {CD2A4DA0-9593-4396-B625-CD02778F6DD7}.job - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNFE.EXE /EXE:"{CD2A4DA0-9593-4396-B625-CD02778F6DD7}" /F:"Update"
O22 - Task (.job): (Not scheduled) FacebookUpdateTaskUserS-1-5-21-3212974350-4222326917-2881284299-1001Core.job - C:\Users\Crotone1\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
O22 - Task (.job): (Not scheduled) FacebookUpdateTaskUserS-1-5-21-3212974350-4222326917-2881284299-1001UA.job - C:\Users\Crotone1\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
O22 - Task (.job): (Not scheduled) G2MUpdateTask-S-1-5-21-3212974350-4222326917-2881284299-1001.job - C:\Users\Crotone1\AppData\Local\GoToMeeting\19228\g2mupdate.exe
O22 - Task (.job): (Not scheduled) G2MUploadTask-S-1-5-21-3212974350-4222326917-2881284299-1001.job - C:\Users\Crotone1\AppData\Local\GoToMeeting\19228\g2mupload.exe
O23 - Service R2: "Realtek Bluetooth Device Manager Service" ;RtkServ HPWU - (RtkBtManServ) - C:\WINDOWS\RtkBtManServ.exe
O23 - Service R2: AK910SwitchService - C:\Program Files (x86)\AK910SwitchService\svc\AK910SwitchService.exe
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\system32\atiesrxx.exe
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Avast Antivirus - (avast! Antivirus) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe /runassvc
O23 - Service R2: Avast Tools - (avast! Tools) - C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe /runassvc
O23 - Service R2: AvastWscReporter - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe /runassvc /rpcserver
O23 - Service R2: Epson Scanner Service - (EpsonScanSvc) - C:\WINDOWS\system32\EscSvc64.exe
O23 - Service R2: GFNEX Service - (GFNEXSrv) - C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
O23 - Service R2: Intel(R) Capability Licensing Service Interface - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service R2: Intel(R) ME Service - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service R2: Intel(R) Management and Security Application User Notification Service - (UNS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service R2: Machine Debug Manager - (MDM) - C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
O23 - Service R2: Nero Update - (NAUpdate) - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service R2: Realtek Audio Service - (RtkAudioService) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service R2: SynTPEnh Caller Service - (SynTPEnhService) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service R2: TOSHIBA Optical Disc Drive Service - (TODDSrv) - C:\Windows\system32\TODDSrv.exe
O23 - Service R2: TOSHIBA eco Utility Service - C:\Program Files\TOSHIBA\Teco\TecoService.exe
O23 - Service R2: TSDWirelessLEDCtlService - C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_652655c5335c62da\RMService.exe
O23 - Service R2: TeamViewer - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service R2: Wondershare Application Framework Service - (WsAppService) - C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe
O23 - Service R2: dynabook Function Key control service - (DSDFunctionKeyCtlService) - C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_652655c5335c62da\DSDFunctionKeyCtlService.exe
O23 - Service R3: TPCH Service - (TPCHSrv) - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service R3: aswbIDSAgent - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service S2: Servizio Aggiornamento Microsoft Edge (edgeupdate) - (edgeupdate) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /svc
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: TSDSettingService - C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_652655c5335c62da\dynabookSystemService.exe
O23 - Service S2: TSDTabletControlService - C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_652655c5335c62da\TOSTABSYSSVC.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.104\elevation_service.exe
O23 - Service S3: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service S3: Microsoft Edge Elevation Service - (MicrosoftEdgeElevationService) - C:\Program Files (x86)\Microsoft\Edge\Application\88.0.705.56\elevation_service.exe
O23 - Service S3: Microsoft Office Diagnostics Service - (odserv) - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Servizio Aggiornamento Microsoft Edge (edgeupdatem) - (edgeupdatem) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /medsvc
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: TEMPRO Service - (TemproMonitoringService) - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service S3: TMachInfo - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

--
End of file - Time spent: 49,1 sec. - 32280 bytes, CRC32: FFFFFFFF. Sign: 貟㺬

VIANELLO_85 · 4 Febbraio 2021

Di primo acchito non mi sembra vedere niente di particolare.

cslash89 · 9 Febbraio 2021

Buongiorno, potete controllarmi il log per favore?

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\AK910SwitchService\svc\AK910SwitchService.exe
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
1 C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
1 C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
1 C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
1 C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
1 C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
1 C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
1 C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
1 C:\Program Files\AMD\CNext\CNext\amdow.exe
1 C:\Program Files\Bonjour\mDNSResponder.exe
1 C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
1 C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
1 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
1 C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
1 C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
1 C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
1 C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
1 C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
1 C:\Program Files\Intel\ConnectCenter\bin\CCFManager.exe
10 C:\Program Files\Mozilla Firefox\firefox.exe
2 C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
1 C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
1 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
1 C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2101.15643.0_x64__8wekyb3d8bbwe\Cortana.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServices.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2012.21.0_x64__8wekyb3d8bbwe\Calculator.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21011.127.0_x64__8wekyb3d8bbwe\YourPhone.exe
1 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20566.0_x64__8wekyb3d8bbwe\HxOutlook.exe
1 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20566.0_x64__8wekyb3d8bbwe\HxTsr.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
2 C:\ProgramData\amBCTJY.exe
1 C:\Users\Cosmo\Desktop\HiJackThis\HiJackThis.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
2 C:\Windows\SysWOW64\svchost.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\DbxSvc.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0359160.inf_amd64_2abe2598d9a3141f\B358802\atieclxx.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0359160.inf_amd64_2abe2598d9a3141f\B358802\atiesrxx.exe
1 C:\Windows\System32\MoUsoCoreWorker.exe
8 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
1 C:\Windows\System32\amdfendrsr.exe
1 C:\Windows\System32\audiodg.exe
4 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
3 C:\Windows\System32\dasHost.exe
2 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\oobe\UserOOBEBroker.exe
1 C:\Windows\System32\rundll32.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
85 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
1 C:\Windows\explorer.exe

O2 - HKLM\..\BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\88.0.705.63\BHO\ie_to_edge_bho_64.dll
O2-32 - HKLM\..\BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\88.0.705.63\BHO\ie_to_edge_bho.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_281\bin\jp2ssv.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_281\bin\ssv.dll
O4 - Global User Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
O4 - HKCU\..\StartupApproved\Run: [Opera Browser Assistant] = C:\Users\Cosmo\AppData\Local\Programs\Opera\assistant\browser_assistant.exe (2020/03/21)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\Cosmo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ecocerved SmartCardManager.lnk -> C:\Users\Cosmo\AppData\Local\Ecocerved.SmartCardManager\Ecocerved.SmartCardMaganer.exe (2018/04/26)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\Cosmo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Invia a OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE /tsr (2017/10/27)
O4 - HKLM\..\Run: [IntelConnectCenter] = C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe /tasktrayonly
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4 - HKLM\..\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe
O4 - HKLM\..\Run: [bit4id csp store register (M x64)] = C:\WINDOWS\system32\bit4upki-store.dll "C:\WINDOWS\system32\bit4upki-store.dll",RunImportServer
O4 - HKLM\..\StartupApproved\Run32: [DropboxOEM] = C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe auto (2019/09/28)
O4 - HKLM\..\StartupApproved\Run32: [Dropbox] = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup (2019/09/28)
O4 - HKLM\..\StartupApproved\Run32: [Wondershare Helper Compact.exe] = C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (2017/10/19)
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4-32 - HKLM\..\Run: [HP Software Update] = C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4-32 - HKLM\..\Run: [bit4id csp store register (M)] = C:\WINDOWS\SysWOW64\RUNDLL32.EXE "C:\WINDOWS\system32\bit4upki-store.dll",RunImportServer
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&sporta in Microsoft Excel: (default) = C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&xport to Microsoft Excel: (default) = C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Se&nd to OneNote: (default) = C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll (file missing)
O9 - Button: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: Viene lanciato HP Network Check, che aiuta a risolvere i problemi di connessione - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Button: HKLM\..\{A95fe080-8f5d-11d2-a20b-00aa003c157a}: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html (file missing)
O9 - Tools menu item: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: HP Network Check (Controllo rete HP) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Tools menu item: HKLM\..\{A95fe080-8f5d-11d2-a20b-00aa003c157a}: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html (file missing)
O9-32 - Button: HKLM\..\{22CC3EBD-C286-43aa-B8E6-06B115F74162}: HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9-32 - Button: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: Viene lanciato HP Network Check, che aiuta a risolvere i problemi di connessione - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9-32 - Tools menu item: HKLM\..\{22CC3EBD-C286-43aa-B8E6-06B115F74162}: HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9-32 - Tools menu item: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: HP Network Check (Controllo rete HP) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O16-32 - DPF: HKLM\..\{8AD9C840-044E-11D1-B3E9-00805F499D93}\DownloadInformation: Java Plug-in 11.281.2 [CODEBASE] = http://java.sun.com/update/1.8.0/jinstall-1_8_0_221-windows-i586.cab
O16-32 - DPF: HKLM\..\{CAFEEFAC-0018-0000-00221-ABCDEFFEDCBA}\DownloadInformation: (no name) [CODEBASE] = http://java.sun.com/update/1.8.0/jinstall-1_8_0_221-windows-i586.cab
O16-32 - DPF: HKLM\..\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\DownloadInformation: Java Plug-in 11.281.2 [CODEBASE] = http://java.sun.com/update/1.8.0/jinstall-1_8_0_221-windows-i586.cab
O17 - DHCP DNS 1: 8.8.8.8 (Well-known DNS: Google)
O17 - DHCP DNS 2: 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{e404c534-e4a2-4b2e-9c8d-2178e30b7715}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{e404c534-e4a2-4b2e-9c8d-2178e30b7715}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.46.0.dll
O22 - Task (.job): (disabled) (Ready) DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
O22 - Task (.job): (disabled) (Ready) DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
O23 - Service R2: HP SimplePass Service - (omniserv) - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service R2: Servizio Bonjour - (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service R2: AK910SwitchService - C:\Program Files (x86)\AK910SwitchService\svc\AK910SwitchService.exe
O23 - Service R2: AMD Crash Defender Service - C:\WINDOWS\system32\amdfendrsr.exe
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\System32\DriverStore\FileRepository\u0359160.inf_amd64_2abe2598d9a3141f\B358802\atiesrxx.exe
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Cyberlink RichVideo64 Service(CRVS) - (RichVideo64) - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service R2: DbxSvc - C:\WINDOWS\system32\DbxSvc.exe
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServices.exe
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
O23 - Service R2: HP Support Solutions Framework Service - (HPSupportSolutionsFrameworkService) - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service R2: MySQL80 - C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe --defaults-file="C:\ProgramData\MySQL\MySQL Server 8.0\my.ini" MySQL80
O23 - Service R2: Realtek Audio Service - (RtkAudioService) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service R2: SAMSUNG Mobile Connectivity Service - (ss_conn_service) - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service R2: Servizio A portata di clic di Microsoft Office - (ClickToRunSvc) - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe /service
O23 - Service R3: HP Software Framework Service - (hpqwmiex) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service S2: HP Touchpoint Analytics - (HPTouchpointAnalyticsService) - C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
O23 - Service S2: Intel(R) Common Connectivity Framework - (STCServ) - C:\Program Files\Intel\STCServ\STCServ.exe
O23 - Service S2: Servizio Aggiornamento Dropbox (dbupdate) - (dbupdate) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /svc
O23 - Service S2: Servizio Aggiornamento Microsoft Edge (edgeupdate) - (edgeupdate) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /svc
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.146\elevation_service.exe
O23 - Service S3: Microsoft Edge Elevation Service - (MicrosoftEdgeElevationService) - C:\Program Files (x86)\Microsoft\Edge\Application\88.0.705.63\elevation_service.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Servizio Aggiornamento Dropbox (dbupdatem) - (dbupdatem) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /medsvc
O23 - Service S3: Servizio Aggiornamento Microsoft Edge (edgeupdatem) - (edgeupdatem) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /medsvc
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc

Specialmente DbxSvc - C:\WINDOWS\system32\DbxSvc.exe di cosa si tratta?

VIANELLO_85 · 9 Febbraio 2021

Mi pare ok

Che problemi hai?

cslash89 · 9 Febbraio 2021

VIANELLO_85 ha scritto:
Mi pare ok

Che problemi hai?

Nulla di particolare, ogni tanto faccio il log per vedere se è tutto ok, e mi è saltato all'occhio quella riga lì, non avendo capito di cosa si trattava ho chiesto qui. Grazie per il controllo

ataru1976 · 9 Febbraio 2021

cslash89 ha scritto:
Nulla di particolare, ogni tanto faccio il log per vedere se è tutto ok, e mi è saltato all'occhio quella riga lì, non avendo capito di cosa si trattava ho chiesto qui. Grazie per il controllo

Quella riga dovrebbe essere di Dropbox

VIANELLO_85 · 9 Febbraio 2021

ataru1976 ha scritto:
Quella riga dovrebbe essere di Dropbox

Esatto

https://www.file.net/it/processo/dbxsvc.exe.html

cslash89 · 9 Febbraio 2021

VIANELLO_85 ha scritto:
Esatto

https://www.file.net/it/processo/dbxsvc.exe.html

Grazie a entrambi

alfry · 9 Febbraio 2021

Questo e' il mio primo logfile col notebook hp:

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26

Platform: x64 Windows 10 (Home), 10.0.19042.789 (ReleaseId: 2009), Service Pack: 0
Time: 09.02.2021 - 14:55 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: 39320 (group: Administrator) on LAPTOP-QFISVHAA, FirstRun: yes

Chrome: 88.0.4324.150
Firefox: 85.0.1.7705
Edge: 11.0.19041.546
Internet Explorer: 11.0.19041.1
Default: "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
1 C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
1 C:\Program Files\Avast Software\Avast\AvastSvc.exe
4 C:\Program Files\Avast Software\Avast\AvastUI.exe
1 C:\Program Files\Avast Software\Avast\aswEngSrv.exe
1 C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
1 C:\Program Files\Avast Software\Avast\aswidsagent.exe
1 C:\Program Files\Avast Software\Avast\wsc_proxy.exe
1 C:\Program Files\CCleaner\CCleaner64.exe
1 C:\Program Files\HPCommRecovery\HPCommRecovery.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
7 C:\Program Files\Mozilla Firefox\firefox.exe
1 C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.9.1548.0_x64__v10z8vjag6ke6\HP.JumpStarts.exe
1 C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.1.21.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
1 C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt\IGCC.exe
1 C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20110.11001.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21011.127.0_x64__8wekyb3d8bbwe\YourPhone.exe
1 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20566.0_x64__8wekyb3d8bbwe\HxOutlook.exe
1 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20566.0_x64__8wekyb3d8bbwe\HxTsr.exe
1 C:\Users\39320\AppData\Local\Microsoft\OneDrive\21.002.0104.0005\FileCoAuth.exe
1 C:\Users\39320\AppData\Local\Microsoft\OneDrive\OneDrive.exe
1 C:\Users\39320\OneDrive\Desktop\HiJackThis.exe
1 C:\Users\39320\OneDrive\Desktop\adwcleaner_8.0.9.1.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\RtkBtManServ.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\CompPkgSrv.exe
1 C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIServiceN.exe
1 C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxEMN.exe
1 C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_31a8dbbf39dcdc3b\jhi_service.exe
1 C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_21306a77b30fd6e0\esif_uf.exe
1 C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f98b15466093b28e\x64\TouchpointAnalyticsClientService.exe
1 C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5544a2e7dfd0f875\x64\AppHelperCap.exe
2 C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5544a2e7dfd0f875\x64\BridgeCommunication.exe
1 C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5544a2e7dfd0f875\x64\NetworkCap.exe
1 C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5544a2e7dfd0f875\x64\SysInfoCap.exe
1 C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_86dc7f4c001ddecd\RstMwService.exe
1 C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinService.exe
1 C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0067181d6d0f8476\IntelCpHDCPSvc.exe
1 C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_3ef70b9d5cc0699f\LMS.exe
1 C:\Windows\System32\ELAN_MOC_IAP_Service.exe
1 C:\Windows\System32\ETDCtrl.exe
1 C:\Windows\System32\ETDService.exe
1 C:\Windows\System32\MoUsoCoreWorker.exe
2 C:\Windows\System32\RtkAudUService64.exe
11 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SECOMN64.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SgrmBroker.exe
2 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\oobe\UserOOBEBroker.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
76 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wbem\unsecapp.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\explorer.exe

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2F5FD518-9785-4896-A9CC-2772097586B4}: [SuggestionsURL] = http://asp.assoc-amazon.co.uk/suggestions?q={searchTerms}&t=hp-uk1-vsb-21 - Amazon (UK) Search Suggestions
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2F5FD518-9785-4896-A9CC-2772097586B4}: [SuggestionsURL_JSON] = http://completion.amazon.co.uk/search/complete?method=completion&q={searchTerms}&search-alias=aps&client=amzn-search-suggestions/9fe582406fb5106f343a84083d78795713c12d68&mkt=3 - Amazon (UK) Search Suggestions
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2F5FD518-9785-4896-A9CC-2772097586B4}: = http://www.amazon.co.uk/s/ref=az...sec. - 43110 bytes, CRC32: FFFFFFFF. Sign: ᐋ턍

VIANELLO_85 · 9 Febbraio 2021

@ alfry

Di primo acchito nessun problema.

Hai rilevato problemi o solo controllo?

alfry · 9 Febbraio 2021

VIANELLO_85 ha scritto:
@ alfry

Di primo acchito nessun problema.

Hai rilevato problemi o solo controllo?

In parte solo controllo e im parte perche se vai nel 3d di Windows 10 agli ultimi messaggi spiego cosa sto riscontrando da qualche mese a questa parte quando accendo per la prima volta il nptebook quasi ogni giorno. Grazie

piripacchia · 13 Febbraio 2021

Ciao! Purtroppo mi ritrovo di nuovo a dovervi far leggere il log di hijackthis...
Questa volta mi sono collegata a una rete pubblica e per sbaglio l’ho impostata come domestica...da quel momento in poi il computer si è impallato tanto che ho dovuto resettarlo e dopo il reset il computer è diventato ancora più lento (più di prima!). Inoltre ho notato che del giorno alla notte sono stati occupati ben 5GB del disco rigido. Questo è il log:
Malware? Hijackthis log

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform: x64 Windows 7 (Home Premium),
6.1.7601.24544, Service Pack: 1

Time: 13.02.2021 - 10:52 (UTC+01:00)

Language: OS: Italian (0x410). Display: Italian (0x410).
Non-Unicode: Italian (0x410)

Elevated: Yes

Ran by: --- (group: Administrator) on Ad, FirstRun: no

Chrome: 88.0.4324.146

Firefox: 85.0.1.7705

Internet Explorer: 11.0.9600.19596

Default: "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)

Boot mode: Normal

Running processes:

Number | Path

1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

1 C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

1 C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe

1 C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe

1 C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe

1 C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

1 C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

1 C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe

1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe

1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

1 C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

1 C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

1 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

1 C:\Program Files (x86)\SafeExamBrowser\SebWindowsServiceWCF\SebWindowsServiceWCF.exe

1 C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe

1 C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe

1 C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe

1 C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe

1 C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe

1 C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe

1 C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe

1 C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

1 C:\Program Files (x86)\WinRAR\WinRAR.exe

1 C:\Program Files\AVAST Software\Avast\AvastSvc.exe

3 C:\Program Files\AVAST Software\Avast\AvastUI.exe

1 C:\Program Files\AVAST Software\Avast\aswEngSrv.exe

1 C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe

1 C:\Program Files\AVAST Software\Avast\aswidsagent.exe

1 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

1 C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe

1 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

1 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

1 C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe

1 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

1 C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

1 C:\Program Files\Intel\WiFi\bin\EvtEng.exe

1 C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

1 C:\Program Files\Intel\iCLS Client\HeciServer.exe

1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

6 C:\Program Files\Mozilla Firefox\firefox.exe

1 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

1 C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe

1 C:\Program Files\Windows Media Player\wmpnetwk.exe

9 C:\Users\---\AppData\Local\Google\Chrome\Application\chrome.exe

1 C:\Users\---\Desktop\HiJackThis\HiJackThis.exe

1 C:\Windows\SysWOW64\irstrtsv.exe

1 C:\Windows\System32\SearchFilterHost.exe

1 C:\Windows\System32\SearchIndexer.exe

1 C:\Windows\System32\SearchProtocolHost.exe

1 C:\Windows\System32\audiodg.exe

1 C:\Windows\System32\conhost.exe

2 C:\Windows\System32\csrss.exe

1 C:\Windows\System32\dllhost.exe

1 C:\Windows\System32\dwm.exe

1 C:\Windows\System32\escsvc64.exe

1 C:\Windows\System32\hkcmd.exe

1 C:\Windows\System32\igfxext.exe

1 C:\Windows\System32\igfxpers.exe

1 C:\Windows\System32\igfxsrvc.exe

1 C:\Windows\System32\lsass.exe

1 C:\Windows\System32\lsm.exe

1 C:\Windows\System32\notepad.exe

1 C:\Windows\System32\rundll32.exe

1 C:\Windows\System32\services.exe

1 C:\Windows\System32\smss.exe

1 C:\Windows\System32\spoolsv.exe

14 C:\Windows\System32\svchost.exe

3 C:\Windows\System32\taskeng.exe

1 C:\Windows\System32\taskhost.exe

1 C:\Windows\System32\taskmgr.exe

2 C:\Windows\System32\wbem\WmiPrvSE.exe

1 C:\Windows\System32\wbem\unsecapp.exe

1 C:\Windows\System32\wininit.exe

1 C:\Windows\System32\winlogon.exe

1 C:\Windows\System32\wlanext.exe

1 C:\Windows\explorer.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = http://samsung.msn.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://samsung.msn.com/

O2 - HKLM\..\BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2-32 - HKLM\..\BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll

O2-32 - HKLM\..\BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - (no file)

O2-32 - HKLM\..\BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O3 - HKLM\..\Toolbar: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - (no file)

O3-32 - HKLM\..\Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll

O4 - HKCU\..\Run: [Google Update] = C:\Users\---\AppData\Local\Google\Update\1.3.36.72\GoogleUpdateCore.exe

O4 - HKCU\..\Run: [ISUSPM] = C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler (file missing)

O4 - HKLM\..\Run: [AvastUI.exe] = C:\Program Files\AVAST Software\Avast\AvLaunch.exe /gui

O4 - HKLM\..\Run: [BLEServicesCtrl] = C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe

O4 - HKLM\..\Run: [BTMTrayAgent] = C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp

O4 - HKLM\..\Run: [ETDCtrl] = C:\Program Files\Elantech\ETDCtrl.exe

O4 - HKLM\..\Run: [HotKeysCmds] = C:\windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [IgfxTray] = C:\windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [Persistence] = C:\windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [RtHDVCpl] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

O4 - HKLM\..\Session Manager: [BootExecute] = (no file)

O4 - HKU\S-1-5-19\..\Run: [Sidebar] = C:\Program Files\Windows Sidebar\Sidebar.exe /autoRun (file missing)

O4 - HKU\S-1-5-20\..\Run: [Sidebar] = C:\Program Files\Windows Sidebar\Sidebar.exe /autoRun (file missing)

O4 - MSConfig\startupfolder: C:^Users^---^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk [backup] => C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (2019/09/02) (file missing)

O4 - MSConfig\startupreg: PDFPrint [command] = C:\Program Files (x86)\PDF24\pdf24.exe (HKLM) (2019/09/02)

O4-32 - HKLM\..\Run: [USB3MON] = C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&sporta in Microsoft Excel: (default) = C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (file missing)

O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\I&nvia a OneNote: (default) = C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (file missing)

O9-32 - Button: HKLM\..\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Inserisci blog - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9-32 - Tools menu item: HKLM\..\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Pubblica su un &blog in Windows Live Writer - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O17 - DHCP DNS 1: 172.20.10.1

O18 - HKLM\Software\Classes\Protocols\Handler\wlpg: [CLSID] = {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVAST Software\Avast\ashShell.dll

O21 - HKLM\..\ShellIconOverlayIdentifiers\00avast: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVAST Software\Avast\ashShell.dll

O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service R2: Avast Antivirus - (avast! Antivirus) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe /runassvc

O23 - Service R2: Avast Tools - (avast! Tools) - C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe /runassvc

O23 - Service R2: Bluetooth Device Monitor - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

O23 - Service R2: Bluetooth OBEX Service - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

O23 - Service R2: Diagnostics Tracking Service - (DiagTrack) - C:\windows\System32\svchost.exe -k utcsvc; "ServiceDll" = C:\windows\system32\diagtrack.dll

O23 - Service R2: Epson Scanner Service - (EpsonScanSvc) - C:\windows\system32\EscSvc64.exe

O23 - Service R2: ExpressCache - C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe

O23 - Service R2: HuaweiHiSuiteService64.exe - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe -/service

O23 - Service R2: Intel(R) Capability Licensing Service Interface - C:\Program Files\Intel\iCLS Client\HeciServer.exe

O23 - Service R2: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service - (BTHSSecurityMgr) - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

O23 - Service R2: Intel(R) ME Service - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe

O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

O23 - Service R2: Intel(R) Management and Security Application User Notification Service - (UNS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

O23 - Service R2: Intel(R) PROSet/Wireless Event Log - (EvtEng) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service R2: Intel(R) PROSet/Wireless Registry Service - (RegSrvc) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

O23 - Service R2: Intel(R) PROSet/Wireless Zero Configuration Service - (ZeroConfigService) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

O23 - Service R2: Intel(R) Rapid Start Technology Service - (irstrtsv) - C:\windows\SysWOW64\irstrtsv.exe

O23 - Service R2: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service - (AMPPALR3) - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

O23 - Service R2: SEB Windows Service - (SebWindowsServiceWCF) - C:\Program Files (x86)\SafeExamBrowser\SebWindowsServiceWCF\SebWindowsServiceWCF.exe

O23 - Service R2: SamsungDeviceConfiguration - (SamsungDeviceConfigurationWinService) - C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe

O23 - Service R2: SeaPort - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

O23 - Service R2: Servizio A portata di clic di Microsoft Office - (ClickToRunSvc) - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe /service

O23 - Service R2: TeamViewer - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

O23 - Service R3: Bluetooth Media Service - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

O23 - Service R3: aswbIDSAgent - C:\Program Files\AVAST Software\Avast\aswidsagent.exe

O23 - Service S2: Servizio Aggiornamento Microsoft Edge (edgeupdate) - (edgeupdate) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /svc

O23 - Service S3: Bing Bar Update Service - (BBSvc) - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE

O23 - Service S3: GameConsoleService - C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe

O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\windows\SysWow64\IntelCpHeciSvc.exe

O23 - Service S3: Microsoft Edge Elevation Service (MicrosoftEdgeElevationService) - (MicrosoftEdgeElevationService) - C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.50\elevation_service.exe

O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service S3: Office 64 Source Engine - (ose64) - c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

O23 - Service S3: Servizio Aggiornamento Microsoft Edge (edgeupdatem) - (edgeupdatem) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /medsvc

O23 - Service S3: Wireless PAN DHCP Server - (MyWiFiDHCPDNS) - C:\Program Files\Intel\WiFi\bin\PanDhcpDnsj.exe

--
End of file - Time spent: 86,6 sec. - 27634 bytes, CRC32: FFFFFFFF. Sign: 곯㳹

Dato che dopo l’accaduto non mi sono più voluta connettere alla rete pubblica ho usato l’hotspot del mio telefono è ho notato che tra gli indirizzi Mac ce n’era uno che non corrisponde a nessuno dei miei dispositivi che ha consumato 74,7 KB. Inoltre quando ho visto il traffico dati sull’app del mio gestore mobile ho visto che risultava il consumo di circa 63 KB alle cinque del mattino e io a quell’ora ho il telefono spento...possono essere connesse tutte queste cose?

VIANELLO_85 · 13 Febbraio 2021

Vedo lo 017 ti ha impostato un dns particolare

O17 - DHCP DNS 1: 172.20.10.1

Riconosci questo ip?

Importante Richiesta controllo Logfile of HijackThis (Versione 2.10.0.31) del 06/05/2023

scarfacecik84

Digital-Forum Senior

VIANELLO_85

scarfacecik84

Digital-Forum Senior

VIANELLO_85

scarfacecik84

Digital-Forum Senior

scarfacecik84

Digital-Forum Senior

VIANELLO_85

Shark81

Digital-Forum Gold Master

VIANELLO_85

cslash89

Digital-Forum Senior Master

VIANELLO_85

cslash89

Digital-Forum Senior Master

ataru1976

Digital-Forum Master

VIANELLO_85

cslash89

Digital-Forum Senior Master

alfry

Digital-Forum Gold Master

VIANELLO_85

alfry

Digital-Forum Gold Master

piripacchia

Digital-Forum New User

VIANELLO_85