log di hjackthis...

Se Windows genera un errore, hai un problema di virus o vuoi discutere/segnalare l'uscita della nuova versione di un software per la piattaforma Microsoft, questa è la sezione giusta.
Regole del forum
Rispondi
Avatar utente
p060477
Livello: DVD-ROM (5/15)
Livello: DVD-ROM (5/15)
Messaggi: 199
Iscritto il: dom giu 26, 2022 11:33 pm

log di hjackthis...

Messaggio da p060477 »

Salve
mi potreste dare una occhiata al mio log..?
grazie!
Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.13

Platform: x64 Windows 10 (Home), 10.0.19045.4123 (ReleaseId: 2009, 22H2), Service Pack: 0
Time: 10.03.2024 - 22:33 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: Luca (group: Administrators) on PC, FirstRun: yes

Chrome: 115.0.5790.171
Firefox: 123.0.1.8829
Internet Explorer: 11.0.19041.3636
Default: "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.3.3\ABService.exe
1 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
1 C:\Program Files (x86)\Softland\FBackup 9\bService.exe
1 C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
1 C:\Program Files\Proton\VPN\v3.2.10\ProtonVPN.exe
1 C:\Program Files\Proton\VPN\v3.2.10\ProtonVPNService.exe
1 C:\Program Files\WindowsApps\AD2F1837.HPDisplayCenter_1.0.68.0_x64__v10z8vjag6ke6\HPDisplayCenter.exe
2 C:\Windows\explorer.exe
1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
1 C:\Windows\System32\AggregatorHost.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\conhost.exe
1 C:\Windows\System32\CredentialEnrollmentManager.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
2 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\igfxCUIService.exe
1 C:\Windows\System32\igfxHK.exe
1 C:\Windows\System32\igfxTray.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\MoUsoCoreWorker.exe
1 C:\Windows\System32\oobe\UserOOBEBroker.exe
3 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\snmptrap.exe
1 C:\Windows\System32\spoolsv.exe
76 C:\Windows\System32\svchost.exe
2 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\Taskmgr.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
1 D:\DESKTOP\ANTIVIRUS\HiJackThis.exe
26 D:\DESKTOP\BROWSERS\FIREFOX\FirefoxPortable\App\Firefox64\firefox.exe
1 D:\DESKTOP\BROWSERS\FIREFOX\FirefoxPortable\FirefoxPortable.exe
10 D:\DESKTOP\BROWSERS\TOR\Tor Browser\Browser\firefox.exe
1 D:\DESKTOP\BROWSERS\TOR\Tor Browser\Browser\TorBrowser\Tor\tor.exe
1 D:\DESKTOP\BROWSERS\Windscribe\WindscribeService.exe
1 N:\DESKTOP\PC\Dns\dnscrypt-proxy\dnscrypt-proxy.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://libero.it/
O4 - HKCU\..\Run: [Windscribe] = D:\DESKTOP\BROWSERS\Windscribe\Windscribe.exe -os_restart
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hpqtra08.exe -> (PE EXE) (2023/03/10)
O4 - HKLM\..\StartupApproved\Run: [MouseDriver] = C:\WINDOWS\system32\TiltWheelMouse.exe (2020/06/19)
O4 - HKLM\..\StartupApproved\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s (2022/11/27)
O4 - HKLM\..\StartupApproved\Run: [SafeDiveCertMgm] = C:\WINDOWS\system32\rundll32.exe stCNSUtil.dll,DeleteCertStore (2022/02/21)
O4 - HKLM\..\StartupApproved\Run32: [IDProtect Monitor] = C:\Program Files (x86)\Athena\IDProtect Client\Utils\IDProtect Monitor.exe (2020/06/27)
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Local service')
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Network service')
O5 - Applet: C:\WINDOWS\System32\RTSnMg64.cpl (Sign: 'Realtek Semiconductor Corp')
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Scarica con IDM: (default) = N:\DESKTOP\VIDEO\CATTURA VIDEO\Internet Download Manager 6.4.1\App\IDM\IEExt.htm (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Scarica tutti i link con IDM: (default) = N:\DESKTOP\VIDEO\CATTURA VIDEO\Internet Download Manager 6.4.1\App\IDM\IEGetAll.htm (file missing)
O17 - DHCP DNS 1: 127.0.0.1
O17 - DHCP DNS 2: 9.9.9.9 (Well-known DNS: Quad9)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3b997113-d581-4c48-9a3c-6a5f7a071715}: [NameServer] = 127.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{3b997113-d581-4c48-9a3c-6a5f7a071715}: [NameServer] = 9.9.9.9 (Well-known DNS: Quad9)
O21 - HKLM\..\ShellIconOverlayIdentifiers\AutorunsDisabled: (no name) - - (no file)
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe
O22 - Task: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (Microsoft) (user missing)
O22 - Task: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (Microsoft) (user missing)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP (empty)
O22 - Task: (disabled) \Agent Activation Runtime\S-1-5-21-875700017-217750280-4135200879-1001 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe
O22 - Task: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (disabled) CIE Middleware Update - C:\WINDOWS\system32\rundll32.exe "C:\WINDOWS\system32\CIEPKI.dll",Update
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: \Microsoft\Windows\AppListBackup\BackupNonMaintenance - {E0DCC2CC-3354-45F2-8914-519E07809082} - C:\WINDOWS\system32\AppListBackupLauncher.dll (Microsoft)
O22 - Task: \Microsoft\Windows\AppxDeploymentClient\UCPD velocity - C:\WINDOWS\system32\UCPDMgr.exe (Microsoft)
O22 - Task: \Microsoft\Windows\CloudRestore\Backup - {722D0F89-B69C-4700-AE8C-4A44350E4876},$(Arg0) - C:\WINDOWS\System32\CloudRestoreLauncher.dll (Microsoft)
O22 - Task: \Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask - {82aa0895-198a-4c1b-b2d1-c16894218afb} - C:\WINDOWS\System32\unifiedconsent.dll (Microsoft)
O22 - Task: \Microsoft\Windows\PI\SecureBootEncodeUEFI - C:\WINDOWS\system32\SecureBootEncodeUEFI.exe (Microsoft)
O22 - Task: \Microsoft\Windows\SMB\UninstallSMB1ClientTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
O22 - Task: \Microsoft\Windows\SMB\UninstallSMB1ServerTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
O22 - Task: \Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache - {07369A67-07A6-4608-ABEA-379491CB7C46} - C:\Windows\System32\UpdatePolicy.dll (Microsoft)
O22 - Task: \Microsoft\Windows\WindowsUpdate\RUXIM\PLUGScheduler - C:\Program Files\RUXIM\PLUGscheduler.exe (Microsoft)
O22 - Task: \Mozilla\Firefox Background Update 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
O22 - Task: \Mozilla\Firefox Background Update S-1-5-21-875700017-217750280-4135200879-1001 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
O22 - Task: \Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
O22 - Task: \Softland\FBackup 9\fba_Desktop Backup - C:\Program Files (x86)\Softland\FBackup 9\bSchedStarter.EXE /HIDE /R "{35B1880B-8428-46F8-ADD4-B5FC1D5CC6E1}" -PRIORITY 2
O23 - Service R2: AOMEI Backupper Scheduler Service - (Backupper Service) - C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.3.3\ABService.exe
O23 - Service R2: Diskeeper - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service R2: DNSCrypt client proxy - (dnscrypt-proxy) - N:\DESKTOP\PC\Dns\dnscrypt-proxy\dnscrypt-proxy.exe -config dnscrypt-proxy.toml
O23 - Service R2: FBackup 9 Service - (FBackup9Srv) - C:\Program Files (x86)\Softland\FBackup 9\bService.exe -name:"FBackup9Srv" -disp:"FBackup 9 Service"
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\WINDOWS\system32\igfxCUIService.exe
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service R2: Net Driver HPZ12 - C:\WINDOWS\System32\svchost.exe -k HPZ12; "ServiceDll" = C:\Windows\System32\HPZinw12.dll
O23 - Service R2: Pml Driver HPZ12 - C:\WINDOWS\System32\svchost.exe -k HPZ12; "ServiceDll" = C:\Windows\System32\HPZipm12.dll
O23 - Service R2: Windscribe Service - (WindscribeService) - D:/DESKTOP/BROWSERS/Windscribe/WindscribeService.exe
O23 - Service R3: ProtonVPN Service - C:\Program Files\Proton\VPN\v3.2.10\ProtonVPNService.exe
O23 - Service S2: Servizio di rilevamento dispositivi HP CUE - (hpqddsvc) - C:\WINDOWS\system32\svchost.exe -k hpdevmgmt; "ServiceDll" = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (file missing)
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: ProtonVPN WireGuard - C:\Program Files\Proton\VPN\v3.2.10\ProtonVPN.WireGuardService.exe "C:\Program Files\Proton\VPN\v3.2.10\ServiceData\WireGuard\ProtonVPN.conf"
O23 - Service S3: VirtualBox system service - (VBoxSDS) - c:\myVirtualBox\VBoxSDS.exe
O23 - Service S3: Wondershare Application Framework Service - (WsAppService) - C:\Program Files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe
O23 - Service S3: Wondershare Install Assist Service - (Wondershare InstallAssist) - C:\ProgramData\Wondershare\Service\InstallAssistService.exe



Warning: New Root certificate is detected! Report to developer, please: Name: "Microsoft Identity Verification Root Certificate Authority 2020", Valid: "16/04/2020 19:36:16 - 16/04/2045 19:44:40"
Windows Registry Editor Version 5.00\n\n[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2]\n"Blob"=hex:5c,00,00,00,01,00,00,00,04,00,00,00,00,10,00,00,19,00,00,00,01,00,\\n 00,00,10,00,00,00,9f,68,75,81,f7,ef,74,4e,cf,c1,2b,9c,ee,62,38,f1,0f,00,00,\\n 00,01,00,00,00,30,00,00,00,41,ce,92,56,78,df,e0,cc,aa,80,89,26,3c,24,2b,89,\\n 7c,a5,82,08,9d,14,e5,eb,68,5f,ca,96,7f,36,db,d3,34,e9,7e,81,fd,0e,64,81,5f,\\n 85,1f,91,4a,de,1a,1e,03,00,00,00,01,00,00,00,14,00,00,00,f4,00,42,e2,e5,f7,\\n e8,ef,81,89,fe,d1,55,19,ae,ce,42,c3,bf,a2,14,00,00,00,01,00,00,00,14,00,00,\\n 00,c8,7e,d2,6a,85,2a,1b,ca,19,98,04,07,27,cf,50,10,4f,68,a8,a2,04,00,00,00,\\n 01,00,00,00,10,00,00,00,be,95,4f,16,01,21,22,44,8c,a8,bc,27,96,02,ac,f5,20,\\n 00,00,00,01,00,00,00,d0,05,00,00,30,82,05,cc,30,82,03,b4,a0,03,02,01,02,02,\\n 10,54,98,d2,d1,d4,5b,19,95,48,13,79,c8,11,c0,87,99,30,0d,06,09,2a,86,48,86,\\n f7,0d,01,01,0c,05,00,30,77,31,0b,30,09,06,03,55,04,06,13,02,55,53,31,1e,30,\\n 1c,06,03,55,04,0a,13,15,4d,69,63,72,6f,73,6f,66,74,20,43,6f,72,70,6f,72,61,\\n 74,69,6f,6e,31,48,30,46,06,03,55,04,03,13,3f,4d,69,63,72,6f,73,6f,66,74,20,\\n 49,64,65,6e,74,69,74,79,20,56,65,72,69,66,69,63,61,74,69,6f,6e,20,52,6f,6f,\\n 74,20,43,65,72,74,69,66,69,63,61,74,65,20,41,75,74,68,6f,72,69,74,79,20,32,\\n 30,32,30,30,1e,17,0d,32,30,30,34,31,36,31,38,33,36,31,36,5a,17,0d,34,35,30,\\n 34,31,36,31,38,34,34,34,30,5a,30,77,31,0b,30,09,06,03,55,04,06,13,02,55,53,\\n 31,1e,30,1c,06,03,55,04,0a,13,15,4d,69,63,72,6f,73,6f,66,74,20,43,6f,72,70,\\n 6f,72,61,74,69,6f,6e,31,48,30,46,06,03,55,04,03,13,3f,4d,69,63,72,6f,73,6f,\\n 66,74,20,49,64,65,6e,74,69,74,79,20,56,65,72,69,66,69,63,61,74,69,6f,6e,20,\\n 52,6f,6f,74,20,43,65,72,74,69,66,69,63,61,74,65,20,41,75,74,68,6f,72,69,74,\\n 79,20,32,30,32,30,30,82,02,22,30,0d,06,09,2a,86,48,86,f7,0d,01,01,01,05,00,\\n 03,82,02,0f,00,30,82,02,0a,02,82,02,01,00,b3,91,2a,07,83,06,67,fd,9e,9d,e0,\\n c7,c0,b7,a4,e6,42,04,7f,0f,a6,db,5f,fb,d5,5a,d7,45,a0,fb,77,0b,f0,80,f3,a6,\\n 6d,5a,4d,79,53,d8,a0,86,84,57,45,20,c7,a2,54,fb,c7,a2,bf,8a,c7,6e,35,f3,a2,\\n 15,c4,2f,4e,e3,4a,85,96,49,0d,ff,be,99,d8,14,f6,bc,27,07,ee,42,9b,2b,f5,0b,\\n 92,06,e4,fd,69,13,65,a8,91,72,f2,98,84,eb,83,3d,0e,e4,d7,71,12,48,21,cb,0d,\\n ed,f6,47,49,b7,9b,f9,c9,c7,17,b6,84,4f,ff,b8,ac,9a,d7,73,67,49,85,e3,86,bd,\\n 37,40,d0,25,86,d4,de,b5,c2,6d,62,6a,d5,a9,78,bc,2d,6f,49,f9,e5,6c,14,14,fd,\\n 14,c7,d3,65,16,37,de,cb,6e,bc,5e,29,8d,fd,62,9b,15,2c,d6,05,e6,b9,89,32,33,\\n a3,62,c7,d7,d6,52,67,08,c4,2e,f4,56,2b,9e,0b,87,cc,ec,a7,b4,a6,aa,eb,05,cd,\\n 19,57,a5,3a,0b,04,27,1c,91,67,9e,2d,62,2d,2f,1e,be,da,c0,20,cb,04,19,ca,33,\\n fb,89,be,98,e2,72,a0,72,35,be,79,e1,9c,83,6f,e4,6d,17,6f,90,f3,3d,00,86,75,\\n 38,8e,d0,e0,49,9a,bb,db,d3,f8,30,ca,d5,57,88,68,4d,72,d3,bf,6d,7f,71,d8,fd,\\n bd,0d,ae,92,64,48,b7,5b,6f,79,26,b5,cd,9b,95,21,84,d1,ef,0f,32,3d,7b,57,8c,\\n f3,45,07,4c,7c,e0,5e,18,0e,35,76,8b,6d,9e,cb,36,74,ab,05,f8,e0,73,5d,32,56,\\n 94,67,97,25,0a,c6,35,3d,94,97,e7,c1,44,8b,80,fd,c1,f8,f4,74,19,e5,30,f6,06,\\n fb,21,57,3e,06,1c,8b,6b,15,86,27,49,7b,82,93,ca,59,e8,75,47,e8,3f,38,f4,c7,\\n 53,79,a0,b6,b4,e2,5c,51,ef,bd,5f,38,c1,13,e6,78,0c,95,5a,2e,c5,40,59,28,cc,\\n 0f,24,c0,ec,ba,09,77,23,99,38,a6,b6,1c,da,c7,ba,20,b6,d7,37,d8,7f,37,af,08,\\n e3,3b,71,db,6e,73,1b,7d,99,72,b0,e4,86,33,59,74,b5,16,00,7b,50,6d,c6,86,13,\\n da,fd,c4,39,82,3d,24,00,9a,60,da,ba,94,c0,05,51,2c,34,ac,50,99,13,87,bb,b3,\\n 05,80,b2,4d,30,02,5c,b8,26,83,5d,b4,63,73,ef,ae,23,95,4f,60,28,be,37,d5,5b,\\n a5,02,03,01,00,01,a3,54,30,52,30,0e,06,03,55,1d,0f,01,01,ff,04,04,03,02,01,\\n 86,30,0f,06,03,55,1d,13,01,01,ff,04,05,30,03,01,01,ff,30,1d,06,03,55,1d,0e,\\n 04,16,04,14,c8,7e,d2,6a,85,2a,1b,ca,19,98,04,07,27,cf,50,10,4f,68,a8,a2,30,\\n 10,06,09,2b,06,01,04,01,82,37,15,01,04,03,02,01,00,30,0d,06,09,2a,86,48,86,\\n f7,0d,01,01,0c,05,00,03,82,02,01,00,af,6a,dd,e6,19,e7,2d,94,43,19,4e,cb,e9,\\n 50,95,64,a5,03,91,02,8b,e2,36,80,3b,15,a2,52,c2,16,19,b6,6a,5a,5d,74,43,30,\\n f4,9b,ff,60,74,09,b1,21,1e,90,16,6d,c5,24,8f,5c,66,88,63,f4,4f,cc,7d,f2,12,\\n 4c,40,10,8b,01,9f,da,a9,c8,ae,f2,95,1b,cf,9d,05,eb,49,3e,74,a0,68,5b,e5,56,\\n 2c,65,1c,82,7e,53,da,56,d9,46,17,79,92,45,c4,10,36,08,52,29,17,cb,2f,a6,f2,\\n 7e,d4,69,24,8a,1e,8f,b0,73,0d,cc,1c,4a,ab,b2,aa,ed,a7,91,63,01,64,22,a8,32,\\n b8,7e,32,28,b3,67,73,2d,91,b4,dc,31,01,0b,f7,47,0a,a6,f1,d7,4a,ed,56,60,c4,\\n 2c,08,a3,7b,40,b0,bc,74,27,52,87,d6,be,88,dd,37,8a,89,6e,67,88,1d,f5,c9,5d,\\n a0,fe,b6,ab,3a,80,d7,1a,97,3c,17,36,22,41,1e,ac,4d,d5,83,e6,3c,38,bd,4f,30,\\n e9,54,a9,d3,b6,04,c3,32,76,61,bb,b0,18,c5,2b,18,b3,c0,80,d5,b7,95,b0,5e,51,\\n 4d,22,fc,ec,58,aa,e8,d8,94,b4,a5,2e,ed,92,de,e7,18,7c,21,57,dd,55,63,f7,bf,\\n 6d,cd,1f,d2,a6,77,28,70,c7,e2,5b,3a,5b,08,d2,5b,4e,c8,00,96,b3,e1,83,36,af,\\n 86,0a,65,5c,74,f6,ea,ec,7a,6a,74,a0,f0,4b,ee,ef,94,a3,ac,50,f2,87,ed,d7,3a,\\n 30,83,c9,fb,7d,57,be,e5,e3,f8,41,ca,e5,64,ae,b3,a3,ec,58,ec,85,9a,cc,ef,b9,\\n ea,f3,56,18,b9,5c,73,9a,af,c5,77,17,83,59,db,37,1a,18,72,54,a5,41,d2,b6,23,\\n 75,a3,43,9a,e5,77,7c,96,79,b7,41,8d,bf,ec,dc,80,a0,9f,d1,77,75,58,5f,35,13,\\n e0,25,1a,67,0b,7d,ce,25,fa,07,0a,e4,61,21,d8,d4,1c,e5,07,c6,36,99,f4,96,d0,\\n c6,15,fe,4e,cd,d7,ae,8b,9d,db,16,fd,04,c6,92,bd,d4,88,e6,a9,a3,aa,bb,f7,64,\\n 38,3b,5f,cc,0c,d0,35,be,74,19,03,a6,c5,aa,4c,a2,61,36,82,3e,1d,f3,2b,bc,97,\\n 5d,db,4b,78,3b,2d,f5,3b,ef,60,23,e8,f5,ec,0b,23,36,95,af,98,66,bf,53,d3,7b,\\n b8,69,4a,2a,96,66,69,c4,94,c6,f4,5f,6e,ac,98,78,88,80,06,5c,a2,b2,ed,a2\n\n \n\n

--
End of file - Time spent: 12,8 sec. - 37698 bytes, CRC32: FFFFFFFF. Sign: 뀽૓
System
System
Bot ufficiale TurboLab.it
Bot
Messaggi:
Iscritto il: sab dic 31, 2016 6:19 pm
Contatta: Contatta

Re: log di hjackthis...

Messaggio da System » dom mar 10, 2024 10:45 pm


Avatar utente
crazy.cat
Amministratore
Amministratore
Messaggi: 12552
Iscritto il: mer mag 01, 2013 4:02 pm
Località: Noventa Padovana
Contatta:

Re: log di hjackthis...

Messaggio da crazy.cat »

Prova a togliere il flag da queste due caselle
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Local service')
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Network service')

Poi segui queste cosa:
Il secondo metodo per disattivare questo processo è dalle Impostazioni di Windows.
Premi la combinazione di tasti Windows + I per aprire le Impostazioni di Windows
Clicca su Sistema
Nella sezione a sinistra clicca su Notifiche e Azioni.
Togli la spunta dal quadratino accanto la voce “Mostra Configurazione e personalizzazione di Windows dopo gli aggiornamenti e occasionalmente quando eseguo l’accesso per segnale le novità e i suggerimenti“.
Riavvia il computer e controlla se il processo UserOOBEBroker.exe è ancora in esecuzione.
https://www.dundi.it/cose-useroobebroke ... indows-10/

Quando fai i log, tieni chiuso tutte le cose non necessarie come i browser o la vpn per non creare confusione nel log.
“Se tutti i documenti raccontavano la stessa favola, ecco che la menzogna diventava un fatto storico, quindi vera.”
Avatar utente
p060477
Livello: DVD-ROM (5/15)
Livello: DVD-ROM (5/15)
Messaggi: 199
Iscritto il: dom giu 26, 2022 11:33 pm

Re: log di hjackthis...

Messaggio da p060477 »

Grazie Crazy.cat

"Togli la spunta dal quadratino accanto la voce “Mostra Configurazione e personalizzazione di Windows dopo gli aggiornamenti e occasionalmente quando eseguo l’accesso per segnale le novità e i suggerimenti“."...:

era già senza il flag

ecco il nuovo log dopo il fix delle due voci che mi hai indicato:
Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.13

Platform: x64 Windows 10 (Home), 10.0.19045.4123 (ReleaseId: 2009, 22H2), Service Pack: 0
Time: 11.03.2024 - 12:08 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: Luca (group: Administrators) on PC, FirstRun: yes

Chrome: 115.0.5790.171
Firefox: 123.0.1.8829
Internet Explorer: 11.0.19041.3636
Default: "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.3.3\ABService.exe
1 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
1 C:\Program Files (x86)\Softland\FBackup 9\bService.exe
1 C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
1 C:\Program Files\WindowsApps\AD2F1837.HPDisplayCenter_1.0.68.0_x64__v10z8vjag6ke6\HPDisplayCenter.exe
2 C:\Windows\explorer.exe
1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
1 C:\Windows\System32\AggregatorHost.exe
1 C:\Windows\System32\backgroundTaskHost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\igfxCUIService.exe
1 C:\Windows\System32\igfxHK.exe
1 C:\Windows\System32\igfxTray.exe
1 C:\Windows\System32\lsass.exe
5 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\snmptrap.exe
1 C:\Windows\System32\spoolsv.exe
1 C:\Windows\System32\sppsvc.exe
77 C:\Windows\System32\svchost.exe
2 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WmiApSrv.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 D:\DESKTOP\ANTIVIRUS\HiJackThis_2.10.0.13\HiJackThis_2.10.0.13.exe
1 D:\DESKTOP\BROWSERS\Windscribe\WindscribeService.exe
1 N:\DESKTOP\PC\Dns\dnscrypt-proxy\dnscrypt-proxy.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://libero.it/
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hpqtra08.exe -> (PE EXE) (2023/03/10)
O4 - HKLM\..\StartupApproved\Run: [MouseDriver] = C:\WINDOWS\system32\TiltWheelMouse.exe (2020/06/19)
O4 - HKLM\..\StartupApproved\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s (2022/11/27)
O4 - HKLM\..\StartupApproved\Run: [SafeDiveCertMgm] = C:\WINDOWS\system32\rundll32.exe stCNSUtil.dll,DeleteCertStore (2022/02/21)
O4 - HKLM\..\StartupApproved\Run32: [IDProtect Monitor] = C:\Program Files (x86)\Athena\IDProtect Client\Utils\IDProtect Monitor.exe (2020/06/27)
O5 - Applet: C:\WINDOWS\System32\RTSnMg64.cpl (Sign: 'Realtek Semiconductor Corp')
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Scarica con IDM: (default) = N:\DESKTOP\VIDEO\CATTURA VIDEO\Internet Download Manager 6.4.1\App\IDM\IEExt.htm (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Scarica tutti i link con IDM: (default) = N:\DESKTOP\VIDEO\CATTURA VIDEO\Internet Download Manager 6.4.1\App\IDM\IEGetAll.htm (file missing)
O17 - DHCP DNS 1: 127.0.0.1
O17 - DHCP DNS 2: 9.9.9.9 (Well-known DNS: Quad9)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3b997113-d581-4c48-9a3c-6a5f7a071715}: [NameServer] = 127.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{3b997113-d581-4c48-9a3c-6a5f7a071715}: [NameServer] = 9.9.9.9 (Well-known DNS: Quad9)
O21 - HKLM\..\ShellIconOverlayIdentifiers\AutorunsDisabled: (no name) - - (no file)
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe
O22 - Task: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (Microsoft) (user missing)
O22 - Task: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (Microsoft) (user missing)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP (empty)
O22 - Task: (disabled) \Agent Activation Runtime\S-1-5-21-875700017-217750280-4135200879-1001 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe
O22 - Task: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (disabled) CIE Middleware Update - C:\WINDOWS\system32\rundll32.exe "C:\WINDOWS\system32\CIEPKI.dll",Update
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: \Microsoft\Windows\AppListBackup\BackupNonMaintenance - {E0DCC2CC-3354-45F2-8914-519E07809082} - C:\WINDOWS\system32\AppListBackupLauncher.dll (Microsoft)
O22 - Task: \Microsoft\Windows\AppxDeploymentClient\UCPD velocity - C:\WINDOWS\system32\UCPDMgr.exe (Microsoft)
O22 - Task: \Microsoft\Windows\CloudRestore\Backup - {722D0F89-B69C-4700-AE8C-4A44350E4876},$(Arg0) - C:\WINDOWS\System32\CloudRestoreLauncher.dll (Microsoft)
O22 - Task: \Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask - {82aa0895-198a-4c1b-b2d1-c16894218afb} - C:\WINDOWS\System32\unifiedconsent.dll (Microsoft)
O22 - Task: \Microsoft\Windows\PI\SecureBootEncodeUEFI - C:\WINDOWS\system32\SecureBootEncodeUEFI.exe (Microsoft)
O22 - Task: \Microsoft\Windows\SMB\UninstallSMB1ClientTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
O22 - Task: \Microsoft\Windows\SMB\UninstallSMB1ServerTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
O22 - Task: \Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache - {07369A67-07A6-4608-ABEA-379491CB7C46} - C:\Windows\System32\UpdatePolicy.dll (Microsoft)
O22 - Task: \Microsoft\Windows\WindowsUpdate\RUXIM\PLUGScheduler - C:\Program Files\RUXIM\PLUGscheduler.exe (Microsoft)
O22 - Task: \Mozilla\Firefox Background Update 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
O22 - Task: \Mozilla\Firefox Background Update S-1-5-21-875700017-217750280-4135200879-1001 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
O22 - Task: \Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
O22 - Task: \Softland\FBackup 9\fba_Desktop Backup - C:\Program Files (x86)\Softland\FBackup 9\bSchedStarter.EXE /HIDE /R "{35B1880B-8428-46F8-ADD4-B5FC1D5CC6E1}" -PRIORITY 2
O23 - Service R2: AOMEI Backupper Scheduler Service - (Backupper Service) - C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.3.3\ABService.exe
O23 - Service R2: Diskeeper - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service R2: DNSCrypt client proxy - (dnscrypt-proxy) - N:\DESKTOP\PC\Dns\dnscrypt-proxy\dnscrypt-proxy.exe -config dnscrypt-proxy.toml
O23 - Service R2: FBackup 9 Service - (FBackup9Srv) - C:\Program Files (x86)\Softland\FBackup 9\bService.exe -name:"FBackup9Srv" -disp:"FBackup 9 Service"
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\WINDOWS\system32\igfxCUIService.exe
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service R2: Net Driver HPZ12 - C:\WINDOWS\System32\svchost.exe -k HPZ12; "ServiceDll" = C:\Windows\System32\HPZinw12.dll
O23 - Service R2: Pml Driver HPZ12 - C:\WINDOWS\System32\svchost.exe -k HPZ12; "ServiceDll" = C:\Windows\System32\HPZipm12.dll
O23 - Service R2: Windscribe Service - (WindscribeService) - D:/DESKTOP/BROWSERS/Windscribe/WindscribeService.exe
O23 - Service S2: Servizio di rilevamento dispositivi HP CUE - (hpqddsvc) - C:\WINDOWS\system32\svchost.exe -k hpdevmgmt; "ServiceDll" = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (file missing)
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: ProtonVPN Service - C:\Program Files\Proton\VPN\v3.2.10\ProtonVPNService.exe
O23 - Service S3: ProtonVPN WireGuard - C:\Program Files\Proton\VPN\v3.2.10\ProtonVPN.WireGuardService.exe "C:\Program Files\Proton\VPN\v3.2.10\ServiceData\WireGuard\ProtonVPN.conf"
O23 - Service S3: VirtualBox system service - (VBoxSDS) - c:\myVirtualBox\VBoxSDS.exe
O23 - Service S3: Wondershare Application Framework Service - (WsAppService) - C:\Program Files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe
O23 - Service S3: Wondershare Install Assist Service - (Wondershare InstallAssist) - C:\ProgramData\Wondershare\Service\InstallAssistService.exe


--
End of file - Time spent: 12,6 sec. - 24452 bytes, CRC32: FFFFFFFF. Sign: 惸糇
cosa ne pensi...?

il tuo aiuto per me è veramente molto prezioso ed importante
grazie ancora
di cuore
Avatar utente
crazy.cat
Amministratore
Amministratore
Messaggi: 12552
Iscritto il: mer mag 01, 2013 4:02 pm
Località: Noventa Padovana
Contatta:

Re: log di hjackthis...

Messaggio da crazy.cat »

Continuo a non avere idea di cosa sia il tuo problema.
Ti avevo chiesto di tenere chiuse tutte le app possibili e non lo hai fatto.
Comunque non ripostare dei log perché continuo a non vederci niente di utile.
Solo alcune cose strane come queste:
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (Microsoft)
O22 - Task: \Microsoft\Windows\CloudRestore\Backup - {722D0F89-B69C-4700-AE8C-4A44350E4876},$(Arg0) - C:\WINDOWS\System32\CloudRestoreLauncher.dll (Microsoft)
Quella maschera è generata da un servizio di posta o di backup come quelli qui sopra, qualsiasi cosa siano.
“Se tutti i documenti raccontavano la stessa favola, ecco che la menzogna diventava un fatto storico, quindi vera.”
Avatar utente
p060477
Livello: DVD-ROM (5/15)
Livello: DVD-ROM (5/15)
Messaggi: 199
Iscritto il: dom giu 26, 2022 11:33 pm

Re: log di hjackthis...

Messaggio da p060477 »

Grazie Crazy.Cat
scusami, mi avevi detto di tenere chiusi browser e vpn e io li ho tenuti chiusi
ho lanciato hijackthis dopo aver avviato il pc senza nessuna app aperta
ho anche fixxato quelle due voci che mi avevi indicato

ora me ne indichi altre 4...devo fixxarle...??
neppure io so cosa siano altrimenti non ti disturberei di certo
ti ripeto che il tuo aiuto per me è molto prezioso
Avatar utente
p060477
Livello: DVD-ROM (5/15)
Livello: DVD-ROM (5/15)
Messaggi: 199
Iscritto il: dom giu 26, 2022 11:33 pm

Re: log di hjackthis...

Messaggio da p060477 »

aggiornamento:
ho fixxato anche le 4 voci nuove che mi hai indicato
ma il problema della finestra di cui:
viewtopic.php?p=97150#p97150
purtroppo permane...
Avatar utente
Al3x
Amministratore
Amministratore
Messaggi: 4568
Iscritto il: mer mag 01, 2013 12:59 pm
Località: http://127.0.0.1

Re: log di hjackthis...

Messaggio da Al3x »

p060477 ha scritto: lun mar 11, 2024 6:25 pm scusami, mi avevi detto di tenere chiusi browser e vpn e io li ho tenuti chiusi
verifica che Chrome o Edge non siano in esecuzione in background. Dalle rispettive impostazioni dei browser (sono molto simili) accedi alla voce Sistema nel pannello laterale sinistro e disattiva la prima voce "Continua ad eseguire applicazioni in background..."
I :amore Sasha
Avatar utente
p060477
Livello: DVD-ROM (5/15)
Livello: DVD-ROM (5/15)
Messaggi: 199
Iscritto il: dom giu 26, 2022 11:33 pm

Re: log di hjackthis...

Messaggio da p060477 »

Al3x ha scritto: gio mar 14, 2024 10:34 am
p060477 ha scritto: lun mar 11, 2024 6:25 pm scusami, mi avevi detto di tenere chiusi browser e vpn e io li ho tenuti chiusi
verifica che Chrome o Edge non siano in esecuzione in background. Dalle rispettive impostazioni dei browser (sono molto simili) accedi alla voce Sistema nel pannello laterale sinistro e disattiva la prima voce "Continua ad eseguire applicazioni in background..."
grazie ma in task manager non ci sono...neppure tra i processi in back ground....
e comunque a me interessa sapere se il log è pulito...
grazie per la attenzione
:)
System
System
Bot ufficiale TurboLab.it
Bot
Messaggi:
Iscritto il: sab dic 31, 2016 6:19 pm
Contatta: Contatta

Re: Re: log di hjackthis...

Messaggio da System » gio mar 14, 2024 11:19 am


Rispondi