Valutazione 4.87/ 5 (100.00%) 5838 voti

Condividi:        

Log Hijackhis

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: kadosh, Luke57

Log Hijackhis

Postdi Ricky1986 » 15/08/15 13:29

Ciao ragazzi, mi potreste dire quali di questi file posso eliminare?

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\afwServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\LSI SoftModem\agrsmsvc.exe
C:\Program Files\WIDCOMM\Software Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\igfxsrvc.exe
C:\WINDOWS\System32\igfxpers.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\My Documents\Downloads\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost;127.0.0.1:80
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O1 - Hosts: 195.149.220.209 www.goldwinpoker.com
O1 - Hosts: 195.149.220.209 goldwinpoker.com
O1 - Hosts: 195.149.220.210 live.goldbet.com
O1 - Hosts: 195.149.220.209 old.goldbet.com
O1 - Hosts: 195.149.220.209 ced.goldbet.com
O1 - Hosts: 195.149.220.210 marketing.goldbet.com
O1 - Hosts: 195.149.220.209 goldwinportal.com
O1 - Hosts: 195.149.220.209 www.goldwinportal.com
O1 - Hosts: 195.149.220.209 www.betxpro.com
O1 - Hosts: 195.149.220.210 www25.goldbet.com
O1 - Hosts: 195.149.220.210 www35.goldbet.com
O1 - Hosts: 195.149.220.94 agentclient2.ntdll.net
O1 - Hosts: 195.149.220.94 agentclient.ntdll.net
O1 - Hosts: 95.131.232.195 goldbet.com
O1 - Hosts: 195.149.222.154 secure.goldbet.com
O1 - Hosts: 91.213.212.163 livecasino.goldbet.com
O1 - Hosts: 195.149.222.154 gbservice.goldbet.com
O1 - Hosts: 195.149.222.139 mail.goldbetmail.com
O1 - Hosts: 195.149.222.139 mail.goldbet.com
O1 - Hosts: 195.149.222.139 exchange.goldbetmail.com
O1 - Hosts: 195.149.222.139 exchange.goldbet.com
O1 - Hosts: 23.40.166.121 affiliates.goldbet.com
O1 - Hosts: 195.149.222.154 content.goldbet.com
O1 - Hosts: 195.149.222.133 www.goalsmania.com
O1 - Hosts: 195.149.222.133 www.goalsmania.info
O1 - Hosts: 23.40.166.121 www.goldbet.com
O1 - Hosts: 23.40.166.121 www.goldbetsports.com
O1 - Hosts: 195.149.222.152 goldbetsports.com
O1 - Hosts: 23.40.166.121 casino.goldbet.com
O1 - Hosts: 95.131.232.195 www.casino.goldbet.com
O1 - Hosts: 23.40.166.121 poker.goldbet.com
O1 - Hosts: 95.131.232.195 www.poker.goldbet.com
O1 - Hosts: 195.149.222.151 ssh.goldbet.com
O1 - Hosts: 37.114.73.217 www.virtual-races.com
O1 - Hosts: 37.114.73.217 virtual-races.com
O1 - Hosts: 89.146.220.38 cdn.virtual-races.com
O1 - Hosts: 195.149.222.144 sslportal.goldbet.com
O1 - Hosts: 195.149.222.133 enabler.ags.gwsrv.com
O1 - Hosts: 66.212.226.169 partners.goldbet.com
O1 - Hosts: 54.228.75.181 support.golden-race.com
O1 - Hosts: 95.131.232.196 admin.goldbetleague.com
O1 - Hosts: 23.40.166.121 svcs.goldbetsports.com
O1 - Hosts: 195.149.222.142 citrix.goldbet.com
O1 - Hosts: 195.149.222.159 storefront.goldbet.com
O1 - Hosts: 195.149.222.151 ssh.goldbetsports.com
O1 - Hosts: 195.149.222.154 secure.goldbetsports.com
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll
O3 - Toolbar: Community Smart Bar - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-1390067357-706699826-839522115-500\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Invia a &Bluetooth - C:\Program Files\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Software Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Software Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O15 - Trusted Zone: http://application.arbseek.com
O15 - ESC Trusted Zone: http://application.arbseek.com
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-U ... E_UNO1.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZI ... b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4AE84664-C159-43E5-A9F1-E4D9D862BC14}: NameServer = 8.8.8.8,8.8.4.4,192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{CCDDEA97-D3D6-42B1-BC52-BAF601999C50}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - AVAST Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Software Bluetooth\bin\btwdins.exe
O23 - Service: Goldbet Enabler Service (GoldbetEnablerService) - Unknown owner - C:\Documents and Settings\Administrator\Desktop\enabler.exe (file missing)
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Wondershare Driver Install Service (WsDrvInst) - Wondershare - C:\Program Files\Wondershare\TunesGo Retro\DriverInstall.exe

--
End of file - 10670 bytes
Riccardo
Ricky1986
Utente Senior
 
Post: 140
Iscritto il: 20/10/06 22:14

Sponsor
 

Re: Log Hijackhis

Postdi quizface » 15/08/15 17:16

Prima cosa elimina tutti gli

01 Hosts

poi sono sospetti tutte le toolbar e puoi cancellare anche quelli con (file missing)

O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Community Smart Bar - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O23 - Service: Goldbet Enabler Service (GoldbetEnablerService) - Unknown owner - C:\Documents and Settings\Administrator\Desktop\enabler.exe (file missing)

Se non conosci questo servizio (mi pare sospetto) eliminalo

O23 - Service: Wondershare Driver Install Service (WsDrvInst) - Wondershare - C:\Program Files\Wondershare\TunesGo Retro\DriverInstall.exe
Se non siete sicuri di quello che scrivete, non scrivete niente, nessuno vi obbliga ed eviterete di confondere chi gia' e' confuso. Ciao..ciao

Immagine
Avatar utente
quizface
Utente Senior
 
Post: 14162
Iscritto il: 03/10/04 00:36

Re: Log Hijackhis

Postdi Ricky1986 » 15/08/15 17:31

ok grazie =)
Riccardo
Ricky1986
Utente Senior
 
Post: 140
Iscritto il: 20/10/06 22:14


Torna a Sicurezza e Privacy

Chi c’è in linea

Visitano il forum: Nessuno e 5 ospiti