Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » PC lento

PC lento Opzioni
Topic Precedente · Topic Sucessivo
autodidatta
Inviato: Monday, October 05, 2020 6:46:17 PM
Rank: AiutAmico

Iscritto dal : 2/20/2005
Posts: 190
Mi controllate il log
Grazie
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform: x64 Windows 10 (Pro), 10.0.19041.508 (ReleaseId: 2004), Service Pack: 0
Time: 05.10.2020 - 18:43 (UTC+02:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: bibri (group: Administrator) on DESKTOP-V99SUOU, FirstRun: yes

Chrome: 85.0.4183.121
Edge: 11.0.19041.423
Internet Explorer: 11.0.19041.1
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Adguard\AdguardSvc.exe
1 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
1 C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\Game Updater\gameupdater.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
8 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
1 C:\Program Files\Microsoft Office\Office16\WINWORD.EXE
2 C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
1 C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20090.1002.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2008.2.0_x64__8wekyb3d8bbwe\Calculator.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsStore_12009.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20091.84.0_x64__8wekyb3d8bbwe\YourPhone.exe
1 C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20032.16211.0_x64__8wekyb3d8bbwe\Video.UI.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.2-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.2-0\NisSrv.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
6 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SgrmBroker.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\escsvc64.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\oobe\UserOOBEBroker.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
78 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
1 C:\Windows\explorer.exe
1 D:\Programmi Vari\Antivirus\HijackThis\HijackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://it.msn.com/?ocid=U220DHP&pc=U220
O1 - Hosts: Reset contents to default
O1 - Hosts: 0.0.0.0 activation.acronis.com
O1 - Hosts: 0.0.0.0 web-api-tih.acronis.com
O1 - Hosts: 0.0.0.0 web-api-tie.acronis.com
O1 - Hosts: 0.0.0.0 web-api-vmp.acronis.com
O1 - Hosts: 0.0.0.0 cloud-rs-ru2.acronis.com
O1 - Hosts: 0.0.0.0 cloud-fes-ru2.acronis.com
O1 - Hosts: 0.0.0.0 rpc.acronis.com
O1 - Hosts: 127.0.0.1 i2am.nero.com
O1 - Hosts: 127.0.0.1 ocsp.globalsign.com
O1 - Hosts: 127.0.0.1 ocsp2.globalsign.com
O1 - Hosts: 127.0.0.1 iam.nero.com
O1 - Hosts: 127.0.0.1 2.19.38.243
O1 - Hosts: 0.0.0.0 www.partitionwizard.com
O1 - Hosts: 0.0.0.0 www.minitool.com
O1 - Hosts: 0.0.0.0 www.powerdatarecovery.com
O1 - Hosts: 0.0.0.0 pas2.partitionwizard.com
O1 - Hosts: 0.0.0.0 pas2.minitool.com
O1 - Hosts: 0.0.0.0 pas2.eofsoft.com
O1 - Hosts: 0.0.0.0 tracking.minitool.com
O1 - Hosts: 0.0.0.0 telemetry.malwarebytes.com
O1 - Hosts: 0.0.0.0 telemetry.mwbsys.com
O1 - Hosts: 127.0.0.1 keystone.mwbsys.com
O2 - HKLM\..\BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll
O2 - HKLM\..\BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
O2 - HKLM\..\BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\85.0.564.68\BHO\ie_to_edge_bho_64.dll
O2 - HKLM\..\BHO: NitroPDF.IE.Sharepoint - {3BFAE61D-4A6D-4467-9E5E-FE5293D10F9F} - C:\Program Files\Nitro\Pro\12\npnitroie.dll
O2 - HKLM\..\BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll
O2-32 - HKLM\..\BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\85.0.564.68\BHO\ie_to_edge_bho.dll
O2-32 - HKLM\..\BHO: NitroPDF.IE.Sharepoint - {3BFAE61D-4A6D-4467-9E5E-FE5293D10F9F} - C:\Program Files (x86)\Nitro\Pro\12\npnitroie.dll
O2-32 - HKLM\..\BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - HKLM\..\Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll
O3 - HKLM\..\Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
O3-32 - HKLM\..\Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O4 - HKLM\..\StartupApproved\Run32: [EEventManager] = C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (2020/10/03)
O4 - HKLM\..\StartupApproved\Run32: [Wondershare Helper Compact.exe] = C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (2020/05/13)
O4 - HKLM\..\StartupApproved\Run: [Acronis Scheduler2 Service] = C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (2020/04/07)
O4 - HKLM\..\StartupApproved\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (2020/04/09)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe (2020/04/07)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Aggiungi destinazione lin&k a PDF esistente: (default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Aggiungi pagina Web a PDF esistente: (default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Converti destinazione link in Adobe PDF: (default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Converti pagina &Web in Adobe PDF: (default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&xport to Microsoft Excel: (default) = C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Se&nd to OneNote: (default) = C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll (file missing)
O17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AcronisDrive: (no name) - {5D74FD4B-4EFB-4586-8022-8637BBE40970} - C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AcronisSyncError: (no name) - {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} - C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AcronisSyncInProgress: (no name) - {00F848DC-B1D4-4892-9C25-CAADC86A215D} - C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AcronisSyncOk: (no name) - {71573297-552E-46fc-BE3D-3DFAF88D47B7} - C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
O23 - Service R2: ABBYY FineReader 9.0 Sprint Licensing Service - (ABBYY.Licensing.FineReader.Sprint.9.0) - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -service
O23 - Service R2: Acronis Scheduler2 Service - (AcrSch2Svc) - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service R2: Adguard Service - C:\Program Files (x86)\Adguard\AdguardSvc.exe
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Epson Scanner Service - (EpsonScanSvc) - C:\WINDOWS\system32\EscSvc64.exe
O23 - Service R2: Game Updater - (gameupdater) - C:\Program Files (x86)\Common Files\Game Updater\gameupdater.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service S2: Servizio Aggiornamento Microsoft Edge (edgeupdate) - (edgeupdate) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /svc
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Acronis Mobile Backup Server - (mobile_backup_server) - C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe "--config-path=C:\ProgramData\Acronis\MobileBackupServer\Conf\WRM.conf"
O23 - Service S3: Acronis Mobile Backup Status Server - (mobile_backup_status_server) - C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\elevation_service.exe
O23 - Service S3: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service S3: Microsoft Edge Elevation Service - (MicrosoftEdgeElevationService) - C:\Program Files (x86)\Microsoft\Edge\Application\85.0.564.68\elevation_service.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: SAMSUNG Mobile USB Connectivity Launcher - (ss_conn_launcher_service) - C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe
O23 - Service S3: Servizio Aggiornamento Microsoft Edge (edgeupdatem) - (edgeupdatem) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /medsvc
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Wondershare Driver Install Service - (WsDrvInst) - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe


--
End of file - Time spent: 50,5 sec. - 24822 bytes, CRC32: FFFFFFFF. Sign: ද텄
Torna in alto
 
Sponsor
Inviato: Monday, October 05, 2020 6:46:17 PM

 
Torna in alto
 
cbbusto
Inviato: Tuesday, October 06, 2020 11:07:51 AM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Ho visto solo ora il tuo log, ci sono dei problemi e infezioni, ti rispondo prima di sera. ciao.
Torna in alto
 
cbbusto
Inviato: Tuesday, October 06, 2020 5:17:26 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Chiudi tutti i programmi e disconnesso da internet,

Apri HJT, inserisci il segno di spunta nel quadratino davanti alle righe sotto elencate, una volta selezionate clicca il tasto Fix checked per procedere all'eliminazione, comparirà una finestra clicca su SI per accettare e l'operazione è conclusa.
Riavviare il pc.

Le voci 01 se presenti vanno sempre eliminate tutte

I malware si diffondono all’interno del sistema operativo Windows, spesso a velocità sorprendenti, proprio sfruttando i programmi presenti in esecuzione automatica.
Ricorda che Hijackthis deve essere avviato da una cartella a lui dedicata sul desktop. Solo così Hijackthis creerà copie di backup di quello che viene eliminato prima di apportare modifiche, così in caso di inconvenienti si possono reinstallare.

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://it.msn.com/?ocid=U220DHP&pc=U220
O1 - Hosts: Reset contents to default
O1 - Hosts: 0.0.0.0 activation.acronis.com
O1 - Hosts: 0.0.0.0 web-api-tih.acronis.com
O1 - Hosts: 0.0.0.0 web-api-tie.acronis.com
O1 - Hosts: 0.0.0.0 web-api-vmp.acronis.com
O1 - Hosts: 0.0.0.0 cloud-rs-ru2.acronis.com
O1 - Hosts: 0.0.0.0 cloud-fes-ru2.acronis.com
O1 - Hosts: 0.0.0.0 rpc.acronis.com
O1 - Hosts: 127.0.0.1 i2am.nero.com
O1 - Hosts: 127.0.0.1 ocsp.globalsign.com
O1 - Hosts: 127.0.0.1 ocsp2.globalsign.com
O1 - Hosts: 127.0.0.1 iam.nero.com
O1 - Hosts: 127.0.0.1 2.19.38.243
O1 - Hosts: 0.0.0.0 www.partitionwizard.com
O1 - Hosts: 0.0.0.0 www.minitool.com
O1 - Hosts: 0.0.0.0 www.powerdatarecovery.com
O1 - Hosts: 0.0.0.0 pas2.partitionwizard.com
O1 - Hosts: 0.0.0.0 pas2.minitool.com
O1 - Hosts: 0.0.0.0 pas2.eofsoft.com
O1 - Hosts: 0.0.0.0 tracking.minitool.com
O1 - Hosts: 0.0.0.0 telemetry.malwarebytes.com
O1 - Hosts: 0.0.0.0 telemetry.mwbsys.com
O1 - Hosts: 127.0.0.1 keystone.mwbsys.com
O2 - HKLM\..\BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
O2 - HKLM\..\BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\85.0.564.68\BHO\ie_to_edge_bho_64.dll
O2 - HKLM\..\BHO: NitroPDF.IE.Sharepoint - {3BFAE61D-4A6D-4467-9E5E-FE5293D10F9F} - C:\Program Files\Nitro\Pro\12\npnitroie.dll
O2 - HKLM\..\BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll
O2-32 - HKLM\..\BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\85.0.564.68\BHO\ie_to_edge_bho.dll
O2-32 - HKLM\..\BHO: NitroPDF.IE.Sharepoint - {3BFAE61D-4A6D-4467-9E5E-FE5293D10F9F} - C:\Program Files (x86)\Nitro\Pro\12\npnitroie.dll
O2-32 - HKLM\..\BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - HKLM\..\Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll
O3 - HKLM\..\Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
O3-32 - HKLM\..\Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll ( le toolbar mai installarle, servono a niente e rallentano il pc )
O4 - HKLM\..\StartupApproved\Run32: [EEventManager] = C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (2020/10/03)
O4 - HKLM\..\StartupApproved\Run32: [Wondershare Helper Compact.exe] = C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (2020/05/13)
O4 - HKLM\..\StartupApproved\Run: [Acronis Scheduler2 Service] = C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (2020/04/07)
O4 - HKLM\..\StartupApproved\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (2020/04/09)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Aggiungi destinazione lin&k a PDF esistente: (default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Aggiungi pagina Web a PDF esistente: (default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Converti destinazione link in Adobe PDF: (default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Converti pagina &Web in Adobe PDF: (default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&xport to Microsoft Excel: (default) = C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Se&nd to OneNote: (default) = C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll (file missing)
Mi raccomando elimina tutti i file che ti ho messo, i programmi rimangono.
Alla fine fai una pulizia con Ccleaner

Poi fai una pulizia del registro col seguente programma:

usa Eusing Free Registry Cleaner sw da usare saltuariamente, lo scarichi da qui: http://www.eusing.com/free_registry_cleaner/registry_cleaner.htm
clic su Download Site1, una volta lanciato appare una finestra che chiede il codice, clic su ignora e procedi, poi in alto a sinistra clic su Analizza Registro, lascia fare fino alla fine non ti preoccupare se trova molte voci, poi clicca su Ripara Registro, il sw è sicuro comunque crea un punto di ripristino e fa anche il backup dei file eliminati infatti in alto sotto ripara registro si trova la voce Ripristina Registro.
Per fare questa pulizia meglio chiudere tutti i programmi e disconnesso.
Il programma è compatibile con tutti i S.O. windows compreso win 10.

Alla fine rifai una nuova scansione con HJT e posta il nuovo log. Ciao

Fai saperte se il pc è migliorato.
Torna in alto
 
autodidatta
Inviato: Tuesday, October 06, 2020 9:54:19 PM
Rank: AiutAmico

Iscritto dal : 2/20/2005
Posts: 190
Ciao
Ecco il nuovo log
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform: x64 Windows 10 (Pro), 10.0.19041.508 (ReleaseId: 2004), Service Pack: 0
Time: 06.10.2020 - 21:52 (UTC+02:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: bibri (group: Administrator) on DESKTOP-V99SUOU, FirstRun: yes

Chrome: 85.0.4183.121
Edge: 11.0.19041.423
Internet Explorer: 11.0.19041.1
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Adguard\AdguardSvc.exe
1 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
1 C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
1 C:\Program Files (x86)\Common Files\Game Updater\gameupdater.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
11 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
2 C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20091.84.0_x64__8wekyb3d8bbwe\YourPhone.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.2-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.2-0\NisSrv.exe
1 C:\Windows\System32\MoUsoCoreWorker.exe
3 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\escsvc64.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\oobe\UserOOBEBroker.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
73 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
1 C:\Windows\explorer.exe
1 D:\Programmi Vari\Antivirus\HijackThis\HijackThis\HiJackThis.exe

O2 - HKLM\..\BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll (file missing)
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] = C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (file missing)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe (2020/04/07)
O17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AcronisDrive: (no name) - {5D74FD4B-4EFB-4586-8022-8637BBE40970} - C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AcronisSyncError: (no name) - {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} - C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AcronisSyncInProgress: (no name) - {00F848DC-B1D4-4892-9C25-CAADC86A215D} - C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AcronisSyncOk: (no name) - {71573297-552E-46fc-BE3D-3DFAF88D47B7} - C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
O23 - Service R2: ABBYY FineReader 9.0 Sprint Licensing Service - (ABBYY.Licensing.FineReader.Sprint.9.0) - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -service
O23 - Service R2: Acronis Scheduler2 Service - (AcrSch2Svc) - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service R2: Adguard Service - C:\Program Files (x86)\Adguard\AdguardSvc.exe
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Epson Scanner Service - (EpsonScanSvc) - C:\WINDOWS\system32\EscSvc64.exe
O23 - Service R2: Game Updater - (gameupdater) - C:\Program Files (x86)\Common Files\Game Updater\gameupdater.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service S2: Servizio Aggiornamento Microsoft Edge (edgeupdate) - (edgeupdate) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /svc
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Acronis Mobile Backup Server - (mobile_backup_server) - C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe "--config-path=C:\ProgramData\Acronis\MobileBackupServer\Conf\WRM.conf"
O23 - Service S3: Acronis Mobile Backup Status Server - (mobile_backup_status_server) - C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\elevation_service.exe
O23 - Service S3: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service S3: Microsoft Edge Elevation Service - (MicrosoftEdgeElevationService) - C:\Program Files (x86)\Microsoft\Edge\Application\85.0.564.68\elevation_service.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: SAMSUNG Mobile USB Connectivity Launcher - (ss_conn_launcher_service) - C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe
O23 - Service S3: Servizio Aggiornamento Microsoft Edge (edgeupdatem) - (edgeupdatem) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /medsvc
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Wondershare Driver Install Service - (WsDrvInst) - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe


--
End of file - Time spent: 46,8 sec. - 14674 bytes, CRC32: FFFFFFFF. Sign: 
Torna in alto
 
cbbusto
Inviato: Wednesday, October 07, 2020 11:57:45 AM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Il log va bene. Il pc è migliorato?
Torna in alto
 
autodidatta
Inviato: Wednesday, October 07, 2020 5:51:46 PM
Rank: AiutAmico

Iscritto dal : 2/20/2005
Posts: 190
Si decisamente più veloce.
GrazieApplause Applause Applause
Torna in alto
 
Utenti presenti in questo topic
Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » PC lento


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.