Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

controllo log Opzioni
9plc
Inviato: Thursday, January 14, 2016 3:26:42 PM
Rank: AiutAmico

Iscritto dal : 11/18/2004
Posts: 206
Buongiorno a tutti!
Qualcuno può gentilmente controllarmi il log?
Il pc è un po' lento...
Grazie

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:20:43, on 14/01/2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18124)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Windows\System32\StikyNot.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\PopTrayU\PopTrayU.exe
C:\Users\Franco\Desktop\RogueKiller.exe
C:\Windows\system32\taskeng.exe
D:\Manutenzione\A. PROGRAMMI scaricati\Hijack\HijackThis.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO DI RETE')
O4 - Startup: PopTrayU.lnk = C:\Program Files\PopTrayU\PopTrayU.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: I&nvia a OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{1119AED5-CA31-44CD-8B89-DB53DF42D95E}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{CE98E3BB-31D4-40DE-A549-17C9C4C95064}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{1119AED5-CA31-44CD-8B89-DB53DF42D95E}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{1119AED5-CA31-44CD-8B89-DB53DF42D95E}: NameServer = 8.8.8.8,8.8.4.4
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 6097 bytes
Sponsor
Inviato: Thursday, January 14, 2016 3:26:42 PM

 
cbbusto
Inviato: Thursday, January 14, 2016 5:07:52 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Nessuna infezione apparente, hai questo file che è per l'aggiornamento a win 10: C:\Windows\system32\GWX\GWX.exe
Poi le seguenti voci sono tutti sw in Avvio Automatico, non servono:

O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR (questo un pochino rallenta)
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO DI RETE')
O4 - Startup: PopTrayU.lnk = C:\Program Files\PopTrayU\PopTrayU.exe
Li puoi disattivare facilmente con ccleaner>Strumenti>Avvio doppio clic su ogni voce e si disattiva.
Si sa che la lentezza del pc può dipendere da molti fattori, comunque le solite pulizie fanno sempre bene:
Malwarebytes - AdwCleaner -JRT programmi che credo tu già conosca.
Ciao

9plc
Inviato: Friday, January 15, 2016 8:25:47 AM
Rank: AiutAmico

Iscritto dal : 11/18/2004
Posts: 206
Grazie cbbusto, avevo già fatto le "pulizie" con Malwarebytes, AdwCleaner e CCleaner, mancava solo JRT che ti riporto qui sotto; ho anche disattivato con CCleaner le voci non necessarie all'avvio.
Mi sembra che almeno il pc si sia velocizzato; invece per quanto riguarda la connessione Internet, il problema è che questo è un secondo pc in rete (quello principale è velocissimo), e in certi orari è veramente lento...
A proposito di Windows 10, tu che ne pensi?



Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 7 Professional x86
Ran by Administrator on 15/01/2016 at 7:56:49,06

File System: 20

Failed to delete: C:\Users\Franco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A4ME4229 (Folder)
Failed to delete: C:\Users\Franco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HX2ZG80C (Folder)
Successfully deleted: C:\Users\Franco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\08UP72T7 (Folder)
Successfully deleted: C:\Users\Franco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0DFZRPU6 (Folder)
Successfully deleted: C:\Users\Franco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4V416MMS (Folder)
Successfully deleted: C:\Users\Franco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5KQ8JCKE (Folder)
Successfully deleted: C:\Users\Franco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8HUWAICW (Folder)
Successfully deleted: C:\Users\Franco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CK6HZKOK (Folder)
Successfully deleted: C:\Users\Franco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\COB0Y9SU (Folder)
Successfully deleted: C:\Users\Franco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ERKK693D (Folder)
Successfully deleted: C:\Users\Franco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EY9SJENS (Folder)
Successfully deleted: C:\Users\Franco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F185LKBV (Folder)
Successfully deleted: C:\Users\Franco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NHKRL7GH (Folder)
Successfully deleted: C:\Users\Franco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q6OG9F6Z (Folder)
Successfully deleted: C:\Users\Franco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SGZSC7YF (Folder)
Successfully deleted: C:\Users\Franco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SYCZO6PD (Folder)
Successfully deleted: C:\Users\Franco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TKHM1892 (Folder)
Successfully deleted: C:\Users\Franco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TQ12Z2XM (Folder)
Successfully deleted: C:\Users\Franco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W58A5VLG (Folder)
Successfully deleted: C:\Users\Franco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X60J1KCI (Folder)

Registry: 0

Scan was completed on 15/01/2016 at 8:02:42,54
End of JRT log


Ho fatto anche la scansione con RogueKiller:

RogueKiller V11.0.7.0 [Jan 11 2016] (Gratuito) di Adlice Software
posta : http://www.adlice.com/contact/
Commenti : http://forum.adlice.com
Sito Web : http://www.adlice.com/software/roguekiller/
Discussione : http://www.adlice.com

Sistema Operativo : Windows 7 (6.1.7600) 32 bits version
Iniziato in : Modalità Normale
Utente : [Amministratore]
Iniziato da : C:\Users\Franco\Desktop\RogueKiller.exe
Modalità : Cancella -- Data : 01/15/2016 10:39:48

¤¤¤ Processi : 0 ¤¤¤

¤¤¤ Registro : 7 ¤¤¤
[PUM.StartMenu] HKEY_USERS\S-1-5-21-3377219174-2095088596-541053914-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Rimpiazzato (1)
[PUM.StartMenu] HKEY_USERS\S-1-5-21-3377219174-2095088596-541053914-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0 -> Rimpiazzato (1)
[PUM.StartMenu] HKEY_USERS\S-1-5-21-3377219174-2095088596-541053914-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyPics : 0 -> Rimpiazzato (1)
[PUM.StartMenu] HKEY_USERS\S-1-5-21-3377219174-2095088596-541053914-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowSetProgramAccessAndDefaults : 0 -> Rimpiazzato (1)
[PUM.StartMenu] HKEY_USERS\S-1-5-21-3377219174-2095088596-541053914-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyDocs : 0 -> Rimpiazzato (1)
[PUM.StartMenu] HKEY_USERS\S-1-5-21-3377219174-2095088596-541053914-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowHelp : 0 -> Rimpiazzato (1)
[PUM.StartMenu] HKEY_USERS\S-1-5-21-3377219174-2095088596-541053914-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyMusic : 0 -> Rimpiazzato (1)

¤¤¤ Attività : 0 ¤¤¤

¤¤¤ Archivi : 0 ¤¤¤

¤¤¤ Archivio Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Caricato) ¤¤¤

¤¤¤ Web Browser : 0 ¤¤¤

¤¤¤ Controllo MBR : ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 39462102a8716b26c1ebdcdadbb68d3a
[BSP] bc990bfeb0a10368c241677e4a1d2715 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 83692 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 171608064 | Size: 68833 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK


cbbusto
Inviato: Friday, January 15, 2016 3:09:31 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
JRT ha tolto dei file Temp per il resto è tutto a posto.
In certi orari è facile incappare in rallentamenti, molto traffico e server intasati, se il secondo pc è collegato in wifi il rallentamento è maggiore.
Win 10 io ancora non l'ho installato, ci sono ancora parecchi problemi da risolvere, meglio attendere almeno fino a giugno, win 8.1 mi va benissimo. Ciao
9plc
Inviato: Friday, January 15, 2016 4:51:05 PM
Rank: AiutAmico

Iscritto dal : 11/18/2004
Posts: 206
Grazie per i controlli!
Il secondo pc (Windows 7 Professional), nella finestra delle connessioni figura connesso con WiFi USB (potenza segnale eccellente) e anche WiFi e basta (potenza segnale buona). Questa cosa non la capisco, ma penso che lo chiederò al tecnico che a suo tempo ha configurato le connessioni: non vorrei fare pasticci...

Sul pc principale anch'io ho Windows 8.1 e mi trovo benissimo, quindi per Windows 10 aspetterò come te!

Grazie ancora, buona serata

Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.