Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » controllo log HiJackThis un pc riesumato . grazie

2 pages: [1] 2
controllo log HiJackThis un pc riesumato . grazie Opzioni
Topic Precedente · Topic Sucessivo
giza
Inviato: Tuesday, December 21, 2021 10:13:32 AM

Rank: AiutAmico

Iscritto dal : 10/27/2006
Posts: 9,617
un pc riesumato dopo diversi anni. trovato nella tomba di Nefertiti
(avevo anche disabilitato gli avvii con ccleaner.)

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26

Platform: x64 Windows 7 (Home Premium), 6.1.7601.24525, Service Pack: 1
Time: 21.12.2021 - 10:09 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: Awad (group: Administrator) on AWAD-PC, FirstRun: yes

Firefox: 95.0.2.8022
Internet Explorer: 11.0.9600.19467
Default: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)

Boot mode: Normal

Running processes:
Number | Path
9 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
1 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
1 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
1 C:\Program Files\Microsoft Security Client\MsMpEng.exe
1 C:\Program Files\Microsoft Security Client\NisSrv.exe
1 C:\Program Files\Microsoft Security Client\msseces.exe
1 C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
1 C:\Users\Awad\Desktop\HiJackThis\HiJackThis.exe
1 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
1 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\hkcmd.exe
1 C:\Windows\System32\igfxpers.exe
1 C:\Windows\System32\igfxtray.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\lsm.exe
1 C:\Windows\System32\rundll32.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
1 C:\Windows\System32\sppsvc.exe
13 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskeng.exe
2 C:\Windows\System32\taskhost.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\wuauclt.exe
1 C:\Windows\explorer.exe
1 C:\Windows\servicing\TrustedInstaller.exe

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: [SuggestionsURL,SuggestionsURLFallback] = http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding} - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: [URL] = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW_itIT440IT440 - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: [SuggestionsURL,SuggestionsURLFallback] = http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding} - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: [URL] = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 - Google
O2 - HKLM\..\BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
O2 - HKLM\..\BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2-32 - HKLM\..\BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2-32 - HKLM\..\BHO: Guida per l'accesso a Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - HKLM\..\Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
O3-32 - HKLM\..\Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [HotKeysCmds] = C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [IgfxTray] = C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [MSC] = c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey
O4 - HKLM\..\Run: [Persistence] = C:\Windows\system32\igfxpers.exe
O4 - HKU\.DEFAULT\..\RunOnce: [SPReview] = C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
O4 - MSConfig\startupreg: CCleaner Smart Cleaning [command] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (HKCU) (2021/12/20)
O4 - MSConfig\startupreg: HotKeysCmds [command] = C:\Windows\system32\hkcmd.exe (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: IAStorIcon [command] = C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: IgfxTray [command] = C:\Windows\system32\igfxtray.exe (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: LManager [command] = C:\Program Files (x86)\Launch Manager\LManager.exe (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: Logitech Download Assistant [command] = C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: MSC [command] = c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: PLFSetI [command] = C:\Windows\PLFSetI.exe (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: Persistence [command] = C:\Windows\system32\igfxpers.exe (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: PosService [command] = C:\Users\Public\Documents\AppData\PoApp\PLauncher.exe (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: RtHDVCpl [command] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: SynTPEnh [command] = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: VDownloader [command] = C:\Program Files\VDownloader\VDownloader.exe /silent (HKLM) (2021/12/20) (file missing)
O4 - MSConfig\startupreg: VMware hqtray [command] = C:\Program Files (x86)\VMware\VMware Player\hqtray.exe (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: VideoWebCamera [command] = C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe -a (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: swg [command] = C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (HKCU) (2021/12/20)
O7 - Taskbar policy: HKCU\..\Explorer\Advanced: [Start_ShowRun] = 0
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver: (default) = C:\Windows\system32\GPhotos.scr (file missing)
O8 - Context menu item: HKU\S-1-5-19\..\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver: (default) = C:\Windows\system32\GPhotos.scr (file missing)
O8 - Context menu item: HKU\S-1-5-20\..\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver: (default) = C:\Windows\system32\GPhotos.scr (file missing)
O9-32 - Button: HKLM\..\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}: (no name) - C:\Program Files (x86)\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9-32 - Button: HKLM\..\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Inserisci blog - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9-32 - Tools menu item: HKLM\..\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}: Sun Java Console - C:\Program Files (x86)\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9-32 - Tools menu item: HKLM\..\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Pubblica su un &blog in Windows Live Writer - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O16-32 - DPF: HKLM\..\{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\DownloadInformation: QuickTime Plugin Control [CODEBASE] = http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16-32 - DPF: HKLM\..\{8AD9C840-044E-11D1-B3E9-00805F499D93}\DownloadInformation: Java Plug-in 1.4.2_06 [CODEBASE] = http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
O16-32 - DPF: HKLM\..\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\DownloadInformation: Java Plug-in 1.4.2_06 [CODEBASE] = http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
O17 - DHCP DNS 1: 8.8.8.8 (Well-known DNS: Google)
O17 - DHCP DNS 2: 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{05355D45-4364-4E59-BC8E-DE8B2000CFE1}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{05355D45-4364-4E59-BC8E-DE8B2000CFE1}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{12B94EF1-4C06-4F43-A760-1530512C3422}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{12B94EF1-4C06-4F43-A760-1530512C3422}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{236FEBA5-6EC8-48BF-9FF1-78E0FFBB667F}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{236FEBA5-6EC8-48BF-9FF1-78E0FFBB667F}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{05355D45-4364-4E59-BC8E-DE8B2000CFE1}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{05355D45-4364-4E59-BC8E-DE8B2000CFE1}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{12B94EF1-4C06-4F43-A760-1530512C3422}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{12B94EF1-4C06-4F43-A760-1530512C3422}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{236FEBA5-6EC8-48BF-9FF1-78E0FFBB667F}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{236FEBA5-6EC8-48BF-9FF1-78E0FFBB667F}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O18 - HKLM\Software\Classes\Protocols\Handler\wlpg: [CLSID] = {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\Gestore icona firma digitale di AutoCAD: AcSignIcon - {36A21736-36C2-4C11-8ACB-D4136F2B57BD} - C:\Windows\system32\AcSignIcon.dll
O22 - Task (.job): (disabled) Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O22 - Task (.job): GlaryInitialize.job - C:\Program Files (x86)\Glary Utilities\initialize.exe
O22 - Task: (activation) \Microsoft\Windows\Windows Activation Technologies\ValidationTask - C:\Windows\system32\Wat\WatAdminSvc.exe /run (Microsoft)
O22 - Task: (activation) \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - C:\Windows\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
O22 - Task: (disabled) Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O22 - Task: (disabled) CreateChoiceProcessTask - C:\Windows\System32\browserchoice.exe /launch
O22 - Task: (disabled) GlaryInitialize - C:\Program Files (x86)\Glary Utilities\initialize.exe
O22 - Task: (disabled) GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: (disabled) GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: (disabled) RealPlayerRealUpgradeLogonTaskS-1-5-21-1653504487-937080709-3891541705-1000 - C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /logoncheck (file missing)
O22 - Task: (disabled) RealPlayerRealUpgradeScheduledTaskS-1-5-21-1653504487-937080709-3891541705-1000 - C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /scheduledcheck (file missing)
O22 - Task: (disabled) {75605349-50F5-4B89-BBC8-F7DAE1BB5B1D} - C:\Windows\system32\pcalua.exe -a C:\Users\Awad\Desktop\eMule0.49c-Installer2.exe -d "C:\Program Files (x86)\Mozilla Firefox"
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\CompatTelRunner.exe (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\ProgramDataUpdater - C:\Windows\system32\compattelrunner.exe -maintenance (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Customer Experience Improvement Program\Uploader - C:\Windows\system32\WSqmCons.exe -u (Microsoft)
O22 - Task: (update) \Microsoft\Windows\End Of Support\Notify1 - C:\Windows\system32\sipnotify.exe -LogonOrUnlock (Microsoft)
O22 - Task: (update) \Microsoft\Windows\End Of Support\Notify2 - C:\Windows\system32\sipnotify.exe -Daily (Microsoft)
O22 - Task: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
O22 - Task: CCleanerSkipUAC - Awad - C:\Program Files\CCleaner\CCleaner.exe $(Arg0)
O22 - Task: \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task - {3519154C-227E-47F3-9CC9-12C3F05817F1} - (no file)
O22 - Task: \Mozilla\Firefox Default Browser Agent E7CF176E110C211B - C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
O23 - Service R2: Diagnostics Tracking Service - (DiagTrack) - C:\Windows\System32\svchost.exe -k utcsvc; "ServiceDll" = C:\Windows\system32\diagtrack.dll
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service R2: Updater Service - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service S3: Adobe Active File Monitor V8 - (AdobeActiveFileMonitor8.0) - c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: Autodesk Licensing Service - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service S3: Autodesk Network Licensing Service - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskNetSrv.exe
O23 - Service S3: Dritek WMI Service - (DsiWMIService) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service S3: FLEXnet Licensing Service - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service S3: GameConsoleService - C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe
O23 - Service S3: Google Software Updater - (gusvc) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service S3: Intel(R) Management & Security Application User Notification Service - (UNS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service S3: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service S3: Intel(R) Rapid Storage Technology - (IAStorDataMgrSvc) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: NTI IScheduleSvc - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe (file missing)
O23 - Service S3: Pos Service - (PowerOffer Service) - C:\Users\Awad\AppData\Local\PosService\Pos.exe
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Servizio di Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: TeamViewer 7 - (TeamViewer7) - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service S3: TurboBoost - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service S3: VMware Agent Service - (ufad-ws60) - C:\Program Files (x86)\VMware\VMware Player\vmware-ufad.exe -d "C:\Program Files (x86)\VMware\VMware Player\\" -s ufad-p2v.xml
O23 - Service S3: VMware Authorization Service - (VMAuthdService) - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
O23 - Service S3: VMware DHCP Service - (VMnetDHCP) - C:\Windows\SysWOW64\vmnetdhcp.exe
O23 - Service S3: VMware NAT Service - C:\Windows\SysWOW64\vmnat.exe
O23 - Service S3: VMware USB Arbitration Service - (VMUSBArbService) - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service S3: Windows Live Family Safety Service - (fsssvc) - C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe


--
End of file - Time spent: 94,3 sec. - 35140 bytes, CRC32: FFFFFFFF. Sign: ž
Torna in alto
 
Sponsor
Inviato: Tuesday, December 21, 2021 10:13:32 AM

 
Torna in alto
 
sabbb
Inviato: Tuesday, December 21, 2021 2:09:55 PM
Rank: AiutAmico

Iscritto dal : 9/12/2009
Posts: 6,632
Fossi in te scaricherei una bella iso di windows,la caricherei sul desktop,poi con un programma che monta le iso farei partire il setup,con conseguente risultato che ti ritrovi Windows 10,al posto di quel coso obsoleto.
Appena finito la procedura,andrei in impostazioni ripristino e sicurezza e reinstallerei Windows da zero (senza cd,iso o quello che è) senza salvare partizioni e dati.

Il risultato: ti ritroveresti un Windows ("decente") bello ,pulito e aggiornato. ( e nessun log da controllare)
Torna in alto
 
giza
Inviato: Tuesday, December 21, 2021 2:30:39 PM

Rank: AiutAmico

Iscritto dal : 10/27/2006
Posts: 9,617
ma dai, è il pc di mio figlio e si è già incazzato che ho messo le mani per dare una ripulita. questo non lo usava più da anni.
Torna in alto
 
sabbb
Inviato: Tuesday, December 21, 2021 5:31:59 PM
Rank: AiutAmico

Iscritto dal : 9/12/2009
Posts: 6,632
Ma tu dici una cosa alla volta,mica faccio il mago?
Leggi su quello che hai scritto,nulla faceva pensare che non era tuo Anxious
Va beh,aspetta il controllo...
Torna in alto
 
giza
Inviato: Tuesday, December 21, 2021 5:47:10 PM

Rank: AiutAmico

Iscritto dal : 10/27/2006
Posts: 9,617
ho scritto trovato nella tomba di Nefertiti. trovato.
cmq leggi le profezie di nostradamus e li troverai la storia di questo picì
Torna in alto
 
sabbb
Inviato: Tuesday, December 21, 2021 6:30:35 PM
Rank: AiutAmico

Iscritto dal : 9/12/2009
Posts: 6,632
Trovato ha un significato ok,ma lo stesso termine ,o comunqua da solo non dice se ha ancora un proprietario.
Credevo trovato abbandonato nella cantina o altrove.
Invece è trovato ma depositato da altri. Speak to the hand Drool

Torna in alto
 
giza
Inviato: Wednesday, December 22, 2021 9:51:17 AM

Rank: AiutAmico

Iscritto dal : 10/27/2006
Posts: 9,617
grrrr monsee 2 !!!!

poi ho altri quiz da proporti. indovina indovinello
Torna in alto
 
sabbb
Inviato: Wednesday, December 22, 2021 12:40:27 PM
Rank: AiutAmico

Iscritto dal : 9/12/2009
Posts: 6,632
Ad avercene di persone come monsee (mi calmerei un poco. E si ,parte delle mie sofferenze sono dovute proprio al "circondariato" pressochè arido.. non è diretto a te tranquillo)

Veniamo al dunque: credo che tuo figlio ha dei dati in E (vedi di farglieli scomparire ,mi raccomando d'oh! ) e l'altra partizione mi pare ha un dual boot (non saprei se ancora esistente) con XP .

Vedi tu Drool
Torna in alto
 
giza
Inviato: Wednesday, December 22, 2021 12:53:50 PM

Rank: AiutAmico

Iscritto dal : 10/27/2006
Posts: 9,617
si, dati E restano ma vorrei uificare con f eliminando xp
Torna in alto
 
sabbb
Inviato: Wednesday, December 22, 2021 2:32:38 PM
Rank: AiutAmico

Iscritto dal : 9/12/2009
Posts: 6,632
tasto dx (da gestione computer) sulla partizione,quindi elimina.
Dopo espandi (dalla partizione E).

Se te lo fa fare,non mi ricordo se Win 7 aveva già la funzione ,altrimenti devi usare un programma tipo Easeus oppure MiniToolPartition (ma ce ne sono vari).
Torna in alto
 
giza
Inviato: Wednesday, December 22, 2021 3:57:49 PM

Rank: AiutAmico

Iscritto dal : 10/27/2006
Posts: 9,617
bravo, grazie e tantissimi auguri di buone feste.
Torna in alto
 
wolfestein
Inviato: Wednesday, December 22, 2021 7:06:01 PM

Rank: AiutAmico

Iscritto dal : 2/15/2009
Posts: 15,951
Oppure usa la partizione di ripristino e riporta il pc alla condizione di fabbrica però assicurati quale era il sistema operativo originale.
Comunque come dice sabbb un bel W10 ci starebbe bene.
Torna in alto
 
sabbb
Inviato: Wednesday, December 22, 2021 8:10:10 PM
Rank: AiutAmico

Iscritto dal : 9/12/2009
Posts: 6,632
Prego ; buone feste anche a te Speak to the hand

Torna in alto
 
cbbusto
Inviato: Wednesday, December 22, 2021 8:53:33 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
giza ha scritto:
un pc riesumato dopo diversi anni. trovato nella tomba di Nefertiti
(avevo anche disabilitato gli avvii con ccleaner.)

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26

Platform: x64 Windows 7 (Home Premium), 6.1.7601.24525, Service Pack: 1
Time: 21.12.2021 - 10:09 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: Awad (group: Administrator) on AWAD-PC, FirstRun: yes

Firefox: 95.0.2.8022
Internet Explorer: 11.0.9600.19467
Default: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)

Boot mode: Normal

Running processes:
Number | Path
9 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
1 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
1 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
1 C:\Program Files\Microsoft Security Client\MsMpEng.exe
1 C:\Program Files\Microsoft Security Client\NisSrv.exe
1 C:\Program Files\Microsoft Security Client\msseces.exe
1 C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
1 C:\Users\Awad\Desktop\HiJackThis\HiJackThis.exe
1 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
1 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\hkcmd.exe
1 C:\Windows\System32\igfxpers.exe
1 C:\Windows\System32\igfxtray.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\lsm.exe
1 C:\Windows\System32\rundll32.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
1 C:\Windows\System32\sppsvc.exe
13 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskeng.exe
2 C:\Windows\System32\taskhost.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\wuauclt.exe
1 C:\Windows\explorer.exe
1 C:\Windows\servicing\TrustedInstaller.exe

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: [SuggestionsURL,SuggestionsURLFallback] = http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding} - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: [URL] = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW_itIT440IT440 - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: [SuggestionsURL,SuggestionsURLFallback] = http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding} - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: [URL] = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 - Google
O2 - HKLM\..\BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
O2 - HKLM\..\BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2-32 - HKLM\..\BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2-32 - HKLM\..\BHO: Guida per l'accesso a Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - HKLM\..\Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
O3-32 - HKLM\..\Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [HotKeysCmds] = C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [IgfxTray] = C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [MSC] = c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey
O4 - HKLM\..\Run: [Persistence] = C:\Windows\system32\igfxpers.exe
O4 - HKU\.DEFAULT\..\RunOnce: [SPReview] = C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
O4 - MSConfig\startupreg: CCleaner Smart Cleaning [command] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (HKCU) (2021/12/20)
O4 - MSConfig\startupreg: HotKeysCmds [command] = C:\Windows\system32\hkcmd.exe (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: IAStorIcon [command] = C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: IgfxTray [command] = C:\Windows\system32\igfxtray.exe (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: LManager [command] = C:\Program Files (x86)\Launch Manager\LManager.exe (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: Logitech Download Assistant [command] = C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: MSC [command] = c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: PLFSetI [command] = C:\Windows\PLFSetI.exe (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: Persistence [command] = C:\Windows\system32\igfxpers.exe (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: PosService [command] = C:\Users\Public\Documents\AppData\PoApp\PLauncher.exe (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: RtHDVCpl [command] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: SynTPEnh [command] = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: VDownloader [command] = C:\Program Files\VDownloader\VDownloader.exe /silent (HKLM) (2021/12/20) (file missing)
O4 - MSConfig\startupreg: VMware hqtray [command] = C:\Program Files (x86)\VMware\VMware Player\hqtray.exe (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: VideoWebCamera [command] = C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe -a (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: swg [command] = C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (HKCU) (2021/12/20)
O7 - Taskbar policy: HKCU\..\Explorer\Advanced: [Start_ShowRun] = 0
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver: (default) = C:\Windows\system32\GPhotos.scr (file missing)
O8 - Context menu item: HKU\S-1-5-19\..\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver: (default) = C:\Windows\system32\GPhotos.scr (file missing)
O8 - Context menu item: HKU\S-1-5-20\..\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver: (default) = C:\Windows\system32\GPhotos.scr (file missing)
O9-32 - Button: HKLM\..\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}: (no name) - C:\Program Files (x86)\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9-32 - Button: HKLM\..\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Inserisci blog - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9-32 - Tools menu item: HKLM\..\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}: Sun Java Console - C:\Program Files (x86)\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9-32 - Tools menu item: HKLM\..\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Pubblica su un &blog in Windows Live Writer - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O16-32 - DPF: HKLM\..\{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\DownloadInformation: QuickTime Plugin Control [CODEBASE] = http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16-32 - DPF: HKLM\..\{8AD9C840-044E-11D1-B3E9-00805F499D93}\DownloadInformation: Java Plug-in 1.4.2_06 [CODEBASE] = http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
O16-32 - DPF: HKLM\..\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\DownloadInformation: Java Plug-in 1.4.2_06 [CODEBASE] = http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
O17 - DHCP DNS 1: 8.8.8.8 (Well-known DNS: Google)
O17 - DHCP DNS 2: 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{05355D45-4364-4E59-BC8E-DE8B2000CFE1}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{05355D45-4364-4E59-BC8E-DE8B2000CFE1}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{12B94EF1-4C06-4F43-A760-1530512C3422}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{12B94EF1-4C06-4F43-A760-1530512C3422}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{236FEBA5-6EC8-48BF-9FF1-78E0FFBB667F}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{236FEBA5-6EC8-48BF-9FF1-78E0FFBB667F}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{05355D45-4364-4E59-BC8E-DE8B2000CFE1}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{05355D45-4364-4E59-BC8E-DE8B2000CFE1}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{12B94EF1-4C06-4F43-A760-1530512C3422}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{12B94EF1-4C06-4F43-A760-1530512C3422}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{236FEBA5-6EC8-48BF-9FF1-78E0FFBB667F}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{236FEBA5-6EC8-48BF-9FF1-78E0FFBB667F}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O18 - HKLM\Software\Classes\Protocols\Handler\wlpg: [CLSID] = {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\Gestore icona firma digitale di AutoCAD: AcSignIcon - {36A21736-36C2-4C11-8ACB-D4136F2B57BD} - C:\Windows\system32\AcSignIcon.dll
O22 - Task (.job): (disabled) Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O22 - Task (.job): GlaryInitialize.job - C:\Program Files (x86)\Glary Utilities\initialize.exe
O22 - Task: (activation) \Microsoft\Windows\Windows Activation Technologies\ValidationTask - C:\Windows\system32\Wat\WatAdminSvc.exe /run (Microsoft)
O22 - Task: (activation) \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - C:\Windows\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
O22 - Task: (disabled) Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O22 - Task: (disabled) CreateChoiceProcessTask - C:\Windows\System32\browserchoice.exe /launch
O22 - Task: (disabled) GlaryInitialize - C:\Program Files (x86)\Glary Utilities\initialize.exe
O22 - Task: (disabled) GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: (disabled) GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: (disabled) RealPlayerRealUpgradeLogonTaskS-1-5-21-1653504487-937080709-3891541705-1000 - C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /logoncheck (file missing)
O22 - Task: (disabled) RealPlayerRealUpgradeScheduledTaskS-1-5-21-1653504487-937080709-3891541705-1000 - C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /scheduledcheck (file missing)
O22 - Task: (disabled) {75605349-50F5-4B89-BBC8-F7DAE1BB5B1D} - C:\Windows\system32\pcalua.exe -a C:\Users\Awad\Desktop\eMule0.49c-Installer2.exe -d "C:\Program Files (x86)\Mozilla Firefox"
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\CompatTelRunner.exe (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\ProgramDataUpdater - C:\Windows\system32\compattelrunner.exe -maintenance (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Customer Experience Improvement Program\Uploader - C:\Windows\system32\WSqmCons.exe -u (Microsoft)
O22 - Task: (update) \Microsoft\Windows\End Of Support\Notify1 - C:\Windows\system32\sipnotify.exe -LogonOrUnlock (Microsoft)
O22 - Task: (update) \Microsoft\Windows\End Of Support\Notify2 - C:\Windows\system32\sipnotify.exe -Daily (Microsoft)
O22 - Task: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
O22 - Task: CCleanerSkipUAC - Awad - C:\Program Files\CCleaner\CCleaner.exe $(Arg0)
O22 - Task: \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task - {3519154C-227E-47F3-9CC9-12C3F05817F1} - (no file)
O22 - Task: \Mozilla\Firefox Default Browser Agent E7CF176E110C211B - C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
O23 - Service R2: Diagnostics Tracking Service - (DiagTrack) - C:\Windows\System32\svchost.exe -k utcsvc; "ServiceDll" = C:\Windows\system32\diagtrack.dll
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service R2: Updater Service - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service S3: Adobe Active File Monitor V8 - (AdobeActiveFileMonitor8.0) - c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: Autodesk Licensing Service - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service S3: Autodesk Network Licensing Service - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskNetSrv.exe
O23 - Service S3: Dritek WMI Service - (DsiWMIService) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service S3: FLEXnet Licensing Service - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service S3: GameConsoleService - C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe
O23 - Service S3: Google Software Updater - (gusvc) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service S3: Intel(R) Management & Security Application User Notification Service - (UNS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service S3: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service S3: Intel(R) Rapid Storage Technology - (IAStorDataMgrSvc) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: NTI IScheduleSvc - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe (file missing)
O23 - Service S3: Pos Service - (PowerOffer Service) - C:\Users\Awad\AppData\Local\PosService\Pos.exe
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Servizio di Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: TeamViewer 7 - (TeamViewer7) - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service S3: TurboBoost - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service S3: VMware Agent Service - (ufad-ws60) - C:\Program Files (x86)\VMware\VMware Player\vmware-ufad.exe -d "C:\Program Files (x86)\VMware\VMware Player\\" -s ufad-p2v.xml
O23 - Service S3: VMware Authorization Service - (VMAuthdService) - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
O23 - Service S3: VMware DHCP Service - (VMnetDHCP) - C:\Windows\SysWOW64\vmnetdhcp.exe
O23 - Service S3: VMware NAT Service - C:\Windows\SysWOW64\vmnat.exe
O23 - Service S3: VMware USB Arbitration Service - (VMUSBArbService) - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service S3: Windows Live Family Safety Service - (fsssvc) - C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe


--
End of file - Time spent: 94,3 sec. - 35140 bytes, CRC32: FFFFFFFF. Sign: ž



Ti conviene tenere win 7 visto che il pc è vecchiotto.
Fixa ed elimina le seguenti righe:

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: [SuggestionsURL,SuggestionsURLFallback] = http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding} - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: [URL] = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW_itIT440IT440 - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: [SuggestionsURL,SuggestionsURLFallback] = http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding} - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: [URL] = http://www.google.com
O2 - HKLM\..\BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
O2-32 - HKLM\..\BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - HKLM\..\Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
O3-32 - HKLM\..\Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [HotKeysCmds] = C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [IgfxTray] = C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [Persistence] = C:\Windows\system32\igfxpers.exe
O4 - HKU\.DEFAULT\..\RunOnce: [SPReview] = C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
O4 - MSConfig\startupreg: CCleaner Smart Cleaning [command] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (HKCU) (2021/12/20)
O4 - MSConfig\startupreg: HotKeysCmds [command] = C:\Windows\system32\hkcmd.exe (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: IAStorIcon [command] = C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: IgfxTray [command] = C:\Windows\system32\igfxtray.exe (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: LManager [command] = C:\Program Files (x86)\Launch Manager\LManager.exe (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: Logitech Download Assistant [command] = C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: MSC [command] = c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: PLFSetI [command] = C:\Windows\PLFSetI.exe (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: Persistence [command] = C:\Windows\system32\igfxpers.exe (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: PosService [command] = C:\Users\Public\Documents\AppData\PoApp\PLauncher.exe (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: RtHDVCpl [command] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: SynTPEnh [command] = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: VDownloader [command] = C:\Program Files\VDownloader\VDownloader.exe /silent (HKLM) (2021/12/20) (file missing)
O4 - MSConfig\startupreg: VMware hqtray [command] = C:\Program Files (x86)\VMware\VMware Player\hqtray.exe (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: VideoWebCamera [command] = C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe -a (HKLM) (2021/12/20)
O4 - MSConfig\startupreg: swg [command] = C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (HKCU) (2021/12/20)
O7 - Taskbar policy: HKCU\..\Explorer\Advanced: [Start_ShowRun] = 0
Poi fai le solite pulizie che conosci, importante pulire il Registro con E.F.R.C.
Per il resto è a posto.
Ciao e Buon Natale
Torna in alto
 
cbbusto
Inviato: Wednesday, December 22, 2021 8:58:17 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
sabbb ha scritto:
Ad avercene di persone come monsee (mi calmerei un poco. E si ,parte delle mie sofferenze sono dovute proprio al "circondariato" pressochè arido.. non è diretto a te tranquillo)

Veniamo al dunque: credo che tuo figlio ha dei dati in E (vedi di farglieli scomparire ,mi raccomando d'oh! ) e l'altra partizione mi pare ha un dual boot (non saprei se ancora esistente) con XP .

Vedi tu Drool


Monsee è un paranoico e presuntuoso, infatti è stato cacciato da altri forum.
Torna in alto
 
giza
Inviato: Thursday, December 23, 2021 8:52:25 AM

Rank: AiutAmico

Iscritto dal : 10/27/2006
Posts: 9,617
grazie cbbusto e buone feste anche a te

eliminata partiz con xp e unito spazio ad E
Torna in alto
 
sabbb
Inviato: Friday, December 24, 2021 10:55:46 AM
Rank: AiutAmico

Iscritto dal : 9/12/2009
Posts: 6,632
cbbusto ha scritto:


Monsee è un paranoico e presuntuoso, infatti è stato cacciato da altri forum.
Premesso che è una tua opninione (e di pochi altri, lo sapete solo voi cosa vi raccontate,ma non ha nessuna importanza) mi piacerebbe capire su quale basi sono fondate queste due cose. Magari qualche esempio o annedoto specifico,così la vediamo tutti quanti questa presunzione. Quanto al fatto che è stato cacciato dai forum anche questo mi piacerebbe sapere come fai a saperlo.
Magari se ne andato lui. E se anche lo hanno cacciato ci sarebbe da vedere la dinamica.. .

L'unico errore di monsee (e non solo) è stato quello di aiutare sempre gli altri,nonostante sapesse di avere a che fare con i caproni,ma prima ancora , 'l'errore più grave' è quello di aver tentato di dare le perle ai maiali.

PS. Ho tentato di fare finta di non aver letto. Ma invece ho visto. (Magari se era ancora qui o sapessi che prima o poi leggeva avrei lasciato a lui la replica,ma visto che è improbabile che viene a leggere, non solo come amico ma anche come stimatore di monsee mi sono sentito in dovere di dire la mia,fortunatamente per voi altri,mi sono tenuto pure basso) Speak to the hand

Torna in alto
 
cbbusto
Inviato: Friday, December 24, 2021 5:40:14 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Sabbb la devi smettere di fare degli interventi e offese senza ragione su fatti che non conosci. Hai dato dei capron e maiali agli aiutamici.
Con Monsee ho avuto diverse discussioni, i vecchi amici del forum ne sono a canoscenza, una volta ha fatto un grosso errore in una risposta, gli ho documentato l'errore mandando il link del sito che dimostrava il suo torto, ha continuato a insistere dicendo che lui non sbagliava mai, piuttosto che riconoscere l'errore si è allontanato da aiutamici.
Dal forum di Majorana lo hanno depennato. Ti basta o no.
Dovresti moderare i termini.
Torna in alto
 
sabbb
Inviato: Friday, December 24, 2021 7:18:16 PM
Rank: AiutAmico

Iscritto dal : 9/12/2009
Posts: 6,632
cbbusto ha scritto:
Sabbb la devi smettere di fare degli interventi e offese
paranoico e presuntuoso allora è quando ti fanno i complimenti a te? Tu parti con delle super offese e vorresti fare la morale proprio a me? Quanto agli interventi fino a quando non morirò,mi dovrete sopportare,peraltro io non sopporto la vostra stupidaggine? Think

cbbusto ha scritto:
enza ragione su fatti che non conosci.
Ma io non ero altrove. Conosco quello che insieme agli altri ho veduto qui ed ho visto una persona disponibile a diciamolo anche più preparato di tanti altri!

cbbusto ha scritto:
Hai dato dei capron e maiali agli aiutamici.
Non fare il manipolatore di parole,con me caschi malissimo.... Si capisce che non è generale ed è sottinteso che non sono tutti caproni,ne qui ne per la strada! Tuttavia i fatti (e non le chiacchiere) parlano chiaro.

cbbusto ha scritto:

Con Monsee ho avuto diverse discussioni, i vecchi amici del forum ne sono a canoscenza, una volta ha fatto un grosso errore in una risposta, gli ho documentato l'errore mandando il link del sito che dimostrava il suo torto, ha continuato a insistere dicendo che lui non sbagliava mai, piuttosto che riconoscere l'errore si è allontanato da aiutamici.
Anche io ho avuto qualche screzio e mica solo con monsee? Ma togliendo quei 3 depressi e repressi di cui non faccio neanche i nomi, con quegli amici che ho avuto delle divergenze di opinioni non ci siamo MAI inalberati,probabilmente perchè da entrambe le parti ci stava sia la stima oppure abbiamo capito entrambi che la vita è bella anche perchè varia. Allontanato per quell'episodio che racconti da aiutamici?
Guarda che ci stavo pure io qui sopra. Mi ricordo perchè monsee se ne andato,non mi risulta che è per via di quello che hai detto tu.
Monsee se ne andò poichè nella sezione virus ecc ci stava gente che voleva fare l'esperto,gente che veniva a fare solo danni.
Il gentil Shapiro ,insieme a r16,gran persona anche lui , dovevano fare il doppio del lavoro per aiutare gli altri. Al che monsee e non solo "reclamava" o comunque chiedeva che ci fossero dei moderatori. La cosa non è mai accaduta , e tira di qua tira di la alla fine ha preferito andarsene. Almeno questo io ricordo,per cui siamo onesti,preferibilmente sempre!
cbbusto ha scritto:


Dal forum di Majorana lo hanno depennato. Ti basta o no.
Che dal forum majorana lo hanno cacciato no,non mi basta,anche qui caschi male: conosco bene (almeno fino a quando ci stavo pure io, gli individui che lo componevano. Tra l'altro favevo parte del team moderatori,fa un po' te..!) e posso assicurarti che non fa testo che lo hanno mandato via da li! Ma che ti credi che i caproni non ci stavano pure li?! io stesso mi sono imbattuto in una sciacquetta che voleva fare la tipa istruita,al che ho risposto male nella sezione a noi solo dedicata,sapendo benissimo che poi me ne dovevo andare. E che significa? Hanno cacciato pure me? Ma non farmi rridere! (Fermo restando che ci stava gente capace, a modo e preparata anche li)

cbbusto ha scritto:


Dovresti moderare i termini.
Ma ti leggi quando scrivi?
E ti ascolti quando parli?
No,ho dei dubbi....sai com'è..
Torna in alto
 
Utenti presenti in questo topic
Guest

2 pages: [1] 2

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » controllo log HiJackThis un pc riesumato . grazie


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.