Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Controllo log Hijack This Opzioni
patton
Inviato: Friday, May 17, 2013 7:47:21 AM
Rank: AiutAmico

Iscritto dal : 5/15/2004
Posts: 245
Noto una lentezza nell'eseguire le applicazioni.Inoltre mi nega l'accesso alle seguenti cartelle C:\Documentis and Settings, C:\programmi.
Allego il log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 07:40:36, on 17/05/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16576)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Softland\FBackup 4\fbaSched.exe
C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
C:\Program Files\EaseUS\Todo Backup\bin\EuWatch.exe
C:\Program Files\EaseUS\Todo Backup\bin\TrayNotify.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Cobian Backup 11\Cobian.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\Utente\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Qlock\qlock.exe
C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files\Cobian Backup 11\cbInterface.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Windows\explorer.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://it.msn.com/?pc=UP21&ocid=UP21DHP&dt=051413
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [emsisoft anti-malware] "c:\program files\emsisoft anti-malware\a2guard.exe" /d=60
O4 - HKLM\..\Run: [snpstd] C:\Windows\vsnpstd.exe
O4 - HKLM\..\Run: [EaseUs Watch] "C:\Program Files\EaseUS\Todo Backup\bin\EuWatch.exe"
O4 - HKLM\..\Run: [EaseUs Tray] "C:\Program Files\EaseUS\Todo Backup\bin\TrayNotify.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Cobian Backup 11] "C:\Program Files\Cobian Backup 11\Cobian.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO DI RETE')
O4 - Startup: Dropbox.lnk = Utente\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: qlock.lnk = C:\Program Files\Qlock\qlock.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://www.redshift.maris.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{6BFF2772-B973-42E8-96AD-0627B6F96425}: NameServer = 62.13.173.92 62.13.173.93
O17 - HKLM\System\CCS\Services\Tcpip\..\{EBA7AA67-1238-429D-B2D0-DC15B899E155}: NameServer = 62.13.173.92 62.13.173.93
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Emsisoft Anti-Malware 6.0 - Service (a2AntiMalware) - Emsisoft GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Cobian Backup 11 Servizio Volume Shadow Copy (cbVSCService11) - CobianSoft, Luis Cobian - C:\Program Files\Cobian Backup 11\cbVSCService11.exe
O23 - Service: Chiavetta Internet E353 21.6. OUC (Chiavetta Internet E353 21.6. RunOuc) - Unknown owner - C:\Program Files\Chiavetta Internet E353 21.6\UpdateDog\ouc.exe
O23 - Service: EaseUS Agent - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe
O23 - Service: Guard Agent - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: HWDeviceService.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Macrium Reflect Image Mounting Service (ReflectService.exe) - Unknown owner - C:\Program Files\Macrium\Reflect\ReflectService.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

Ciao

--
End of file - 9186 bytes
Sponsor
Inviato: Friday, May 17, 2013 7:47:21 AM

 
patton
Inviato: Monday, May 20, 2013 10:06:34 PM
Rank: AiutAmico

Iscritto dal : 5/15/2004
Posts: 245
patton ha scritto:
Noto una lentezza nell'eseguire le applicazioni.Inoltre mi nega l'accesso alle seguenti cartelle C:\Documentis and Settings, C:\programmi-

C'è qualcuno che mi controlla il mio Log HijackThis per vedere se ci sono problemi.
Grazie
cbbusto
Inviato: Monday, May 20, 2013 11:27:45 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Il log non presenta problemi, ci sono dei programmi e servizi sconosciuti, ti metto i nomi dimmi se li conosci:

C:\ProgramData\DatacardService\DCSHelper.exe ?
Service: 602Updater - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe ?
Service: HWDeviceService.exe ?
Conosi questo sito ? http://www.redshift.maris.com
Dammi le risposte poi eventualmente ti dico cosa fare.
Nel frattempo fai questa scansione:

Scarica Adwcleaner sul desktop:
http://general-changelog-team.fr/en/downloads/finish/20-outils-de-xplode/2-adwcleaner
Avvialo e clicca sul pulsante "Elimina", non cliccare su Cerca.
Conferma con OK le varie finestre che ti compariranno.
Il pc si riavvierà, e uscirà il log con le eliminazioni.
Postalo qui.
Ciao
patton
Inviato: Tuesday, May 21, 2013 9:03:17 AM
Rank: AiutAmico

Iscritto dal : 5/15/2004
Posts: 245
Ciao cbbusto,
Le voci C:\ProgramData\DatacardService\DCSHelper.exe e Service: HWDeviceService.exe penso siano legate al programma di installazione della chiavetta Internet e353 21.6 della HUAWEI Mobile Broadband che adopero in poche occassioni.
Questa voce: Service: 602Updater - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe non la conosco
Il sito redshift.maris.com è legato a un programma di astronomia in inglese che ritengo sicuro perchè lo adopero da sempre .

Ti allego il log di Adw cleaner:

# AdwCleaner v2.301 - Logfile creato il 21/05/2013 alle 08:39:13
# Aggiornamento 16/05/2013 by Xplode
# Sistema Operativo : Windows 7 Ultimate Service Pack 1 (32 bits)
# Utente : Utente - UTENTE-PC
# Modalità Avvio : Modalità Normale
# Eseguito da : C:\Users\Utente\Desktop\AdwCleaner.exe
# Opzioni [Elimina]


***** [Servizi] *****


***** [File / Cartelle] *****

Cartella Eliminato : C:\Program Files\Common Files\DVDVideoSoft\TB

***** [Registro] *****

Chiave Eliminata : HKCU\Software\AppDataLow\Software\MyAshampoo\toolbar
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467

***** [Browser Internet] *****

-\\ Internet Explorer v10.0.9200.16576

[OK] Registro Pulito.

-\\ Mozilla Firefox v21.0 (it)

File : C:\Users\Utente\AppData\Roaming\Mozilla\Firefox\Profiles\pw4lsdkf.default\prefs.js

Eliminata : user_pref("extensions.dealply.channel", "vitaeazel");

-\\ Google Chrome v26.0.1410.64

File : C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File Pulito.

-\\ Opera v12.15.1748.0

File : C:\Users\Utente\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File Pulito.

*************************

AdwCleaner[R1].txt - [21590 octets] - [20/02/2013 04:58:17]
AdwCleaner[R2].txt - [21651 octets] - [20/02/2013 05:51:57]
AdwCleaner[R3].txt - [22848 octets] - [27/02/2013 17:15:23]
AdwCleaner[S1].txt - [340 octets] - [20/02/2013 05:54:46]
AdwCleaner[S2].txt - [23363 octets] - [27/02/2013 17:16:17]
AdwCleaner[S3].txt - [1440 octets] - [28/02/2013 16:52:34]
AdwCleaner[S4].txt - [2908 octets] - [11/04/2013 21:33:20]
AdwCleaner[S5].txt - [1945 octets] - [21/05/2013 08:39:13]

########## EOF - C:\AdwCleaner[S5].txt - [2005 octets] ##########

cbbusto
Inviato: Tuesday, May 21, 2013 10:47:21 AM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Infezioni non ce ne sono, anche ADW ha trovato poco quindi la lentezza che lamenti non riguarda la navigazione ma solo l'apertura dei programmi o delle applicazioni, ci sarebbe qualche voce in avvio inutile che si potrebbe togliere ma non so quanto si possa guadagnare in velocità, se il disco è molto frammentato può creare dei rallentamenti, tienilo deframmentato.
Si possono disabilitare i servizi che riguardano le voci che non conosci, vai in Strumenti di amministrazione>Servizi e cerca queste voci:
602Updater (602XML Updater) - Software602 a.s
HWDeviceService.exe fai doppio clic su ognuna e poi in tipo di Avvio metti disabilitato, ok esci, se per caso si dovessero riscontrare problemi li puoi sempre riattivare.
Non vedo altro. Ciao
Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.