• Non sono ammesse registrazioni con indirizzi email temporanei usa e getta

Importante Richiesta controllo Logfile of HijackThis (Versione 2.10.0.31) del 06/05/2023

Cancella tutto il contenuto della cartella temp

C:Windows/temp.

Fai una scansione completa con l'antivirus.

Aggiorna Firefox.

Elimina R3 e tutti gli 010 (in genere gli 010 vengono creati da Malware)

Poi dopo aver fatto tutto quello sopra, rimetti il log
 
ERCOLINO ha scritto:
Cancella tutto il contenuto della cartella temp

C:Windows/temp.

Fai una scansione completa con l'antivirus.

Aggiorna Firefox.

Elimina R3 e tutti gli 010 (in genere gli 010 vengono creati da Malware)

Poi dopo aver fatto tutto quello sopra, rimetti il log
Clicca per espandere...
R3 eliminato ma tutti gli 010 non me li fa eliminare anche la cartella temp non riesco a eliminare tutti i file neanche in modalità provvisoria. Adesso sto tentando un ripristino dei file con punto di ripristino antecedente.
 
[h=3]Deprecated, and NOT Windows 10 compatible![/h][h=3]Please check out Uncle Carey’s Windows 10 NetFix instead![/h][FONT=source_sans_proregular]Current Version 1.2[/FONT]
[FONT=source_sans_proregular]WinsockReset is a quick n’ dirty utility I wrote to reset the winsock. (This utility is included in d7 v7.7.72+)[/FONT]
[FONT=source_sans_proregular]There is no hidden secret or special magic it performs, but it can solve a number of issues, and is easier than running the fixes manually…[/FONT]
[FONT=source_sans_proregular]Works with Windows XP, Vista, 7, and 8 – and is fully portable! Windows 10 see second NOTE in step 4:1 (this optional step should be skipped.) No plans exist to update for full Windows 10 compatibility.[/FONT]
[FONT=source_sans_proregular]Here’s what it does, in order:[/FONT]
[FONT=source_sans_proregular]
  1. Resets ownership/permissions on the Winsock/Winsock2 registry keys in case permissions were hijacked.
  2. Backs up the Winsock/Winsock2 registry keys to %systemdrive%SupportWinsockReset
  3. Examines your Winsock2 registry keys for missing NameSpace/Protocol entries and .DLL files
  4. Optionally deletes the Winsock/Winsock2 registry keys entirely, then imports either:
    1. the DEFAULT Winsock/Winsock2 registry keys for that version of Windows.
      1. NOTE: This WILL delete 3rd party winsock providers!!
      2. NOTE: Windows 10 is NOT supported for this specific feature; the Windows 8 keys will be used instead. Even though no one has ever reported an issue, you should use at your own risk on Windows 10.
    2. or your Winsock/Winsock2 registry keys from ControlSet backups on your own system.
      1. NOTE: This MAY delete 3rd party winsock providers!!
  5. Performs these commands:
    1. netsh winsock reset
    2. netsh winsock reset catalog
    3. netsh int ip reset reset.log (on XP)
    4. netsh int ip reset reset.log hit (on Vista and above.)
  6. On XP, (optional) renames %windir%\System32\mswsock.dll and winrnr.dll to .old, allowing Windows File Protection to replace then with ones from dllcache.
    1. WARNING: ONLY use this option if a previous repair with this tool FAILS.
  7. On Vista and above, uses SFC to replace the mswsock.dll file if needed (sfc /scanfile=%windir%\System32\mswsock.dll) and repeats procedure for winrnr.dll, pnrpnsp.dll and napinsp.dll
  8. Restarts the PC.
[/FONT]
 
ho visto pero che dall'utente principale i lo sono apposto se elimino l'utente e ne creo uno nuovo non si risolve il problema ?


Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18


Platform: x64 Windows 10 (Home), 10.0.18363.752 (ReleaseId: 1909), Service Pack: 0
Time: 17.04.2020 - 12:58 (UTC+02:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: sitema adm (group: Administrator) on DESKTOP-730PULD, FirstRun: no


Chrome: 81.0.4044.113
Firefox: 29.0.0.5224
Edge: 11.0.18362.752
Internet Explorer: 11.0.18362.1
Default: "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Internet Explorer)


Boot mode: Normal


Running processes:
Number | Path
1 C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
1 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
5 C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
1 C:\Program Files (x86)\TotalAV\SecurityService.exe
1 C:\Program Files (x86)\TotalAV\TotalAV.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsStore_12004.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20032.104.0_x64__8wekyb3d8bbwe\YourPhone.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\NisSrv.exe
18 C:\Users\Lavoro\AppData\Local\Programs\Opera\67.0.3575.137_0\opera.exe
1 C:\Users\Lavoro\AppData\Local\Programs\Opera\67.0.3575.137_0\opera_crashreporter.exe
1 C:\Users\Lavoro\Desktop\HiJackThis.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f3a64c75ee4defb7\igfxCUIService.exe
1 C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f3a64c75ee4defb7\igfxEM.exe
1 C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_38bfcb542ef4272e\IntelCpHDCPSvc.exe
1 C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_38bfcb542ef4272e\IntelCpHeciSvc.exe
6 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
3 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
68 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\explorer.exe


O2 - HKLM\..\BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR
O4 - HKCU\..\Run: [HP ENVY 4520 series (NET)] = C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe -deviceID "TH6AR4K1J40660:NW" -scfn "HP ENVY 4520 series (NET)" -AutoStart 1
O4 - HKLM\..\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe
O4 - HKU\S-1-5-21-3953893595-2682882255-3653888222-1003\..\Run: [Skype for Desktop] = C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (User 'Lavoro')
O4-32 - HKLM\..\Run: [HP Software Update] = C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4-32 - HKLM\..\Run: [Wondershare Helper Compact.exe] = C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O17 - DHCP DNS 1: 192.168.178.1
O23 - Service R2: Intel(R) Content Protection HDCP Service - (cplspcon) - C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_38bfcb542ef4272e\IntelCpHDCPSvc.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f3a64c75ee4defb7\igfxCUIService.exe
O23 - Service R2: PC Security Management Service - (SecurityService) - C:\Program Files (x86)\TotalAV\SecurityService.exe
O23 - Service R3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_38bfcb542ef4272e\IntelCpHeciSvc.exe
O23 - Service S2: Freemake Improver - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service S2: IObit Uninstaller Service - (IObitUnSvr) - C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
O23 - Service S2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service S2: PC Security Management Monitoring Service - (SecurityServiceMonitor) - C:\Program Files (x86)\TotalAV\SecurityService.exe --monitor
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.113\elevation_service.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc




--
End of file - Time spent: 24,8 sec. - 12684 bytes, CRC32: FFFFFFFF. Sign: 뇬㢵
 
Attenzione che windows ha anche un'altra directory temporanea per ogni utente.
Si trova in C:\Users\nome utente\AppData\Local\Temp
Consiglio quindi di svuotare anche quella quando ci sono problemi.
Siccome AppData è una directory nascosta, basta scriverne l'indirizzo sulla barra (oppure configurare windows per mostrare anche gli oggetti nascosti).
 
@Kikkosat

Non ho capito cos'è quella cosa che hai messo sopra e perchè l'hai usato


Prova a eliminare l'utente nel caso e vedi se si risolve, comunque non è molto chiaro il problema.


Come ti ho detto fai una scansione totale con l'antivirus e tutto il resto

Aggiorna firefox e tutti i programmi installati
 
ataru1976 ha scritto:
Attenzione che windows ha anche un'altra directory temporanea per ogni utente.
Si trova in C:\Users\nome utente\AppData\Local\Temp
Consiglio quindi di svuotare anche quella quando ci sono problemi.
Siccome AppData è una directory nascosta, basta scriverne l'indirizzo sulla barra (oppure configurare windows per mostrare anche gli oggetti nascosti).
Clicca per espandere...

Si esatto c'è anche quella nascosta che si può cancellare il contenuto
 
ERCOLINO ha scritto:
@Kikkosat

Non ho capito cos'è quella cosa che hai messo sopra e perchè l'hai usato


Prova a eliminare l'utente nel caso e vedi se si risolve, comunque non è molto chiaro il problema.


Come ti ho detto fai una scansione totale con l'antivirus e tutto il resto

Aggiorna firefox e tutti i programmi installati
Clicca per espandere...

L'ultimo log e dell'utente principale. tu mi dicevi di cancellare gli 010 dall'account lavoro ma non ma non riesco ad eliminarli. quindi dal pannello principale admin elimino l'utente lavoro (che dentro non c'e' quasi nulla salvo quello che mi interessa ed elimino il profilo e ne faccio uno nuovo.

firefox non posso aggiornarlo in quanto mi serve per lavoro (che mi permette di fare un copia e incolla in sola lettura se lo aggiorno perdo questa fondamentale opzione non mi permette piu di fare copia e incolla)

la scansione del pc l'ho fatta piu volta ma adesso mi dice che il pc è pulito.
 
Ok.

Prova cosi.

Non so cosa intendi di copia e incolla in solo lettura in firefox 29
 
ERCOLINO ha scritto:
Ok.

Prova cosi.

Non so cosa intendi di copia e incolla in solo lettura in firefox 29
Clicca per espandere...
Niente i 010 sono rimasti anche nella account nuovo

Per quanto riguarda Firefox 29 copio da web delle cose dentro un portale, e nelle versioni successive hanno tolto non si può più fare.
 
ai fini di un controllo generale mi date gentilmente un'occhiata al mio log? Grazie

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform: x64 Windows 7 (Home Premium), 6.1.7601.24546, Service Pack: 1
Time: 09.06.2020 - 19:27 (UTC+02:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by:

Chrome: 83.0.4103.97
Firefox: 77.0.1.7458
Internet Explorer: 11.0.9600.19597
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
1 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
1 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
1 C:\Program Files\Alwil Software\Avast5\aswEngSrv.exe
1 C:\Program Files\Alwil Software\Avast5\aswidsagent.exe
1 C:\Program Files\CCleaner\CCleaner64.exe
1 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
1 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
1 C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
1 C:\Program Files\Windows Media Player\wmpnetwk.exe
1 C:\Windows\SysWOW64\PnkBstrA.exe
1 C:\Windows\SysWOW64\ezSharedSvcHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\lsm.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
1 C:\Windows\System32\sppsvc.exe
15 C:\Windows\System32\svchost.exe
2 C:\Windows\System32\taskeng.exe
1 C:\Windows\System32\taskhost.exe
1 C:\Windows\System32\wbem\WMIADAP.exe
1 C:\Windows\System32\wbem\WmiApSrv.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wbem\unsecapp.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\wlanext.exe
1 C:\Windows\explorer.exe
1 C:\Windows\servicing\TrustedInstaller.exe
1 J:\programmi portable\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://www.google.it/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Default_Search_URL] = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Search Page] = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Start Page] = www.google.com
R0-32 - HKLM\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = www.google.com
R0-32 - HKLM\Software\Microsoft\Internet Explorer\Main: [Default_Search_URL] = www.google.com
R0-32 - HKLM\Software\Microsoft\Internet Explorer\Main: [Search Page] = www.google.com
R0-32 - HKLM\Software\Microsoft\Internet Explorer\Main: [Start Page] = www.google.com
O2 - HKLM\..\BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
O2 - HKLM\..\BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2-32 - HKLM\..\BHO: Guida per l'accesso a Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2-32 - HKLM\..\BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2-32 - HKLM\..\BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE

\rndlbrowserrecordplugin.dll
O2-32 - HKLM\..\BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR
O4 - HKLM\..\Run: [AvastUI.exe] = C:\Program Files\Alwil Software\Avast5\AvLaunch.exe /gui
O4 - MSConfig\startupreg: Adobe ARM [command] = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (HKLM) (2016/04/13)
O4 - MSConfig\startupreg: Adobe Reader Speed Launcher [command] = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (HKLM) (2011/03/09) (file missing)
O4 - MSConfig\startupreg: AlcoholAutomount [command] = C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe -automount (HKCU) (2012/05/08)
O4 - MSConfig\startupreg: Avast [command] = C:\Program Files\Alwil Software\Avast5\AvastUI.exe (HKLM) (2015/01/24)
O4 - MSConfig\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} [command] = C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (HKCU) (2010/10/30)
O4 - MSConfig\startupreg: Bing Bar [command] = C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe (HKLM) (2010/10/30) (file missing)
O4 - MSConfig\startupreg: CCleaner Smart Cleaning [command] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (HKCU) (2019/10/03)
O4 - MSConfig\startupreg: Easybits Recovery [command] = C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (HKLM) (2011/12/27)
O4 - MSConfig\startupreg: HP Quick Launch [command] = C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (HKLM) (2012/02/29)
O4 - MSConfig\startupreg: HPAdvisorDock [command] = C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe (HKCU) (2015/09/17)
O4 - MSConfig\startupreg: HPWirelessAssistant [command] = C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe

/hidden (HKLM) (2011/12/27) (file missing)
O4 - MSConfig\startupreg: HotKeysCmds [command] = C:\Windows\system32\hkcmd.exe (HKLM) (2011/12/27)
O4 - MSConfig\startupreg: IgfxTray [command] = C:\Windows\system32\igfxtray.exe (HKLM) (2011/12/26)
O4 - MSConfig\startupreg: LightScribe Control Panel [command] = C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (HKCU) (2011/12/27)
O4 - MSConfig\startupreg: Magic Desktop for HP notification [command] = C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe (HKLM) (2014/09/30)
O4 - MSConfig\startupreg: Microsoft Default Manager [command] = C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe -resume (HKLM) (2012/07/28)
O4 - MSConfig\startupreg: Persistence [command] = C:\Windows\system32\igfxpers.exe (HKLM) (2011/12/26)
O4 - MSConfig\startupreg: RTHDVCPL [command] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s (HKLM) (2017/08/24)
O4 - MSConfig\startupreg: SunJavaUpdateSched [command] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (HKLM) (2012/12/16) (file missing)
O4 - MSConfig\startupreg: SynTPEnh [command] = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (HKLM) (2012/03/16)
O4 - MSConfig\startupreg: TkBellExe [command] = C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe -osboot (HKLM) (2016/06/06)
O4 - MSConfig\startupreg: Uninstall Adobe Download Manager [command] = C:\Windows\system32\rundll32.exe "C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7

/Get1noarp (HKLM) (2010/10/30)
O4 - MSConfig\startupreg: msnmsgr [command] = C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background (HKCU) (2012/03/31)
O4 - MSConfig\startupreg: uTorrent [command] = C:\Users\Alessandro\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED (HKCU) (2015/06/09)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Free YouTube Download: (default) = C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Free YouTube to MP3 Converter: (default) = C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O9 - Button: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: Viene lanciato HP Network Check, che aiuta a risolvere i problemi di connessione - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources

\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Tools menu item: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: HP Network Check (Controllo rete HP) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck

\NCLauncherFromIE.exe
O9-32 - Button: HKLM\..\{0000036B-C524-4050-81A0-243669A86B9F}: Messenger Companion (CTRL+MAIUSC+C) - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9-32 - Button: HKLM\..\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Inserisci blog - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9-32 - Button: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: Viene lanciato HP Network Check, che aiuta a risolvere i problemi di connessione - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework

\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9-32 - Tools menu item: HKLM\..\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Pubblica su un &blog in Windows Live Writer - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9-32 - Tools menu item: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: HP Network Check (Controllo rete HP) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck

\NCLauncherFromIE.exe
O16-32 - DPF: HKLM\..\{166B1BCA-3F9C-11CF-8075-444553540000}\DownloadInformation: (no name) [CODEBASE] = http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16-32 - DPF: HKLM\..\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\DownloadInformation: (no name) [CODEBASE] = http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - DHCP DNS 1: 192.168.43.1
O18 - HKLM\Software\Classes\Protocols\Handler\wlpg: [CLSID] = {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\Alwil Software\Avast5\ashShell.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00avast: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\Alwil Software\Avast5\ashShell.dll
O21-32 - HKLM\..\ShellExecuteHooks: [{E54729E8-BB3D-4270-9D49-7389EA579090}] - EasyBits ShellExecute Hook - C:\Windows\SysWOW64\ezUPBHook.dll (disabled)
O22 - Task (.job): (Ready) HPCeeScheduleForAlessandro.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe (file missing) HPCeeScheduleForAlessandro (null)
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Avast Antivirus - (avast! Antivirus) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe /runassvc
O23 - Service R2: Diagnostics Tracking Service - (DiagTrack) - C:\Windows\System32\svchost.exe -k utcsvc; "ServiceDll" = C:\Windows\system32\diagtrack.dll
O23 - Service R2: Easybits Services for Windows - (ezSharedSvc) - C:\Windows\SysWOW64\ezSharedSvcHost.exe
O23 - Service R2: HP Support Solutions Framework Service - (HPSupportSolutionsFrameworkService) - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service R2: HP Touchpoint Analytics - (HPTouchpointAnalyticsService) - C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
O23 - Service R2: PnkBstrA - C:\Windows\SysWOW64\PnkBstrA.exe
O23 - Service R3: aswbIDSAgent - C:\Program Files\Alwil Software\Avast5\aswidsagent.exe
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.97\elevation_service.exe
O23 - Service S3: HP CASL Framework Service - (hpqcaslwmiex) - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Windows Live Family Safety Service - (fsssvc) - C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe


--
End of file - Time spent: 25,3 sec. - 26270 bytes, CRC32: FFFFFFFF. Sign: 잴㱿
 
Mi sembra ok il log.

Noti qualche problema?

Cancella comunque il contenuto della cartella Temp e la cache e cookies dei browser

C:Windows/temp
 
grazie ERCOLINO
era come detto solo un controllo generale che ho deciso di fare a farvi controllare dopo un bel pò di tempo;
con il pc nessun problema
 
Salve questa mattina ho fatto la scansione online di Trend Micro questo e il log finale:

07/07/2020 11:20:21.687 0ccc:0450 File Not Exist: C:\Windows\temp\Trend Micro\DRSUnzipTemp\setting.Json - ..\Common\utilCommon\AsCommon.cpp(738)
07/07/2020 11:20:21.843 0ccc:0450 wstrCmdLine: "C:\Windows\temp\Trend Micro\DRSUnzipTemp\DRScanner.exe" - DRScanner.cpp(532)
07/07/2020 11:20:25.119 0ccc:0450 Get Guid in CConfig::parseConfig. - Config.cpp(38)
07/07/2020 11:20:25.119 0ccc:0450 displayName:HouseCall for Home Networks - Config.cpp(83)
07/07/2020 11:20:25.119 0ccc:0450 MessageBoxTitle:HouseCall for Home Networks - Config.cpp(84)
07/07/2020 11:20:25.119 0ccc:0450 MessageBoxCaption:Restart the computer to continue. - Config.cpp(85)
07/07/2020 11:20:25.119 0ccc:0450 StasticLocalName:EN-US - Config.cpp(86)
07/07/2020 11:20:25.119 0ccc:0450 Locale:EN-US - Config.cpp(87)
07/07/2020 11:20:25.119 0ccc:0450 pid: DE53 - Config.cpp(88)
07/07/2020 11:20:25.119 0ccc:0450 SystemVersionTitle:Installation Stopped - Config.cpp(90)
07/07/2020 11:20:25.119 0ccc:0450 SystemVersionCaption:Your Windows version is not supported, please update to the latest version. - Config.cpp(91)
07/07/2020 11:20:25.119 0ccc:0450 File Not Exist: C:\Program Files (x86)\Trend Micro\DRScanner\aucfg.json - ..\Common\utilCommon\AsCommon.cpp(738)
07/07/2020 11:20:25.119 0ccc:0450 no cmd param - DRScanner.cpp(684)
07/07/2020 11:20:25.119 0ccc:0450 fresh install build... - DRScanner.cpp(697)
07/07/2020 11:20:25.119 0ccc:0450 urlfile:///C:\Windows\temp\Trend Micro\DRSUnzipTemp\WebPage\GDPRPage.html?windows&lang=EN-US - WebEngineDlg.cpp(230)
07/07/2020 11:21:05.429 0ccc:0450 Enter IDrsDispatch::Unsubscribe - D:\DiamondRingScanner-NewUI_5.3\src\Common\utilCommon\DRDebug.h(44)
07/07/2020 11:21:05.429 0ccc:0450 Leave IDrsDispatch::Unsubscribe - D:\DiamondRingScanner-NewUI_5.3\src\Common\utilCommon\DRDebug.h(47)
07/07/2020 11:21:05.429 0ccc:0450 Enter IDrsDispatch::Unsubscribe - D:\DiamondRingScanner-NewUI_5.3\src\Common\utilCommon\DRDebug.h(44)
07/07/2020 11:21:05.429 0ccc:0450 Leave IDrsDispatch::Unsubscribe - D:\DiamondRingScanner-NewUI_5.3\src\Common\utilCommon\DRDebug.h(47)
07/07/2020 11:21:05.445 0ccc:0450 Enter IDrsDispatch::Unsubscribe - D:\DiamondRingScanner-NewUI_5.3\src\Common\utilCommon\DRDebug.h(44)
07/07/2020 11:21:05.445 0ccc:0450 Leave IDrsDispatch::Unsubscribe - D:\DiamondRingScanner-NewUI_5.3\src\Common\utilCommon\DRDebug.h(47)
07/07/2020 11:21:05.445 0ccc:0450 Enter IDrsDispatch::Unsubscribe - D:\DiamondRingScanner-NewUI_5.3\src\Common\utilCommon\DRDebug.h(44)
07/07/2020 11:21:05.445 0ccc:0450 Leave IDrsDispatch::Unsubscribe - D:\DiamondRingScanner-NewUI_5.3\src\Common\utilCommon\DRDebug.h(47)
07/07/2020 11:21:05.445 0ccc:0450 Enter IDrsDispatch::Unsubscribe - D:\DiamondRingScanner-NewUI_5.3\src\Common\utilCommon\DRDebug.h(44)
07/07/2020 11:21:05.445 0ccc:0450 Leave IDrsDispatch::Unsubscribe - D:\DiamondRingScanner-NewUI_5.3\src\Common\utilCommon\DRDebug.h(47)

C'è qualcosa che non va? io non ci capisco niente :)
 
Devi accedere o registrarti per poter rispondere.
Indietro
Alto Basso