Eccessivo consumo di ram

Se Windows genera un errore, hai un problema di virus o vuoi discutere/segnalare l'uscita della nuova versione di un software per la piattaforma Microsoft, questa è la sezione giusta.
Regole del forum
Rispondi
Avatar utente
Renton
Livello: Scheda perforata (1/15)
Livello: Scheda perforata (1/15)
Messaggi: 7
Iscritto il: dom feb 08, 2015 10:04 pm

Eccessivo consumo di ram

Messaggio da Renton »

Ciao a tutti.

Ho windows 7 e da un po' noto dei rallentamenti nel pc, specie nell'avvio e un consumo eccessivo di ram perenne.. tipo adesso con solo firefox aperto mi da un consumo di 55%.

ho già disabilitato all'avvio un po' di programmi usando c cleaner e ho usato iobit advanced systemcare (che non so se sia stato utile)

come posso fare?
ho letto da qualche parte di usare combofix, ho provato ma poi il report mi è incomprensibile..

grazie per l'aiuto

allego il report:
ComboFix 15-02-08.01 - Michele 08/02/2015 21:25:43.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.39.1040.18.3894.2175 [GMT 1:00]
Eseguito da: c:\users\Michele\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - Windows: deleted 12 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\WinPCap
c:\program files (x86)\WinPCap\daemon_mgm.exe
c:\program files (x86)\WinPCap\npf_mgm.exe
c:\program files (x86)\WinPCap\rpcapd.exe
c:\program files (x86)\WinPCap\Uninstall.exe
c:\program files (x86)\WinRAR\Leggimi.Txt
c:\program files (x86)\WinRAR\Leggimi_1a.Txt
c:\program files (x86)\WinRAR\Licenza.Txt
c:\program files (x86)\WinRAR\NoteTecniche.Txt
c:\program files (x86)\WinRAR\Ordin.htm
c:\program files (x86)\WinRAR\Ordina.htm
c:\program files (x86)\WinRAR\SorgUnRAR.Txt
c:\users\Michele\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\Michele\AppData\Roaming\OfferBox
c:\users\Michele\AppData\Roaming\OfferBox\config.xml
c:\users\Michele\AppData\Roaming\OfferBox\http_app.offerbox.com\country.sxe
c:\users\Michele\AppData\Roaming\OfferBox\http_app.offerbox.com\history.db
c:\users\Michele\AppData\Roaming\OfferBox\http_app.offerbox.com\profile.sxe
c:\users\Michele\AppData\Roaming\OfferBox\http_app.offerbox.com\update.sxe
c:\users\Michele\AppData\Roaming\OfferBox\http_app.offerbox.com\update.xml
c:\windows\msdownld.tmp
c:\windows\SysWow64\drivers\npf.sys
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NPF
.
.
((((((((((((((((((((((((( Files Creati Da 2015-01-08 al 2015-02-08 )))))))))))))))))))))))))))))))))))
.
.
2015-02-08 02:44 . 2014-06-04 14:17 34080 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2015-02-08 02:44 . 2014-06-04 14:17 128288 ----a-w- c:\windows\system32\IObitSmartDefragExtension.dll
2015-02-08 02:44 . 2014-06-04 14:17 21184 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2015-02-08 02:39 . 2015-02-08 02:39 942808 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2015-02-08 02:39 . 2015-02-08 02:39 73800 ----a-w- c:\windows\system32\RtNicProp64.dll
2015-02-08 02:37 . 2015-02-08 02:37 1795952 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll
2015-02-08 02:37 . 2015-02-08 02:37 34544 ----a-w- c:\windows\system32\drivers\Smb_driver_Intel.sys
2015-02-08 02:17 . 2015-02-08 02:17 959704 ----a-w- c:\windows\system32\RCoInstII64.dll
2015-02-08 02:17 . 2015-02-08 02:17 71040000 ----a-w- c:\windows\system32\RCoRes64.dat
2015-02-08 02:17 . 2015-02-08 02:17 629464 ----a-w- c:\windows\system32\RtDataProc64.dll
2015-02-08 02:17 . 2015-02-08 02:17 451096 ----a-w- c:\windows\system32\SRAPO64.dll
2015-02-08 02:17 . 2015-02-08 02:17 366104 ----a-w- c:\windows\system32\SRCOM64.dll
2015-02-08 02:17 . 2015-02-08 02:17 326680 ----a-w- c:\windows\system32\SRCOM.dll
2015-02-08 02:17 . 2015-02-08 02:17 2827120 ----a-w- c:\windows\system32\RltkAPO64.dll
2015-02-08 02:17 . 2015-02-08 02:17 14952 ----a-w- c:\windows\system32\RtkCoLDR64.dll
2015-02-08 02:17 . 2015-02-08 02:17 1411096 ----a-w- c:\windows\system32\SRRPTR64.dll
2015-02-08 02:17 . 2015-02-08 02:17 1550528 ----a-w- c:\windows\system32\CX64APO.dll
2015-02-08 02:17 . 2015-02-08 02:17 113576 ----a-w- c:\windows\system32\CONEQMSAPOGUILibrary.dll
2015-02-08 02:11 . 2015-02-08 02:11 96560 ----a-w- c:\windows\system32\bcmwlcoi.dll
2015-02-08 02:11 . 2015-02-08 02:11 4749008 ----a-w- c:\windows\system32\drivers\BCMWL664.SYS
2015-02-08 02:11 . 2015-02-08 02:11 3617792 ----a-w- c:\windows\system32\bcmihvui64.dll
2015-02-08 02:11 . 2015-02-08 02:11 3952640 ----a-w- c:\windows\system32\bcmihvsrv64.dll
2015-02-08 02:01 . 2015-02-08 02:22 -------- d-----w- c:\users\Michele\AppData\Roaming\ProductData
2015-02-08 02:00 . 2015-02-08 02:00 26528 ----a-w- c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2015-02-08 02:00 . 2015-02-08 02:00 -------- d-----w- c:\users\Michele\AppData\Roaming\Apple Computer
2015-02-08 02:00 . 2015-02-08 02:00 -------- d-----w- c:\programdata\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-02-08 02:00 . 2015-02-08 02:03 -------- d-----w- c:\programdata\ProductData
2015-02-08 02:00 . 2015-02-08 02:03 -------- d-----w- c:\programdata\IObit
2015-02-08 02:00 . 2015-02-08 02:00 -------- d-----w- c:\program files (x86)\Common Files\IObit
2015-02-08 02:00 . 2015-02-08 02:43 -------- d-----w- c:\program files (x86)\IObit
2015-02-08 02:00 . 2015-02-08 02:43 -------- d-----w- c:\users\Michele\AppData\Roaming\IObit
2015-01-29 14:02 . 2015-01-29 14:02 0 ----a-w- c:\windows\SysWow64\sho36C.tmp
2015-01-23 18:07 . 2015-01-23 18:05 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-01-23 18:06 . 2015-01-23 18:06 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-01-20 12:24 . 2014-12-12 05:35 5553592 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-01-20 12:24 . 2014-12-12 05:11 3971512 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-01-20 12:24 . 2014-12-12 05:11 3916728 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-01-20 12:24 . 2014-12-12 05:31 503808 ----a-w- c:\windows\system32\srcore.dll
2015-01-20 12:24 . 2014-12-12 05:31 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-01-20 12:24 . 2014-12-12 05:31 50176 ----a-w- c:\windows\system32\srclient.dll
2015-01-20 12:24 . 2014-12-12 05:07 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-01-14 19:44 . 2014-12-11 17:47 52736 ----a-w- c:\windows\system32\TSWbPrxy.exe
2015-01-14 19:44 . 2014-12-19 03:06 210432 ----a-w- c:\windows\system32\profsvc.dll
2015-01-14 19:44 . 2014-12-06 04:17 303616 ----a-w- c:\windows\system32\nlasvc.dll
2015-01-14 19:44 . 2014-12-06 03:50 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll
2015-01-14 19:44 . 2014-12-06 03:50 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2015-01-14 19:44 . 2014-12-19 01:46 141312 ----a-w- c:\windows\system32\drivers\mrxdav.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-08 02:39 . 2010-10-13 04:18 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2015-02-04 21:12 . 2012-04-09 14:28 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-02-04 21:12 . 2011-06-02 12:34 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-14 21:16 . 2010-12-21 22:38 113365784 ----a-w- c:\windows\system32\MRT.exe
2015-01-08 14:02 . 2015-01-08 14:02 0 ----a-w- c:\windows\SysWow64\sho4AF7.tmp
2015-01-04 19:31 . 2014-12-28 14:22 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2015-01-04 19:31 . 2014-12-28 14:22 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2015-01-04 19:31 . 2014-12-28 14:22 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2015-01-04 19:31 . 2014-12-28 14:20 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2015-01-02 21:53 . 2015-01-02 21:53 0 ----a-w- c:\windows\SysWow64\shoD4F1.tmp
2014-12-21 18:53 . 2014-12-21 18:53 0 ----a-w- c:\windows\SysWow64\sho6188.tmp
2014-12-18 20:48 . 2014-12-18 20:48 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2014-12-18 20:48 . 2014-12-18 20:48 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2014-12-18 20:48 . 2014-12-18 20:48 235008 ----a-w- c:\windows\system32\elshyph.dll
2014-12-18 20:48 . 2014-12-18 20:48 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-12-18 20:48 . 2014-12-18 20:48 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2014-12-18 20:48 . 2014-12-18 20:48 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-12-18 20:48 . 2014-12-18 20:48 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-12-18 20:48 . 2014-12-18 20:48 501248 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-12-18 20:48 . 2014-12-18 20:48 337408 ----a-w- c:\windows\SysWow64\html.iec
2014-12-18 20:48 . 2014-12-18 20:48 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2014-12-18 20:48 . 2014-12-18 20:48 2052096 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-12-18 20:48 . 2014-12-18 20:48 1888256 ----a-w- c:\windows\SysWow64\wininet.dll
2014-12-18 20:48 . 2014-12-18 20:48 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2014-12-18 20:48 . 2014-12-18 20:48 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2014-12-18 20:48 . 2014-12-18 20:48 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2014-12-18 20:48 . 2014-12-18 20:48 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-12-18 20:48 . 2014-12-18 20:48 942592 ----a-w- c:\windows\system32\jsIntl.dll
2014-12-18 20:48 . 2014-12-18 20:48 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2014-12-18 20:48 . 2014-12-18 20:48 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-12-18 20:48 . 2014-12-18 20:48 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-12-18 20:48 . 2014-12-18 20:48 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2014-12-18 20:48 . 2014-12-18 20:48 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2014-12-18 20:48 . 2014-12-18 20:48 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-12-18 20:48 . 2014-12-18 20:48 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-12-18 20:48 . 2014-12-18 20:48 6039552 ----a-w- c:\windows\system32\jscript9.dll
2014-12-18 20:48 . 2014-12-18 20:48 54784 ----a-w- c:\windows\system32\jsproxy.dll
2014-12-18 20:48 . 2014-12-18 20:48 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2014-12-18 20:48 . 2014-12-18 20:48 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2014-12-18 20:48 . 2014-12-18 20:48 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-12-18 20:48 . 2014-12-18 20:48 4299264 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-12-18 20:48 . 2014-12-18 20:48 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2014-12-18 20:48 . 2014-12-18 20:48 2885120 ----a-w- c:\windows\system32\iertutil.dll
2014-12-18 20:48 . 2014-12-18 20:48 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-12-18 20:48 . 2014-12-18 20:48 247808 ----a-w- c:\windows\system32\msls31.dll
2014-12-18 20:48 . 2014-12-18 20:48 2358272 ----a-w- c:\windows\system32\wininet.dll
2014-12-18 20:48 . 2014-12-18 20:48 199680 ----a-w- c:\windows\system32\msrating.dll
2014-12-18 20:48 . 2014-12-18 20:48 1548288 ----a-w- c:\windows\system32\urlmon.dll
2014-12-18 20:48 . 2014-12-18 20:48 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2014-12-18 20:48 . 2014-12-18 20:48 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2014-12-18 20:48 . 2014-12-18 20:48 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2014-12-18 20:48 . 2014-12-18 20:48 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2014-12-18 20:48 . 2014-12-18 20:48 48640 ----a-w- c:\windows\system32\mshtmler.dll
2014-12-18 20:48 . 2014-12-18 20:48 92160 ----a-w- c:\windows\system32\mshtmled.dll
2014-12-18 20:48 . 2014-12-18 20:48 81408 ----a-w- c:\windows\system32\icardie.dll
2014-12-18 20:48 . 2014-12-18 20:48 800768 ----a-w- c:\windows\system32\msfeeds.dll
2014-12-18 20:48 . 2014-12-18 20:48 800768 ----a-w- c:\windows\system32\ieapfltr.dll
2014-12-18 20:48 . 2014-12-18 20:48 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-12-18 20:48 . 2014-12-18 20:48 77312 ----a-w- c:\windows\system32\tdc.ocx
2014-12-18 20:48 . 2014-12-18 20:48 718848 ----a-w- c:\windows\system32\ie4uinit.exe
2014-12-18 20:48 . 2014-12-18 20:48 66560 ----a-w- c:\windows\system32\iesetup.dll
2014-12-18 20:48 . 2014-12-18 20:48 633856 ----a-w- c:\windows\system32\ieui.dll
2014-12-18 20:48 . 2014-12-18 20:48 62464 ----a-w- c:\windows\system32\pngfilt.dll
2014-12-18 20:48 . 2014-12-18 20:48 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2014-12-18 20:48 . 2014-12-18 20:48 580096 ----a-w- c:\windows\system32\vbscript.dll
2014-12-18 20:48 . 2014-12-18 20:48 490496 ----a-w- c:\windows\system32\dxtmsft.dll
2014-12-18 20:48 . 2014-12-18 20:48 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-12-18 20:48 . 2014-12-18 20:48 413696 ----a-w- c:\windows\system32\html.iec
2014-12-18 20:48 . 2014-12-18 20:48 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-12-18 20:48 . 2014-12-18 20:48 389296 ----a-w- c:\windows\system32\iedkcs32.dll
2014-12-18 20:48 . 2014-12-18 20:48 34304 ----a-w- c:\windows\system32\iernonce.dll
2014-12-18 20:48 . 2014-12-18 20:48 316928 ----a-w- c:\windows\system32\dxtrans.dll
2014-12-18 20:48 . 2014-12-18 20:48 30208 ----a-w- c:\windows\system32\licmgr10.dll
2014-12-18 20:48 . 2014-12-18 20:48 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-12-18 20:48 . 2014-12-18 20:48 25059840 ----a-w- c:\windows\system32\mshtml.dll
2014-12-18 20:48 . 2014-12-18 20:48 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-12-18 20:48 . 2014-12-18 20:48 235520 ----a-w- c:\windows\system32\url.dll
2014-12-18 20:48 . 2014-12-18 20:48 2125312 ----a-w- c:\windows\system32\inetcpl.cpl
2014-12-18 20:48 . 2014-12-18 20:48 167424 ----a-w- c:\windows\system32\iexpress.exe
2014-12-18 20:48 . 2014-12-18 20:48 147968 ----a-w- c:\windows\system32\occache.dll
2014-12-18 20:48 . 2014-12-18 20:48 14412800 ----a-w- c:\windows\system32\ieframe.dll
2014-12-18 20:48 . 2014-12-18 20:48 143872 ----a-w- c:\windows\system32\wextract.exe
2014-12-18 20:48 . 2014-12-18 20:48 13824 ----a-w- c:\windows\system32\mshta.exe
2014-12-18 20:48 . 2014-12-18 20:48 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-12-18 20:48 . 2014-12-18 20:48 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-12-18 20:48 . 2014-12-18 20:48 105984 ----a-w- c:\windows\system32\iesysprep.dll
2014-12-18 20:48 . 2014-12-18 20:48 101376 ----a-w- c:\windows\system32\inseng.dll
2014-12-18 20:48 . 2014-12-18 20:48 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-12-18 20:48 . 2014-12-18 20:48 774144 ----a-w- c:\windows\system32\jscript.dll
2014-12-18 20:48 . 2014-12-18 20:48 48128 ----a-w- c:\windows\system32\imgutil.dll
2014-12-18 20:48 . 2014-12-18 20:48 135680 ----a-w- c:\windows\system32\iepeers.dll
2014-12-18 20:46 . 2014-12-18 20:46 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-12-18 20:46 . 2014-12-18 20:46 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-12-18 20:46 . 2014-12-18 20:46 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2014-12-18 20:46 . 2014-12-18 20:46 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2014-12-18 20:46 . 2014-12-18 20:46 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-12-18 20:46 . 2014-12-18 20:46 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-12-18 20:46 . 2014-12-18 20:46 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-12-18 20:46 . 2014-12-18 20:46 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-12-18 20:46 . 2014-12-18 20:46 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"="c:\program files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" [2010-02-09 1712184]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-05-19 2736128]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-06-21 98304]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-02-15 577408]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-12-16 702768]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2013-05-30 96056]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-12-31 126712]
.
c:\users\Michele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Monitora avvisi inchiostro - HP Deskjet 2540 series.lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Deskjet 2540 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN39T2DS1K0604;CONNECTION=USB;MONITOR=1; [2009-7-14 45568]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R2 RtVOsdService;RtVOsdService Installer;c:\program files\Realtek\RtVOsd\RtVOsdService.exe;c:\program files\Realtek\RtVOsd\RtVOsdService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 jrdusbser;Mobile Connector Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\jrdusbser.sys;c:\windows\SYSNATIVE\DRIVERS\jrdusbser.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys;c:\windows\SYSNATIVE\Drivers\SmartDefragDriver.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 AdvancedSystemCareService8;Advanced SystemCare Service 8;c:\program files (x86)\IObit\Advanced SystemCare 8\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Pianificatore;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DeviceManager;DeviceManager;c:\program files (x86)\Common Files\DeviceHelper\DeviceManager.exe;c:\program files (x86)\Common Files\DeviceHelper\DeviceManager.exe [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
--- Altri Servizi/Drivers In Memoria ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-05-19 08:36 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-02-06 09:53 1086280 ----a-w- c:\program files (x86)\Google\Chrome\Application\40.0.2214.111\Installer\chrmstp.exe
.
Contenuto della cartella 'Scheduled Tasks'
.
2015-02-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 21:12]
.
2015-02-08 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1197780657-228670236-2523017797-1000Core.job
- c:\users\Michele\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-08 12:42]
.
2015-02-08 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1197780657-228670236-2523017797-1000UA.job
- c:\users\Michele\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-08 12:42]
.
2015-02-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-16 08:17]
.
2015-02-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-16 08:17]
.
2015-02-08 c:\windows\Tasks\HPCeeScheduleForMichele.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 03:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2015-02-08 02:00 2471744 ----a-w- c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2015-02-08 6486120]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-06-22 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-06-22 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-06-22 414744]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-06-18 8192]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2015-02-08 2120808]
.
------- Scansione supplementare -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = wifiproxy.unige.it:80
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
Trusted Zone: gse.it\applicazioni
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{A9ED5F37-961A-4FFA-95DA-A84E1225EB0B}\7596E646F596E666F637472716461613: NameServer = 8.8.8.8,4.4.4.4
TCP: Interfaces\{A9ED5F37-961A-4FFA-95DA-A84E1225EB0B}\8405D23556475707D28373D2445637B6A65647022353430302375627965637: NameServer = 8.8.8.8
FF - ProfilePath - c:\users\Michele\AppData\Roaming\Mozilla\Firefox\Profiles\1kkhpkmf.default\
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
WebBrowser-{41564952-412D-5637-00A7-7A786E7484D7} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-WinPcapInst - c:\program files (x86)\WinPcap\Uninstall.exe
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\software\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files (x86)\BlueStacks\HD-Service.exe
c:\program files (x86)\BlueStacks\HD-Network.exe
c:\program files (x86)\BlueStacks\HD-BlockDevice.exe
c:\program files (x86)\BlueStacks\HD-SharedFolder.exe
c:\program files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
.
**************************************************************************
.
Ora fine scansione: 2015-02-08 21:41:52 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2015-02-08 20:41
.
Pre-Run: 194.601.377.792 byte disponibili
Post-Run: 193.959.669.760 byte disponibili
.
- - End Of File - - 907112167042A6647A5A4E337C7D3417

System
System
Bot ufficiale TurboLab.it
Bot
Messaggi:
Iscritto il: sab dic 31, 2016 6:19 pm
Contatta: Contatta

Re: Eccessivo consumo di ram

Messaggio da System » dom feb 08, 2015 10:16 pm


Avatar utente
crazy.cat
Amministratore
Amministratore
Messaggi: 8678
Iscritto il: mer mag 01, 2013 4:02 pm
Località: Noventa Padovana
Contatta:

Re: Eccessivo consumo di ram

Messaggio da crazy.cat »

Se firefox consuma troppo utilizza firemin https://turbolab.it/489
Combofix andrebbe utilizzato per ultimo, ogni tanto ha il brutto vizio di cancellare cose che non dovrebbe toccare, nel tuo caso ha eliminato anche WinPCap.
Prova a fare una scansione con adwcleaner e malwarebytes piuttosto e vedi cosa trovano.
Tutti quelli che scappano sono Viet Cong, tutti quelli che restano fermi sono Viet Cong molto ben educati!

Avatar utente
gioia271965
Livello: Chiavetta USB (8/15)
Livello: Chiavetta USB (8/15)
Messaggi: 490
Iscritto il: lun mar 24, 2014 2:22 pm
Località: Taranto

Re: Eccessivo consumo di ram

Messaggio da gioia271965 »

Renton ha scritto:Ciao a tutti.

Ho windows 7 e da un po' noto dei rallentamenti nel pc, specie nell'avvio e un consumo eccessivo di ram perenne.. tipo adesso con solo firefox aperto mi da un consumo di 55%.

ho già disabilitato all'avvio un po' di programmi usando c cleaner e ho usato iobit advanced systemcare (che non so se sia stato utile)

come posso fare?
ho letto da qualche parte di usare combofix, ho provato ma poi il report mi è incomprensibile..

grazie per l'aiuto
Utilizzavo anche io, fino a qualche settimana fa advanced systemcare, ma poi mi sono reso conto che non apporta significativi miglioramenti all'avvio, anche con il turboboost attivato all'avvio del sistema. Controlla i programmi precaricati all'accensione del pc, poi controlla i servizi "task scheduler" di software installati, tramite autoruns. E già cosi avrai un'idea di cosa va ad interagire quando accendi la macchina. Fai anche le scansioni consigliate da Crazycat. E ricorda sempre che il sistema ha bisogno sempre di "manutenzione".
Senza bisogno necessariamente di scansioni aggressive...
Se vuoi conoscere veramente una persona, guarda il suo Hard Disk!

Avatar utente
Renton
Livello: Scheda perforata (1/15)
Livello: Scheda perforata (1/15)
Messaggi: 7
Iscritto il: dom feb 08, 2015 10:04 pm

Re: Eccessivo consumo di ram

Messaggio da Renton »

Intanto grazie per le dritte, il problema però non è su firefox ma su qualsiasi programma che apro.
Succede lo stesso su chrome o su altri giochi/programmi che non utilizzano necessariamente internet.

Intanto volevo capire se devo reinstallare WinPCap.exe , se è necessario o no, e se gli altri file che mi ha cancellato combofix erano utili, mi potete aiutare in ciò?
Per le scansioni ho usato "superantispyware" e se ho problemi più gravi di solito uso hijackthis abbastanza in autonomia.
Il computer è pulito costantemente, il problema è che ha 90 processi sempre aperti e non riesco ad individuare quelli che non mi servono..

Avatar utente
Renton
Livello: Scheda perforata (1/15)
Livello: Scheda perforata (1/15)
Messaggi: 7
Iscritto il: dom feb 08, 2015 10:04 pm

Re: Eccessivo consumo di ram

Messaggio da Renton »

Comunque ho fatto la scansione con AdwCleaner e questo è il report dopo il riavvio:
(invece ho provato ad usare autoruns ma non è proprio facilissimo..)
# AdwCleaner v4.110 - Logfile created 09/02/2015 at 09:50:13
# Updated 05/02/2015 by Xplode
# Database : 2015-02-08.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Michele - MICHELE-HP
# Running from : C:\Users\Michele\Downloads\adwcleaner_4.110.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\eSafe
Folder Deleted : C:\ProgramData\SecTaskMan
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\wincert
Folder Deleted : C:\Program Files (x86)\Desk 365
Folder Deleted : C:\Program Files (x86)\iMesh Applications
Folder Deleted : C:\Program Files (x86)\Iminent
Folder Deleted : C:\Program Files (x86)\Common Files\337
Folder Deleted : C:\Users\Michele\AppData\Local\PackageAware
Folder Deleted : C:\Users\Michele\AppData\Local\torch
Folder Deleted : C:\Users\Michele\AppData\LocalLow\searchresultstb
Folder Deleted : C:\Users\Michele\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\Michele\AppData\Roaming\goforfiles
Folder Deleted : C:\Users\Michele\AppData\Roaming\SuperEasy Software
Folder Deleted : C:\Users\Michele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\torch
Folder Deleted : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\3ld15gqy.default\Extensions\{503E067F-2914-4EDD-8432-2D6C52635E23}
File Deleted : C:\Users\Michele\AppData\Roaming\Mozilla\Firefox\Profiles\1kkhpkmf.default\user.js

***** [ Scheduled tasks ] *****

Task Deleted : GoforFilesUpdate

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKCU\Software\e6d688b468b945
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{41564952-412D-5637-00A7-7A786E7484D7}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\GoforFiles
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\GoforFiles
Key Deleted : HKLM\SOFTWARE\Iminent
Key Deleted : HKLM\SOFTWARE\Offerbox
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F2E0D3DD9E5E4B74CA43BCE77815E287

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v35.0.1 (x86 it)


-\\ Google Chrome v40.0.2214.111

[C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.delta-search.com/?q={searchTerms}&a ... ac4c9558b8

*************************

AdwCleaner[R0].txt - [5345 bytes] - [09/02/2015 09:48:07]
AdwCleaner[S0].txt - [5045 bytes] - [09/02/2015 09:50:13]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5104 bytes] ##########

Avatar utente
crazy.cat
Amministratore
Amministratore
Messaggi: 8678
Iscritto il: mer mag 01, 2013 4:02 pm
Località: Noventa Padovana
Contatta:

Re: Eccessivo consumo di ram

Messaggio da crazy.cat »

Renton ha scritto:Intanto volevo capire se devo reinstallare WinPCap.exe
winpcap viene utilizzato da moltissimi altri programmi, difficile sapere a chi serviva, ci gestisci/controlli/catturi cose della rete
https://www.winpcap.org/docs/WinPcap-AICA03.pdf

Per il resto dei file erano meno importanti.
Per le scansioni ho usato "superantispyware"
_Visto la quantità di file che non ha trovato, vedi log di adwcleaner, forse è meglio se lascia perdere superantispyware e passi a malwarebytes.
e se ho problemi più gravi di solito uso hijackthis abbastanza in autonomia.
Puoi postare allora il log di hijackthis. così vediamo meglio cosa gira nel pc.
Tutti quelli che scappano sono Viet Cong, tutti quelli che restano fermi sono Viet Cong molto ben educati!

Avatar utente
Renton
Livello: Scheda perforata (1/15)
Livello: Scheda perforata (1/15)
Messaggi: 7
Iscritto il: dom feb 08, 2015 10:04 pm

Re: Eccessivo consumo di ram

Messaggio da Renton »

Allora

ho cancellato superantispyware e ho installato malwarebytes facendogli fare un controllo del pc.
son riuscito a far funzionare autoruns e ho disabilitato parecchi programmi che erano inutili all'avvio del pc.
sicuramente adwcleaner mi ha risolto i problemi maggiori di lentezza..

questo è il log di Hijcakthis (grazie per l'aiuto)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:33:41, on 09/02/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Michele\Desktop\Michele\hijackthis\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Guida per l'accesso a Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-21-1197780657-228670236-2523017797-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe (User '?')
O4 - HKUS\S-1-5-21-1197780657-228670236-2523017797-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User '?')
O4 - HKUS\S-1-5-21-1197780657-228670236-2523017797-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-21-1197780657-228670236-2523017797-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe (User '?')
O4 - HKUS\S-1-5-21-1197780657-228670236-2523017797-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [AdobeBridge] (User '?')
O4 - HKUS\S-1-5-21-1197780657-228670236-2523017797-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-21-1197780657-228670236-2523017797-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (User '?')
O4 - S-1-5-21-1197780657-228670236-2523017797-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 Startup: AutorunsDisabled (User '?')
O4 - Startup: AutorunsDisabled
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Pianificatore (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: DeviceManager - Unknown owner - C:\Program Files (x86)\Common Files\DeviceHelper\DeviceManager.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files (x86)\WinPcap\rpcapd.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: RtVOsdService Installer (RtVOsdService) - Realtek Semiconductor Corp. - C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14576 bytes

Avatar utente
gioia271965
Livello: Chiavetta USB (8/15)
Livello: Chiavetta USB (8/15)
Messaggi: 490
Iscritto il: lun mar 24, 2014 2:22 pm
Località: Taranto

Re: Eccessivo consumo di ram

Messaggio da gioia271965 »

Credo tu abbia già risolto parecchi problemi. Ci sarebbero altri accorgimenti da eseguire, ma se il pc adesso va meglio...va bene cosi...
Se vuoi conoscere veramente una persona, guarda il suo Hard Disk!

Avatar utente
Renton
Livello: Scheda perforata (1/15)
Livello: Scheda perforata (1/15)
Messaggi: 7
Iscritto il: dom feb 08, 2015 10:04 pm

Re: Eccessivo consumo di ram

Messaggio da Renton »

gioia271965 ha scritto:Credo tu abbia già risolto parecchi problemi. Ci sarebbero altri accorgimenti da eseguire, ma se il pc adesso va meglio...va bene cosi...
si il pc va meglio ma l'eccessivo consumo di ram è rimasto... e pure l'eccessivo numero di processi in esecuzione, che altro potrei fare?

Avatar utente
gioia271965
Livello: Chiavetta USB (8/15)
Livello: Chiavetta USB (8/15)
Messaggi: 490
Iscritto il: lun mar 24, 2014 2:22 pm
Località: Taranto

Re: Eccessivo consumo di ram

Messaggio da gioia271965 »

I processi di un pc sono dipendenti dai programmi attivi, e dai servizi abilitati di default dal sistema. Ci sono molte guide sul web che aiutano ad ottimizzare i servizi di windows in base alle proprie esigenze...puoi postare una foto del gestione attività appena acceso il pc?
Se vuoi conoscere veramente una persona, guarda il suo Hard Disk!

Avatar utente
Renton
Livello: Scheda perforata (1/15)
Livello: Scheda perforata (1/15)
Messaggi: 7
Iscritto il: dom feb 08, 2015 10:04 pm

Re: Eccessivo consumo di ram

Messaggio da Renton »

gioia271965 ha scritto:puoi postare una foto del gestione attività appena acceso il pc?
ecco:

Immagine

Avatar utente
crazy.cat
Amministratore
Amministratore
Messaggi: 8678
Iscritto il: mer mag 01, 2013 4:02 pm
Località: Noventa Padovana
Contatta:

Re: Eccessivo consumo di ram

Messaggio da crazy.cat »

Qualche programma di cui potretsi (se non lo usi) fare a meno senza grossi problemi. Puoi disattivarli momentaneamente con il comando msconfig o ccleaner, se vedi che non hai problemi li tieni "spenti" per sempre.

O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
http://www.bleepingcomputer.com/startup ... 19070.html

O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
https://forums.adobe.com/thread/1585499

O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
http://h30434.www3.hp.com/t5/Other-Note ... d-p/296321

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
http://h30434.www3.hp.com/t5/Other-Note ... d-p/248420

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

Queste voci sono strane non ricordo di averle mai viste.
O4 - HKUS\S-1-5-21-1197780657-228670236-2523017797-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe (User '?')
O4 - HKUS\S-1-5-21-1197780657-228670236-2523017797-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User '?')
O4 - HKUS\S-1-5-21-1197780657-228670236-2523017797-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-21-1197780657-228670236-2523017797-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe (User '?')
O4 - HKUS\S-1-5-21-1197780657-228670236-2523017797-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [AdobeBridge] (User '?')
O4 - HKUS\S-1-5-21-1197780657-228670236-2523017797-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-21-1197780657-228670236-2523017797-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (User '?')
O4 - S-1-5-21-1197780657-228670236-2523017797-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 Startup: AutorunsDisabled (User '?')
O4 - Startup: AutorunsDisabled

Utilizzi chrome? Altrimenti potresti disattivare questi tre servizi.
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
Tutti quelli che scappano sono Viet Cong, tutti quelli che restano fermi sono Viet Cong molto ben educati!

Avatar utente
gioia271965
Livello: Chiavetta USB (8/15)
Livello: Chiavetta USB (8/15)
Messaggi: 490
Iscritto il: lun mar 24, 2014 2:22 pm
Località: Taranto

Re: Eccessivo consumo di ram

Messaggio da gioia271965 »

Renton ha scritto:
gioia271965 ha scritto:puoi postare una foto del gestione attività appena acceso il pc?
ecco:
Personalmente eliminerei (disabilitandoli dall'avvio) mbam.exe visto che c'è già avira. Sidebar.exe lo bloccherei del tutto. E' noto che questi eleganti processi di abbellimento di windows sono dei succhiasangue. CCC.exe puoi anche disabilitarlo dall'avvio. Cosi come mspaint.exe. IAStorIcon.exe. SynTPEnh.exe. I due RAV, cosi come il gestione audio, li puoi disabilitare. Blocca anche UnistallMonitor.exe. Il processo legato a demntools lo puoi eliminare dalla partenza. igfxpers.exe. Il MOM.exe e il processo legato a synaptics. Nonchè il processo hpwuSchd e l'ultimo presente nell'elenco. I programmi, a mio modo di vedere, devono essere caricati alla bisogna e non precaricati all'avvio. L'avvio deve essere quanto più pulito è possibile. Naturalmente prendi questi consigli come "personali". Io all'avvio del sistema ho solo 46 processi. Quasi tutti di sistema. Solo eset, firemin, e malwarebytes antiexploit sono i software precaricati. E poi non dimenticare le pulizie periodiche con programmi tipo ccleaner (ma ve ne sono di gran lunga più efficaci), deframmentazione periodica (se hai un hard disk SATA) e deframmentazione del registro....
Se vuoi conoscere veramente una persona, guarda il suo Hard Disk!

Avatar utente
Al3x
Amministratore
Amministratore
Messaggi: 3986
Iscritto il: mer mag 01, 2013 12:59 pm
Località: http://127.0.0.1

Re: Eccessivo consumo di ram

Messaggio da Al3x »

gioia271965 ha scritto:il processo legato a synaptics
ma disabilitando il driver del touchpad, non si rischia la perdita di alcune sue funzioni tipo scrolling, zoom ecc.?
I :amore Sasha

Avatar utente
gioia271965
Livello: Chiavetta USB (8/15)
Livello: Chiavetta USB (8/15)
Messaggi: 490
Iscritto il: lun mar 24, 2014 2:22 pm
Località: Taranto

Re: Eccessivo consumo di ram

Messaggio da gioia271965 »

Al3x ha scritto:
gioia271965 ha scritto:il processo legato a synaptics
ma disabilitando il driver del touchpad, non si rischia la perdita di alcune sue funzioni tipo scrolling, zoom ecc.?
No Ale3x...sul portatile ho fatto la stessa cosa quando ho formattato...
Se vuoi conoscere veramente una persona, guarda il suo Hard Disk!

Avatar utente
Renton
Livello: Scheda perforata (1/15)
Livello: Scheda perforata (1/15)
Messaggi: 7
Iscritto il: dom feb 08, 2015 10:04 pm

Re: Eccessivo consumo di ram

Messaggio da Renton »

gioia271965 ha scritto:
Al3x ha scritto:
gioia271965 ha scritto:il processo legato a synaptics
ma disabilitando il driver del touchpad, non si rischia la perdita di alcune sue funzioni tipo scrolling, zoom ecc.?
No Ale3x...sul portatile ho fatto la stessa cosa quando ho formattato...
Ho fatto tutte le cose che mi avete detto e il pc va meglio (grazie mille)... ho solo riscontrato due problemi:
1. touchpad non funziona più la funzione di scrolling.... quindi mi sa che mi converrà riattivare Synaptics o dipende da altro?

2. quando uso il telefono fisso di casa il pc si sconnette, mi sembra strano perchè prima non succedeva e non ho fatto nessuna modifica contrattuale/dal model/di cavi o altro..... cosa può essere? qualche processo che ho disabilitato?

Avatar utente
crazy.cat
Amministratore
Amministratore
Messaggi: 8678
Iscritto il: mer mag 01, 2013 4:02 pm
Località: Noventa Padovana
Contatta:

Re: Eccessivo consumo di ram

Messaggio da crazy.cat »

1) si riattiva synaptics.
2) strano come problema, se ti ricordi di preciso cosa avevi disattivato, riattivalo e vedi se hai ancora la disconnessione.
Magari attiva uno o due cose alla volta per capire chi ti da il problema.
Tutti quelli che scappano sono Viet Cong, tutti quelli che restano fermi sono Viet Cong molto ben educati!

Avatar utente
popmart68
Livello: Disco fisso (9/15)
Livello: Disco fisso (9/15)
Messaggi: 621
Iscritto il: gio lug 04, 2013 11:13 am
Località: POZZALLO (RG))
Contatta:

Re: Eccessivo consumo di ram

Messaggio da popmart68 »

domanda: io ho 3gb di ram...e firefox mi consuma 260.00 kb circa di ram,e bene sempre utilizzarlo?...può dare problemi al sistema?

System
System
Bot ufficiale TurboLab.it
Bot
Messaggi:
Iscritto il: sab dic 31, 2016 6:19 pm
Contatta: Contatta

Re: Re: Eccessivo consumo di ram

Messaggio da System » lun feb 23, 2015 10:09 am


Rispondi
  • Argomenti simili
    Risposte
    Visite
    Ultimo messaggio