|
|||||||
|
|
|
 |
|
|
Strumenti |
20-07-2007, 18:57
|
#1 |
|
Member
Iscritto dal: Jun 2007
Messaggi: 126
|
pc lento e hijackthis
mi è stato consigliato di fare una scansione con hijackthis e di chiedere a degli esperti poichè ultimamente il mio notebook rallenta.
A chi chiedere se nn a chi bazzica in questo forum? spero che la sezione sia giusta.... se non lo è mi scuso anticipatamente. ecco qui dunque: non riesco ad allegarlo, quindi spero mi scuserete se lo incollo qui: Logfile of HijackThis v1.99.1 Scan saved at 18.27.55, on 20/07/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\acs.exe C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe C:\Programmi\Bonjour\mDNSResponder.exe C:\Programmi\ASUS\Mobile Theater\Kernel\CLML_NTService\CLMLServer.exe C:\Programmi\ASUS\Mobile Theater\Kernel\CLML_NTService\CLMLService.exe C:\WINDOWS\system32\nvsvc32.exe C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe C:\Programmi\Raxco\PerfectDisk\PDAgent.exe C:\Programmi\File comuni\Protexis\License Service\PSIService.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe C:\Programmi\Raxco\PerfectDisk\PDEngine.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe C:\WINDOWS\ATK0100\HControl.exe C:\Programmi\Synaptics\SynTP\SynTPEnh.exe C:\Programmi\ASUS\Splendid\ACMON.exe C:\Programmi\ASUS\Power4 Gear\BatteryLife.exe C:\Programmi\Trend Micro\Internet Security 2007\pccguide.exe C:\WINDOWS\system32\ACEngSvr.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\Programmi\ASUS\ATK Media\DMEDIA.EXE C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\TRENDM~1\INTERN~1\PccVScan.exe C:\Programmi\Internet Explorer\iexplore.exe C:\DOCUME~1\Ale\IMPOST~1\Temp\Rar$EX00.516\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe O4 - HKLM\..\Run: [Collegamento alla pagina delle proprietà di High Definition Audio] HDAShCut.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ACMON] C:\Programmi\ASUS\Splendid\ACMON.exe O4 - HKLM\..\Run: [Power_Gear] C:\Programmi\ASUS\Power4 Gear\BatteryLife.exe 1 O4 - HKLM\..\Run: [ACU] "C:\Programmi\ASUS WLAN Adapter\ACU.exe" -nogui O4 - HKLM\..\Run: [pccguide.exe] "C:\Programmi\Trend Micro\Internet Security 2007\pccguide.exe" O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Programmi\File comuni\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [ATKMEDIA] C:\Programmi\ASUS\ATK Media\DMEDIA.EXE O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE12\EXCEL.EXE/3000 O10 - Unknown file in Winsock LSP: c:\programmi\bonjour\mdnsnsp.dll O11 - Options group: [INTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1178915341593 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6...ws-i586-jc.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FILECO~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Servizio di configurazione ASUS (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programmi\Bonjour\mDNSResponder.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programmi\ASUS\Mobile Theater\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Programmi\ASUS\Mobile Theater\Kernel\CLML_NTService\CLMLServer.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallShield Licensing Service - Macrovision - C:\Programmi\File comuni\InstallShield Shared\Service\InstallShield Licensing Service.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programmi\File comuni\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe O23 - Service: Protezione anti-spyware Trend Micro (PcScnSrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe O23 - Service: PDAgent - Raxco Software, Inc. - C:\Programmi\Raxco\PerfectDisk\PDAgent.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Programmi\Raxco\PerfectDisk\PDEngine.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Programmi\File comuni\Protexis\License Service\PSIService.exe O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe ho fatto un'analisi rapida sul sito hijackthis.de e i sospetti sono: C:\Programmi\Bonjour\mDNSResponder.exe me lo da come parte di itunes 5, però io non l'ho mai istallato. ho letto in giro che fà parte anche di adobe photoshop cs3 (che io ho) ma a che cavolo serve? C:\Programmi\ASUS\Mobile Theater\Kernel\CLML_NTService\CLMLServer.exe Abbastanza sospetto! Secondo il nostro archivio, questo programma gira normalmente in c:\programme\cyberlink\shared files\clml_ntservice\!. CyberLink Media Library Service C:\Programmi\ASUS\Mobile Theater\Kernel\CLML_NTService\CLMLService.exe Abbastanza sospetto! Secondo il nostro archivio, questo programma gira normalmente in c:\programme\cyberlink\shared files\clml_ntservice\!. CyberLink Media Library C:\WINDOWS\system32\nvsvc32.exe superfluo??? ma non sono i driver o similari della scheda video? C:\Programmi\File comuni\Protexis\License Service\PSIService.exe Abbastanza sospetto! Secondo il nostro archivio, questo programma gira normalmente in c:\windows\system32\!. Corel Paint Shop Pro XI Service C:\PROGRA~1\TRENDM~1\INTERN~1\PccVScan.exe Abbastanza sospetto! Secondo il nostro archivio, questo programma gira normalmente in c:\.*pccill~1.*\!. Trend Micro Internet Security Virus Scan Module ho fatto scansioni sia con l'antivirus sia con spybot, niente. cmq prima di incasinarmi volevo un vostro parere. che ne dite? se c'è qualcosa di inutile ditemelo, che lo levo dalle scatole. grazie |
|
|
|
|
| Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 18:36.
