• M
    User Newbie

    Il mio PC ha rallentato vistosamente

    Ciao a tutti,
    sono nuovo del Forum.

    Ultimamente ho un problema, il mio Pc ha rallentato vistosamente, specialmente nelle connessioni alla LAN locale e mi sembra che da Task Manager sia allocata una quantità di memoria parecchio superiore rispetto a prima.

    ho eseguito HijackThis e questo è il mio log, c'è qualcosa che macroscopicamente non va?!?!?!:fagiano:

    Logfile of HijackThis v1.99.1
    Scan saved at 19.14.09, on 04/10/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16512)
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Programmi\File comuni\EPSON\EBAPI\eEBSVC.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\Programmi\Bonjour\mDNSResponder.exe
    C:\WINDOWS\System32\drivers\CDAC11BA.EXE
    C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
    C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\WINDOWS\system32\inetsrv\inetinfo.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\Programmi\Spyware Doctor\svcntaux.exe
    C:\Programmi\Spyware Doctor\swdsvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wdfmgr.exe
    C:\Programmi\VMware\VMware Workstation\vmware-authd.exe
    C:\Programmi\File comuni\VMware\VMware Virtual Image Editing\vmount2.exe
    C:\WINDOWS\system32\vmnat.exe
    C:\WINDOWS\System32\DRIVERS\WtSrv.exe
    C:\Programmi\RealVNC\VNC4\WinVNC4.exe
    C:\WINDOWS\system32\vmnetdhcp.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\Explorer.EXE
    C:\Programmi\Spyware Doctor\SDTrayApp.exe
    C:\PROGRA~1\DAP\DAP.EXE
    C:\Programmi\PERFECT SERIES\Crystal Optical Mouse\3.0\lwb3dapp.exe
    C:\Programmi\Java\jre1.6.0_02\bin\jusched.exe
    C:\Programmi\QuickTime\qttask.exe
    C:\WINDOWS\system32\WService.EXE
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\tsnp2std.exe
    C:\WINDOWS\vsnp2std.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Programmi\Messenger\msmsgs.exe
    C:\Programmi\Google\Google Updater\GoogleUpdater.exe
    C:\Programmi\Alt-N Technologies\ComAgent\ComAgent.exe
    C:\Programmi\Internet Explorer\iexplore.exe
    C:\Documents and Settings\MATTEO\Documenti\RALLENTAMENTO\HijackThis.exe
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = .local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
    O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\Programmi\DAP\DAPBHO.dll
    O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: IexploreOmea - {09628AAA-66AD-4FA2-82E2-698185B66463} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Programmi\DAP\DAPIEBar.dll
    O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
    O4 - HKLM..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
    O4 - HKLM..\Run: [LWBMOUSE] C:\Programmi\PERFECT SERIES\Crystal Optical Mouse\3.0\lwb3dapp.exe
    O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM..\Run: [WService] WService.EXE
    O4 - HKLM..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
    O4 - HKLM..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
    O4 - HKLM..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
    O4 - HKLM..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
    O4 - HKLM..\Run: [SDTray] "C:\Programmi\Spyware Doctor\SDTrayApp.exe"
    O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKCU..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
    O4 - Startup: ComAgent.lnk = C:\Programmi\Alt-N Technologies\ComAgent\ComAgent.exe
    O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
    O4 - Global Startup: Google Updater.lnk = C:\Programmi\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office\OSA9.EXE
    O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
    O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\programmi\bonjour\mdnsnsp.dll
    O11 - Options group: [INTERNATIONAL] International
    O16 - DPF: ppctlcab - http://ppupdates.ca.com/downloads/scanner/ppctlcab.cab
    O16 - DPF: {1F831FA9-42FC-11D4-95A6-0080AD30DCE1} (InstaFred) - file://C:\Programmi\AutoCAD 2002 Ita\InstFred.ocx
    O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://ppupdates.ca.com/downloads/scanner/axscanner.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1096641839937
    O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} (Microsoft RDP Client Control (redist)) - https://81.31.149.46:8443/msrdp.cab
    O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (Controllo AcDc oggi) - file://C:\Programmi\AutoCAD 2002 Ita\AcDcToday.ocx
    O16 - DPF: {AE563729-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://C:\Programmi\AutoCAD 2002 Ita\InstBanr.ocx
    O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (Controllo AcPreview) - file://C:\Programmi\AutoCAD 2002 Ita\AcPreview.ocx
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = nimacad.it
    O17 - HKLM\Software..\Telephony: DomainName = nimacad.it
    O17 - HKLM\System\CCS\Services\Tcpip..{F5998CEB-D4E8-4E49-8EA6-473FD5D8C050}: NameServer = 192.168.0.20
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = nimacad.it
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FILECO~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmi\File comuni\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
    O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
    O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Programmi\File comuni\EPSON\EBAPI\eEBSVC.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Macromedia Licensing Service - Macromedia - C:\Programmi\File comuni\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Programmi\Spyware Doctor\svcntaux.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Programmi\Spyware Doctor\swdsvc.exe
    O23 - Service: Tonpmsftpf - Conexant - (no file)
    O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Programmi\VMware\VMware Workstation\vmware-authd.exe
    O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
    O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Programmi\File comuni\VMware\VMware Virtual Image Editing\vmount2.exe
    O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
    O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\System32\DRIVERS\WtSrv.exe
    O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Programmi\RealVNC\VNC4\WinVNC4.exe" -service (file missing)

    Mi date per cortesia una mano a capirci qualche cosa??

    0
  • wolf.otakar
    Consiglio Direttivo

    Ciao magostoni e benvenuto nel forum GT! 🙂

    Effettua una scansione in modalita' provvissoria con Vir.IT eXplorer e SuperAntiSpyware "aggiornati"!

    Posta poi, qui nel forum il risultato di virit!

    :ciauz:

    0
  • T
    Bannato User

    ciao magostoni,avvia hijackthis,seleziona l'opzione Do a system scan only poi seleziona a sinistra su queste voci:

    O23 - Service: Tonpmsftpf - Conexant - (no file)
    O2 - BHO: IexploreOmea - {09628AAA-66AD-4FA2-82E2-698185B66463} - (no file)

    e sotto su fix checked.
    Poi esegui le giuste operazione di wolf.

    0
Effettua l'accesso per rispondere