• User Newbie

    [Risolto] PC Lento, log hijackthis

    Ciao a tutti,
    ho un problema con il mio PC che è diventato piuttosto lento.
    Ho cancellato programmi, fatto defrag, passato con malwarebytes, antispyware e via di seguito ma non ne vengo a capo e non vorrei "rifare" il PC. Ho lanciato Hijack e fatto il log. Qualcuno è in grado di darmi una mano? Vi ringrazio anticipatamente per la cortesia.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 8.17.33, on 16/01/2010
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16945)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
    C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
    C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe
    C:\Programmi\File comuni\Acronis\CDP\afcdpsrv.exe
    C:\Programmi\File comuni\Acronis\Schedule2\schedhlp.exe
    C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Programmi\Bonjour\mDNSResponder.exe
    C:\WINDOWS\System32\svchost.exe
    c:\Programmi\File comuni\LightScribe\LSSrvc.exe
    C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
    C:\Programmi\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
    C:\Programmi\Eset\nod32krn.exe
    C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXE
    C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Programmi\File comuni\Protexis\License Service\PsiService_2.exe
    C:\Programmi\Retrospect\Retrospect 7.5\retrorun.exe
    C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\windows\system\hpsysdrv.exe
    C:\HP\KBD\KBD.EXE
    C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\ALCMTR.EXE
    C:\Programmi\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
    C:\WINDOWS\system32\wfxsnt40.exe
    C:\Programmi\DAEMON Tools\daemon.exe
    C:\Programmi\Eset\nod32kui.exe
    C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe
    C:\Programmi\Acronis\TrueImageHome\TrueImageMonitor.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Programmi\Directory Opus 9.1\dopusrt.exe
    C:\Programmi\Windows Media Player\WMPNSCFG.exe
    C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
    C:\Programmi\File comuni\Real\Update_OB\realsched.exe
    C:\WINDOWS\explorer.exe
    C:\Programmi\File comuni\Symantec Shared\Nmain.exe
    C:\Programmi\Mozilla Firefox\firefox.exe
    I:\Programmi al 091109\03_Utilità sistema\HiJackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=IT_IT&c=Q305&bd=pavilion&pf=desktop
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=IT_IT&c=Q305&bd=pavilion&pf=desktop
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.it/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ht/tp:/go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http//go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http:/ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=IT_IT&c=Q305&bd=pavilion&pf=desktop
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http//go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http//go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_05\bin\ssv.dll
    O3 - Toolbar: Vista HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Programmi\HP\Digital Imaging\bin\HPDTLK02.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programmi\Canon\Easy-WebPrint\Toolband.dll
    O4 - HKLM..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
    O4 - HKLM..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM..\Run: [OpwareSE2] "C:\Programmi\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
    O4 - HKLM..\Run: [NeroFilterCheck] C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe
    O4 - HKLM..\Run: [WinFaxAppPortStarter] wfxsnt40.exe
    O4 - HKLM..\Run: [DAEMON Tools] "C:\Programmi\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] "C:\Programmi\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKLM..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM..\Run: [SSBkgdUpdate] "C:\Programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM..\Run: [ISUSPM Startup] C:\PROGRA~1\FILECO~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM..\Run: [ISUSScheduler] "C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM..\Run: [CloneCDTray] "C:\Programmi\CloneCD\CloneCDTray.exe" /s
    O4 - HKLM..\Run: [iTunesHelper] "C:\Programmi\iTunes\iTunesHelper.exe"
    O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Programmi\Acronis\TrueImageHome\TrueImageMonitor.exe
    O4 - HKLM..\Run: [Servizio Acronis Scheduler2] "C:\Programmi\File comuni\Acronis\Schedule2\schedhlp.exe"
    O4 - HKLM..\Run: [ZoneAlarm Client] "C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU..\Run: [Directory Opus Desktop Dblclk] "C:\Programmi\Directory Opus 9.1\dopusrt.exe" /dblclk
    O4 - HKCU..\Run: [WMPNSCFG] C:\Programmi\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
    O4 - HKUS\S-1-5-20..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
    O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: Aggiungi all'elenco di stampa Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    O8 - Extra context menu item: Anteprima Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Stampa ad alta velocità Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    O8 - Extra context menu item: Stampa Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Organizzatore ricerche - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programmi\File comuni\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programmi\File comuni\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: Guida alla connessione - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Guida alla connessione - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
    O9 - Extra button: Guida alla connessione - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
    O9 - Extra 'Tools' menuitem: Guida alla connessione - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http//picasaweb.google.com/s/v/20.10/uploader2.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http//fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O23 - Service: Servizio Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe
    O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Programmi\File comuni\Acronis\CDP\afcdpsrv.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
    O23 - Service: Servizio di Google Update (gupdate1c9ad7f4c6a3350) (gupdate1c9ad7f4c6a3350) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Programmi\File comuni\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programmi\Eset\nod32krn.exe
    O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXE
    O23 - Service: PDAgent - Raxco Software, Inc. - C:\Programmi\Raxco\PerfectDisk\PDAgent.exe
    O23 - Service: PDEngine - Raxco Software, Inc. - C:\Programmi\Raxco\PerfectDisk\PDEngine.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Programmi\File comuni\Protexis\License Service\PsiService_2.exe
    O23 - Service: Retrospect Launcher (RetroLauncher) - EMC Corporation - C:\Programmi\Retrospect\Retrospect 7.5\retrorun.exe
    O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    --
    End of file - 13044 bytes


  • Consiglio Direttivo

    Ciao aletajo e benvenuto nel forum GT!

    Dai una ripulita con ccleaner e per deframmentare utilizza defraggler.

    :ciauz:


  • User Newbie

    Grazie.
    Tutto a posto.


  • Consiglio Direttivo

    :ciauz: