- Home
- Categorie
- Gaming, Hardware e Software
- Sicurezza Informatica & Privacy
- Analisi log HiJackThis
-
Analisi log HiJackThis
Ciao a tutti!
Il mio computer è ormai alla frutta... Non ne vuole sapere di funzionare... E' lentissimo ed ogni tanto si blocca, perde colpi ecc... Siccome antivirus e compagnia bella non hanno rilevato niente e le varie utility (defrag, smart ram, ecc) non migliorano la situazione, penso possa essere un problema da dover risolvere "manualmente".Ho quindi fatto un log di HiJackThis, ma ho bisogno del vostro aiuto per analizzarlo.
Ve lo allego (nota: ho dovuto modificare i collegamenti vari aggiungendo degli spazi).
Grazie a tutti!
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23.48.35, on 13/01/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ATK0100\HControl.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\RTHDCPL.EXE C:\Programmi\ASUS\Power4 Gear\BatteryLife.exe C:\Programmi\Wireless Console 2\wcourier.exe C:\Programmi\Synaptics\SynTP\SynTPEnh.exe C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Programmi\PC Tools Security\pctsTray.exe C:\Programmi\IObit\IObit Security 360\IS360tray.exe C:\Programmi\File comuni\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\Windows Live\Messenger\msnmsgr.exe C:\Programmi\IObit\Advanced SystemCare 3\AWC.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\Application Updater\ApplicationUpdater.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Programmi\Google\Update\GoogleUpdate.exe C:\Programmi\IObit\IObit Security 360\IS360srv.exe C:\Programmi\Java\jre6\bin\jqs.exe C:\Programmi\PC Tools Security\pctsAuxs.exe C:\Programmi\PC Tools Security\pctsSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\ehome\mcrdsvc.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\System32\svchost.exe C:\Programmi\Windows Live\Contacts\wlcomm.exe C:\Programmi\Microsoft Security Client\Antimalware\MsMpEng.exe C:\Programmi\IObit\IObit Security 360\is360.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\svchost.exe c:\Programmi\Adobe\Acrobat 7.0\Reader\AcroRd32.exe C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\HelpCtr.exe C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe C:\WINDOWS\system32\msiexec.exe C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h ttp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = ht tp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ht tp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = ht tp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.stud.univpm.it:3128 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti R3 - URLSearchHook: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Programmi\IObit Toolbar\IE\4.1\iobitToolbarIE.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Programmi\IObit Toolbar\IE\4.1\iobitToolbarIE.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Programmi\IObit Toolbar\IE\4.1\iobitToolbarIE.dll O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Power_Gear] C:\Programmi\ASUS\Power4 Gear\BatteryLife.exe 1 O4 - HKLM\..\Run: [Wireless Console 2] C:\Programmi\Wireless Console 2\wcourier.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe O4 - HKLM\..\Run: [ATIPTA] "C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [ISTray] "C:\Programmi\PC Tools Security\pctsTray.exe" O4 - HKLM\..\Run: [IObit Security 360] "C:\Programmi\IObit\IObit Security 360\IS360tray.exe" /autostart O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [MSC] "C:\Programmi\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Programmi\IObit\Advanced SystemCare 3\AWC.exe" /startup O4 - HKCU\..\Run: [Sony Ericsson PC Companion] "C:\Programmi\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=htt p://w ww.asus.com O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - ht tps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 93.188.162.246,93.188.160.56 O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 93.188.162.246,93.188.160.56 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.162.246,93.188.160.56 O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Application Updater - Spigot, Inc. - C:\Programmi\Application Updater\ApplicationUpdater.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe O23 - Service: IS360service - IObit - C:\Programmi\IObit\IObit Security 360\IS360srv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe O23 - Service: MySQL - Unknown owner - C:\Programmi\MySQL\MySQL.exe (file missing) O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Programmi\PC Tools Security\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Programmi\PC Tools Security\pctsSvc.exe O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Programmi\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- End of file - 8119 bytes
-
Ciao ufobm,
dai una ripulita con ccleaner "anche al registro", ed effettua una scansiona con superantispyware e malwarebytes "aggiornati".
p.s. dal menu di ccleaner: --> **strumenti **--> avvio puoi disattivare quei processi "inutili" che sono impostati per essere eseguiti all'avvio del pc.
p.s.2 effettua anche* una deframmentazione* con* defraggler.*