Cosa togliere all avvio
Inviato: mar feb 02, 2010 2:57 amda Diego166
Ho il mio pc portatile asus che si è u np orallentato..cgidevo cosa tra questi processi fosse possibile eliminare..riporto il file log con hijackthis
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 3.05.15, on 02/02/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Programmi\ATKGFNEX\GFNEXSrv.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Programmi\Creative\Shared Files\CTAudSvc.exe
D:\Programmi\AntiVirus\Avira\AntiVir Desktop\sched.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\ehome\ehtray.exe
D:\Programmi\Elantech\ETDCtrl.exe
D:\Programmi\AmIcoSingLun\AmIcoSinglun.exe
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Programmi\AntiVirus\Avira\AntiVir Desktop\avgnt.exe
D:\Documents and Settings\Diego\Documenti\Utility\Grafica XP\YzShadow\YzShadow.exe
D:\Programmi\ASUS\ATK Hotkey\HControlUser.exe
D:\Programmi\ASUS\ATK Hotkey\HControl.exe
D:\Programmi\ASUS\ATK Media\DMedia.exe
D:\Programmi\ASUS\ATKOSD2\ATKOSD2.exe
D:\Programmi\ASUS\Power4 Gear\BatteryLife.exe
D:\Programmi\ASUS\NB Probe\NBProbe.exe
D:\Programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe
D:\WINDOWS\system32\RunDll32.exe
D:\Programmi\Creative\Volume Panel\VolPanlu.exe
D:\Programmi\Windows Live\Messenger\MsnMsgr.Exe
D:\Programmi\AntiVirus\Avira\AntiVir Desktop\avguard.exe
D:\WINDOWS\system32\taskmgr.exe
D:\WINDOWS\system32\bgsvcgen.exe
D:\WINDOWS\system32\cisvc.exe
D:\Programmi\Thoosje\thoosje sevenbar\Thoosje Sevenbar.exe
D:\WINDOWS\eHome\ehRecvr.exe
D:\WINDOWS\eHome\ehSched.exe
D:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\mdm.exe
D:\Programmi\ASUS\ATK Hotkey\ATKOSD.exe
D:\Programmi\ASUS\NB Probe\SPM\spmgr.exe
D:\WINDOWS\system32\svchost.exe
D:\Programmi\ASUS\ATK Hotkey\WDC.exe
D:\WINDOWS\eHome\ehmsas.exe
D:\WINDOWS\system32\dllhost.exe
D:\WINDOWS\System32\svchost.exe
D:\Programmi\Creative\Console Launcher\ConsoLCu.exe
D:\Programmi\Creative\ShareDLL\CADI\NotiMan.exe
D:\WINDOWS\system32\cidaemon.exe
D:\Programmi\THOMSON mp3PRO Audio Player\mp3PROplayer.exe
D:\Programmi\Sharing\uTorrent\uTorrent.exe
D:\WINDOWS\Explorer.EXE
D:\Documents and Settings\Diego\Documenti\Utility\Manutenzione e modifiche Registro di Sistema\HiJackThis2.0.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.it/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O4 - HKLM\..\Run: [ehTray] D:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ETDWare] D:\Programmi\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [AmIcoSinglun] D:\Programmi\AmIcoSingLun\AmIcoSinglun.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "D:\Programmi\AntiVirus\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [YzShadow] D:\Documents and Settings\Diego\Documenti\Utility\Grafica XP\YzShadow\YzShadow.exe
O4 - HKLM\..\Run: [HControlUser] D:\Programmi\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKHOTKEY] D:\Programmi\ASUS\ATK Hotkey\HControl.exe
O4 - HKLM\..\Run: [ATKMEDIA] D:\Programmi\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ATKOSD2] D:\Programmi\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [Power4Gear] D:\Programmi\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [NB Probe] D:\Programmi\ASUS\NB Probe\NBProbe.exe
O4 - HKLM\..\Run: [ISUSPM] "D:\Programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [Creative KSRun Persistence Module] RunDll32 KSRun.dll,RunDLLEntry
O4 - HKLM\..\Run: [VolPanel] "D:\Programmi\Creative\Volume Panel\VolPanlu.exe" /r
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Programmi\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Startup: FancyStart daemon.lnk = ?
O4 - Startup: Task Manager.lnk = D:\WINDOWS\system32\taskmgr.exe
O4 - Startup: Thoosje Sevenbar.lnk = D:\Programmi\Thoosje\thoosje sevenbar\Thoosje Sevenbar.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - D:\Programmi\AntiVirus\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Programmi\AntiVirus\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - D:\Programmi\ATKGFNEX\GFNEXSrv.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - D:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - D:\Programmi\File comuni\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - D:\Programmi\Creative\Shared Files\CTAudSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: spmgr - Unknown owner - D:\Programmi\ASUS\NB Probe\SPM\spmgr.exe
--
End of file - 6866 bytes
Scan saved at 3.05.15, on 02/02/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Programmi\ATKGFNEX\GFNEXSrv.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Programmi\Creative\Shared Files\CTAudSvc.exe
D:\Programmi\AntiVirus\Avira\AntiVir Desktop\sched.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\ehome\ehtray.exe
D:\Programmi\Elantech\ETDCtrl.exe
D:\Programmi\AmIcoSingLun\AmIcoSinglun.exe
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Programmi\AntiVirus\Avira\AntiVir Desktop\avgnt.exe
D:\Documents and Settings\Diego\Documenti\Utility\Grafica XP\YzShadow\YzShadow.exe
D:\Programmi\ASUS\ATK Hotkey\HControlUser.exe
D:\Programmi\ASUS\ATK Hotkey\HControl.exe
D:\Programmi\ASUS\ATK Media\DMedia.exe
D:\Programmi\ASUS\ATKOSD2\ATKOSD2.exe
D:\Programmi\ASUS\Power4 Gear\BatteryLife.exe
D:\Programmi\ASUS\NB Probe\NBProbe.exe
D:\Programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe
D:\WINDOWS\system32\RunDll32.exe
D:\Programmi\Creative\Volume Panel\VolPanlu.exe
D:\Programmi\Windows Live\Messenger\MsnMsgr.Exe
D:\Programmi\AntiVirus\Avira\AntiVir Desktop\avguard.exe
D:\WINDOWS\system32\taskmgr.exe
D:\WINDOWS\system32\bgsvcgen.exe
D:\WINDOWS\system32\cisvc.exe
D:\Programmi\Thoosje\thoosje sevenbar\Thoosje Sevenbar.exe
D:\WINDOWS\eHome\ehRecvr.exe
D:\WINDOWS\eHome\ehSched.exe
D:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\mdm.exe
D:\Programmi\ASUS\ATK Hotkey\ATKOSD.exe
D:\Programmi\ASUS\NB Probe\SPM\spmgr.exe
D:\WINDOWS\system32\svchost.exe
D:\Programmi\ASUS\ATK Hotkey\WDC.exe
D:\WINDOWS\eHome\ehmsas.exe
D:\WINDOWS\system32\dllhost.exe
D:\WINDOWS\System32\svchost.exe
D:\Programmi\Creative\Console Launcher\ConsoLCu.exe
D:\Programmi\Creative\ShareDLL\CADI\NotiMan.exe
D:\WINDOWS\system32\cidaemon.exe
D:\Programmi\THOMSON mp3PRO Audio Player\mp3PROplayer.exe
D:\Programmi\Sharing\uTorrent\uTorrent.exe
D:\WINDOWS\Explorer.EXE
D:\Documents and Settings\Diego\Documenti\Utility\Manutenzione e modifiche Registro di Sistema\HiJackThis2.0.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.it/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O4 - HKLM\..\Run: [ehTray] D:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ETDWare] D:\Programmi\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [AmIcoSinglun] D:\Programmi\AmIcoSingLun\AmIcoSinglun.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "D:\Programmi\AntiVirus\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [YzShadow] D:\Documents and Settings\Diego\Documenti\Utility\Grafica XP\YzShadow\YzShadow.exe
O4 - HKLM\..\Run: [HControlUser] D:\Programmi\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKHOTKEY] D:\Programmi\ASUS\ATK Hotkey\HControl.exe
O4 - HKLM\..\Run: [ATKMEDIA] D:\Programmi\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ATKOSD2] D:\Programmi\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [Power4Gear] D:\Programmi\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [NB Probe] D:\Programmi\ASUS\NB Probe\NBProbe.exe
O4 - HKLM\..\Run: [ISUSPM] "D:\Programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [Creative KSRun Persistence Module] RunDll32 KSRun.dll,RunDLLEntry
O4 - HKLM\..\Run: [VolPanel] "D:\Programmi\Creative\Volume Panel\VolPanlu.exe" /r
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Programmi\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Startup: FancyStart daemon.lnk = ?
O4 - Startup: Task Manager.lnk = D:\WINDOWS\system32\taskmgr.exe
O4 - Startup: Thoosje Sevenbar.lnk = D:\Programmi\Thoosje\thoosje sevenbar\Thoosje Sevenbar.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - D:\Programmi\AntiVirus\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Programmi\AntiVirus\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - D:\Programmi\ATKGFNEX\GFNEXSrv.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - D:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - D:\Programmi\File comuni\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - D:\Programmi\Creative\Shared Files\CTAudSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: spmgr - Unknown owner - D:\Programmi\ASUS\NB Probe\SPM\spmgr.exe
--
End of file - 6866 bytes
![[;)]](http://www.megalab.it/forum/images/smilies/wink.gif "Occhiolino")
. Dai anche un'occhiatina ai servizi e ai processi relativi.