Komputer strsznie zwalnia i dziwnie się zachowuje

witam,

no niestety, dopadło i mnie chyba. Komp czasami bardzo wolno pracuje, procesor prawie 3 mhz a rzęzi jak koń pod górę, często 100% wykorzystania cpu a włączony jest tylko explorer i neostrada. Ratunku, z pamięcią chyba też są jakieś jaja.

Załączam Hijacka, hijack już po przepuszczeniu przez kontrolę na stronie http://www.hijackthis.de

Uwaga: Jak wklejasz loga to obejmuj go znacznikiem (tagiem) CODE lub QUOTE

Proponuje poczytać TEN temat i zobacz jaka jest prośba do userów wklejających loga

Log jest czysty

Start=>Uruchom=>Wpisz polecenie msconfig=>Zakładka Uruchamianie i odhacz:

Panel sterowania => Java Plug-in => Update => odptaszkuj Check for updates automatically

Zobacz

Optymalizacja i odchudzanie Windowsa XP - opis krok po kroku

Wklej loga SilentRunners

Sprawdz RAM, zasilacz oraz temperaturę sprzętu, czyli procka, dysku twardego itp.

U nas na forum nie korzystamy z tego analizatora, i radzę tobie byś z niego nie korzystał, błędnie interpretuje logi

witam,

dzięki za szybką odpowiedź. do punktu java plug in instrukcje wykonałem, z optymalizacją windowsa to mi zajmnie chyba trochę czasu przeczytanie tego wszystkiego…

wklejam loga silentrunners

“Silent Runners.vbs”, revision 46, http://www.silentrunners.org/

Operating System: Windows XP SP2

Output limited to non-default values, except where indicated by “{++}”

Startup items buried in registry:


HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}

“AtiPTA” = “atiptaxx.exe” [“ATI Technologies, Inc.”]

“SoundMan” = “SOUNDMAN.EXE” [“Realtek Semiconductor Corp.”]

“ccApp” = ““C:\Program Files\Common Files\Symantec Shared\ccApp.exe”” [“Symantec Corporation”]

“SpeedTouch USB Diagnostics” = ““C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe” /icon” [“THOMSON multimedia”]

“SmcService” = ““C:\PROGRA~1\Sygate\SPF\smc.exe” -startgui” [“Sygate Technologies, Inc.”]

“ScreenManager Pro for LCD” = ““C:\Program Files\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe”” [“EIZO NANAO CORPORATION”]

“Symantec NetDriver Monitor” = ““C:\PROGRA~1\SYMNET~1\SNDMon.exe” /Consumer” [“Symantec Corporation”]

“iTunesHelper” = ““C:\Program Files\iTunes\iTunesHelper.exe”” [file not found]

“WheelMouse” = “C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe” [“A4Tech Co.,Ltd.”]

“SpySweeper” = ““C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe” /startintray” [“Webroot Software, Inc.”]

“WOOWATCH” = “C:\PROGRA~1\WANADOO\Watch.exe” [“France Télécom R&D”]

“WOOTASKBARICON” = “C:\PROGRA~1\WANADOO\TaskbarIcon.exe” [“France Télécom R&D”]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

“{88895560-9AA2-1069-930E-00AA0030EBC8}” = “Rozszerzenie ikony HyperTerminalu”

-> {HKLM…CLSID} = “HyperTerminal Icon Ext”

\InProcServer32(Default) = “C:\WINDOWS\System32\hticons.dll” [“Hilgraeve, Inc.”]

“{D00900BC-23F7-4FD6-BFA2-8232112C5C49}” = “NRad Extension”

-> {HKLM…CLSID} = “NRadExt Class”

\InProcServer32(Default) = “C:\WINDOWS\System32\NRad.dll” [empty string]

“{5380C14E-C0A1-4D66-87DB-5995E6FF4623}” = “Rad Extension”

-> {HKLM…CLSID} = “RadPropExt Class”

\InProcServer32(Default) = “C:\WINDOWS\System32\Rad.dll” [empty string]

“{D2FD83AE-994A-4D4B-9097-2C9E11ED85F0}” = “RadClkr Extension”

-> {HKLM…CLSID} = “RadClkRExt Class”

\InProcServer32(Default) = “C:\WINDOWS\System32\RadClkR.dll” [empty string]

“{C6844A1E-2C59-415A-84B3-C6A458372779}” = “RadType Extension”

-> {HKLM…CLSID} = “RadTypeExt Class”

\InProcServer32(Default) = “C:\WINDOWS\System32\RadType.dll” [empty string]

“{75B8D633-9021-442C-9EA4-FF4BE72CE20F}” = “NRad2 Extension”

-> {HKLM…CLSID} = “NRadExt2 Class”

\InProcServer32(Default) = “C:\WINDOWS\System32\NRad.dll” [empty string]

“{36518101-49AC-42CB-8E4C-40C1F328A565}” = “Rad2 Extension”

-> {HKLM…CLSID} = “RadPropExt2 Class”

\InProcServer32(Default) = “C:\WINDOWS\System32\Rad.dll” [empty string]

“{B41DB860-8EE4-11D2-9906-E49FADC173CA}” = “WinRAR shell extension”

-> {HKLM…CLSID} = “WinRAR”

\InProcServer32(Default) = “C:\Program Files\WinRAR\rarext.dll” [null data]

“{E0D79304-84BE-11CE-9641-444553540000}” = “WinZip”

-> {HKLM…CLSID} = “WinZip”

\InProcServer32(Default) = “F:\KOPIAS~1\PROGRA~1\WINZIP\WZSHLSTB.DLL” [“WinZip Computing, Inc.”]

“{E0D79305-84BE-11CE-9641-444553540000}” = “WinZip”

-> {HKLM…CLSID} = “WinZip”

\InProcServer32(Default) = “F:\KOPIAS~1\PROGRA~1\WINZIP\WZSHLSTB.DLL” [“WinZip Computing, Inc.”]

“{E0D79306-84BE-11CE-9641-444553540000}” = “WinZip”

-> {HKLM…CLSID} = “WinZip”

\InProcServer32(Default) = “F:\KOPIAS~1\PROGRA~1\WINZIP\WZSHLSTB.DLL” [“WinZip Computing, Inc.”]

“{E0D79307-84BE-11CE-9641-444553540000}” = “WinZip”

-> {HKLM…CLSID} = “WinZip”

\InProcServer32(Default) = “F:\KOPIAS~1\PROGRA~1\WINZIP\WZSHLSTB.DLL” [“WinZip Computing, Inc.”]

“{0006F045-0000-0000-C000-000000000046}” = “Microsoft Outlook Custom Icon Handler”

-> {HKLM…CLSID} = “Rozszerzenie ikon plików programu Outlook”

\InProcServer32(Default) = “C:\PROGRA~1\MICROS~2\Office\OLKFSTUB.DLL” [MS]

“{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}” = “Shell Extensions for RealOne Player”

-> {HKLM…CLSID} = “RealOne Player Context Menu Class”

\InProcServer32(Default) = “C:\Program Files\Real\RealOne Player\rpshell.dll” [“RealNetworks, Inc.”]

“{640167b4-59b0-47a6-b335-a6b3c0695aea}” = “Portable Media Devices”

-> {HKLM…CLSID} = “Portable Media Devices”

\InProcServer32(Default) = “C:\WINDOWS\system32\Audiodev.dll” [MS]

“{cc86590a-b60a-48e6-996b-41d25ed39a1e}” = “Portable Media Devices Menu”

-> {HKLM…CLSID} = “Portable Media Devices Menu”

\InProcServer32(Default) = “C:\WINDOWS\system32\Audiodev.dll” [MS]

“{59850401-6664-101B-B21C-00AA004BA90B}” = “Microsoft Office Binder Unbind”

-> {HKLM…CLSID} = “Microsoft Office Binder Unbind”

\InProcServer32(Default) = “C:\PROGRA~1\MICROS~2\Office\1045\UNBIND.DLL” [MS]

“{21569614-B795-46b1-85F4-E737A8DC09AD}” = “Shell Search Band”

-> {HKLM…CLSID} = “Shell Search Band”

\InProcServer32(Default) = “C:\WINDOWS\system32\browseui.dll” [MS]

“{6EE51AA0-77A0-11D7-B4E1-000347126E46}” = “Window Washer Shredding Utility”

-> {HKLM…CLSID} = “Window Washer Shredding Utility”

\InProcServer32(Default) = “C:\PROGRA~1\COMMON~1\WEBROO~1\SHELLW~1.DLL” [“Webroot Software”]

“{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}” = “iTunes”

-> {HKLM…CLSID} = “iTunes”

\InProcServer32(Default) = “C:\Program Files\iTunes\iTunesMiniPlayer.dll” [file not found]

“{7C9D5882-CB4A-4090-96C8-430BFE8B795B}” = “Webroot Spy Sweeper Context Menu Integration”

-> {HKLM…CLSID} = “Webroot Spy Sweeper Context Menu Integration”

\InProcServer32(Default) = “C:\PROGRA~1\Webroot\SPYSWE~1\SSCtxMnu.dll” [“Webroot Software, Inc.”]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\

INFECTION WARNING! “{35B2861B-2B26-4691-9FF0-09083722C736}” = “RadExe Extension”

-> {HKLM…CLSID} = “RadExeExt Class”

\InProcServer32(Default) = “C:\WINDOWS\System32\RadExe.dll” [empty string]

HKLM\System\CurrentControlSet\Control\Session Manager\

INFECTION WARNING! “BootExecute” = “autocheck autochk * SsiEfr.e SsiEfr.e SsiEfr.e SsiEfr.e SsiEfr.e SsiEfr.e SsiEfr.e SsiEfr.e” [file not found], [MS], [file not found], [file not found], [file not found], [file not found], [file not found], [file not found], [file not found], [file not found], [file not found]

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\

INFECTION WARNING! AtiExtEvent\DLLName = “Ati2evxx.dll” [“ATI Technologies Inc.”]

INFECTION WARNING! WgaLogon\DLLName = “WgaLogon.dll” [MS]

INFECTION WARNING! WRNotifier\DLLName = “WRLogonNTF.dll” [“Webroot Software, Inc.”]

HKLM\Software\Classes\Folder\shellex\ColumnHandlers\

{F9DB5320-233E-11D1-9F84-707F02C10627}(Default) = “PDF Column Info”

-> {HKLM…CLSID} = “PDF Shell Extension”

\InProcServer32(Default) = “C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll” [“Adobe Systems, Inc.”]

HKLM\Software\Classes*\shellex\ContextMenuHandlers\

StuffIt Compress Menu(Default) = “{3FBFD0B0-EB46-4797-9101-615610E87DA6}”

-> {HKLM…CLSID} = “StuffIt Compress Menu”

\InProcServer32(Default) = “C:\Program Files\Aladdin Systems\StuffIt\CompressMenu.dll” [“Aladdin Systems, Inc.”]

Symantec.Norton.Antivirus.IEContextMenu(Default) = “{5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2}”

-> {HKLM…CLSID} = “IEContextMenu Class”

\InProcServer32(Default) = “C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll” [“Symantec Corporation”]

Washer(Default) = “{6EE51AA0-77A0-11D7-B4E1-000347126E46}”

-> {HKLM…CLSID} = “Window Washer Shredding Utility”

\InProcServer32(Default) = “C:\PROGRA~1\COMMON~1\WEBROO~1\SHELLW~1.DLL” [“Webroot Software”]

WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}”

-> {HKLM…CLSID} = “WinRAR”

\InProcServer32(Default) = “C:\Program Files\WinRAR\rarext.dll” [null data]

WinZip(Default) = “{E0D79304-84BE-11CE-9641-444553540000}”

-> {HKLM…CLSID} = “WinZip”

\InProcServer32(Default) = “F:\KOPIAS~1\PROGRA~1\WINZIP\WZSHLSTB.DLL” [“WinZip Computing, Inc.”]

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\

Washer(Default) = “{6EE51AA0-77A0-11D7-B4E1-000347126E46}”

-> {HKLM…CLSID} = “Window Washer Shredding Utility”

\InProcServer32(Default) = “C:\PROGRA~1\COMMON~1\WEBROO~1\SHELLW~1.DLL” [“Webroot Software”]

WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}”

-> {HKLM…CLSID} = “WinRAR”

\InProcServer32(Default) = “C:\Program Files\WinRAR\rarext.dll” [null data]

WinZip(Default) = “{E0D79304-84BE-11CE-9641-444553540000}”

-> {HKLM…CLSID} = “WinZip”

\InProcServer32(Default) = “F:\KOPIAS~1\PROGRA~1\WINZIP\WZSHLSTB.DLL” [“WinZip Computing, Inc.”]

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\

SpySweeper(Default) = “{7C9D5882-CB4A-4090-96C8-430BFE8B795B}”

-> {HKLM…CLSID} = “Webroot Spy Sweeper Context Menu Integration”

\InProcServer32(Default) = “C:\PROGRA~1\Webroot\SPYSWE~1\SSCtxMnu.dll” [“Webroot Software, Inc.”]

StuffIt Compress Menu(Default) = “{3FBFD0B0-EB46-4797-9101-615610E87DA6}”

-> {HKLM…CLSID} = “StuffIt Compress Menu”

\InProcServer32(Default) = “C:\Program Files\Aladdin Systems\StuffIt\CompressMenu.dll” [“Aladdin Systems, Inc.”]

Symantec.Norton.Antivirus.IEContextMenu(Default) = “{5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2}”

-> {HKLM…CLSID} = “IEContextMenu Class”

\InProcServer32(Default) = “C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll” [“Symantec Corporation”]

WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}”

-> {HKLM…CLSID} = “WinRAR”

\InProcServer32(Default) = “C:\Program Files\WinRAR\rarext.dll” [null data]

WinZip(Default) = “{E0D79304-84BE-11CE-9641-444553540000}”

-> {HKLM…CLSID} = “WinZip”

\InProcServer32(Default) = “F:\KOPIAS~1\PROGRA~1\WINZIP\WZSHLSTB.DLL” [“WinZip Computing, Inc.”]

Active Desktop and Wallpaper:


Active Desktop is disabled at this entry:

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

HKCU\Control Panel\Desktop\

“Wallpaper” = “C:\WINDOWS\ACDSee 32 Wallpaper.bmp”

Startup items in “ppp” & “All Users” startup folders:


C:\Documents and Settings\All Users\Menu Start\Programy\Autostart

“Adobe Reader Speed Launch” -> shortcut to: “C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe” [“Adobe Systems Incorporated”]

“Symantec Fax Starter Edition-Anschluss” -> shortcut to: “C:\Program Files\Microsoft Office\Office\1031\OLFSNT40.EXE” [file not found]

“Symantec Fax Starter Edition Port” -> shortcut to: “C:\Program Files\Microsoft Office\Office\1045\OLFSNT40.EXE” [MS]

“Spy Sweeper Fix” -> shortcut to: “C:\Program Files\Webroot\SpySweeperFix.bat” [file not found]

Enabled Scheduled Tasks:


“Funkcja One Button Checkup pakietu Norton SystemWorks” -> launches: “C:\Program Files\Norton SystemWorks\OBC.exe /CUSTOM /SCHEDULE” [“Symantec Corporation”]

“Symantec Drmc” -> launches: “C:\Program Files\Common Files\Symantec Shared\SymDrmc.exe /CUSTOM /SCHEDULE” [null data]

“Norton AntiVirus - Skanuj komputer” -> launches: “C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exe /task:“C:\Documents and Settings\All Users\Dane aplikacji\Symantec\Norton AntiVirus\Tasks\mycomp.sca”” [“Symantec Corporation”]

“Symantec NetDetect” -> launches: “C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE” [“Symantec Corporation”]

Winsock2 Service Provider DLLs:


Namespace Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}

000000000001\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS]

000000000002\LibraryPath = “%SystemRoot%\System32\winrnr.dll” [MS]

000000000003\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS]

Transport Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}

0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:

%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 13

%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05

Toolbars, Explorer Bars, Extensions:


Toolbars

HKCU\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\

“{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}”

-> {HKLM…CLSID} = “Norton AntiVirus”

\InProcServer32(Default) = “C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll” [“Symantec Corporation”]

HKLM\Software\Microsoft\Internet Explorer\Toolbar\

“{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}” = “Norton AntiVirus”

-> {HKLM…CLSID} = “Norton AntiVirus”

\InProcServer32(Default) = “C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll” [“Symantec Corporation”]

Explorer Bars

HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\

{21569614-B795-46B1-85F4-E737A8DC09AD}(Default) = (no title provided)

-> {HKLM…CLSID} = “Shell Search Band”

\InProcServer32(Default) = “C:\WINDOWS\system32\browseui.dll” [MS]

Running Services (Display Name, Service Name, Path {Service DLL}):


Canon Camera Access Library 8, CCALib8, “C:\Program Files\Canon\CAL\CALMAIN.exe” [“Canon Inc.”]

SAVScan, SAVScan, ““C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe”” [“Symantec Corporation”]

Sygate Personal Firewall, SmcService, “C:\Program Files\Sygate\SPF\smc.exe” [“Sygate Technologies, Inc.”]

Symantec Event Manager, ccEvtMgr, ““C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe”” [“Symantec Corporation”]

Symantec Settings Manager, ccSetMgr, ““C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe”” [“Symantec Corporation”]

SymWMI Service, SymWSC, ““C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe”” [“Symantec Corporation”]

Usługa Auto Protect programu Norton AntiVirus, navapsvc, ““C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe”” [“Symantec Corporation”]

Washer Security Access, wwSecSvc, “C:\WINDOWS\system32\wwSecure.exe” [“Webroot Software, Inc.”]

Webroot Spy Sweeper Engine, WebrootSpySweeperService, ““C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe”” [“Webroot Software, Inc.”]

Windows User Mode Driver Framework, UMWdf, “C:\WINDOWS\system32\wdfmgr.exe” [MS]

Sprawdz RAM, zasilacz oraz temperaturę sprzętu, czyli procka, dysku twardego itp. - jak sprawdzić RAM? czy to jest normalnie wolne miejsce na dysku? Jeżeli tak to na C mam jeszcze wolne 4GB, mało trochę chyba.

Temperaturę też nie wiem jak sprawdzić.

Sprawdziłem jak procesor chodzi przy włączonym explorerze, otwieram np googla i w tym momencie wykorzystanie procesora strzela do góry do 100%, przy otwieraniu kolejych stron dzieje się tak samo. Poza tym dziwnie jakoś ten explorer chodzi, ściąga stronę jakby do połowy, potem zatrzymuje się na 3-4 sekundy i ściąga drugą połowę. Nie pracuje płynnie tylko skokowo.

Wyłączyłem firewall windowsa zostawiłem sygate personal firewalla. Myślałem że to coś da, ale chyba nic.

Pozdrawiam

Wiesiek