paszczaq
23 Sierpień 2006 12:52
#1
Witam wszystkich, a szczegolnynie chcetnuch do pomocy. Moj problem polega na tym, ze od kilku godzin po podlaczeniu do Internetu i odpaleniu kilku programow (m.in. Opera i Konnekt) komputer laguje mi od czasu doc zasu. Sa to krotkie przestoje nawet podczas swobodnego ruszania myszka. Zapraszm do sprawdzenia loga, oraz jezeli cos ‘rewolucyjnego’ (maszyna byla restartowana i skanowana NostronemSW) nasunie wam sie na mysl, napisanie kilku porad ogolnych i co istotne, polecenie dobrego Spyware’a - niekoniecznie freeware.
Oto log:
Logfile of HijackThis v1.99.1 Scan saved at 14:45:38, on 2006-08-23 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: E:\WINDOWS\System32\smss.exe E:\WINDOWS\system32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe E:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE F:\Programy\Norton SystemWorks\Norton Antivirus\navapsvc.exe F:\Programy\NORTON~1\NORTON~2\NPROTECT.EXE E:\WINDOWS\system32\nvsvc32.exe F:\Programy\Norton SystemWorks\Norton Antivirus\SAVScan.exe F:\Programy\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE E:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe E:\WINDOWS\Explorer.EXE E:\Program Files\Common Files\Symantec Shared\ccApp.exe E:\Program Files\Java\jre1.5.0_06\bin\jusched.exe E:\Program Files\TimeSink\AdGateway\TsAdBot.exe E:\WINDOWS\system32\ctfmon.exe F:\Programy\NetMeter\NetMeter.exe F:\Programy\Opera\Opera.exe F:\Programy\Konnekt\konnekt.exe D:\Instalki\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - Default URLSearchHook is missing O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - F:\Programy\Norton SystemWorks\Norton Antivirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - F:\Programy\Norton SystemWorks\Norton Antivirus\NavShExt.dll O4 - HKLM…\Run: [ccApp] “E:\Program Files\Common Files\Symantec Shared\ccApp.exe” O4 - HKLM…\Run: [symantec NetDriver Monitor] E:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM…\Run: [sunJavaUpdateSched] E:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM…\Run: [TimeSink Ad Client] “E:\Program Files\TimeSink\AdGateway\TsAdBot.exe” O4 - HKCU…\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe O4 - HKCU…\Run: [F] F:\Programy\NetMeter\NetMeter.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\Programy\Office\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\Programy\MICROS~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Usługa Auto Protect programu Norton AntiVirus (navapsvc) - Symantec Corporation - F:\Programy\Norton SystemWorks\Norton Antivirus\navapsvc.exe O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - F:\Programy\NORTON~1\NORTON~2\NPROTECT.EXE O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - F:\Programy\Norton SystemWorks\Norton Antivirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - E:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Speed Disk service - Symantec Corporation - F:\Programy\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
qiko
23 Sierpień 2006 12:59
#2
Usuwasz z wylaczonym przywracaniem systemu iw trybie awaryjnym.
pogrubiony folder recznie,po zabiegach nowy log z hijacka +silent runners.