Wolny komp

Dla specjalistów Bezpieczeństwo
#1

Defragmentuje kompa czym sie da, a on coraz wolniej mi pracuje. Kompa

chroni NORTON. Poradzcie mi prosze, czym moge go uzupelnic.

Z góry dziekuje i wklejam loga.Logfile of HijackThis v1.99.1

Scan saved at 23:39:09, on 2007-08-15

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:

D:\WINDOWS\System32\smss.exe

D:\WINDOWS\system32\winlogon.exe

D:\WINDOWS\system32\services.exe

D:\WINDOWS\system32\lsass.exe

D:\WINDOWS\system32\Ati2evxx.exe

D:\WINDOWS\system32\svchost.exe

D:\Program Files\Windows Defender\MsMpEng.exe

D:\WINDOWS\System32\svchost.exe

D:\Program Files\Ahead\InCD\InCDsrv.exe

D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

D:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

D:\WINDOWS\system32\spoolsv.exe

D:\WINDOWS\system32\CTsvcCDA.exe

D:\WINDOWS\System32\FTRTSVC.exe

D:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

D:\WINDOWS\system32\Ati2evxx.exe

D:\WINDOWS\Explorer.EXE

D:\Program Files\Ahead\InCD\InCD.exe

D:\Program Files\HP\HP Software Update\HPWuSchd2.exe

D:\Program Files\Common Files\Symantec Shared\ccApp.exe

D:\Program Files\Common Files\Real\Update_OB\realsched.exe

D:\Program Files\neostrada tp\taskbaricon.exe

D:\Program Files\ATI Technologies\ATI.ACE\cli.exe

D:\Program Files\lg_fwupdate\fwupdate.exe

D:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe

D:\Program Files\Gigabyte\ET5\GUI.exe

D:\WINDOWS\system32\RunDLL32.exe

D:\Program Files\Windows Defender\MSASCui.exe

D:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe

D:\WINDOWS\SOUNDMAN.EXE

D:\WINDOWS\system32\nvraidservice.exe

D:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe

D:\WINDOWS\system32\wbem\unsecapp.exe

D:\WINDOWS\system32\ctfmon.exe

D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

D:\Program Files\Messenger\msmsgs.exe

D:\Program Files\Creative\MediaSource5\MtdAcqu.exe

D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

D:\Program Files\ArcSoft\PhotoImpression 5\PI Monitor.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\system32\msiexec.exe

D:\PROGRA~1\NEOSTR~1\neostradatp.exe

D:\PROGRA~1\NEOSTR~1\ComComp.exe

D:\PROGRA~1\NEOSTR~1\Toaster.exe

D:\PROGRA~1\NEOSTR~1\Inactivity.exe

D:\PROGRA~1\NEOSTR~1\PollingModule.exe

D:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE

D:\PROGRA~1\NEOSTR~1\Watch.exe

D:\Program Files\Internet Explorer\IEXPLORE.EXE

D:\DOCUME~1\TATU~1\USTAWI~1\Temp\Katalog tymczasowy 7 dla hijackthis[1].zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://szukaj.wp.pl

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - D:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.1.3.19.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - D:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar2.dll

O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll

O4 - HKLM…\Run: [inCD] D:\Program Files\Ahead\InCD\InCD.exe

O4 - HKLM…\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM…\Run: [ccApp] D:\Program Files\Common Files\Symantec Shared\ccApp.exe

O4 - HKLM…\Run: [TkBellExe] “D:\Program Files\Common Files\Real\Update_OB\realsched.exe” -osboot

O4 - HKLM…\Run: [WOOTASKBARICON] D:\Program Files\neostrada tp\taskbaricon.exe

O4 - HKLM…\Run: [ATIPTA] D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM…\Run: [ATICCC] “D:\Program Files\ATI Technologies\ATI.ACE\cli.exe” runtime

O4 - HKLM…\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM…\Run: [LGODDFU] “D:\Program Files\lg_fwupdate\fwupdate.exe”

O4 - HKLM…\Run: [RemoteControl] “D:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe”

O4 - HKLM…\Run: [EasyTuneV] D:\Program Files\Gigabyte\ET5\GUI.exe

O4 - HKLM…\Run: [PD0630 STISvc] RunDLL32.exe P0630Pin.dll,RunDLL32EP 513

O4 - HKLM…\Run: [Windows Defender] “D:\Program Files\Windows Defender\MSASCui.exe” -hide

O4 - HKLM…\Run: [smartDefrag] “D:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe” /startup

O4 - HKLM…\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM…\Run: [NVRaidService] D:\WINDOWS\system32\nvraidservice.exe

O4 - HKLM…\Run: [NVMixerTray] “D:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe”

O4 - HKCU…\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe

O4 - HKCU…\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU…\Run: [MSMSGS] “D:\Program Files\Messenger\msmsgs.exe” /background

O4 - HKCU…\Run: [MtdAcqu] “D:\Program Files\Creative\MediaSource5\MtdAcqu.exe” /s

O4 - Global Startup: ATI CATALYST – pasek zadań.lnk = D:\Program Files\ATI Technologies\ATI.ACE\CLI.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: PI Monitor.lnk = D:\Program Files\ArcSoft\PhotoImpression 5\PI Monitor.exe

O8 - Extra context menu item: Download all links using BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddAllLink.htm

O8 - Extra context menu item: Download all videos using BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddVideo.htm

O8 - Extra context menu item: Download link using &BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddLink.htm

O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe

O9 - Extra ‘Tools’ menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O11 - Options group: [iNTERNATIONAL] International*

O12 - Plugin for .spop: D:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour … se8300.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup … 0911242625

O17 - HKLM\System\CCS\Services\Tcpip…{904AF581-0F9C-4BC5-899E-81DC44CBFF9F}: NameServer = 194.204.152.34 217.98.63.164

O20 - Winlogon Notify: WgaLogon - D:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)

O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)

O23 - Service: COM Host (comHost) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - D:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - D:\WINDOWS\System32\FTRTSVC.exe

O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Harmonogram automatycznej usługi LiveUpdate - Symantec Corporation - D:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\Program Files\Ahead\InCD\InCDsrv.exe

O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - D:\Program Files\Norton Internet Security\isPwdSvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - D:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)

O23 - Service: LiveUpdate Notice Service - Unknown owner - D:\Program Files\Common Files\Symantec Shared\PIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "D:\Program Files\Common Files\Symantec Shared\PIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)

O23 - Service: UFO Afterlight Drivers Auto Removal (pr2ajjac) (pr2ajjac) - Cenega Poland - D:\WINDOWS\system32\pr2ajjac.exe

O23 - Service: Symantec Core LC - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

#2

partita proszę objąć poprawnie log w tagi i używać polskich znaków w pisowni - poprawić wiadomość, używając opcji Zmień

#3

Witaj Krzysztofie.

Mozesz mi nawymyslac, ale uzywam ati catalyst i pisowni z mienic nie

moge, a z reszta jest podobnie.

Przepraszam.

#4

To nie moja sprawa, tylko Moderatora, ale czy naprawdę Catalist przeszkadza w prawidłowym umoeszczeniu logu w tagach?

oczywiście *gwiazdki usuwasz.

A wracając do sprawy: log jest czysty.

Możesz dać jeszcze log z ComboFixa:

http://forum.dobreprogramy.pl/viewtopic.php?t=36654(na dole tej strony z linku) -

Log wklej na http://wklej.org/, a w poście daj tylko link.

jessi