mam taki problem. od pewnego czasu komp strasznie wolno chodzi, na dodatek - glosno. Wczesniej tego nei bylo. Dodatkowo mialem juz problemy ze stronami google jak cos wyszukiwalem to przenosilo mnie na inne strony. Juz jest niby wszystko ok, ale od tamtej pory wszystko jakos dziwnie dziala.
Na dodatek dzis po wlaczeniu kompa ku mojemu zdziwieniu na pulpicie moim oczom ukazala sie ikona “uptade.exe” ?? Po pierwsze - nawet nie wiem co to jest i skad sie wzielo. Po drugie - sprawdzilem ze plik zostal utworzony dzisiaj … o godzinie ok. 1 w nocy!
Podaje tu logi ktore zrobilem przed chwila:
HJ
Logfile of HijackThis v1.99.1 Scan saved at 20:32:22, on 2007-02-21 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: E:\WINDOWS\System32\smss.exe E:\WINDOWS\system32\csrss.exe E:\WINDOWS\system32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\system32\svchost.exe E:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe E:\Program Files\Panda Software\Panda Internet Security 2007\AVENGINE.EXE E:\WINDOWS\system32\svchost.exe E:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\Explorer.EXE e:\program files\panda software\panda internet security 2007\firewall\PNMSRV.EXE E:\WINDOWS\system32\spoolsv.exe E:\WINDOWS\system32\RunDLL32.exe E:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE E:\Program Files\Java\jre1.5.0_10\bin\jusched.exe E:\Program Files\DAEMON Tools\daemon.exe E:\Program Files\Common Files\InstallShield\UpdateService\issch.exe E:\WINDOWS\system32\ctfmon.exe E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe E:\WINDOWS\system32\nvsvc32.exe E:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe E:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe E:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe E:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc.exe E:\Program Files\Spyware Doctor\sdhelp.exe E:\WINDOWS\system32\svchost.exe E:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe E:\WINDOWS\system32\wdfmgr.exe E:\WINDOWS\system32\UAService7.exe E:\WINDOWS\System32\alg.exe E:\Program Files\Panda Software\Panda Internet Security 2007\SRVLOAD.EXE e:\program files\panda software\panda internet security 2007\WebProxy.exe E:\Program Files\Internet Explorer\IEXPLORE.EXE E:\Programy usuwające syf\HiJackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://wp.pl/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O4 - HKLM…\Run: [NvCplDaemon] “RUNDLL32.EXE” E:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM…\Run: [NvMediaCenter] “RunDLL32.exe” NvMCTray.dll,NvTaskbarInit O4 - HKLM…\Run: [APVXDWIN] “E:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE” /s O4 - HKLM…\Run: [sCANINICIO] “E:\Program Files\Panda Software\Panda Internet Security 2007\Inicio.exe” O4 - HKLM…\Run: [sunJavaUpdateSched] “E:\Program Files\Java\jre1.5.0_10\bin\jusched.exe” O4 - HKLM…\Run: [DAEMON Tools] “E:\Program Files\DAEMON Tools\daemon.exe” -lang 1033 O4 - HKLM…\Run: [iSUSPM Startup] “E:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe” -startup O4 - HKLM…\Run: [iSUSScheduler] “E:\Program Files\Common Files\InstallShield\UpdateService\issch.exe” -start O4 - HKLM…\Run: [NeroFilterCheck] E:\WINDOWS\system32\NeroCheck.exe O4 - HKLM…\Run: [FineReader7NewsReaderPro] “E:\Program Files\ABBYY FineReader 7.0 Professional Edition\AbbyyNewsReader.exe” O4 - HKCU…\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe O4 - HKCU…\Run: [Dzieńdobry!] E:\Program Files\Dzieńdobry!\dziendobry.exe /auto O4 - Global Startup: HP Digital Imaging Monitor.lnk = E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Eksport do programu Microsoft Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: E:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {E95CF138-A587-4C54-8175-3AD80997CB14} (GameDesire Soccer) - http://67.15.101.3/g_bin/pl/soccer_2_0_0_14.cab O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} (GameDesire Pool 8) - http://67.15.101.3/g_bin/pl/billard8_2_0_0_28.cab O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C5} (GameDesire Snooker) - http://67.15.101.3/g_bin/pl/snooker_2_0_0_29.cab O20 - Winlogon Notify: avldr - E:\WINDOWS\SYSTEM32\avldr.dll O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: MySql - Unknown owner - c:\usr/MYSQL/bin/mysqld.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - E:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - E:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - E:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe O23 - Service: Pml Driver HPZ12 - HP - E:\WINDOWS\system32\HPZipm12.exe O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - E:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe O23 - Service: Panda Network Manager (PNMSRV) - Panda Software International - e:\program files\panda software\panda internet security 2007\firewall\PNMSRV.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - E:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc.exe O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - E:\Program Files\Spyware Doctor\sdhelp.exe O23 - Service: SysEnforce - Unknown owner - E:\PROGRA~1\PROGRA~1\SSI\SYSENF~1.EXE (file missing) O23 - Service: Panda TPSrv (TPSrv) - Panda Software - E:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - E:\WINDOWS\system32\UAService7.exe
oraz silent runners
“Silent Runners.vbs”, revision R50, http://www.silentrunners.org/ Operating System: Windows XP SP2 Output limited to non-default values, except where indicated by “{++}” Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} “CTFMON.EXE” = “E:\WINDOWS\system32\ctfmon.exe” [MS] “Dzieńdobry!” = “E:\Program Files\Dzieńdobry!\dziendobry.exe /auto” [“VSD Software”] HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++} “NvCplDaemon” = ““RUNDLL32.EXE” E:\WINDOWS\system32\NvCpl.dll,NvStartup” [MS] “NvMediaCenter” = ““RunDLL32.exe” NvMCTray.dll,NvTaskbarInit” [MS] “APVXDWIN” = ““E:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE” /s” [“Panda Software International”] “SCANINICIO” = ““E:\Program Files\Panda Software\Panda Internet Security 2007\Inicio.exe”” [“Panda Software International”] “SunJavaUpdateSched” = ““E:\Program Files\Java\jre1.5.0_10\bin\jusched.exe”” [“Sun Microsystems, Inc.”] “DAEMON Tools” = ““E:\Program Files\DAEMON Tools\daemon.exe” -lang 1033” [“DT Soft Ltd.”] “ISUSPM Startup” = ““E:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe” -startup” [“InstallShield Software Corporation”] “ISUSScheduler” = ““E:\Program Files\Common Files\InstallShield\UpdateService\issch.exe” -start” [“InstallShield Software Corporation”] “NeroFilterCheck” = “E:\WINDOWS\system32\NeroCheck.exe” [“Ahead Software Gmbh”] “FineReader7NewsReaderPro” = ““E:\Program Files\ABBYY FineReader 7.0 Professional Edition\AbbyyNewsReader.exe”” [“ABBYY (BIT Software)”] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}(Default) = (no title provided) - {HKLM…CLSID} = “AcroIEHlprObj Class” \InProcServer32(Default) = “E:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx” [empty string] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}(Default) = (no title provided) - {HKLM…CLSID} = “SSVHelper Class” \InProcServer32(Default) = “E:\Program Files\Java\jre1.5.0_10\bin\ssv.dll” [“Sun Microsystems, Inc.”] HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ “{42071714-76d4-11d1-8b24-00a0c9068ff3}” = “Rozszerzenie CPL kadrowania wyświetlania” - {HKLM…CLSID} = “Rozszerzenie CPL kadrowania wyświetlania” \InProcServer32(Default) = “deskpan.dll” [file not found] “{88895560-9AA2-1069-930E-00AA0030EBC8}” = “Rozszerzenie ikony HyperTerminalu” - {HKLM…CLSID} = “HyperTerminal Icon Ext” \InProcServer32(Default) = “E:\WINDOWS\system32\hticons.dll” [“Hilgraeve, Inc.”] “{A70C977A-BF00-412C-90B7-034C51DA2439}” = “NvCpl DesktopContext Class” - {HKLM…CLSID} = “DesktopContext Class” \InProcServer32(Default) = “E:\WINDOWS\system32\nvcpl.dll” [“NVIDIA Corporation”] “{FFB699E0-306A-11d3-8BD1-00104B6F7516}” = “Play on my TV helper” - {HKLM…CLSID} = “NVIDIA CPL Extension” \InProcServer32(Default) = “E:\WINDOWS\system32\nvcpl.dll” [“NVIDIA Corporation”] “{1CDB2949-8F65-4355-8456-263E7C208A5D}” = “Desktop Explorer” - {HKLM…CLSID} = “Desktop Explorer” \InProcServer32(Default) = “E:\WINDOWS\system32\nvshell.dll” [“NVIDIA Corporation”] “{1E9B04FB-F9E5-4718-997B-B8DA88302A47}” = “Desktop Explorer Menu” - {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = “E:\WINDOWS\system32\nvshell.dll” [“NVIDIA Corporation”] “{1E9B04FB-F9E5-4718-997B-B8DA88302A48}” = “nView Desktop Context Menu” - {HKLM…CLSID} = “nView Desktop Context Menu” \InProcServer32(Default) = “E:\WINDOWS\system32\nvshell.dll” [“NVIDIA Corporation”] “{00020D75-0000-0000-C000-000000000046}” = “Microsoft Office Outlook Desktop Icon Handler” - {HKLM…CLSID} = “Microsoft Office Outlook” \InProcServer32(Default) = “E:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL” [MS] “{0006F045-0000-0000-C000-000000000046}” = “Microsoft Office Outlook Custom Icon Handler” - {HKLM…CLSID} = “Rozszerzenie ikon plików programu Outlook” \InProcServer32(Default) = “E:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL” [MS] “{42042206-2D85-11D3-8CFF-005004838597}” = “Microsoft Office HTML Icon Handler” - {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = “E:\Program Files\Microsoft Office\OFFICE11\msohev.dll” [MS] “{E0D79300-84BE-11CE-9641-444553540000}” = “WinZip” - {HKLM…CLSID} = “WinZip” \InProcServer32(Default) = “E:\PROGRA~1\WinZip\wzshlext.dll” [null data] “{E0D79301-84BE-11CE-9641-444553540000}” = “WinZip” - {HKLM…CLSID} = “WinZip” \InProcServer32(Default) = “E:\PROGRA~1\WinZip\wzshlext.dll” [null data] “{E0D79302-84BE-11CE-9641-444553540000}” = “WinZip” - {HKLM…CLSID} = “WinZip” \InProcServer32(Default) = “E:\PROGRA~1\WinZip\wzshlext.dll” [null data] “{B41DB860-8EE4-11D2-9906-E49FADC173CA}” = “WinRAR shell extension” - {HKLM…CLSID} = “WinRAR” \InProcServer32(Default) = “E:\Program Files\WinRAR\rarext.dll” [null data] “{65756541-C65C-11CD-0000-4B656E696100}” = “Panda Antivirus” - {HKLM…CLSID} = “Panda Antivirus” \InProcServer32(Default) = “E:\Program Files\Panda Software\Panda Internet Security 2007\PAVOLE.DLL” [“Panda Software”] “{cc86590a-b60a-48e6-996b-41d25ed39a1e}” = “Portable Media Devices Menu” - {HKLM…CLSID} = “Portable Media Devices Menu” \InProcServer32(Default) = “E:\WINDOWS\system32\Audiodev.dll” [MS] “{B8323370-FF27-11D2-97B6-204C4F4F5020}” = “SmartFTP Shell Extension DLL” - {HKLM…CLSID} = “SmartFTP Shell Extension DLL” \InProcServer32(Default) = “E:\Program Files\SmartFTP Client 2.0\smarthook.dll” [file not found] “{46E22146-59C0-4136-9233-FB7720E777B2}” = “EzCddax extension” - {HKLM…CLSID} = “EzCddax Class” \InProcServer32(Default) = “E:\Program Files\Easy CD-DA Extractor 10\ezcddax10.dll” [null data] HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ avldr\DLLName = “avldr.dll” [“Panda Software”] HKLM\Software\Classes\PROTOCOLS\Filter\ text/xml\CLSID = “{807553E5-5146-11D5-A672-00B0D022E945}” - {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = “E:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL” [MS] HKLM\Software\Classes*\shellex\ContextMenuHandlers\ EzCddax(Default) = “{46E22146-59C0-4136-9233-FB7720E777B2}” - {HKLM…CLSID} = “EzCddax Class” \InProcServer32(Default) = “E:\Program Files\Easy CD-DA Extractor 10\ezcddax10.dll” [null data] Panda Antivirus(Default) = “{65756541-C65C-11CD-0000-4B656E696100}” - {HKLM…CLSID} = “Panda Antivirus” \InProcServer32(Default) = “E:\Program Files\Panda Software\Panda Internet Security 2007\PAVOLE.DLL” [“Panda Software”] WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}” - {HKLM…CLSID} = “WinRAR” \InProcServer32(Default) = “E:\Program Files\WinRAR\rarext.dll” [null data] WinZip(Default) = “{E0D79300-84BE-11CE-9641-444553540000}” - {HKLM…CLSID} = “WinZip” \InProcServer32(Default) = “E:\PROGRA~1\WinZip\wzshlext.dll” [null data] HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}” - {HKLM…CLSID} = “WinRAR” \InProcServer32(Default) = “E:\Program Files\WinRAR\rarext.dll” [null data] WinZip(Default) = “{E0D79300-84BE-11CE-9641-444553540000}” - {HKLM…CLSID} = “WinZip” \InProcServer32(Default) = “E:\PROGRA~1\WinZip\wzshlext.dll” [null data] HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ FineReader(Default) = “{AC0DD14A-8F29-4F88-BE1D-0F0ED1B06C9F}” - {HKLM…CLSID} = “FineReaderExplorerContextMenuHandler” \InProcServer32(Default) = “e:\program files\abbyy finereader 7.0 professional edition\fecmenu.dll” [“ABBYY (BIT Software)”] Panda Antivirus(Default) = “{65756541-C65C-11CD-0000-4B656E696100}” - {HKLM…CLSID} = “Panda Antivirus” \InProcServer32(Default) = “E:\Program Files\Panda Software\Panda Internet Security 2007\PAVOLE.DLL” [“Panda Software”] WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}” - {HKLM…CLSID} = “WinRAR” \InProcServer32(Default) = “E:\Program Files\WinRAR\rarext.dll” [null data] WinZip(Default) = “{E0D79300-84BE-11CE-9641-444553540000}” - {HKLM…CLSID} = “WinZip” \InProcServer32(Default) = “E:\PROGRA~1\WinZip\wzshlext.dll” [null data] Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\ “shutdownwithoutlogon” = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Shutdown: Allow system to be shut down without having to log on} “undockwithoutlogon” = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Devices: Allow undock without having to log on} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop enabled and wallpaper not set by Group Policy: HKCU\Software\Microsoft\Internet Explorer\Desktop\General\ “Wallpaper” = “E:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp” Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ “Wallpaper” = “E:\Documents and Settings\Pysiek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp” Startup items in “Pysiek” “All Users” startup folders: -------------------------------------------------------- E:\Documents and Settings\All Users\Menu Start\Programy\Autostart “HP Digital Imaging Monitor” - shortcut to: “E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe” [“Hewlett-Packard Co.”] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS] 000000000002\LibraryPath = “%SystemRoot%\System32\winrnr.dll” [MS] 000000000003\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS] Transport Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: e:\program files\panda software\panda internet security 2007\pavlsp.dll [“Panda Software International”], 01 - 03, 21 %SystemRoot%\system32\mswsock.dll [MS], 04 - 06, 09 - 20 %SystemRoot%\system32\rsvpsp.dll [MS], 07 - 08 Toolbars, Explorer Bars, Extensions: ------------------------------------ Explorer Bars HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\ HKLM\Software\Classes\CLSID{FF059E31-CC5A-4E2E-BF3B-96E929D65503}(Default) = “Badanie” Implemented Categories{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32(Default) = “E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL” [MS] Extensions (Tools menu items, main toolbar menu buttons) HKLM\Software\Microsoft\Internet Explorer\Extensions\ {08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ “MenuText” = “Sun Java Console” “CLSIDExtension” = “{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}” - {HKCU…CLSID} = “Java Plug-in 1.5.0_10” \InProcServer32(Default) = “E:\Program Files\Java\jre1.5.0_10\bin\ssv.dll” [“Sun Microsystems, Inc.”] - {HKLM…CLSID} = “Java Plug-in 1.5.0_10” \InProcServer32(Default) = “E:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll” [“Sun Microsystems, Inc.”] {92780B25-18CC-41C8-B9BE-3C9C571A8263}\ “ButtonText” = “Badanie” {FB5F1910-F110-11D2-BB9E-00C04F795683}\ “ButtonText” = “Messenger” “MenuText” = “Windows Messenger” “Exec” = “E:\Program Files\Messenger\msmsgs.exe” [MS] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ NVIDIA Display Driver Service, NVSvc, “E:\WINDOWS\system32\nvsvc32.exe” [“NVIDIA Corporation”] Panda anti-virus service, PAVSRV, ““E:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe”” [“Panda Software International”] Panda Antispam Engine, pmshellsrv, “E:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe” [“Panda Software International”] Panda Function Service, PAVFNSVR, ““E:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe”” [“Panda Software International”] Panda IManager Service, PSIMSVC, ““E:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc.exe”” [“Panda Software”] Panda Network Manager, PNMSRV, ““e:\program files\panda software\panda internet security 2007\firewall\PNMSRV.EXE”” [“Panda Software International”] Panda Process Protection Service, PavPrSrv, ““E:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe”” [“Panda Software”] Panda TPSrv, TPSrv, ““E:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv.exe”” [“Panda Software”] PC Tools Spyware Doctor, SDhelper, “E:\Program Files\Spyware Doctor\sdhelp.exe” [“PC Tools Research Pty Ltd”] SecuROM User Access Service (V7), UserAccess7, “E:\WINDOWS\system32\UAService7.exe” [null data] Windows User Mode Driver Framework, UMWdf, “E:\WINDOWS\system32\wdfmgr.exe” [MS] Print Monitors: --------------- HKLM\System\CurrentControlSet\Control\Print\Monitors\ HP Standard TCP/IP Port\Driver = “HpTcpMon.dll” [“Hewlett Packard”] hpzlnt12\Driver = “hpzlnt12.dll” [“HP”] Microsoft Document Imaging Writer Monitor\Driver = “mdimon.dll” [MS] ---------- : Suspicious data at a malware launch point. + This report excludes default entries except where indicated. + To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter. + The search for DESKTOP.INI DLL launch points on all local fixed drives took 122 seconds. ---------- (total run time: 160 seconds)
Prosze o jakakolwiek pomoc. Moze cos tam zobaczycie.
Acha i co to jest
??
z gory dzieki za pomoc
adam9870
(adam9870)
21 Luty 2007 20:10
#2
Oba logi czyste.
System najbardziej spowalnia Ci Panda dlatego jeśli nie masz komputera o mocnej konfiguracji sprzętowej, to radziłbym się zastanowić na zmianą programu zabezpieczającego.
Spyware Doctor jest programem wątpliwej reputacji dlatego proponuję go usunąć. Sposób usunięcia jest podany tutaj:
http://forum.dobreprogramy.pl/viewtopic … 332#791332
Są to procesy systemowe <= są jak najbardziej w porządku i nic nie kombinuj z nimi.
Kosmetyka:
Panel sterowania >>> Java Plug-in >>> Update >>> odznacz opcję Check for updates automatically.
Start >>> uruchom >>> msconfig >>> zakładka Uruchamanie >>> możesz odznaczyć w/w.
Jeśli nie korzystasz z zaawansowanych usług tekstowych to je wyłącz: Panel sterowania >>> Opcje regionalne >>> Języki >>> Szczegóły >>> Zaawansowane >>> zaznacz wyłącz zaawansowane usługi tekstowe.
Start >>> programy >>> autostart >>> możesz skasować z prawokliku.
Jeśli nie korzystasz z Messenger’a to go usuń: Start => uruchom => wpisz:
RunDll32 advpack.dll,LaunchINFSection %windir%\INF\msmsgs.inf,BLC.Remove
Dodatkowo przejrzyj temat Optymalizacja i odchudzanie Windowsa XP .