gustek
(Gustek)
6 Maj 2007 07:54
#1
Witam,
Kiedy korzystam z Internetu (co ciekawe dotyczy to chyba tylko przegladania stron www. Inne uslugi - newsgroups etc zdaja sie nie powodowac problemow) komputer co chwila sie jakby zawiesza na chwile. Nic nie mozna zrobic. Jakby totalny zwis. Po kilku/kilkunastu sekundach sie odwiesza i wszystko jest w porzadku. I pozniej znowu. Zastanawiam czy mi cos w systemie nie siedzi. Czy moglby ktos sprawdzic logi i cos zasugerowac ?
Logfile of HijackThis v1.99.1 Scan saved at 08:37:55, on 2007-05-06 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\Program Files\Belkin\Belkin Wireless Network Utility\WLanCfgG.exe C:\WINDOWS\system32\crypserv.exe C:\Program Files\DCPFLICS\DCPFLICS.exe C:\WINDOWS\system32\IDispChg.exe C:\WINDOWS\system32\oodag.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\TFNF5.exe C:\Program Files\TOSHIBA\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Toshiba\TOSHIBA Controls\TFncKy.exe C:\Program Files\Toshiba\ConfigFree\NDSTray.exe C:\WINDOWS\system32\TPSMain.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe C:\Program Files\Rainlendar2\Rainlendar2.exe C:\Program Files\Apoint2K\Apntex.exe C:\WINDOWS\system32\TPSBattM.exe E:\Program files\www\Firefox\firefox.exe E:\Program files\System\totalcmd\TOTALCMD.EXE C:\hjt\HijackThis.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\Program files\System\Spybot - Search & Destroy\SDHelper.dll O4 - HKLM…\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM…\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM…\Run: [000StTHK] 000StTHK.exe O4 - HKLM…\Run: [TFNF5] TFNF5.exe O4 - HKLM…\Run: [smoothView] C:\Program Files\TOSHIBA\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe O4 - HKLM…\Run: [sigmaTel StacMon] C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe O4 - HKLM…\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM…\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe O4 - HKLM…\Run: [TFncKy] C:\Program Files\Toshiba\TOSHIBA Controls\TFncKy.exe O4 - HKLM…\Run: [NDSTray.exe] C:\Program Files\Toshiba\ConfigFree\NDSTray.exe O4 - HKLM…\Run: [TPSMain] TPSMain.exe O4 - HKLM…\Run: [kav] “C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe” O4 - HKLM…\Run: [!AVG Anti-Spyware] “C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe” /minimized O4 - HKLM…\Run: [LVCOMSX] “C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe” O4 - HKCU…\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe O4 - HKCU…\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O9 - Extra button: Ochrona WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar … vSniff.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc … oscan8.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar … /cabsa.cab O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing) O23 - Service: Belkin Wireless USB Network Adapter (Belkin Wireless USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: DCPFLICS - Unknown owner - C:\Program Files\DCPFLICS\DCPFLICS.exe O23 - Service: IDispChg Service (IDispChgService) - Unknown owner - C:\WINDOWS\system32\IDispChg.exe O23 - Service: Process Monitor (LVPrcSrv) - Unknown owner - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe (file missing) O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - E:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
I SilentHUnter
“Silent Runners.vbs”, revision R50, http://www.silentrunners.org/ Operating System: Windows XP SP2 Output limited to non-default values, except where indicated by “{++}” Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} “TOSCDSPD” = “C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe” [“TOSHIBA”] “Rainlendar2” = “C:\Program Files\Rainlendar2\Rainlendar2.exe” [null data] HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++} “IgfxTray” = “C:\WINDOWS\system32\igfxtray.exe” [“Intel Corporation”] “HotKeysCmds” = “C:\WINDOWS\system32\hkcmd.exe” [“Intel Corporation”] “000StTHK” = “000StTHK.exe” [null data] “TFNF5” = “TFNF5.exe” [“TOSHIBA Corp.”] “SmoothView” = “C:\Program Files\TOSHIBA\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe” [“TOSHIBA Corporation”] “SigmaTel StacMon” = “C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe” [“SigmaTel Inc.”] “Apoint” = “C:\Program Files\Apoint2K\Apoint.exe” [“Alps Electric Co., Ltd.”] “TouchED” = “C:\Program Files\TOSHIBA\TouchED\TouchED.Exe” [“TOSHIBA Corporation”] “TFncKy” = “C:\Program Files\Toshiba\TOSHIBA Controls\TFncKy.exe” [“TOSHIBA Corporation”] “NDSTray.exe” = “C:\Program Files\Toshiba\ConfigFree\NDSTray.exe” [“TOSHIBA CORPORATION”] “TPSMain” = “TPSMain.exe” [“TOSHIBA Corporation”] “kav” = ““C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe”” [“Kaspersky Lab”] “!AVG Anti-Spyware” = ““C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe” /minimized” [“Anti-Malware Development a.s.”] “LVCOMSX” = ““C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe”” [“Logitech Inc.”] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}(Default) = (no title provided) -> {HKLM…CLSID} = “AcroIEHlprObj Class” \InProcServer32(Default) = “C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll” [“Adobe Systems Incorporated”] {53707962-6F74-2D53-2644-206D7942484F}(Default) = (no title provided) -> {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = “E:\Program files\System\Spybot - Search & Destroy\SDHelper.dll” [“Safer Networking Limited”] HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ “{88895560-9AA2-1069-930E-00AA0030EBC8}” = “Rozszerzenie ikony HyperTerminalu” -> {HKLM…CLSID} = “HyperTerminal Icon Ext” \InProcServer32(Default) = “C:\WINDOWS\system32\hticons.dll” [“Hilgraeve, Inc.”] “{C4213067-97B3-4929-9B98-B5600FBBBA13}” = “TouchED” -> {HKLM…CLSID} = “TouchShellExt Class” \InProcServer32(Default) = “C:\PROGRA~1\TOSHIBA\TouchED\TouchED.dll” [“TOSHIBA Corporation”] “{42042206-2D85-11D3-8CFF-005004838597}” = “Microsoft Office HTML Icon Handler” -> {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = “C:\Program Files\Microsoft Office\OFFICE11\msohev.dll” [MS] “{4CCEFB41-18FA-11D3-9EF3-00A0C9E897FD}” = “Skladnik rozszerzenia powloki CorelDRAW” -> {HKLM…CLSID} = “CorelDRAW Shell Extension Component” \InProcServer32(Default) = “E:\Program files\grafika\Corel\DRAW\CDRVIEWER\CrlShell110.dll” [null data] “{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}” = “Shell Extensions for RealOne Player” -> {HKLM…CLSID} = “RealOne Player Context Menu Class” \InProcServer32(Default) = “C:\Program Files\Real\RealPlayer\rpshell.dll” [“RealNetworks, Inc.”] “{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802}” = “Adobe.Acrobat.ContextMenu” -> {HKLM…CLSID} = “Acrobat Elements Context Menu” \InProcServer32(Default) = “E:\Program Files\System\Adobe\Acrobat 6.0 CE\Acrobat Elements\ContextMenu.dll” [“Adobe Systems Inc.”] “{00DF1F20-0849-A4D1-0239-00D0AF3E9CB0}” = “TuneUp Shredder Shell Context Menu Extension” -> {HKCU…CLSID} = “TuneUp Shredder Shell Context Menu Extension” \InProcServer32(Default) = ““E:\Program Files\TuneUp Utilities 2006\sdshelex.dll”” [“TuneUp Software GmbH”] “{85E0B171-04FA-11D1-B7DA-00A0C90348D6}” = “Ochrona WWW” -> {HKLM…CLSID} = “Ochrona WWW” \InProcServer32(Default) = “C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll” [“Kaspersky Lab”] “{4FED14EE-8086-4b0c-A0DE-C27042ED1296}” = “PDFTransformer2ContextMenu” -> {HKLM…CLSID} = “PDFTransformer2.PDFTContextMenu.1” \InProcServer32(Default) = “C:\Program Files\ABBYY PDF Transformer 2.0\PDFTContextMenu.dll” [“ABBYY Software”] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\ <> “{57B86673-276A-48B2-BAE7-C6DBB3020EB8}” = “AVG Anti-Spyware 7.5” -> {HKLM…CLSID} = “CShellExecuteHookImpl Object” \InProcServer32(Default) = “C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll” [“Anti-Malware Development a.s.”] HKLM\System\CurrentControlSet\Control\Session Manager\ <> “BootExecute” = “autocheck autochk *”|“OODBS” [“O&O Software GmbH”] HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ <> igfxcui\DLLName = “igfxsrvc.dll” [“Intel Corporation”] <> klogon\DLLName = “C:\WINDOWS\system32\klogon.dll” [“Kaspersky Lab”] HKLM\Software\Classes\PROTOCOLS\Filter\ <> text/xml\CLSID = “{807553E5-5146-11D5-A672-00B0D022E945}” -> {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = “C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL” [MS] HKLM\Software\Classes\Folder\shellex\ColumnHandlers\ {F9DB5320-233E-11D1-9F84-707F02C10627}(Default) = “PDF Column Info” -> {HKLM…CLSID} = “PDF Shell Extension” \InProcServer32(Default) = “C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll” [“Adobe Systems, Inc.”] HKLM\Software\Classes*\shellex\ContextMenuHandlers\ Adobe.Acrobat.ContextMenu(Default) = “{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802}” -> {HKLM…CLSID} = “Acrobat Elements Context Menu” \InProcServer32(Default) = “E:\Program Files\System\Adobe\Acrobat 6.0 CE\Acrobat Elements\ContextMenu.dll” [“Adobe Systems Inc.”] AVG Anti-Spyware(Default) = “{8934FCEF-F5B8-468f-951F-78A921CD3920}” -> {HKLM…CLSID} = “CContextScan Object” \InProcServer32(Default) = “C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll” [“Anti-Malware Development a.s.”] Kaspersky Anti-Virus(Default) = “{dd230880-495a-11d1-b064-008048ec2fc5}” -> {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = “C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\shellex.dll” [“Kaspersky Lab”] MakeFile Class(Default) = “{D8504558-278D-4A93-BCBC-75B142CAA3B3}” -> {HKLM…CLSID} = “MakeFile Class” \InProcServer32(Default) = “C:\WINDOWS\system32\vdshell.dll” [“FarStone Technology Inc.”] PDFTransformer2ContextMenu(Default) = “{4FED14EE-8086-4b0c-A0DE-C27042ED1296}” -> {HKLM…CLSID} = “PDFTransformer2.PDFTContextMenu.1” \InProcServer32(Default) = “C:\Program Files\ABBYY PDF Transformer 2.0\PDFTContextMenu.dll” [“ABBYY Software”] WinMerge(Default) = “{4E716236-AA30-4C65-B225-D68BBA81E9C2}” -> {HKLM…CLSID} = “WinMergeShell Class” \InProcServer32(Default) = “E:\Program Files\WinMerge\ShellExtensionU.dll” [empty string] HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ AVG Anti-Spyware(Default) = “{8934FCEF-F5B8-468f-951F-78A921CD3920}” -> {HKLM…CLSID} = “CContextScan Object” \InProcServer32(Default) = “C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll” [“Anti-Malware Development a.s.”] WinMerge(Default) = “{4E716236-AA30-4C65-B225-D68BBA81E9C2}” -> {HKLM…CLSID} = “WinMergeShell Class” \InProcServer32(Default) = “E:\Program Files\WinMerge\ShellExtensionU.dll” [empty string] HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ FolderShell Class(Default) = “{24C0824F-BC16-41DB-9845-DE545941C3B0}” -> {HKLM…CLSID} = “FolderShell Class” \InProcServer32(Default) = “C:\WINDOWS\system32\vdshell.dll” [“FarStone Technology Inc.”] Kaspersky Anti-Virus(Default) = “{dd230880-495a-11d1-b064-008048ec2fc5}” -> {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = “C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\shellex.dll” [“Kaspersky Lab”] Group Policies {policy setting}: -------------------------------- Note: detected settings may not have any effect. HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ “NoLowDiskSpaceChecks” = (REG_DWORD) hex:0x00000000 {unrecognized setting} “NoChangeStartMenu” = (REG_DWORD) hex:0x00000000 {unrecognized setting} “ClearRecentDocsOnExit” = (REG_DWORD) hex:0x00000000 {unrecognized setting} “NoRecentDocsHistory” = (REG_DWORD) hex:0x00000000 {unrecognized setting} “NoStartMenuMFUprogramsList” = (REG_DWORD) hex:0x00000000 {unrecognized setting} “NoDrives” = (REG_DWORD) hex:0x00000000 {unrecognized setting} “NoViewOnDrive” = (REG_DWORD) hex:0x00000000 {unrecognized setting} HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\ “DisableTaskMgr” = (REG_DWORD) hex:0x00000000 {Remove Task Manager} “DisableRegistryTools” = (REG_DWORD) hex:0x00000000 {Prevent access to registry editing tools} HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\ “shutdownwithoutlogon” = (REG_DWORD) hex:0x00000001 {Shutdown: Allow system to be shut down without having to log on} “undockwithoutlogon” = (REG_DWORD) hex:0x00000001 {Devices: Allow undock without having to log on} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop enabled and wallpaper not set by Group Policy: HKCU\Software\Microsoft\Internet Explorer\Desktop\General\ “Wallpaper” = “C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp” Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ “Wallpaper” = “C:\Documents and Settings\Martinez\Dane aplikacji\IrfanView\IrfanView_Wallpaper.bmp” Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS] 000000000002\LibraryPath = “%SystemRoot%\System32\winrnr.dll” [MS] 000000000003\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS] Transport Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 23 %SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05 Toolbars, Explorer Bars, Extensions: ------------------------------------ Explorer Bars HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\ {182EC0BE-5110-49C8-A062-BEB1D02A220B}(Default) = (no title provided) -> {HKLM…CLSID} = “Adobe PDF” \InProcServer32(Default) = “E:\Program Files\System\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll” [null data] HKLM\Software\Classes\CLSID{85E0B171-04FA-11D1-B7DA-00A0C90348D6}(Default) = “Ochrona WWW” Implemented Categories{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32(Default) = “C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll” [“Kaspersky Lab”] HKLM\Software\Classes\CLSID{FF059E31-CC5A-4E2E-BF3B-96E929D65503}(Default) = “&Research” Implemented Categories{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32(Default) = “C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL” [MS] Extensions (Tools menu items, main toolbar menu buttons) HKLM\Software\Microsoft\Internet Explorer\Extensions\ {08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ “MenuText” = “Sun Java Console” “CLSIDExtension” = “{08B0E5C0-4FCB-11CF-AAA5-00401C608501}” -> {HKLM…CLSID} = “Web Browser Applet Control” \InProcServer32(Default) = “C:\WINDOWS\system32\msjava.dll” [MS] {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}\ “ButtonText” = “Ochrona WWW” {85D1F590-48F4-11D9-9669-0800200C9A66}\ “MenuText” = “Uninstall BitDefender Online Scanner v8” “Exec” = “%windir%\bdoscandel.exe” [null data] {92780B25-18CC-41C8-B9BE-3C9C571A8263}\ “ButtonText” = “Research” {FB5F1910-F110-11D2-BB9E-00C04F795683}\ “ButtonText” = “Messenger” “MenuText” = “Windows Messenger” “Exec” = “C:\Program Files\Messenger\msmsgs.exe” [MS] Miscellaneous IE Hijack Points ------------------------------ C:\WINDOWS\INF\IERESET.INF (used to “Reset Web Settings”) Added lines (compared with English-language version): (unwritable string) Missing lines (compared with English-language version): [Version]: 2 lines [RestoreHomePage]: 1 line [RestoreHomePage.reg]: 1 line [RestoreBrowserSettings.reg]: 12 lines [DeleteTemplates.reg]: 5 lines [DeleteAutosearch.reg]: 1 line [strings]: 1 line [RestoreBrowserSettings]: 2 lines [strings]: 3 lines HKLM\Software\Microsoft\Internet Explorer\AboutURLs\ <> “TuneUp” = “file://C|/Documents and Settings/All Users/Dane aplikacji/TuneUp Software/Common/base.css” [file not found] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ Autodesk Licensing Service, Autodesk Licensing Service, ““C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe”” [null data] AVG Anti-Spyware Guard, AVG Anti-Spyware Guard, “C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe” [“Anti-Malware Development a.s.”] Belkin Wireless USB Network Adapter, Belkin Wireless USB Network Adapter Service, “C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe” [null data] ConfigFree Service, CFSvcs, “C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe” [“TOSHIBA CORPORATION”] Crypkey License, Crypkey License, “crypserv.exe” [“Kenonic Controls Ltd.”] DCPFLICS, DCPFLICS, “C:\Program Files\DCPFLICS\DCPFLICS.exe” [null data] IDispChg Service, IDispChgService, “C:\WINDOWS\system32\IDispChg.exe” [null data] Kaspersky Anti-Virus 6.0, AVP, ““C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe” -r” [“Kaspersky Lab”] O&O Defrag, O&O Defrag, “C:\WINDOWS\system32\oodag.exe” [“O&O Software GmbH”] Print Monitors: --------------- HKLM\System\CurrentControlSet\Control\Print\Monitors\ Adobe PDF Port\Driver = “C:\WINDOWS\system32\AdobePDF.dll” [“Adobe Systems Incorporated.”] hpzsnt09\Driver = “hpzsnt09.dll” [“HP”] Microsoft Document Imaging Writer Monitor\Driver = “mdimon.dll” [MS] Monitor języka BJ\Driver = “CNBJMON.DLL” [MS] ---------- <>: Suspicious data at a malware launch point. <>: Suspicious data at a browser hijack point. + This report excludes default entries except where indicated. + To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter. + The search for DESKTOP.INI DLL launch points on all local fixed drives took 386 seconds. ---------- (total run time: 467 seconds)
Pozdrawiam,
gustek
Joan
(Joan Sunshine)
6 Maj 2007 08:17
#2
jest ok. Sprawdź błędy w podglądzie zdarzeń:
Start => Panel Sterowania => Narzędzia Administracyjne => Podgląd zdarzeń
Jeśli będą jakieś na czerwono, to wklej szczegóły.
Sprawdź RAM programem --> Memtest86
Sprawdź temperatury programem --> EVEREST Home Edition
gustek
(Gustek)
6 Maj 2007 20:46
#3
Czesc,
Dzieki za przegladniecie logow.
Co cieszy. Poki co jednak, jak wspomnialem, przegladanie stron www to ciagle udreka.
Sprawdzilem. Nie wykazal zadnych bledow
Pole Wartość
Właściwości czujnika
Typ czujnika Analog Devices ADM1021 (SMBus 4Ch)
Temperatury
Płyta główna 49 °C (120 °F)
Procesor 55 °C (131 °F)
FUJITSU MHT2040AT 36 °C (97 °F)
No mam troche na czerwono. Zastanawiam sie tylko co i jak wkleic ? Szczegoly kazdego “czerwonego” zdarzenia ? Mam te czerwone na zakladce “Aplikacja” - przyklad ponizej
Typ zdarzenia: Błąd Źródło zdarzenia: Application Hang Kategoria zdarzenia: (101) Identyfikator zdarzenia: 1002 Data: 2007-05-04 Godzina: 16:34:37 Użytkownik: Brak Komputer: MARCIN Opis: Aplikacja zawieszająca gg.exe, wersja 6.1.0.158, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Aby znaleźć więcej informacji, zobacz http://go.microsoft.com/fwlink/events.asp w Centrum pomocy i obsługi technicznej. Dane: 0000: 41 70 70 6c 69 63 61 74 Applicat 0008: 69 6f 6e 20 48 61 6e 67 ion Hang 0010: 20 20 67 67 2e 65 78 65 gg.exe 0018: 20 36 2e 31 2e 30 2e 31 6.1.0.1 0020: 35 38 20 69 6e 20 68 75 58 in hu 0028: 6e 67 61 70 70 20 30 2e ngapp 0. 0030: 30 2e 30 2e 30 20 61 74 0.0.0 at 0038: 20 6f 66 66 73 65 74 20 offset 0040: 30 30 30 30 30 30 30 30 00000000
Mam takze na zakladce System. Przyklad ponizej.
Typ zdarzenia: Błąd Źródło zdarzenia: Service Control Manager Kategoria zdarzenia: Brak Identyfikator zdarzenia: 7000 Data: 2007-05-06 Godzina: 20:22:53 Użytkownik: Brak Komputer: MARCIN Opis: Nie można uruchomić usługi Process Monitor z powodu następującego błędu: Nie można odnaleźć określonego pliku. Aby znaleźć więcej informacji, zobacz http://go.microsoft.com/fwlink/events.asp w Centrum pomocy i obsługi technicznej.
Czy w takiej postaci Ci wklejac ? Czy wszystkie czerwone zdarzenia ?
Komputer sie wciaz przywiesza przy przegladaniu stron www. Bez znaczenia jaka przegladarka.
Pozdrawiam,
Memtest najlepiej jakby chodził przez noc.
Z zakładki system/aplikacje z chwili zamrożenia (przy każdym wpisie masz podany czas) wpisy na czerwono > dwuklik na zdarzenie > i to co jest w opisie.
Możesz też włączyć menedżer zadań i w chwili zamrożenia zobaczyć który proces zżera 100% proca.
gustek
(Gustek)
9 Maj 2007 13:35
#5
Wiatam ponownie,
Problem jest tylko taki, ze te zamrozenia nie powoduja tego typu “efektow”. W momencie zamrozenia nic nie zzera 100 % czasu pracy procesora. W kazdym razie nic co moglbym widziec w menedzerze zadan. Zuzycie procesora przez Firefoxa (lub inna przegladarke) wzrasta na chwile do ok 40-50 procent i tyle. Wzrasta tez nieco (30-40 %) uzycie procka prze proces guard.exe (powiazany z programem antyszpiegowskim) ewnetualnie przez Avp. Na pasku Firefoxa pojawia sie komunikat “program nie odpowiada” i …tyle. Na kilka sekund moge zpaomniej o wykorzystaniu komputera. Po chwili wszystko wraca do normy. W podgladzie zdarzen mam jakies czerwone zdarzenia ale wydaje sie ze nie maja one zwiazku z zawisami kompa.
Zastanawiam sie czy nie jest to moze spowodowane wadliwa praca dysku ? Moze macie jakies sugestie jakim programem dysk sobie sprawdzic i te ewentualnosc wykluczyc ? Poza tym nie mam innych pomyslow. Co i jak moge jeszcze sprawdzic aby pozbyc sie problemu ?
gustek
Złączono Posta : 09.05.2007 (Sro) 15:40
Wiatam ponownie,
Problem jest tylko taki, ze te zamrozenia nie powoduja tego typu “efektow”. W momencie zamrozenia nic nie zzera 100 % czasu pracy procesora. W kazdym razie nic co moglbym widziec w menedzerze zadan. Zuzycie procesora przez Firefoxa (lub inna przegladarke) wzrasta na chwile do ok 40-50 procent i tyle. Wzrasta tez nieco (30-40 %) uzycie procka prze proces guard.exe (powiazany z programem antyszpiegowskim) ewnetualnie przez Avp. Na pasku Firefoxa pojawia sie komunikat “program nie odpowiada” i …tyle. Na kilka sekund moge zpaomniej o wykorzystaniu komputera. Po chwili wszystko wraca do normy. W podgladzie zdarzen mam jakies czerwone zdarzenia ale wydaje sie ze nie maja one zwiazku z zawisami kompa.
Zastanawiam sie czy nie jest to moze spowodowane wadliwa praca dysku ? Moze macie jakies sugestie jakim programem dysk sobie sprawdzic i te ewentualnosc wykluczyc ? Poza tym nie mam innych pomyslow. Co i jak moge jeszcze sprawdzic aby pozbyc sie problemu ?
gustek