Sf-Sr
(Abov)
6 Styczeń 2008 00:09
#1
Proszę pomocy (raczej ratunku ![-o<
“Silent Runners.vbs”, revision 55, http://www.silentrunners.org/ Operating System: Windows XP SP2 Output limited to non-default values, except where indicated by “{++}” Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} “ctfmon.exe” = “C:\WINDOWS\system32\ctfmon.exe” [MS] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} “High Definition Audio Property Page Shortcut” = “HDAShCut.exe” [“Windows ® Server 2003 DDK provider”] “SW20” = “C:\WINDOWS\system32\sw20.exe” [empty string] “SW24” = “C:\WINDOWS\system32\sw24.exe” [null data] “SunJavaUpdateSched” = ““C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe”” [“Sun Microsystems, Inc.”] “AVP” = ““C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe”” [“Kaspersky Lab”] “NvCplDaemon” = “RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup” [MS] “nwiz” = “nwiz.exe /install” [“NVIDIA Corporation”] “NvMediaCenter” = “RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit” [MS] “NeroFilterCheck” = “C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe” [“Nero AG”] “NBKeyScan” = ““C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe”” [“Nero AG”] HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\ {881dd1c5-3dcf-431b-b061-f3f88e8be88a}(Default) = “Outlook Express” \StubPath = “C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE” [MS] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}(Default) = (no title provided) - {HKLM…CLSID} = “Adobe PDF Reader Link Helper” \InProcServer32(Default) = “C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll” [“Adobe Systems Incorporated”] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}(Default) = (no title provided) - {HKLM…CLSID} = “SSVHelper Class” \InProcServer32(Default) = “C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll” [“Sun Microsystems, Inc.”] {9030D464-4C02-4ABF-8ECC-5164760863C6}(Default) = (no title provided) - {HKLM…CLSID} = “Pomocnik rejestracji uslugi Windows Live” \InProcServer32(Default) = “C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll” [MS] {AA58ED58-01DD-4d91-8333-CF10577473F7}(Default) = (no title provided) - {HKLM…CLSID} = “Google Toolbar Helper” \InProcServer32(Default) = “c:\program files\google\googletoolbar2.dll” [“Google Inc.”] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ “{88895560-9AA2-1069-930E-00AA0030EBC8}” = “Rozszerzenie ikony HyperTerminalu” - {HKLM…CLSID} = “HyperTerminal Icon Ext” \InProcServer32(Default) = “C:\WINDOWS\system32\hticons.dll” [“Hilgraeve, Inc.”] “{EFA24E62-B078-11d0-89E4-00C04FC9E26E}” = “History Band” - {HKLM…CLSID} = “History Band” \InProcServer32(Default) = “C:\WINDOWS\system32\shdocvw.dll” [MS] “{B41DB860-8EE4-11D2-9906-E49FADC173CA}” = “WinRAR shell extension” - {HKLM…CLSID} = “WinRAR” \InProcServer32(Default) = “C:\Program Files\WinRAR\rarext.dll” [null data] “{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}” = “Messenger Sharing Folders” - {HKLM…CLSID} = “Moje foldery udostepniania” \InProcServer32(Default) = “C:\Program Files\MSN Messenger\fsshext.8.1.0178.00.dll” [MS] “{B327765E-D724-4347-8B16-78AE18552FC3}” = “NeroDigitalIconHandler” - {HKLM…CLSID} = “NeroDigitalIconHandler Class” \InProcServer32(Default) = “C:\Program Files\Common Files\Nero\Lib\NeroDigitalExt.dll” [“Nero AG”] “{7F1CF152-04F8-453A-B34C-E609530A9DC8}” = “NeroDigitalPropSheetHandler” - {HKLM…CLSID} = “NeroDigitalPropSheetHandler Class” \InProcServer32(Default) = “C:\Program Files\Common Files\Nero\Lib\NeroDigitalExt.dll” [“Nero AG”] “{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}” = “OpenOffice.org Column Handler” - {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = ““C:\Program Files\OpenOffice.org 2.3\program\shlxthdl.dll”” [“Sun Microsystems, Inc.”] “{087B3AE3-E237-4467-B8DB-5A38AB959AC9}” = “OpenOffice.org Infotip Handler” - {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = ““C:\Program Files\OpenOffice.org 2.3\program\shlxthdl.dll”” [“Sun Microsystems, Inc.”] “{63542C48-9552-494A-84F7-73AA6A7C99C1}” = “OpenOffice.org Property Sheet Handler” - {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = ““C:\Program Files\OpenOffice.org 2.3\program\shlxthdl.dll”” [“Sun Microsystems, Inc.”] “{3B092F0C-7696-40E3-A80F-68D74DA84210}” = “OpenOffice.org Thumbnail Viewer” - {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = ““C:\Program Files\OpenOffice.org 2.3\program\shlxthdl.dll”” [“Sun Microsystems, Inc.”] “{0563DB41-F538-4B37-A92D-4659049B7766}” = “WLMD Message Handler” - {HKLM…CLSID} = “CLSID_WLMCMimeFilter” \InProcServer32(Default) = “C:\Program Files\Windows Live\Mail\mailcomm.dll” [MS] “{00F33137-EE26-412F-8D71-F84E4C2C6625}” = (no title provided) - {HKLM…CLSID} = “Windows Live Photo Gallery Import Autoplay Shim” \InProcServer32(Default) = “C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll” [MS] “{00F346CB-35A4-465B-8B8F-65A29DBAB1F6}” = “Windows Live Photo Gallery Viewer Drop Target Shim” - {HKLM…CLSID} = “Windows Live Photo Gallery Viewer Shim” \InProcServer32(Default) = “C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll” [MS] “{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D}” = “Windows Live Photo Gallery Editor Drop Target Shim” - {HKLM…CLSID} = “Windows Live Photo Gallery Editor Shim” \InProcServer32(Default) = “C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll” [MS] “{00F30F90-3E96-453B-AFCD-D71989ECC2C7}” = “Windows Live Photo Gallery Autoplay Drop Target Shim” - {HKLM…CLSID} = “Windows Live Photo Gallery Viewer Autoplay Shim” \InProcServer32(Default) = “C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll” [MS] “{85E0B171-04FA-11D1-B7DA-00A0C90348D6}” = “C********* ***-**********” (unwritable string) - {HKLM…CLSID} = “C********* ***-**********” (unwritable string) \InProcServer32(Default) = “C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll” [“Kaspersky Lab”] “{0561EC90-CE54-4f0c-9C55-E226110A740C}” = “Haali Column Provider” - {HKLM…CLSID} = “Haali Column Provider” \InProcServer32(Default) = “C:\Program Files\K-Lite Codec Pack\Filters\Haali\mmfinfo.dll” [null data] “{5574006C-28F5-4a65-A28C-74DE6BFBE0BB}” = “Haali Matroska Shell Property Page” - {HKLM…CLSID} = “Haali Matroska Shell Property Page” \InProcServer32(Default) = “C:\Program Files\K-Lite Codec Pack\Filters\Haali\mmfinfo.dll” [null data] “{327669A0-59A7-4be9-B99E-1C9F3A57611A}” = “Haali Matroska Thumbnail Extractor” - {HKLM…CLSID} = “Haali Matroska Thumbnail Extractor” \InProcServer32(Default) = “C:\Program Files\K-Lite Codec Pack\Filters\Haali\mmfinfo.dll” [null data] “{97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2}” = “NeroCoverEd Live Icons” - {HKLM…CLSID} = “NeroCoverEdLiveIcons Class” \InProcServer32(Default) = “C:\Program Files\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll” [“Nero AG”] “{A70C977A-BF00-412C-90B7-034C51DA2439}” = “NvCpl DesktopContext Class” - {HKLM…CLSID} = “DesktopContext Class” \InProcServer32(Default) = “C:\WINDOWS\system32\nvcpl.dll” [“NVIDIA Corporation”] “{FFB699E0-306A-11d3-8BD1-00104B6F7516}” = “Play on my TV helper” - {HKLM…CLSID} = “NVIDIA CPL Extension” \InProcServer32(Default) = “C:\WINDOWS\system32\nvcpl.dll” [“NVIDIA Corporation”] “{1CDB2949-8F65-4355-8456-263E7C208A5D}” = “Desktop Explorer” - {HKLM…CLSID} = “Desktop Explorer” \InProcServer32(Default) = “C:\WINDOWS\system32\nvshell.dll” [“NVIDIA Corporation”] “{1E9B04FB-F9E5-4718-997B-B8DA88302A47}” = “Desktop Explorer Menu” - {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = “C:\WINDOWS\system32\nvshell.dll” [“NVIDIA Corporation”] “{1E9B04FB-F9E5-4718-997B-B8DA88302A48}” = “nView Desktop Context Menu” - {HKLM…CLSID} = “nView Desktop Context Menu” \InProcServer32(Default) = “C:\WINDOWS\system32\nvshell.dll” [“NVIDIA Corporation”] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ “WPDShServiceObj” = “{AAA288BA-9A4C-45B0-95D7-94D524869DB5}” - {HKLM…CLSID} = “WPDShServiceObj Class” \InProcServer32(Default) = “C:\WINDOWS\system32\WPDShServiceObj.dll” [MS] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\ “AppInit_DLLs” = “C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll” [“Kaspersky Lab”] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ klogon\DLLName = “C:\WINDOWS\system32\klogon.dll” [“Kaspersky Lab”] HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\ {0561EC90-CE54-4f0c-9C55-E226110A740C}(Default) = “Haali Column Provider” - {HKLM…CLSID} = “Haali Column Provider” \InProcServer32(Default) = “C:\Program Files\K-Lite Codec Pack\Filters\Haali\mmfinfo.dll” [null data] {7D4D6379-F301-4311-BEBA-E26EB0561882}(Default) = “NeroDigitalExt.NeroDigitalColumnHandler” - {HKLM…CLSID} = “NeroDigitalColumnHandler Class” \InProcServer32(Default) = “C:\Program Files\Common Files\Nero\Lib\NeroDigitalExt.dll” [“Nero AG”] {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}(Default) = “OpenOffice.org Column Handler” - {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = ““C:\Program Files\OpenOffice.org 2.3\program\shlxthdl.dll”” [“Sun Microsystems, Inc.”] {F9DB5320-233E-11D1-9F84-707F02C10627}(Default) = “PDF Column Info” - {HKLM…CLSID} = “PDF Shell Extension” \InProcServer32(Default) = “C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll” [“Adobe Systems, Inc.”] HKLM\SOFTWARE\Classes*\shellex\ContextMenuHandlers\ Cover Designer(Default) = “{73FCA462-9BD5-4065-A73F-A8E5F6904EF7}” - {HKLM…CLSID} = “NeroCoverEdContextMenu Class” \InProcServer32(Default) = “C:\Program Files\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll” [“Nero AG”] Kaspersky Anti-Virus(Default) = “{dd230880-495a-11d1-b064-008048ec2fc5}” - {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = “C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ShellEx.dll” [“Kaspersky Lab”] PromtMenu(Default) = “{E28C61E1-67D8-4005-9BF4-E232B2EB9012}” - {HKLM…CLSID} = “Promt6ShellContextMenu Class” \InProcServer32(Default) = “C:\Program Files\PRMT8\PRMT\prmshell.dll” [“PROMT Ltd.”] WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}” - {HKLM…CLSID} = “WinRAR” \InProcServer32(Default) = “C:\Program Files\WinRAR\rarext.dll” [null data] HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}” - {HKLM…CLSID} = “WinRAR” \InProcServer32(Default) = “C:\Program Files\WinRAR\rarext.dll” [null data] HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\ Kaspersky Anti-Virus(Default) = “{dd230880-495a-11d1-b064-008048ec2fc5}” - {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = “C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ShellEx.dll” [“Kaspersky Lab”] WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}” - {HKLM…CLSID} = “WinRAR” \InProcServer32(Default) = “C:\Program Files\WinRAR\rarext.dll” [null data] Group Policies {policy setting}: -------------------------------- Note: detected settings may not have any effect. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ “shutdownwithoutlogon” = (REG_DWORD) dword:0x00000001 {Shutdown: Allow system to be shut down without having to log on} “undockwithoutlogon” = (REG_DWORD) dword:0x00000001 {Devices: Allow undock without having to log on} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop enabled and wallpaper not set by Group Policy: HKCU\Software\Microsoft\Internet Explorer\Desktop\General\ “Wallpaper” = “C:\WINDOWS\web\wallpaper\Idylla.bmp” Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ “Wallpaper” = “C:\WINDOWS\web\wallpaper\Idylla.bmp” Enabled Screen Saver: --------------------- HKCU\Control Panel\Desktop\ “SCRNSAVE.EXE” = “C:\WINDOWS\system32\ssstars.scr” [MS] Enabled Scheduled Tasks: ------------------------ “Uniblue SpeedUpMyPC Nag” - launches: “C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe -s” [“Uniblue Software”] “Uniblue SpeedUpMyPC” - launches: “C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe -s” [“Uniblue Software”] “Uniblue SpyEraser” - launches: “C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe -s” [“Uniblue Software”] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS] 000000000002\LibraryPath = “%SystemRoot%\System32\winrnr.dll” [MS] 000000000003\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS] Transport Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 15 %SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05 Toolbars, Explorer Bars, Extensions: ------------------------------------ Toolbars HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ “{2318C2B1-4965-11D4-9B18-009027A5CD4F}” - {HKLM…CLSID} = “Google” \InProcServer32(Default) = “c:\program files\google\googletoolbar2.dll” [“Google Inc.”] “{F2CF5485-4E02-4F68-819C-B92DE9277049}” - {HKLM…CLSID} = “Links” \InProcServer32(Default) = “C:\WINDOWS\system32\ieframe.dll” [MS] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ “{892E81F6-EC63-4D13-8422-835A7A05D6EB}” = (no title provided) - {HKLM…CLSID} = “PROMT” \InProcServer32(Default) = “C:\Program Files\PRMT8\PRMTIE\prmtie.dll” [“PROMT Ltd.”] “{2318C2B1-4965-11D4-9B18-009027A5CD4F}” = (no title provided) - {HKLM…CLSID} = “Google” \InProcServer32(Default) = “c:\program files\google\googletoolbar2.dll” [“Google Inc.”] Explorer Bars HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\ {0B36D47C-7613-4B8D-89DA-809F66DE9B31}(Default) = (no title provided) - {HKLM…CLSID} = “******* ******” (unwritable string) \InProcServer32(Default) = “C:\Program Files\PRMT8\PRMTIE\prmtie.dll” [“PROMT Ltd.”] {CE1B52DB-F55E-4135-B22B-6529EF90EA52}(Default) = (no title provided) - {HKLM…CLSID} = “Online-*******” (unwritable string) \InProcServer32(Default) = “C:\Program Files\PRMT8\PRMTIE\prmtie.dll” [“PROMT Ltd.”] {EB8F177F-EAD2-44F8-BB4E-0E967F90BE21}(Default) = (no title provided) - {HKLM…CLSID} = “********** *****” (unwritable string) \InProcServer32(Default) = “C:\Program Files\PRMT8\PRMTIE\prmtie.dll” [“PROMT Ltd.”] HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ HKLM\SOFTWARE\Classes\CLSID{85E0B171-04FA-11D1-B7DA-00A0C90348D6}(Default) = “C********* ***-**********” (unwritable string) Implemented Categories{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32(Default) = “C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll” [“Kaspersky Lab”] Extensions (Tools menu items, main toolbar menu buttons) HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\ {08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ “MenuText” = “Sun Java Console” “CLSIDExtension” = “{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}” - {HKCU…CLSID} = “Java Plug-in 1.6.0_03” \InProcServer32(Default) = “C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll” [“Sun Microsystems, Inc.”] - {HKLM…CLSID} = “Java Plug-in 1.6.0_03” \InProcServer32(Default) = “C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll” [“Sun Microsystems, Inc.”] {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}\ “ButtonText” = “Cтатистика Веб-Антивируса” {219C3416-8CB2-491A-A3C7-D9FCDDC9D600}\ “ButtonText” = “Wpis w blogu” “MenuText” = “Wpis w blogu w Windows Live Writer” “CLSIDExtension” = “{5F7B1267-94A9-47F5-98DB-E99415F33AEC}” - {HKLM…CLSID} = “BlogThisToolbarButton Class” \InProcServer32(Default) = “C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll” [MS] {4034D172-4C52-49DE-A6A1-E75F8F591FEC}\ “MenuText” = “Настроить параметры перевода” “Script” = “C:\Program Files\PRMT8\PRMTIE\options.htm” [null data] {A2DA13D5-AC77-43B7-963B-40445EBCB8E0}\ “MenuText” = “Перевести” “Script” = “C:\Program Files\PRMT8\PRMTIE\prmtie5.htm” [null data] {E2E2DD38-D088-4134-82B7-F2BA38496583}\ “MenuText” = “@xpsp3res.dll ,-20001” “Exec” = “%windir%\Network Diagnostic\xpnetdiag.exe” [MS] {E59EB121-F339-4851-A3BA-FE49C35617C2}\ “ButtonText” = “ICQ6” “MenuText” = “ICQ6” “Exec” = “C:\Program Files\ICQ6\ICQ.exe” [“ICQ, Inc.”] {FB5F1910-F110-11D2-BB9E-00C04F795683}\ “ButtonText” = “Messenger” “MenuText” = “Windows Messenger” “Exec” = “C:\Program Files\Messenger\msmsgs.exe” [MS] {FD9DE2B4-C926-4460-81C4-FC58C6F1062E}\ “ButtonText” = “SmartWhois” “Exec” = “C:\Program Files\SmartWhois\swmsie.exe” [“TamoSoft”] {FF983118-58C7-4AD4-B5A7-691C39CB7B42}\ “MenuText” = “SmartWhois” “Exec” = “C:\Program Files\SmartWhois\swmsie.exe” [“TamoSoft”] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ Apple Mobile Device, Apple Mobile Device, ““C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe”” [“Apple, Inc.”] Kaspersky Internet Security 7.0, AVP, ““C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe” -r” [“Kaspersky Lab”] Nero BackItUp Scheduler 3, Nero BackItUp Scheduler 3, “C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe” [“Nero AG”] NVIDIA Display Driver Service, NVSvc, “C:\WINDOWS\system32\nvsvc32.exe” [“NVIDIA Corporation”] STI Simulator, STI Simulator, “C:\WINDOWS\System32\PAStiSvc.exe” [null data] ---------- (launch time: 2008-01-06 01:06:58) : Suspicious data at a malware launch point. + This report excludes default entries except where indicated. + To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter. + To search all directories of local fixed drives for DESKTOP.INI DLL launch points, use the -supp parameter or answer “No” at the first message box and “Yes” at the second message box. ---------- (total run time: 36 seconds, including 3 seconds for message boxes)
Dzięki z góry.
Może spróbuj sprawdzić w Menadżerze zadań. W Twoim przypadku na zakładce Procesy nie powinno być procesu: explorer.exe, jeśli jednak jest zamknij go. Teraz wybierz Plik\Nowe zadanie (Uruchom…)\wpisz explorer.exe
Powinno zadziałać.
Sf-Sr
(Abov)
8 Styczeń 2008 17:12
#3
Dzięki ale to nie pomogło. Problem był z drajweramy nVidia ostatnia wersja , zainstalowałem coś musi źle poszło i chlap!. na drugi dzień już system padł. przeinstalowałem Wina teraz jest dobrze. No jeśli ktoś będzie miał podobny problem to odinstalować drajwery od grafiki ,wyczyścić wyłączyć ochronę i dopiero zainstalować. i co najważniejsze Nie czyścić sobie rejestru byle czym bo powoli po kolei zaczynają inaczej chodzić te programy :o