Zwolnienie Komputera

Oprogramowanie komputerowe Problemy z oprogramowaniem
#1

Od wczoraj tak zwolnil mi komputer, ze az nie moge sluchac muzyki bo ja calkowicie przerywa(w kazdy proces wykorzystuje procesor, wiec jest to brdzo dziwne zjawisko) . Zaden Antywirus nie znalazl nic.

Logfile of HijackThis v1.99.1

Scan saved at 14:10:22, on 03/11/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe

C:\WINDOWS\AGRSMMSG.exe

C:\Program Files\Apoint2K\Apoint.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe

C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

C:\Program Files\HakerzyNET AntiVirus\HakerzyNET_MAV.exe

C:\Program Files\Apoint2K\Apntex.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\explorer.exe

C:\Program Files\HPQ\Shared\hpqwmi.exe

C:\Program Files\Alwil Software\Avast4\ashSimpl.exe

D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\HijackThis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O4 - HKLM…\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe

O4 - HKLM…\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray

O4 - HKLM…\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM…\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe

O4 - HKLM…\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM…\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM…\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

O4 - HKLM…\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU “C:\WINDOWS\TEMP\E_SBB.tmp” /EF “HKLM”

O4 - HKLM…\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup

O4 - HKLM…\Run: [sunJavaUpdateSched] “C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe”

O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM…\Run: [QuickTime Task] “D:\Program Files\QuickTime\qttask.exe” -atboottime

O4 - HKLM…\Run: [HakerzyNET MAV] C:\Program Files\HakerzyNET AntiVirus\HakerzyNET_MAV.exe

O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU…\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

O4 - HKCU…\Run: [skype] “C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized

O4 - HKCU…\Run: [DAEMON Tools Pro Agent] “C:\Program Files\DAEMON Tools Pro\DTProAgent.exe”

O4 - HKCU…\Run: [eyeBeam SIP Client] “d:\Program Files\CounterPath\X-Lite\x-lite.exe”

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Wyslij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra ‘Tools’ menuitem: Wyslij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.pl/resources/virus … nicode.cab

O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab

O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab

O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\Shared\hpqwmi.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

Złączono Posta : 03.11.2007 (Sob) 15:17

Jeszcze logi Slienta

“Silent Runners.vbs”, revision 52, http://www.silentrunners.org/

Operating System: Windows XP SP2

Output limited to non-default values, except where indicated by “{++}”

Startup items buried in registry:

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}

“CTFMON.EXE” = “C:\WINDOWS\system32\ctfmon.exe” [MS]

“PcSync” = “C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog” [“Time Information Services Ltd.”]

“Skype” = ““C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized” [“Skype Technologies S.A.”]

“DAEMON Tools Pro Agent” = ““C:\Program Files\DAEMON Tools Pro\DTProAgent.exe”” [“DT Soft Ltd.”]

“eyeBeam SIP Client” = ““d:\Program Files\CounterPath\X-Lite\x-lite.exe”” [null data]

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}

“SoundMAXPnP” = “C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe” [“Analog Devices, Inc.”]

“SoundMAX” = “C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray” [“Analog Devices, Inc.”]

“AGRSMMSG” = “AGRSMMSG.exe” [“Agere Systems”]

“Apoint” = “C:\Program Files\Apoint2K\Apoint.exe” [“Alps Electric Co., Ltd.”]

“IgfxTray” = “C:\WINDOWS\system32\igfxtray.exe” [“Intel Corporation”]

“HotKeysCmds” = “C:\WINDOWS\system32\hkcmd.exe” [“Intel Corporation”]

“hpWirelessAssistant” = “C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe” [“Hewlett-Packard Company”]

“EPSON Stylus DX4000 Series” = “C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU “C:\WINDOWS\TEMP\E_SBB.tmp” /EF “HKLM”” [“SEIKO EPSON CORPORATION”]

“NSLauncher” = “C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup” [null data]

“SunJavaUpdateSched” = ““C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe”” [“Sun Microsystems, Inc.”]

“NeroFilterCheck” = “C:\WINDOWS\system32\NeroCheck.exe” [“Nero AG”]

“QuickTime Task” = ““D:\Program Files\QuickTime\qttask.exe” -atboottime” [“Apple Inc.”]

“HakerzyNET MAV” = “C:\Program Files\HakerzyNET AntiVirus\HakerzyNET_MAV.exe” [“Hakerzy.NET © 2006 - 2007”]

“avast!” = “C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [“ALWIL Software”]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}(Default) = (no title provided)

-> {HKLM…CLSID} = “AcroIEHlprObj Class”

\InProcServer32(Default) = “C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll” [“Adobe Systems Incorporated”]

{53707962-6F74-2D53-2644-206D7942484F}(Default) = (no title provided)

-> {HKLM…CLSID} = (no title provided)

\InProcServer32(Default) = “C:\Program Files\Spybot - Search & Destroy\SDHelper.dll” [“Safer Networking Limited”]

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}(Default) = (no title provided)

-> {HKLM…CLSID} = “SSVHelper Class”

\InProcServer32(Default) = “C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll” [“Sun Microsystems, Inc.”]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

“{42071714-76d4-11d1-8b24-00a0c9068ff3}” = “Display Panning CPL Extension”

-> {HKLM…CLSID} = “Display Panning CPL Extension”

\InProcServer32(Default) = “deskpan.dll” [file not found]

“{88895560-9AA2-1069-930E-00AA0030EBC8}” = “HyperTerminal Icon Ext”

-> {HKLM…CLSID} = “HyperTerminal Icon Ext”

\InProcServer32(Default) = “C:\WINDOWS\system32\hticons.dll” [“Hilgraeve, Inc.”]

#2

log z silent’a nie jest caly gdzies go obiciąłeś

#3

“Silent Runners.vbs”, revision 52, http://www.silentrunners.org/

Operating System: Windows XP SP2

Output limited to non-default values, except where indicated by “{++}”

Startup items buried in registry:

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}

“CTFMON.EXE” = “C:\WINDOWS\system32\ctfmon.exe” [MS]

“PcSync” = “C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog” [“Time Information Services Ltd.”]

“Skype” = ““C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized” [“Skype Technologies S.A.”]

“DAEMON Tools Pro Agent” = ““C:\Program Files\DAEMON Tools Pro\DTProAgent.exe”” [“DT Soft Ltd.”]

“eyeBeam SIP Client” = ““d:\Program Files\CounterPath\X-Lite\x-lite.exe”” [null data]

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}

“SoundMAXPnP” = “C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe” [“Analog Devices, Inc.”]

“SoundMAX” = “C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray” [“Analog Devices, Inc.”]

“AGRSMMSG” = “AGRSMMSG.exe” [“Agere Systems”]

“Apoint” = “C:\Program Files\Apoint2K\Apoint.exe” [“Alps Electric Co., Ltd.”]

“IgfxTray” = “C:\WINDOWS\system32\igfxtray.exe” [“Intel Corporation”]

“HotKeysCmds” = “C:\WINDOWS\system32\hkcmd.exe” [“Intel Corporation”]

“hpWirelessAssistant” = “C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe” [“Hewlett-Packard Company”]

“EPSON Stylus DX4000 Series” = “C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU “C:\WINDOWS\TEMP\E_SBB.tmp” /EF “HKLM”” [“SEIKO EPSON CORPORATION”]

“NSLauncher” = “C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup” [null data]

“SunJavaUpdateSched” = ““C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe”” [“Sun Microsystems, Inc.”]

“NeroFilterCheck” = “C:\WINDOWS\system32\NeroCheck.exe” [“Nero AG”]

“QuickTime Task” = ““D:\Program Files\QuickTime\qttask.exe” -atboottime” [“Apple Inc.”]

“HakerzyNET MAV” = “C:\Program Files\HakerzyNET AntiVirus\HakerzyNET_MAV.exe” [“Hakerzy.NET © 2006 - 2007”]

“avast!” = “C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [“ALWIL Software”]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}(Default) = (no title provided)

-> {HKLM…CLSID} = “AcroIEHlprObj Class”

\InProcServer32(Default) = “C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll” [“Adobe Systems Incorporated”]

{53707962-6F74-2D53-2644-206D7942484F}(Default) = (no title provided)

-> {HKLM…CLSID} = (no title provided)

\InProcServer32(Default) = “C:\Program Files\Spybot - Search & Destroy\SDHelper.dll” [“Safer Networking Limited”]

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}(Default) = (no title provided)

-> {HKLM…CLSID} = “SSVHelper Class”

\InProcServer32(Default) = “C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll” [“Sun Microsystems, Inc.”]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

“{42071714-76d4-11d1-8b24-00a0c9068ff3}” = “Display Panning CPL Extension”

-> {HKLM…CLSID} = “Display Panning CPL Extension”

\InProcServer32(Default) = “deskpan.dll” [file not found]

“{88895560-9AA2-1069-930E-00AA0030EBC8}” = “HyperTerminal Icon Ext”

-> {HKLM…CLSID} = “HyperTerminal Icon Ext”

\InProcServer32(Default) = “C:\WINDOWS\system32\hticons.dll” [“Hilgraeve, Inc.”]

“{B41DB860-8EE4-11D2-9906-E49FADC173CA}” = “WinRAR shell extension”

-> {HKLM…CLSID} = “WinRAR”

\InProcServer32(Default) = “D:\Program Files\WinRAR\rarext.dll” [null data]

“{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}” = “PhoneBrowser”

-> {HKLM…CLSID} = “Nokia Phone Browser”

\InProcServer32(Default) = “C:\Program Files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll” [“Nokia”]

“{0006F045-0000-0000-C000-000000000046}” = “Microsoft Office Outlook Custom Icon Handler”

-> {HKLM…CLSID} = “Outlook File Icon Extension”

\InProcServer32(Default) = “D:\PROGRA~1\MICROS~1\Office12\OLKFSTUB.DLL” [MS]

“{00020D75-0000-0000-C000-000000000046}” = “Microsoft Office Outlook Desktop Icon Handler”

-> {HKLM…CLSID} = “Microsoft Office Outlook”

\InProcServer32(Default) = “D:\PROGRA~1\MICROS~1\Office12\MLSHEXT.DLL” [MS]

“{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C}” = “Microsoft Office OneNote Namespace Extension for Windows Desktop Search”

-> {HKLM…CLSID} = “Microsoft Office OneNote Namespace Extension for Windows Desktop Search”

\InProcServer32(Default) = “D:\PROGRA~1\MICROS~1\Office12\ONFILTER.DLL” [MS]

“{42042206-2D85-11D3-8CFF-005004838597}” = “Microsoft Office HTML Icon Handler”

-> {HKLM…CLSID} = (no title provided)

\InProcServer32(Default) = “D:\Program Files\Microsoft Office\Office12\msohevi.dll” [MS]

“{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}” = “Microsoft Office Metadata Handler”

-> {HKLM…CLSID} = “Microsoft Office Metadata Handler”

\InProcServer32(Default) = “C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll” [MS]

“{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}” = “Microsoft Office Thumbnail Handler”

-> {HKLM…CLSID} = “Microsoft Office Thumbnail Handler”

\InProcServer32(Default) = “C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll” [MS]

“{472083B0-C522-11CF-8763-00608CC02F24}” = “avast”

-> {HKLM…CLSID} = “avast”

\InProcServer32(Default) = “C:\Program Files\Alwil Software\Avast4\ashShell.dll” [“ALWIL Software”]

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\

<> igfxcui\DLLName = “igfxsrvc.dll” [“Intel Corporation”]

HKLM\Software\Classes\PROTOCOLS\Filter\

<> text/xml\CLSID = “{807563E5-5146-11D5-A672-00B0D022E945}”

-> {HKLM…CLSID} = “Microsoft Office InfoPath XML Mime Filter”

\InProcServer32(Default) = “C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL” [MS]

HKLM\Software\Classes*\shellex\ContextMenuHandlers\

avast(Default) = “{472083B0-C522-11CF-8763-00608CC02F24}”

-> {HKLM…CLSID} = “avast”

\InProcServer32(Default) = “C:\Program Files\Alwil Software\Avast4\ashShell.dll” [“ALWIL Software”]

DaemonShellExtImage(Default) = “{40966797-8FFE-46C8-9EF8-7003F33CCF0F}”

-> {HKLM…CLSID} = “DaemonShellExtImage Class”

\InProcServer32(Default) = “C:\Program Files\DAEMON Tools Pro\imgshl32.dll” [“DT Soft Ltd.”]

WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}”

-> {HKLM…CLSID} = “WinRAR”

\InProcServer32(Default) = “D:\Program Files\WinRAR\rarext.dll” [null data]

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\

WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}”

-> {HKLM…CLSID} = “WinRAR”

\InProcServer32(Default) = “D:\Program Files\WinRAR\rarext.dll” [null data]

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\

avast(Default) = “{472083B0-C522-11CF-8763-00608CC02F24}”

-> {HKLM…CLSID} = “avast”

\InProcServer32(Default) = “C:\Program Files\Alwil Software\Avast4\ashShell.dll” [“ALWIL Software”]

WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}”

-> {HKLM…CLSID} = “WinRAR”

\InProcServer32(Default) = “D:\Program Files\WinRAR\rarext.dll” [null data]

Group Policies {policy setting}:

Note: detected settings may not have any effect.

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\

“shutdownwithoutlogon” = (REG_DWORD) hex:0x00000001

{Shutdown: Allow system to be shut down without having to log on}

“undockwithoutlogon” = (REG_DWORD) hex:0x00000001

{Devices: Allow undock without having to log on}

Active Desktop and Wallpaper:

Active Desktop may be disabled at this entry:

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop enabled and wallpaper not set by Group Policy:

HKCU\Software\Microsoft\Internet Explorer\Desktop\General\

“Wallpaper” = “C:\WINDOWS\web\wallpaper\Bliss.bmp”

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:

HKCU\Control Panel\Desktop\

“Wallpaper” = “C:\WINDOWS\web\wallpaper\Bliss.bmp”

Enabled Screen Saver:

HKCU\Control Panel\Desktop\

“SCRNSAVE.EXE” = “C:\WINDOWS\System32\logon.scr” [MS]

Startup items in “Mariusz” & “All Users” startup folders:

C:\Documents and Settings\Mariusz\Start Menu\Programs\Startup

“Adobe Gamma” -> shortcut to: “C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe” [“Adobe Systems, Inc.”]

Enabled Scheduled Tasks:

“AppleSoftwareUpdate” -> launches: “C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task” [“Apple Inc.”]

“Azureus” -> launches: “E:\Azureus\Azureus.exe” [“Aelitis”]

Winsock2 Service Provider DLLs:

Namespace Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}

000000000001\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS]

000000000002\LibraryPath = “%SystemRoot%\System32\winrnr.dll” [MS]

000000000003\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS]

Transport Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}

0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:

%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 19

%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05

Toolbars, Explorer Bars, Extensions:

Explorer Bars

HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\

HKLM\Software\Classes\CLSID{FF059E31-CC5A-4E2E-BF3B-96E929D65503}(Default) = “&Poszukaj”

Implemented Categories{00021493-0000-0000-C000-000000000046}\ [vertical bar]

InProcServer32(Default) = “D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL” [MS]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\Software\Microsoft\Internet Explorer\Extensions\

{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\

“MenuText” = “Sun Java Console”

“CLSIDExtension” = “{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}”

-> {HKCU…CLSID} = “Java Plug-in 1.6.0_03”

\InProcServer32(Default) = “C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll” [“Sun Microsystems, Inc.”]

-> {HKLM…CLSID} = “Java Plug-in 1.6.0_03”

\InProcServer32(Default) = “C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll” [“Sun Microsystems, Inc.”]

{2670000A-7350-4F3C-8081-5663EE0C6C49}\

“ButtonText” = “Wyslij do programu OneNote”

“MenuText” = “Wyslij &do programu OneNote”

“CLSIDExtension” = “{48E73304-E1D6-4330-914C-F5F514E3486C}”

-> {HKLM…CLSID} = “Send to OneNote from Internet Explorer button”

\InProcServer32(Default) = “D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll” [MS]

{92780B25-18CC-41C8-B9BE-3C9C571A8263}\

“ButtonText” = “Research”

{FB5F1910-F110-11D2-BB9E-00C04F795683}\

“ButtonText” = “Messenger”

“MenuText” = “Windows Messenger”

“Exec” = “C:\Program Files\Messenger\msmsgs.exe” [MS]

Running Services (Display Name, Service Name, Path {Service DLL}):

avast! Antivirus, avast! Antivirus, ““C:\Program Files\Alwil Software\Avast4\ashServ.exe”” [“ALWIL Software”]

avast! iAVS4 Control Service, aswUpdSv, ““C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe”” [“ALWIL Software”]

avast! Mail Scanner, avast! Mail Scanner, ““C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe” /service” [“ALWIL Software”]

avast! Web Scanner, avast! Web Scanner, ““C:\Program Files\Alwil Software\Avast4\ashWebSv.exe” /service” [“ALWIL Software”]

HP WMI Interface, hpqwmi, “C:\Program Files\HPQ\Shared\hpqwmi.exe” [“Hewlett-Packard Development Company, L.P.”]

ServiceLayer, ServiceLayer, ““C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe”” [“Nokia.”]

SoundMAX Agent Service, SoundMAX Agent Service (default), “C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe” [“Analog Devices, Inc.”]

Print Monitors:

HKLM\System\CurrentControlSet\Control\Print\Monitors\

EPSON Stylus DX4000 Series 32MonitorBE\Driver = “E_FLBBEE.DLL” [“SEIKO EPSON CORPORATION”]

Send To Microsoft OneNote Monitor\Driver = “msonpmon.dll” [MS]

---------- (launch time: 2007-11-03 14:15:53)

<>: Suspicious data at a malware launch point.

  • This report excludes default entries except where indicated.

  • To see *everywhere* the script checks and *everything* it finds,

launch it from a command prompt or a shortcut with the -all parameter.

  • The search for DESKTOP.INI DLL launch points on all local fixed drives

took 162 seconds.

---------- (total run time: 260 seconds)

#4

Co to ?

#5

to jest program antywirusowy, tylko ze ma fajna nazwe.

#6

Zauważyłem że masz także Avasta.! To spowolniło pracę systemu. Odinstaluj albo avasta albo hakera.

#7

Ale przed pojawieniem mialem tylko Avasta, teraz dla sprawdzenia zainstalowalem jeszcze jeden.

Ale problem jest taki, ze wszystkie procesy jak sa uruchomione wykorzystuja procesor. Ale co chwile sie przelaczaja na inne procesy(ktore wyorzystuja procesor). Wiec usuwanie procesow nic nie daje.

Sorki ze pisze bez polskich znakow. Ale mam angielskiego windowsa a pasek z jezykami mi gdzies zniknal :slight_smile:

#8

To nie usprawiedliwienie. Ja cały czas śmigam na angielskim Windowsie :slight_smile:

Podstawowe pytania:

  1. Defragmentowałeś dysk?

  2. Korzystałeś z programów pokroju CCleaner, jv16?

  3. Ile masz programów zainstalowanych? Dużo programów włącza się z systemem. Poza tym korzystaj z JEDNEGO programu antywirusowego (na twoim miejscu pozostawiłbym Avasta).