Svchost=100 % uźycie procesora–prosba o sprawdzenie loga.
Po formacie c: wyłączyłem systemowego firewalla bo chcę mieć high ID w eMule i stało się–procesor obciąźony w 100 %.Proszę o sprawdzenie loga:
Logfile of HijackThis v1.97.7
Scan saved at 11:09:18, on 2004–09–14
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSSystem32 vsvc32.exe
C:Program FilesCommon FilesPanda SoftwarePavShldpavprsrv.exe
C:Program FilesPanda SoftwarePanda Titanium Antivirus 2004Pavsrv51.exe
C:Program FilesPanda SoftwarePanda Titanium Antivirus 2004AVENGINE.EXE
C:Program FilesPanda SoftwarePanda Titanium Antivirus 2004APVXDWIN.EXE
C:WINDOWSSystem32ctfmon.exe
C:Program FilesSAGEMSAGEM F@st 800–840dslmon.exe
C:Program FilesPanda SoftwarePanda Titanium Antivirus 2004WebProxy.exe
C:Program FilesGadu–Gadugg.exe
C:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32seypnvx.exe
C:WINDOWSSystem32PDSched.exe
C:Program FilesInternet Exploreriexplore.exe
C:WINDOWSSystem32 askmgr.exe
D:DANIELIncomingHijackThis.exe
R0 – HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.pl/
R0 – HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:WINDOWSSystem32msdxm.ocx
O4 – HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 – HKLM..Run: [nwiz] nwiz.exe /install
O4 – HKLM..Run: [C–Media Mixer] Mixer.exe /startup
O4 – HKLM..Run: [APVXDWIN] "C:Program FilesPanda SoftwarePanda Titanium Antivirus 2004APVXDWIN.EXE" /s
O4 – HKLM..Run: [Cryptographic Service] C:WINDOWSSystem32seypnvx.exe
O4 – HKLM..Run: [Microsoft DirectX] PDSched.exe
O4 – HKLM..RunServices: [Microsoft DirectX] PDSched.exe
O4 – HKCU..Run: [CTFMON.EXE] C:WINDOWSSystem32ctfmon.exe
O4 – HKCU..Run: [Gadu–Gadu] "C:Program FilesGadu–Gadugg.exe" /tray
O4 – Global Startup: DSLMON.lnk = C:Program FilesSAGEMSAGEM F@st 800–840dslmon.exe
O4 – Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O9 – Extra button: Related (HKLM)
O9 – Extra 'Tools' menuitem: Show &Related Links (HKLM)
O10 – Unknown file in Winsock LSP: c:program filespanda softwarepanda titanium antivirus 2004pavlsp.dll
O10 – Unknown file in Winsock LSP: c:program filespanda softwarepanda titanium antivirus 2004pavlsp.dll
O10 – Unknown file in Winsock LSP: c:program filespanda softwarepanda titanium antivirus 2004pavlsp.dll
O16 – DPF: {6414512B–B978–451D–A0D8–FCFDF33E833C} (WUWebControl Class) – http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1095148852390
O16 – DPF: {D27CDB6E–AE6D–11CF–96B8–444553540000} (Shockwave Flash Object) – http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 – HKLMSystemCCSServicesTcpip..{B9890BB8–8139–4392–ABE5–1D133779D61D}: NameServer = 194.204.152.34 217.98.63.164
Logfile of HijackThis v1.97.7
Scan saved at 11:09:18, on 2004–09–14
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSSystem32 vsvc32.exe
C:Program FilesCommon FilesPanda SoftwarePavShldpavprsrv.exe
C:Program FilesPanda SoftwarePanda Titanium Antivirus 2004Pavsrv51.exe
C:Program FilesPanda SoftwarePanda Titanium Antivirus 2004AVENGINE.EXE
C:Program FilesPanda SoftwarePanda Titanium Antivirus 2004APVXDWIN.EXE
C:WINDOWSSystem32ctfmon.exe
C:Program FilesSAGEMSAGEM F@st 800–840dslmon.exe
C:Program FilesPanda SoftwarePanda Titanium Antivirus 2004WebProxy.exe
C:Program FilesGadu–Gadugg.exe
C:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32seypnvx.exe
C:WINDOWSSystem32PDSched.exe
C:Program FilesInternet Exploreriexplore.exe
C:WINDOWSSystem32 askmgr.exe
D:DANIELIncomingHijackThis.exe
R0 – HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.pl/
R0 – HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:WINDOWSSystem32msdxm.ocx
O4 – HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 – HKLM..Run: [nwiz] nwiz.exe /install
O4 – HKLM..Run: [C–Media Mixer] Mixer.exe /startup
O4 – HKLM..Run: [APVXDWIN] "C:Program FilesPanda SoftwarePanda Titanium Antivirus 2004APVXDWIN.EXE" /s
O4 – HKLM..Run: [Cryptographic Service] C:WINDOWSSystem32seypnvx.exe
O4 – HKLM..Run: [Microsoft DirectX] PDSched.exe
O4 – HKLM..RunServices: [Microsoft DirectX] PDSched.exe
O4 – HKCU..Run: [CTFMON.EXE] C:WINDOWSSystem32ctfmon.exe
O4 – HKCU..Run: [Gadu–Gadu] "C:Program FilesGadu–Gadugg.exe" /tray
O4 – Global Startup: DSLMON.lnk = C:Program FilesSAGEMSAGEM F@st 800–840dslmon.exe
O4 – Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O9 – Extra button: Related (HKLM)
O9 – Extra 'Tools' menuitem: Show &Related Links (HKLM)
O10 – Unknown file in Winsock LSP: c:program filespanda softwarepanda titanium antivirus 2004pavlsp.dll
O10 – Unknown file in Winsock LSP: c:program filespanda softwarepanda titanium antivirus 2004pavlsp.dll
O10 – Unknown file in Winsock LSP: c:program filespanda softwarepanda titanium antivirus 2004pavlsp.dll
O16 – DPF: {6414512B–B978–451D–A0D8–FCFDF33E833C} (WUWebControl Class) – http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1095148852390
O16 – DPF: {D27CDB6E–AE6D–11CF–96B8–444553540000} (Shockwave Flash Object) – http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 – HKLMSystemCCSServicesTcpip..{B9890BB8–8139–4392–ABE5–1D133779D61D}: NameServer = 194.204.152.34 217.98.63.164
Odpowiedzi: 8
Dzięki panowie jak zwykle wasze rady pomogły.
Wielkie yO
Wielkie yO
Wyłącz przywracanie,
Zakończ proces,
Fix`uj,
Wyszukaj i usuń.
Włącz przywracanie.
Zakończ proces,
Fix`uj,
Wyszukaj i usuń.
Włącz przywracanie.
Pominalem ten proces bo wydawalo mi sie ze jest powizany z aplikacja PerfectDisk.
Mietix jesli nie masz zainstalowanego tego programu to spokojnie mozesz fixowac. W innym wypadku pytaj El Nino. :lol:
Mietix jesli nie masz zainstalowanego tego programu to spokojnie mozesz fixowac. W innym wypadku pytaj El Nino. :lol:
EL NINO,
czyli FIX "PDSched" ?
czyli FIX "PDSched" ?
Blad.Ivaho:
A poza tym wg. mnie czysto.
PDSched.exe – WORM_SDBOT.CN
Ja bym jeszcze zfixowal [win update] wupda32.exe
Tak przynajmniej robili koledzy na niemieckich forach :lol:
A poza tym wg. mnie czysto.
Tak przynajmniej robili koledzy na niemieckich forach :lol:
A poza tym wg. mnie czysto.
Zfix'owałem go (nie ma juź tak obciąźonego procesora)i teraz wygląda to tak:
Logfile of HijackThis v1.97.7
Scan saved at 12:28:08, on 2004–09–14
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe
C:WINDOWSSystem32 vsvc32.exe
C:Program FilesCommon FilesPanda SoftwarePavShldpavprsrv.exe
C:Program FilesPanda SoftwarePanda Titanium Antivirus 2004Pavsrv51.exe
C:Program FilesPanda SoftwarePanda Titanium Antivirus 2004AVENGINE.EXE
C:Program FilesPanda SoftwarePanda Titanium Antivirus 2004APVXDWIN.EXE
C:WINDOWSSystem32wupda32.exe
C:WINDOWSSystem32PDSched.exe
C:WINDOWSSystem32ctfmon.exe
C:Program FilesSAGEMSAGEM F@st 800–840dslmon.exe
C:Program FilesPanda SoftwarePanda Titanium Antivirus 2004WebProxy.exe
C:Program FilesGadu–Gadugg.exe
C:Program FilesInternet Exploreriexplore.exe
D:DANIELIncomingHijackThis.exe
R0 – HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.pl/
R0 – HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:WINDOWSSystem32msdxm.ocx
O4 – HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 – HKLM..Run: [nwiz] nwiz.exe /install
O4 – HKLM..Run: [C–Media Mixer] Mixer.exe /startup
O4 – HKLM..Run: [APVXDWIN] "C:Program FilesPanda SoftwarePanda Titanium Antivirus 2004APVXDWIN.EXE" /s
O4 – HKLM..Run: [win update] wupda32.exe
O4 – HKLM..Run: [Microsoft DirectX] PDSched.exe
O4 – HKLM..RunServices: [win update] wupda32.exe
O4 – HKLM..RunServices: [Microsoft DirectX] PDSched.exe
O4 – HKCU..Run: [CTFMON.EXE] C:WINDOWSSystem32ctfmon.exe
O4 – HKCU..Run: [Gadu–Gadu] "C:Program FilesGadu–Gadugg.exe" /tray
O4 – HKCU..Run: [win update] wupda32.exe
O4 – HKCU..Run: [Microsoft DirectX] PDSched.exe
O4 – Global Startup: DSLMON.lnk = C:Program FilesSAGEMSAGEM F@st 800–840dslmon.exe
O4 – Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O9 – Extra button: Related (HKLM)
O9 – Extra 'Tools' menuitem: Show &Related Links (HKLM)
O10 – Unknown file in Winsock LSP: c:program filespanda softwarepanda titanium antivirus 2004pavlsp.dll
O10 – Unknown file in Winsock LSP: c:program filespanda softwarepanda titanium antivirus 2004pavlsp.dll
O10 – Unknown file in Winsock LSP: c:program filespanda softwarepanda titanium antivirus 2004pavlsp.dll
O16 – DPF: {6414512B–B978–451D–A0D8–FCFDF33E833C} (WUWebControl Class) – http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1095148852390
O16 – DPF: {D27CDB6E–AE6D–11CF–96B8–444553540000} (Shockwave Flash Object) – http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 – DPF: {E7544C6C–CFD6–43EA–B4E9–360CEE20BDF7} (MainControl Class) – http://skaner.mks.com.pl/SkanerOnline.cab
O17 – HKLMSystemCCSServicesTcpip..{B05BBC3E–E9F4–40D3–9C2A–BD870494B030}: NameServer = 194.204.152.34 217.98.63.164
Logfile of HijackThis v1.97.7
Scan saved at 12:28:08, on 2004–09–14
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe
C:WINDOWSSystem32 vsvc32.exe
C:Program FilesCommon FilesPanda SoftwarePavShldpavprsrv.exe
C:Program FilesPanda SoftwarePanda Titanium Antivirus 2004Pavsrv51.exe
C:Program FilesPanda SoftwarePanda Titanium Antivirus 2004AVENGINE.EXE
C:Program FilesPanda SoftwarePanda Titanium Antivirus 2004APVXDWIN.EXE
C:WINDOWSSystem32wupda32.exe
C:WINDOWSSystem32PDSched.exe
C:WINDOWSSystem32ctfmon.exe
C:Program FilesSAGEMSAGEM F@st 800–840dslmon.exe
C:Program FilesPanda SoftwarePanda Titanium Antivirus 2004WebProxy.exe
C:Program FilesGadu–Gadugg.exe
C:Program FilesInternet Exploreriexplore.exe
D:DANIELIncomingHijackThis.exe
R0 – HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.pl/
R0 – HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:WINDOWSSystem32msdxm.ocx
O4 – HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 – HKLM..Run: [nwiz] nwiz.exe /install
O4 – HKLM..Run: [C–Media Mixer] Mixer.exe /startup
O4 – HKLM..Run: [APVXDWIN] "C:Program FilesPanda SoftwarePanda Titanium Antivirus 2004APVXDWIN.EXE" /s
O4 – HKLM..Run: [win update] wupda32.exe
O4 – HKLM..Run: [Microsoft DirectX] PDSched.exe
O4 – HKLM..RunServices: [win update] wupda32.exe
O4 – HKLM..RunServices: [Microsoft DirectX] PDSched.exe
O4 – HKCU..Run: [CTFMON.EXE] C:WINDOWSSystem32ctfmon.exe
O4 – HKCU..Run: [Gadu–Gadu] "C:Program FilesGadu–Gadugg.exe" /tray
O4 – HKCU..Run: [win update] wupda32.exe
O4 – HKCU..Run: [Microsoft DirectX] PDSched.exe
O4 – Global Startup: DSLMON.lnk = C:Program FilesSAGEMSAGEM F@st 800–840dslmon.exe
O4 – Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O9 – Extra button: Related (HKLM)
O9 – Extra 'Tools' menuitem: Show &Related Links (HKLM)
O10 – Unknown file in Winsock LSP: c:program filespanda softwarepanda titanium antivirus 2004pavlsp.dll
O10 – Unknown file in Winsock LSP: c:program filespanda softwarepanda titanium antivirus 2004pavlsp.dll
O10 – Unknown file in Winsock LSP: c:program filespanda softwarepanda titanium antivirus 2004pavlsp.dll
O16 – DPF: {6414512B–B978–451D–A0D8–FCFDF33E833C} (WUWebControl Class) – http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1095148852390
O16 – DPF: {D27CDB6E–AE6D–11CF–96B8–444553540000} (Shockwave Flash Object) – http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 – DPF: {E7544C6C–CFD6–43EA–B4E9–360CEE20BDF7} (MainControl Class) – http://skaner.mks.com.pl/SkanerOnline.cab
O17 – HKLMSystemCCSServicesTcpip..{B05BBC3E–E9F4–40D3–9C2A–BD870494B030}: NameServer = 194.204.152.34 217.98.63.164
Pierwszy raz sie spotykam z takim procesem w systemie seypnvx.exe
Sprawdz z jakim innym procesem powiazany jest ten plik.
Sprawdz z jakim innym procesem powiazany jest ten plik.
Strona 1 / 1