
- Kod: Zaznacz wszystko
- Logfile of HijackThis v1.99.1
 Scan saved at 17:21:39, on 11-12-2006
 Platform: Windows XP SP1 (WinNT 5.01.2600)
 MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
 Running processes:
 C:\WINDOWS\System32\smss.exe
 C:\WINDOWS\SYSTEM32\winlogon.exe
 C:\WINDOWS\system32\services.exe
 C:\WINDOWS\system32\lsass.exe
 C:\WINDOWS\System32\Ati2evxx.exe
 C:\WINDOWS\system32\svchost.exe
 C:\WINDOWS\System32\svchost.exe
 D:\Programas\Sygate\SPF\smc.exe
 C:\WINDOWS\system32\spoolsv.exe
 C:\Programas\Avast4\aswUpdSv.exe
 C:\Programas\Symantec\LiveUpdate\ALUSchedulerSvc.exe
 C:\Programas\Avast4\ashServ.exe
 C:\WINDOWS\weRecv.exe
 C:\WINDOWS\SYSTEM32\Ati2evxx.exe
 C:\WINDOWS\Explorer.EXE
 C:\WINDOWS\System32\svchost.exe
 C:\WINDOWS\system32\fxssvc.exe
 C:\Programas\Avast4\ashWebSv.exe
 C:\Programas\ATI Technologies\ATI Control Panel\atiptaxx.exe
 C:\Programas\Synaptics\SynTP\SynTPLpr.exe
 C:\Programas\Synaptics\SynTP\SynTPEnh.exe
 C:\Programas\Java\jre1.5.0_09\bin\jusched.exe
 C:\WINDOWS\AGRSMMSG.exe
 C:\WINDOWS\SOUNDMAN.EXE
 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
 C:\Programas\Google\Gmail Notifier\gnotify.exe
 D:\Programas\Picasa2\PicasaMediaDetector.exe
 D:\Programas\iTunes\iTunesHelper.exe
 C:\PROGRA~1\Avast4\ashDisp.exe
 C:\Programas\Ficheiros comuns\Ahead\lib\NMBgMonitor.exe
 C:\Programas\MSN Messenger\msnmsgr.exe
 C:\Programas\iPod\bin\iPodService.exe
 C:\Programas\Skype\Phone\Skype.exe
 D:\Programas\Mozilla Firefox\firefox.exe
 D:\Programas\Gadu-Gadu\gg.exe
 D:\Programas\Hijack - skanowanie\HijackThis.exe
 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.fbnet.pt/pcg/
 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer disponibilizado por PC Guia
 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
 O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programas\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
 O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
 O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Programas\MegauploadToolbar\megauploadtoolbar.dll
 O3 - Toolbar: &VSAdd-in - {74DD705D-6834-439C-A735-A6DBE2677452} - C:\Programas\VSAdd-in\VSAdd-in.dll
 O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
 O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
 O4 - HKLM\..\Run: [ATIPTA] C:\Programas\ATI Technologies\ATI Control Panel\atiptaxx.exe
 O4 - HKLM\..\Run: [SynTPLpr] C:\Programas\Synaptics\SynTP\SynTPLpr.exe
 O4 - HKLM\..\Run: [SynTPEnh] C:\Programas\Synaptics\SynTP\SynTPEnh.exe
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programas\Java\jre1.5.0_09\bin\jusched.exe"
 O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
 O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
 O4 - HKLM\..\Run: [SmcService] D:\PROGRA~1\Sygate\SPF\smc.exe -startgui
 O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600"
 O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series (cópia 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P36 "EPSON Stylus CX3600 Series (cópia 1)" /O6 "USB001" /M "Stylus CX3600"
 O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Programas\Google\Gmail Notifier\gnotify.exe
 O4 - HKLM\..\Run: [Picasa Media Detector] d:\Programas\Picasa2\PicasaMediaDetector.exe
 O4 - HKLM\..\Run: [iTunesHelper] "D:\Programas\iTunes\iTunesHelper.exe"
 O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
 O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programas\Ficheiros comuns\Ahead\lib\NMBgMonitor.exe"
 O4 - HKCU\..\Run: [Gadu-Gadu] "D:\Programas\Gadu-Gadu\gg.exe" /tray
 O4 - HKCU\..\Run: [msnmsgr] "C:\Programas\MSN Messenger\msnmsgr.exe" /background
 O4 - HKCU\..\Run: [Skype] "C:\Programas\Skype\Phone\Skype.exe" /nosplash /minimized
 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.5.0_09\bin\ssv.dll
 O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.5.0_09\bin\ssv.dll
 O14 - IERESET.INF: START_PAGE_URL=http://www.fbnet.pt/pcg/
 O15 - Trusted Zone: http://arcaonline.arcabit.com
 O15 - Trusted Zone: http://www.mks.com.pl
 O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} (MainControl Class) - http://arcaonline.arcabit.com/ArcaOnline.cab
 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
 O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
 O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
 O20 - AppInit_DLLs: C:\WINDOWS\System32\syst0.dll
 O23 - Service: Adobe LM Service - Adobe Systems - C:\Programas\Ficheiros comuns\Adobe Systems Shared\Service\Adobelmsvc.exe
 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programas\Avast4\aswUpdSv.exe
 O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
 O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Programas\Symantec\LiveUpdate\ALUSchedulerSvc.exe
 O23 - Service: avast! Antivirus - Unknown owner - C:\Programas\Avast4\ashServ.exe
 O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programas\Avast4\ashMaiSv.exe" /service (file missing)
 O23 - Service: avast! Web Scanner - Unknown owner - C:\Programas\Avast4\ashWebSv.exe" /service (file missing)
 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programas\Ficheiros comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe
 O23 - Service: iPodService - Apple Computer, Inc. - C:\Programas\iPod\bin\iPodService.exe
 O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
 O23 - Service: Netmeeting For Windows (Netmeeting For Microsoft Windows) - Unknown owner - C:\WINDOWS\weRecv.exe
 O23 - Service: sasrfc Service (sasrfcService) - Unknown owner - C:\Programas\SAS Institute\SAS\V8\access\sasexe\sasrfc.exe
 O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - D:\Programas\Sygate\SPF\smc.exe
 O23 - Service: Apache Tomcat (Tomcat5) - Unknown owner - d:\Programas\Apache Software Foundation\Tomcat 5.5\bin\tomcat5.exe" //RS//Tomcat5 (file missing)
- Kod: Zaznacz wszystko
- "Silent Runners.vbs", revision 48, http://www.silentrunners.org/
 Operating System: Windows XP
 Output limited to non-default values, except where indicated by "{++}"
 Startup items buried in registry:
 ---------------------------------
 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
 "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = ""C:\Programas\Ficheiros comuns\Ahead\lib\NMBgMonitor.exe"" ["Nero AG"]
 "Gadu-Gadu" = ""D:\Programas\Gadu-Gadu\gg.exe" /tray" ["Gadu-Gadu S.A."]
 "msnmsgr" = ""C:\Programas\MSN Messenger\msnmsgr.exe" /background" [MS]
 "Skype" = ""C:\Programas\Skype\Phone\Skype.exe" /nosplash /minimized" ["Skype Technologies S.A."]
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
 "preload" = "C:\Windows\RUNXMLPL.exe" [null data]
 "ATIModeChange" = "Ati2mdxx.exe" ["ATI Technologies, Inc."]
 "ATIPTA" = "C:\Programas\ATI Technologies\ATI Control Panel\atiptaxx.exe" ["ATI Technologies, Inc."]
 "SynTPLpr" = "C:\Programas\Synaptics\SynTP\SynTPLpr.exe" ["Synaptics, Inc."]
 "SynTPEnh" = "C:\Programas\Synaptics\SynTP\SynTPEnh.exe" ["Synaptics, Inc."]
 "SunJavaUpdateSched" = ""C:\Programas\Java\jre1.5.0_09\bin\jusched.exe"" ["Sun Microsystems, Inc."]
 "AGRSMMSG" = "AGRSMMSG.exe" ["Agere Systems"]
 "SoundMan" = "SOUNDMAN.EXE" ["Realtek Semiconductor Corp."]
 "SmcService" = "D:\PROGRA~1\Sygate\SPF\smc.exe -startgui" ["Sygate Technologies, Inc."]
 "EPSON Stylus CX3600 Series" = "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600"" ["SEIKO EPSON CORPORATION"]
 "EPSON Stylus CX3600 Series (cópia 1)" = "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P36 "EPSON Stylus CX3600 Series (cópia 1)" /O6 "USB001" /M "Stylus CX3600"" ["SEIKO EPSON CORPORATION"]
 "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}" = "C:\Programas\Google\Gmail Notifier\gnotify.exe" ["Google Inc."]
 "Picasa Media Detector" = "d:\Programas\Picasa2\PicasaMediaDetector.exe" ["Google Inc."]
 "iTunesHelper" = ""D:\Programas\iTunes\iTunesHelper.exe"" ["Apple Computer, Inc."]
 "avast!" = "C:\PROGRA~1\Avast4\ashDisp.exe" [null data]
 HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
 {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
 -> {HKLM...CLSID} = "AcroIEHlprObj Class"
 \InProcServer32\(Default) = "C:\Programas\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
 {2712A6B4-1062-4182-9B5D-765741348BDB}\(Default) = (no title provided)
 -> {HKLM...CLSID} = (no title provided)
 \InProcServer32\(Default) = "C:\WINDOWS\System32\geebc.dll" [null data]
 {35F7813A-AF74-4474-B1DC-7EE6FB6C43C6}\(Default) = (no title provided)
 -> {HKLM...CLSID} = (no title provided)
 \InProcServer32\(Default) = "C:\WINDOWS\System32\ocvmmnpc.dll" [null data]
 {46A4E9D9-B30E-452A-8157-DBBEC8573B03}\(Default) = (no title provided)
 -> {HKLM...CLSID} = (no title provided)
 \InProcServer32\(Default) = "C:\Programas\VSAdd-in\VSAdd-in.dll" [null data]
 {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}\(Default) = (no title provided)
 -> {HKLM...CLSID} = "Megaupload Toolbar"
 \InProcServer32\(Default) = "C:\Programas\MegauploadToolbar\megauploadtoolbar.dll" ["MegaUpload"]
 {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
 -> {HKLM...CLSID} = "SSVHelper Class"
 \InProcServer32\(Default) = "C:\Programas\Java\jre1.5.0_09\bin\ssv.dll" ["Sun Microsystems, Inc."]
 {9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided)
 -> {HKLM...CLSID} = "Windows Live Sign-in Helper"
 \InProcServer32\(Default) = "C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll" [MS]
 {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}\(Default) = (no title provided)
 -> {HKLM...CLSID} = "EpsonToolBandKicker Class"
 \InProcServer32\(Default) = "C:\Programas\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll" ["SEIKO EPSON CORPORATION"]
 HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
 "{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Apresentar extensão de panorâmica CPL"
 -> {HKLM...CLSID} = "Apresentar extensão de panorâmica CPL"
 \InProcServer32\(Default) = "deskpan.dll" [file not found]
 "{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Extensão de ícone HyperTerminal"
 -> {HKLM...CLSID} = "HyperTerminal Icon Ext"
 \InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]
 "{2F603045-309F-11CF-9774-0020AFD0CFF6}" = "Synaptics Control Panel"
 -> {HKLM...CLSID} = (no title provided)
 \InProcServer32\(Default) = "C:\Programas\Synaptics\SynTP\SynTPCpl.dll" ["Synaptics, Inc."]
 "{0006F045-0000-0000-C000-000000000046}" = "Microsoft Outlook Custom Icon Handler"
 -> {HKLM...CLSID} = "Extensão de ícones de ficheiros do Outlook"
 \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office\OLKFSTUB.DLL" [MS]
 "{40E85620-3DCB-11D3-8A0D-0060080C1EFA}" = "ZipCentral"
 -> {HKLM...CLSID} = "ZipCentral"
 \InProcServer32\(Default) = "C:\Programas\ZipCentral\zccm.dll" ["Johan Savås"]
 "{A5110426-177D-4e08-AB3F-785F10B4439C}" = "Sony Ericsson Gestor de Ficheiros"
 -> {HKLM...CLSID} = "Sony Ericsson Gestor de Ficheiros"
 \InProcServer32\(Default) = "C:\Programas\Sony Ericsson\Mobile\File Manager\fmgrgui.dll" ["Sony Ericsson Mobile Communications AB"]
 "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
 -> {HKLM...CLSID} = "WinRAR"
 \InProcServer32\(Default) = "C:\Programas\WinRAR\rarext.dll" [null data]
 "{640167b4-59b0-47a6-b335-a6b3c0695aea}" = "Portable Media Devices"
 -> {HKLM...CLSID} = "Portable Media Devices"
 \InProcServer32\(Default) = "C:\WINDOWS\System32\Audiodev.dll" [MS]
 "{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu"
 -> {HKLM...CLSID} = "Portable Media Devices Menu"
 \InProcServer32\(Default) = "C:\WINDOWS\System32\Audiodev.dll" [MS]
 "{B327765E-D724-4347-8B16-78AE18552FC3}" = "NeroDigitalIconHandler"
 -> {HKLM...CLSID} = "NeroDigitalIconHandler Class"
 \InProcServer32\(Default) = "C:\Programas\Ficheiros comuns\Ahead\Lib\NeroDigitalExt.dll" ["Nero AG"]
 "{7F1CF152-04F8-453A-B34C-E609530A9DC8}" = "NeroDigitalPropSheetHandler"
 -> {HKLM...CLSID} = "NeroDigitalPropSheetHandler Class"
 \InProcServer32\(Default) = "C:\Programas\Ficheiros comuns\Ahead\Lib\NeroDigitalExt.dll" ["Nero AG"]
 "{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}" = "iTunes"
 -> {HKLM...CLSID} = "iTunes"
 \InProcServer32\(Default) = "D:\Programas\iTunes\iTunesMiniPlayer.dll" ["Apple Computer, Inc."]
 "{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}" = "Messenger Sharing Folders"
 -> {HKLM...CLSID} = "My Sharing Folders"
 \InProcServer32\(Default) = "C:\Programas\MSN Messenger\fsshext.8.0.0812.00.dll" [MS]
 "{e82a2d71-5b2f-43a0-97b8-81be15854de8}" = "ShellLink for Application References"
 -> {HKLM...CLSID} = "ShellLink for Application References"
 \InProcServer32\(Default) = "C:\WINDOWS\System32\dfshim.dll" [MS]
 "{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75}" = "Shell Icon Handler for Application References"
 -> {HKLM...CLSID} = "Shell Icon Handler for Application References"
 \InProcServer32\(Default) = "C:\WINDOWS\System32\dfshim.dll" [MS]
 "{472083B0-C522-11CF-8763-00608CC02F24}" = "avast"
 -> {HKLM...CLSID} = "avast"
 \InProcServer32\(Default) = "C:\Programas\Avast4\ashShell.dll" ["ALWIL Software"]
 HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\
 INFECTION WARNING! "{9F143C3A-1457-6CCA-03A7-7AA23B61E40F}" = "Network Neighborhood"
 -> {HKLM...CLSID} = (no title provided)
 \InProcServer32\(Default) = "C:\WINDOWS\Inf\vcdb32.dll" [null data]
 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\
 INFECTION WARNING! "AppInit_DLLs" = "C:\WINDOWS\System32\syst0.dll" [file not found]
 HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
 INFECTION WARNING! AtiExtEvent\DLLName = "Ati2evxx.dll" ["ATI Technologies Inc."]
 INFECTION WARNING! geebc\DLLName = "C:\WINDOWS\System32\geebc.dll" [null data]
 HKLM\Software\Classes\Folder\shellex\ColumnHandlers\
 {7D4D6379-F301-4311-BEBA-E26EB0561882}\(Default) = "NeroDigitalExt.NeroDigitalColumnHandler"
 -> {HKLM...CLSID} = "NeroDigitalColumnHandler Class"
 \InProcServer32\(Default) = "C:\Programas\Ficheiros comuns\Ahead\Lib\NeroDigitalExt.dll" ["Nero AG"]
 HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
 avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"
 -> {HKLM...CLSID} = "avast"
 \InProcServer32\(Default) = "C:\Programas\Avast4\ashShell.dll" ["ALWIL Software"]
 WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
 -> {HKLM...CLSID} = "WinRAR"
 \InProcServer32\(Default) = "C:\Programas\WinRAR\rarext.dll" [null data]
 ZipCentral\(Default) = "{40E85620-3DCB-11D3-8A0D-0060080C1EFA}"
 -> {HKLM...CLSID} = "ZipCentral"
 \InProcServer32\(Default) = "C:\Programas\ZipCentral\zccm.dll" ["Johan Savås"]
 HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
 WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
 -> {HKLM...CLSID} = "WinRAR"
 \InProcServer32\(Default) = "C:\Programas\WinRAR\rarext.dll" [null data]
 ZipCentral\(Default) = "{40E85620-3DCB-11D3-8A0D-0060080C1EFA}"
 -> {HKLM...CLSID} = "ZipCentral"
 \InProcServer32\(Default) = "C:\Programas\ZipCentral\zccm.dll" ["Johan Savås"]
 HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
 avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"
 -> {HKLM...CLSID} = "avast"
 \InProcServer32\(Default) = "C:\Programas\Avast4\ashShell.dll" ["ALWIL Software"]
 WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
 -> {HKLM...CLSID} = "WinRAR"
 \InProcServer32\(Default) = "C:\Programas\WinRAR\rarext.dll" [null data]
 ZipCentral\(Default) = "{40E85620-3DCB-11D3-8A0D-0060080C1EFA}"
 -> {HKLM...CLSID} = "ZipCentral"
 \InProcServer32\(Default) = "C:\Programas\ZipCentral\zccm.dll" ["Johan Savås"]
 Active Desktop and Wallpaper:
 -----------------------------
 Active Desktop is disabled at this entry:
 HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
 HKCU\Control Panel\Desktop\
 "Wallpaper" = "C:\Documents and Settings\Sérgio Nobre\Definições locais\Application Data\Microsoft\Wallpaper1.bmp"
 Enabled Screen Saver:
 ---------------------
 HKCU\Control Panel\Desktop\
 "SCRNSAVE.EXE" = "C:\WINDOWS\System32\ssstars.scr" [MS]
 Winsock2 Service Provider DLLs:
 -------------------------------
 Namespace Service Providers
 HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
 000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
 000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
 000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
 Transport Service Providers
 HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
 %SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 20
 %SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05
 Toolbars, Explorer Bars, Extensions:
 ------------------------------------
 Toolbars
 HKLM\Software\Microsoft\Internet Explorer\Toolbar\
 "{EE5D279F-081B-4404-994D-C6B60AAEBA6D}" = (no title provided)
 -> {HKLM...CLSID} = "EPSON Web-To-Page"
 \InProcServer32\(Default) = "C:\Programas\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll" ["SEIKO EPSON CORPORATION"]
 "{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}" = (no title provided)
 -> {HKLM...CLSID} = "Megaupload Toolbar"
 \InProcServer32\(Default) = "C:\Programas\MegauploadToolbar\megauploadtoolbar.dll" ["MegaUpload"]
 "{74DD705D-6834-439C-A735-A6DBE2677452}" = (no title provided)
 -> {HKLM...CLSID} = "&VSAdd-in"
 \InProcServer32\(Default) = "C:\Programas\VSAdd-in\VSAdd-in.dll" [null data]
 Extensions (Tools menu items, main toolbar menu buttons)
 HKLM\Software\Microsoft\Internet Explorer\Extensions\
 {08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
 "MenuText" = "Sun Java Console"
 "CLSIDExtension" = "{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}"
 -> {HKCU...CLSID} = "Java Plug-in 1.5.0_09"
 \InProcServer32\(Default) = "C:\Programas\Java\jre1.5.0_09\bin\ssv.dll" ["Sun Microsystems, Inc."]
 -> {HKLM...CLSID} = "Java Plug-in 1.5.0_09"
 \InProcServer32\(Default) = "C:\Programas\Java\jre1.5.0_09\bin\npjpi150_09.dll" ["Sun Microsystems, Inc."]
 Miscellaneous IE Hijack Points
 ------------------------------
 C:\WINDOWS\INF\IERESET.INF (used to "Reset Web Settings")
 Added lines (compared with English-language version):
 [Strings]: START_PAGE_URL=http://www.fbnet.pt/pcg/
 Missing lines (compared with English-language version):
 [Strings]: 1 line
 Running Services (Display Name, Service Name, Path {Service DLL}):
 ------------------------------------------------------------------
 Ati HotKey Poller, Ati HotKey Poller, "C:\WINDOWS\System32\Ati2evxx.exe" ["ATI Technologies Inc."]
 Automatic LiveUpdate Scheduler, Automatic LiveUpdate Scheduler, ""C:\Programas\Symantec\LiveUpdate\ALUSchedulerSvc.exe"" ["Symantec Corporation"]
 avast! Antivirus, avast! Antivirus, ""C:\Programas\Avast4\ashServ.exe"" [null data]
 avast! iAVS4 Control Service, aswUpdSv, ""C:\Programas\Avast4\aswUpdSv.exe"" [null data]
 Fax, Fax, "C:\WINDOWS\system32\fxssvc.exe" [MS]
 iPodService, iPodService, "C:\Programas\iPod\bin\iPodService.exe" ["Apple Computer, Inc."]
 Netmeeting For Windows, Netmeeting For Microsoft Windows, ""C:\WINDOWS\weRecv.exe"" [null data]
 Sygate Personal Firewall, SmcService, "D:\Programas\Sygate\SPF\smc.exe" ["Sygate Technologies, Inc."]
 Windows User Mode Driver Framework, UMWdf, "C:\WINDOWS\System32\wdfmgr.exe" [MS]
 Print Monitors:
 ---------------
 HKLM\System\CurrentControlSet\Control\Print\Monitors\
 EPSON Stylus CX3600 Series 2KMonitor5E\Driver = "E_FLM9BE.DLL" ["SEIKO EPSON CORPORATION"]
 Microsoft Shared Fax Monitor\Driver = "FXSMON.DLL" [MS]
 PDF reDirect Monitor\Driver = "PDFreDirectMonNT.dll" [null data]
 ----------
 + This report excludes default entries except where indicated.
 + To see *everywhere* the script checks and *everything* it finds,
 launch it from a command prompt or a shortcut with the -all parameter.
 + To search all directories of local fixed drives for DESKTOP.INI
 DLL launch points and all Registry CLSIDs for dormant Explorer Bars,
 use the -supp parameter or answer "No" at the first message box.
 ---------- (total run time: 989 seconds, including 17 seconds for message boxes)
[ Dodano: Dzisiaj o 18:49 ]
aaaa...i jest problem z dzwiekiem.
windows media player i w innych programach odtwarzajacych dziala ale np nie ma dzwieku z winamp i ze stronek internetowych.epaaa

 
	


 
	


 
 