Aktualizacje na programosy.pl: Take CommandSIW (System Info)ChromiumKaspersky Rescue DiskVimLoom – Video Recorder for ChromepdfMachine WhiteFar ManagerMount Image Pro  

  • Ogłoszenie:

proszę o sprawdzenie

Bezpieczeństwo systemów, usuwanie wirusów, dobieranie programów antywirusowych. Obowiązkowe logi w tym dziale: trzy z FRST + Gmer.
Wyślij odpowiedź

Proszę o sprawdzenie

Postprzez tyrex 22 Sty 2006, 13:22

reklama
Od pewnego czasu mimo, że mam aktywne połaczenie z internatem przeglądarki nie łączą się z żadną stroną internetową. Pomaga dopiero restart systemu, ale dokąd można restartować? Sprawdźcie, czy nie mam jakiegoś paskudztwa skanowałem kasperskym i było ok.
Kod: Zaznacz wszystko
Logfile of HijackThis v1.99.1 Scan saved at 11:08:46, on 2006-01-22 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\cFosSpeed\spd.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\Program Files\Google\Gmail Notifier\gnotify.exe C:\Program Files\cFosSpeed\cFosSpeed.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\AutoConnect\AutoConnect.exe C:\Program Files\BinarySense\HDDlife\HDDlifePro.exe C:\Documents and Settings\gabriel\Menu Start\Programy\Autostart\S2kCtl.exe C:\Program Files\SysInfoMyWork\SysInfoMyWork.exe C:\Program Files\BitComet\BitComet.exe C:\Program Files\Opera\Opera.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\gabriel\Pulpit\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.start24.pl/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O3 - Toolbar: Steganos Internet Anonym - {00000000-5736-4205-0008-781cd0e19f00} - c:\program files\steganos internet anonym pro 7\siapro7iep.dll O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe" O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe O4 - HKLM\..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cFosSpeed.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [AutoConnect] C:\Program Files\AutoConnect\AutoConnect.exe O4 - Startup: HDDlife.lnk = C:\Program Files\BinarySense\HDDlife\HDDlifePro.exe O4 - Startup: S2kCtl.exe O4 - Startup: SysInfoMyWork.lnk = C:\Program Files\SysInfoMyWork\SysInfoMyWork.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1137398169828 O17 - HKLM\System\CCS\Services\Tcpip\..\{88592B8D-8011-4996-9107-F0E94ECF7CEE}: NameServer = 194.204.152.34 217.98.63.164 O23 - Service: cFosSpeed System Service (cFosSpeedS) - Unknown owner - C:\Program Files\cFosSpeed\spd.exe" -service (file missing) O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Pozdrawiam.
Myśli pozostają mniej więcej w tym samym stosunku do mózgu, co żółć do wątroby lub mocz do nerek. Karl Vogt (1817 - 1895)_______________________________________
XP Prof. AMD Athlon XP 2500+ DDR 512 MB RAM nVIDIA GF 5200 Neo. 128
Awatar użytkownika
tyrex
~user
 
Posty: 191
Dołączenie: 05 Cze 2005, 23:09
Pochwały: 12


Góra

Postprzez JarekMk 22 Sty 2006, 13:27

Wez wklej loga normalnie bo z tego to nic nie widac....
JarekMk
~user
 
Posty: 5151
Dołączenie: 10 Lis 2004, 13:38
Pochwały: 301


Góra

Postprzez tyrex 22 Sty 2006, 13:30

Kod: Zaznacz wszystko
Logfile of HijackThis v1.99.1
Scan saved at 11:08:46, on 2006-01-22
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\cFosSpeed\spd.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\cFosSpeed\cFosSpeed.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AutoConnect\AutoConnect.exe
C:\Program Files\BinarySense\HDDlife\HDDlifePro.exe
C:\Documents and Settings\gabriel\Menu Start\Programy\Autostart\S2kCtl.exe
C:\Program Files\SysInfoMyWork\SysInfoMyWork.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\Opera\Opera.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\gabriel\Pulpit\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.start24.pl/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: Steganos Internet Anonym - {00000000-5736-4205-0008-781cd0e19f00} - c:\program files\steganos internet anonym pro 7\siapro7iep.dll
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cFosSpeed.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AutoConnect] C:\Program Files\AutoConnect\AutoConnect.exe
O4 - Startup: HDDlife.lnk = C:\Program Files\BinarySense\HDDlife\HDDlifePro.exe
O4 - Startup: S2kCtl.exe
O4 - Startup: SysInfoMyWork.lnk = C:\Program Files\SysInfoMyWork\SysInfoMyWork.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1137398169828
O17 - HKLM\System\CCS\Services\Tcpip\..\{88592B8D-8011-4996-9107-F0E94ECF7CEE}: NameServer = 194.204.152.34 217.98.63.164
O23 - Service: cFosSpeed System Service (cFosSpeedS) - Unknown owner - C:\Program Files\cFosSpeed\spd.exe" -service (file missing)
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

Myśli pozostają mniej więcej w tym samym stosunku do mózgu, co żółć do wątroby lub mocz do nerek. Karl Vogt (1817 - 1895)_______________________________________
XP Prof. AMD Athlon XP 2500+ DDR 512 MB RAM nVIDIA GF 5200 Neo. 128
Awatar użytkownika
tyrex
~user
 
Posty: 191
Dołączenie: 05 Cze 2005, 23:09
Pochwały: 12


Góra

Postprzez DAN!EL 22 Sty 2006, 13:48

moim zdaniem log czysty może daj z sajlent runera http://www.silentrunners.org/Silent%20Runners.zip
Red wrzystko wyłapie

Autor postu otrzymał pochwałę
moderatorów porsze o usuniecie mojego konta bo rezygnuje z neostrady:(:(:(:(:(
DAN!EL
~user
 
Posty: 136
Dołączenie: 20 Lis 2005, 17:20
Pochwały: 3

Góra

Postprzez tyrex 22 Sty 2006, 14:02

Mam prośbę jak się znasz to luknij jeszcze na to:
Kod: Zaznacz wszystko
"Silent Runners.vbs", revision 43, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"CTFMON.EXE" = "C:\WINDOWS\system32\ctfmon.exe" [MS]
"AutoConnect" = "C:\Program Files\AutoConnect\AutoConnect.exe" ["http://autoconnect.prv.pl"]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"KAVPersonal50" = ""C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize" ["Kaspersky Lab"]
"SpeedTouch USB Diagnostics" = ""C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon" ["THOMSON Telecom Belgium"]
"DiskeeperSystray" = ""C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"" ["Executive Software International, Inc."]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}" = "C:\Program Files\Google\Gmail Notifier\gnotify.exe" ["Google Inc."]
"cFosSpeed" = "C:\Program Files\cFosSpeed\cFosSpeed.exe" ["cFos Software GmbH"]

HKLM\Software\Microsoft\Active Setup\Installed Components\
>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}\(Default) = "Outlook Express"
                                        \StubPath   = "C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE" [MS]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = "SSVHelper Class" [from CLSID]
  -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll" ["Sun Microsystems, Inc."]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania"
  -> {CLSID}\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"
  -> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
  -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
"{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" = "OpenOffice.org Column Handler"
  -> {CLSID}\InProcServer32\(Default) = ""C:\Program Files\OpenOffice.ux.pl 2.0.1\program\shlxthdl.dll"" ["Sun Microsystems, Inc."]
"{087B3AE3-E237-4467-B8DB-5A38AB959AC9}" = "OpenOffice.org Infotip Handler"
  -> {CLSID}\InProcServer32\(Default) = ""C:\Program Files\OpenOffice.ux.pl 2.0.1\program\shlxthdl.dll"" ["Sun Microsystems, Inc."]
"{63542C48-9552-494A-84F7-73AA6A7C99C1}" = "OpenOffice.org Property Sheet Handler"
  -> {CLSID}\InProcServer32\(Default) = ""C:\Program Files\OpenOffice.ux.pl 2.0.1\program\shlxthdl.dll"" ["Sun Microsystems, Inc."]
"{3B092F0C-7696-40E3-A80F-68D74DA84210}" = "OpenOffice.org Thumbnail Viewer"
  -> {CLSID}\InProcServer32\(Default) = ""C:\Program Files\OpenOffice.ux.pl 2.0.1\program\shlxthdl.dll"" ["Sun Microsystems, Inc."]
"{8D1636FD-CA49-4B4E-90E4-0A20E03A15E8}" = "jetAudio"
  -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\JetAudio\JetFlExt.dll" ["JetAudio, Inc."]
"{21569614-B795-46b1-85F4-E737A8DC09AD}" = "Shell Search Band"
  -> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\browseui.dll" [MS]
"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player"
  -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Real Alternative\rpshell.dll" ["RealNetworks, Inc."]
"{32020A01-506E-484D-A2A8-BE3CF17601C3}" = "AlcoholShellEx"
  -> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\ALCOHO~1\ALCOHO~1\AXShlEx.dll" ["Alcohol Soft Development Team"]
"{00000000-5736-4205-0100-781cd0e19f00}" = "Steganos Internet Anonym Pro 7"
  -> {CLSID}\InProcServer32\(Default) = "c:\program files\steganos internet anonym pro 7\siapro7se.dll" [null data]
"{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83}" = "UnlockerShellExtension"
  -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Unlocker\UnlockerCOM.dll" [null data]

HKLM\System\CurrentControlSet\Control\Session Manager\
INFECTION WARNING! "BootExecute" = "autocheck autochk *" [file not found], [MS], [file not found]

Dzięki!
Myśli pozostają mniej więcej w tym samym stosunku do mózgu, co żółć do wątroby lub mocz do nerek. Karl Vogt (1817 - 1895)_______________________________________
XP Prof. AMD Athlon XP 2500+ DDR 512 MB RAM nVIDIA GF 5200 Neo. 128
Awatar użytkownika
tyrex
~user
 
Posty: 191
Dołączenie: 05 Cze 2005, 23:09
Pochwały: 12


Góra

Postprzez DAN!EL 22 Sty 2006, 14:07

to już musisz z Redem pogadać on jest dobry w te klocki :D
moderatorów porsze o usuniecie mojego konta bo rezygnuje z neostrady:(:(:(:(:(
DAN!EL
~user
 
Posty: 136
Dołączenie: 20 Lis 2005, 17:20
Pochwały: 3

Góra

Postprzez jeff 22 Sty 2006, 14:22

tyrex


log z Silenta niepełny - poczekaj az dostaniesz info ze juz sie wygenerował i podeslij na forum
jeff
 


Góra

Postprzez tyrex 22 Sty 2006, 16:05

Kod: Zaznacz wszystko
"Silent Runners.vbs", revision 43, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"CTFMON.EXE" = "C:\WINDOWS\system32\ctfmon.exe" [MS]
"AutoConnect" = "C:\Program Files\AutoConnect\AutoConnect.exe" ["http://autoconnect.prv.pl"]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"KAVPersonal50" = ""C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize" ["Kaspersky Lab"]
"SpeedTouch USB Diagnostics" = ""C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon" ["THOMSON Telecom Belgium"]
"DiskeeperSystray" = ""C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"" ["Executive Software International, Inc."]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}" = "C:\Program Files\Google\Gmail Notifier\gnotify.exe" ["Google Inc."]
"cFosSpeed" = "C:\Program Files\cFosSpeed\cFosSpeed.exe" ["cFos Software GmbH"]

HKLM\Software\Microsoft\Active Setup\Installed Components\
>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}\(Default) = "Outlook Express"
                                        \StubPath   = "C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE" [MS]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = "SSVHelper Class" [from CLSID]
  -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll" ["Sun Microsystems, Inc."]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania"
  -> {CLSID}\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"
  -> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
  -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
"{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" = "OpenOffice.org Column Handler"
  -> {CLSID}\InProcServer32\(Default) = ""C:\Program Files\OpenOffice.ux.pl 2.0.1\program\shlxthdl.dll"" ["Sun Microsystems, Inc."]
"{087B3AE3-E237-4467-B8DB-5A38AB959AC9}" = "OpenOffice.org Infotip Handler"
  -> {CLSID}\InProcServer32\(Default) = ""C:\Program Files\OpenOffice.ux.pl 2.0.1\program\shlxthdl.dll"" ["Sun Microsystems, Inc."]
"{63542C48-9552-494A-84F7-73AA6A7C99C1}" = "OpenOffice.org Property Sheet Handler"
  -> {CLSID}\InProcServer32\(Default) = ""C:\Program Files\OpenOffice.ux.pl 2.0.1\program\shlxthdl.dll"" ["Sun Microsystems, Inc."]
"{3B092F0C-7696-40E3-A80F-68D74DA84210}" = "OpenOffice.org Thumbnail Viewer"
  -> {CLSID}\InProcServer32\(Default) = ""C:\Program Files\OpenOffice.ux.pl 2.0.1\program\shlxthdl.dll"" ["Sun Microsystems, Inc."]
"{8D1636FD-CA49-4B4E-90E4-0A20E03A15E8}" = "jetAudio"
  -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\JetAudio\JetFlExt.dll" ["JetAudio, Inc."]
"{21569614-B795-46b1-85F4-E737A8DC09AD}" = "Shell Search Band"
  -> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\browseui.dll" [MS]
"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player"
  -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Real Alternative\rpshell.dll" ["RealNetworks, Inc."]
"{32020A01-506E-484D-A2A8-BE3CF17601C3}" = "AlcoholShellEx"
  -> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\ALCOHO~1\ALCOHO~1\AXShlEx.dll" ["Alcohol Soft Development Team"]
"{00000000-5736-4205-0100-781cd0e19f00}" = "Steganos Internet Anonym Pro 7"
  -> {CLSID}\InProcServer32\(Default) = "c:\program files\steganos internet anonym pro 7\siapro7se.dll" [null data]
"{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83}" = "UnlockerShellExtension"
  -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Unlocker\UnlockerCOM.dll" [null data]

HKLM\System\CurrentControlSet\Control\Session Manager\
INFECTION WARNING! "BootExecute" = "autocheck autochk *" [file not found], [MS], [file not found]

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
Kaspersky Anti-Virus\(Default) = "{dd230880-495a-11d1-b064-008048ec2fc5}"
  -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\shellex.dll" ["Kaspersky Lab"]
Steganos Internet Anonym Pro 7\(Default) = "{00000000-5736-4205-0100-781cd0e19f00}"
  -> {CLSID}\InProcServer32\(Default) = "c:\program files\steganos internet anonym pro 7\siapro7se.dll" [null data]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
  -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
jetAudio\(Default) = "{8D1636FD-CA49-4B4E-90E4-0A20E03A15E8}"
  -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\JetAudio\JetFlExt.dll" ["JetAudio, Inc."]
Steganos Internet Anonym Pro 7\(Default) = "{00000000-5736-4205-0100-781cd0e19f00}"
  -> {CLSID}\InProcServer32\(Default) = "c:\program files\steganos internet anonym pro 7\siapro7se.dll" [null data]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
  -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
jetAudio\(Default) = "{8D1636FD-CA49-4B4E-90E4-0A20E03A15E8}"
  -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\JetAudio\JetFlExt.dll" ["JetAudio, Inc."]
Kaspersky Anti-Virus\(Default) = "{dd230880-495a-11d1-b064-008048ec2fc5}"
  -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\shellex.dll" ["Kaspersky Lab"]
UnlockerShellExtension\(Default) = "{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83}"
  -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Unlocker\UnlockerCOM.dll" [null data]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
  -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]


Active Desktop and Wallpaper:
-----------------------------

Active Desktop is disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState


Startup items in "gabriel" & "All Users" startup folders:
---------------------------------------------------------

C:\Documents and Settings\gabriel\Menu Start\Programy\Autostart
"HDDlife" -> shortcut to: "C:\Program Files\BinarySense\HDDlife\HDDlifePro.exe" ["BinarySense, Ltd."]
INFECTION WARNING! "S2kCtl.exe" ["TwinSSoft"]
"SysInfoMyWork" -> shortcut to: "C:\Program Files\SysInfoMyWork\SysInfoMyWork.exe" ["Vetch Utilities"]


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

Transport Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
C:\Program Files\Secure Surfing Engine\sselsp.dll [null data], 01 - 03, 09
%SystemRoot%\system32\mswsock.dll [MS], 04 - 06, 10 - 23
%SystemRoot%\system32\rsvpsp.dll [MS], 07 - 08


Toolbars, Explorer Bars, Extensions:
------------------------------------

Toolbars

HKLM\Software\Microsoft\Internet Explorer\Toolbar\
"{00000000-5736-4205-0008-781CD0E19F00}" = "Steganos Internet Anonym" [from CLSID]
  -> {CLSID}\InProcServer32\(Default) = "c:\program files\steganos internet anonym pro 7\siapro7iep.dll" [null data]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\Software\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
"MenuText" = "Sun Java Console"
"CLSIDExtension" = "{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}"
  -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll" ["Sun Microsystems, Inc."]

{FB5F1910-F110-11D2-BB9E-00C04F795683}\
"ButtonText" = "Messenger"
"MenuText" = "Windows Messenger"
"Exec" = "C:\Program Files\Messenger\msmsgs.exe" [MS]


Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

cFosSpeed System Service, cFosSpeedS, ""C:\Program Files\cFosSpeed\spd.exe" -service" ["cFos Software GmbH"]
kavsvc, kavsvc, ""C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe"" ["Kaspersky Lab"]
StarWind iSCSI Service, StarWindService, "C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe" ["Rocket Division Software"]


Print Monitors:
---------------

HKLM\System\CurrentControlSet\Control\Print\Monitors\
hpzsnt09\Driver = "hpzsnt09.dll" ["HP"]


----------
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
  launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
  DLL launch points and all Registry CLSIDs for dormant Explorer Bars,
  use the -supp parameter or answer "No" at the first message box.
---------- (total run time: 27 seconds, including 7 seconds for message boxes)
Teraz powinien być pełny. Bądźcie łaskawi sprawdzić bo za cholerę nie mogę dojść co to jest! dzięki!
Myśli pozostają mniej więcej w tym samym stosunku do mózgu, co żółć do wątroby lub mocz do nerek. Karl Vogt (1817 - 1895)_______________________________________
XP Prof. AMD Athlon XP 2500+ DDR 512 MB RAM nVIDIA GF 5200 Neo. 128
Awatar użytkownika
tyrex
~user
 
Posty: 191
Dołączenie: 05 Cze 2005, 23:09
Pochwały: 12


Góra

Postprzez prog 22 Sty 2006, 16:13

tyrex napisał(a):Od pewnego czasu mimo, że mam aktywne połaczenie z internatem przeglądarki nie łączą się z żadną stroną internetową. Pomaga dopiero restart systemu


mam to samo od niedawna....
mysle ze to wina


tyrex napisał(a):Neo

albo kabli, chociaz bawilem sie nimi i nic
C2D E8400 3GHZ + Pentagram Freezone HP-120 ALCu, Asus P5Q SE /intel P45/, A-Data 2x2GB CL4 Extreme Edition, Sapphire Radeon HD4870 512mb/256bit DDR5, WD 640GB SATA, Lite-ON Super AllWrite DVD SATA, Chieftec 500W, Samsung 2032BW Black 20', Vista Ultimate x64
Exoriare aliquis nostris ex ossibus ultor...
Awatar użytkownika
prog
~user
 
Posty: 4043
Dołączenie: 23 Mar 2005, 22:02
Miejscowość: /home/prog/
Pochwały: 232


Góra

Postprzez tyrex 22 Sty 2006, 17:25

Skonfigurowałem od nowa neostradę, zobaczymy, czy to coś da?
Myśli pozostają mniej więcej w tym samym stosunku do mózgu, co żółć do wątroby lub mocz do nerek. Karl Vogt (1817 - 1895)_______________________________________
XP Prof. AMD Athlon XP 2500+ DDR 512 MB RAM nVIDIA GF 5200 Neo. 128
Awatar użytkownika
tyrex
~user
 
Posty: 191
Dołączenie: 05 Cze 2005, 23:09
Pochwały: 12


Góra
Wyślij odpowiedź

Powróć do Bezpieczeństwo

Kto jest na forum

Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 9 gości

Powered by phpBB © Group
Forum Programosy.pl