Log Profilaktyczny

[lunaticdreams]

Hej wszystkim,czy znajdzie się chętny aby"profilaktycznie sprawdzić mi Loga?????

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:32:05, on 2008-09-24
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRAMY\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRAMY\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\PROGRAMY\CacheBoost\cbsrv.exe
C:\PROGRAMY\CfosSpeed\spd.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\ZTE Corporation\ZXDSL852\CnslTb.exe
C:\PROGRAMY\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\PROGRAMY\CacheBoost\trayicon.exe
C:\PROGRAMY\CfosSpeed\cFosSpeed.exe
C:\PROGRAMY\AutoConnect\AutoConnect.exe
C:\PROGRAMY\RAMKontroler\RAMKontroler.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\PROGRAMY\FIRE-FOX\firefox.exe
C:\PROGRAMY\SystemBooster2\SystemBooster.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRAMY\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

[Aby zobaczyć linki, zarejestruj się tutaj]

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

[Aby zobaczyć linki, zarejestruj się tutaj]

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

[Aby zobaczyć linki, zarejestruj się tutaj]

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

[Aby zobaczyć linki, zarejestruj się tutaj]

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

[Aby zobaczyć linki, zarejestruj się tutaj]

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

[Aby zobaczyć linki, zarejestruj się tutaj]

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRAMY\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [HControl]C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [Power_Gear]C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [CnslTaskBar]"C:\Program Files\ZTE Corporation\ZXDSL852\CnslTb.exe" "ZTE Corporation\ZXDSL852"
O4 - HKLM\..\Run: [avgnt]"C:\PROGRAMY\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [CacheBoost]C:\PROGRAMY\CacheBoost\trayicon.exe
O4 - HKLM\..\Run: [cFosSpeed]C:\PROGRAMY\CfosSpeed\cFosSpeed.exe
O4 - HKCU\..\Run: [AutoConnect]C:\PROGRAMY\AutoConnect\AutoConnect.exe
O4 - HKCU\..\Run: [RAMKontroler]C:\PROGRAMY\RAMKontroler\RAMKontroler.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE]C:\WINDOWS\system32\CTFMON.EXE (User ''USŁUGA LOKALNA'')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE]C:\WINDOWS\system32\CTFMON.EXE (User ''USŁUGA SIECIOWA'')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE]C:\WINDOWS\system32\CTFMON.EXE (User ''SYSTEM'')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE]C:\WINDOWS\system32\CTFMON.EXE (User ''Default user'')
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra ''Tools'' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra ''Tools'' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRAMY\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra ''Tools'' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRAMY\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ''Tools'' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{AC96D445-C356-42C2-B35B-899B546B5DED}: NameServer = 194.204.159.1 217.98.63.164
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\PROGRAMY\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\PROGRAMY\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: CacheBoost Performance Optimizer and Tuner Service (CacheBoost Service) - Systweak India - C:\PROGRAMY\CacheBoost\cbsrv.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\PROGRAMY\CfosSpeed\spd.exe

--
End of file - 5307 bytes

"Silent Runners.vbs", revision 58,

[Aby zobaczyć linki, zarejestruj się tutaj]

Operating System: Windows XP
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"AutoConnect" = "C:\PROGRAMY\AutoConnect\AutoConnect.exe" ["http://autoconnect.prv.pl"]
"RAMKontroler" = "C:\PROGRAMY\RAMKontroler\RAMKontroler.exe" ["Profilek.pl"]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"HControl" = "C:\WINDOWS\ATK0100\HControl.exe" [empty string]
"Power_Gear" = "C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1" ["ASUSTeK Computer Inc."]
"CnslTaskBar" = ""C:\Program Files\ZTE Corporation\ZXDSL852\CnslTb.exe" "ZTE Corporation\ZXDSL852"" ["Conexant Systems, Inc."]
"avgnt" = ""C:\PROGRAMY\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min" ["Avira GmbH"]
"CacheBoost" = "C:\PROGRAMY\CacheBoost\trayicon.exe" [" Systweak Inc"]
"cFosSpeed" = "C:\PROGRAMY\CfosSpeed\cFosSpeed.exe" ["cFos Software GmbH"]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{53707962-6F74-2D53-2644-206D7942484F}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Spybot-S&D IE Protection"
\InProcServer32\(Default) = "C:\PROGRAMY\Spybot - Search & Destroy\SDHelper.dll" ["Safer Networking Limited"]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
-> {HKLM...CLSID} = "SSVHelper Class"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll" ["Sun Microsystems, Inc."]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania"
-> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania"
\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]
"{AD392E40-428C-459F-961E-9B147782D099}" = "UltraISO"
-> {HKLM...CLSID} = "UIContextMenu Class"
\InProcServer32\(Default) = "C:\PROGRAMY\UltraISO\isoshell.dll" ["EZB Systems, Inc."]
"{45AC2688-0253-4ED8-97DE-B5370FA7D48A}" = "Shell Extension for Malware scanning"
-> {HKLM...CLSID} = "Shell Extension for Malware scanning"
\InProcServer32\(Default) = "C:\PROGRAMY\Avira\AntiVir PersonalEdition Classic\shlext.dll" ["Avira GmbH"]
"{1F77B17B-F531-44DB-ACA4-76ABB5010A28}" = "AIMP2: Shell Extention"
-> {HKLM...CLSID} = "AIMP2: Shell Extention"
\InProcServer32\(Default) = "C:\PROGRAMY\AIMP2~1.11\System\AIMP_S~1.DLL" ["AIMP DevTeam"]
"{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83}" = "UnlockerShellExtension"
-> {HKLM...CLSID} = "UnlockerShellExtension"
\InProcServer32\(Default) = "C:\PROGRAMY\Unlocker\UnlockerCOM.dll" [null data]
"{E8D43C7E-EFA1-41A2-9AD9-0CFECD1678B7}" = "SafeErase"
-> {HKLM...CLSID} = "SafeEraseObj Class"
\InProcServer32\(Default) = "C:\PROGRAMY\Q Q SAFEERASE 2\oosesh.dll" ["O&O Software GmbH"]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\PROGRAMY\WIN RAR\rarext.dll" [null data]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
"WPDShServiceObj" = "{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
-> {HKLM...CLSID} = "WPDShServiceObj Class"
\InProcServer32\(Default) = "C:\WINDOWS\system32\WPDShServiceObj.dll" [MS]

HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\
<<!>> "BootExecute" = "autocheck autochk *"|"oodbs" [file not found] |"qb°{Ń" [file not found] |"°{Ń" [file not found] |"0" [file not found] |"lsdelete" [file not found]

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
<<!>> AtiExtEvent\DLLName = "Ati2evxx.dll" ["ATI Technologies Inc."]
<<!>> dimsntfy\DLLName = "C:\WINDOWS\System32\dimsntfy.dll" [MS]

HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\
AIMPClassic\(Default) = "{1F77B17B-F531-44DB-ACA4-76ABB5010A28}"
-> {HKLM...CLSID} = "AIMP2: Shell Extention"
\InProcServer32\(Default) = "C:\PROGRAMY\AIMP2~1.11\System\AIMP_S~1.DLL" ["AIMP DevTeam"]
Ashampoo Magical Security Shell Extension\(Default) = "{E7BC3CE1-0CA1-41eb-BD77-2340BA86D05F}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\PROGRAMY\Ashampoo Magical Security\ashppcor.dll" [null data]
SafeErase\(Default) = "{E8D43C7E-EFA1-41A2-9AD9-0CFECD1678B7}"
-> {HKLM...CLSID} = "SafeEraseObj Class"
\InProcServer32\(Default) = "C:\PROGRAMY\Q Q SAFEERASE 2\oosesh.dll" ["O&O Software GmbH"]
Shell Extension for Malware scanning\(Default) = "{45AC2688-0253-4ED8-97DE-B5370FA7D48A}"
-> {HKLM...CLSID} = "Shell Extension for Malware scanning"
\InProcServer32\(Default) = "C:\PROGRAMY\Avira\AntiVir PersonalEdition Classic\shlext.dll" ["Avira GmbH"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\PROGRAMY\WIN RAR\rarext.dll" [null data]

HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\
AIMPClassic\(Default) = "{1F77B17B-F531-44DB-ACA4-76ABB5010A28}"
-> {HKLM...CLSID} = "AIMP2: Shell Extention"
\InProcServer32\(Default) = "C:\PROGRAMY\AIMP2~1.11\System\AIMP_S~1.DLL" ["AIMP DevTeam"]
Ashampoo Magical Security Shell Extension\(Default) = "{E7BC3CE1-0CA1-41eb-BD77-2340BA86D05F}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\PROGRAMY\Ashampoo Magical Security\ashppcor.dll" [null data]
UltraISO\(Default) = "{AD392E40-428C-459F-961E-9B147782D099}"
-> {HKLM...CLSID} = "UIContextMenu Class"
\InProcServer32\(Default) = "C:\PROGRAMY\UltraISO\isoshell.dll" ["EZB Systems, Inc."]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\PROGRAMY\WIN RAR\rarext.dll" [null data]

HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\
MBAMShlExt\(Default) = "{57CE581A-0CB6-4266-9CA0-19364C90A0B3}"
-> {HKLM...CLSID} = "MBAMShlExt Class"
\InProcServer32\(Default) = "C:\PROGRAMY\Malwarebytes'' Anti-Malware\mbamext.dll" ["Malwarebytes Corporation"]
SafeErase\(Default) = "{E8D43C7E-EFA1-41A2-9AD9-0CFECD1678B7}"
-> {HKLM...CLSID} = "SafeEraseObj Class"
\InProcServer32\(Default) = "C:\PROGRAMY\Q Q SAFEERASE 2\oosesh.dll" ["O&O Software GmbH"]
Shell Extension for Malware scanning\(Default) = "{45AC2688-0253-4ED8-97DE-B5370FA7D48A}"
-> {HKLM...CLSID} = "Shell Extension for Malware scanning"
\InProcServer32\(Default) = "C:\PROGRAMY\Avira\AntiVir PersonalEdition Classic\shlext.dll" ["Avira GmbH"]
UltraISO\(Default) = "{AD392E40-428C-459F-961E-9B147782D099}"
-> {HKLM...CLSID} = "UIContextMenu Class"
\InProcServer32\(Default) = "C:\PROGRAMY\UltraISO\isoshell.dll" ["EZB Systems, Inc."]
UnlockerShellExtension\(Default) = "{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83}"
-> {HKLM...CLSID} = "UnlockerShellExtension"
\InProcServer32\(Default) = "C:\PROGRAMY\Unlocker\UnlockerCOM.dll" [null data]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\PROGRAMY\WIN RAR\rarext.dll" [null data]

HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\
MBAMShlExt\(Default) = "{57CE581A-0CB6-4266-9CA0-19364C90A0B3}"
-> {HKLM...CLSID} = "MBAMShlExt Class"
\InProcServer32\(Default) = "C:\PROGRAMY\Malwarebytes'' Anti-Malware\mbamext.dll" ["Malwarebytes Corporation"]
UnlockerShellExtension\(Default) = "{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83}"
-> {HKLM...CLSID} = "UnlockerShellExtension"
\InProcServer32\(Default) = "C:\PROGRAMY\Unlocker\UnlockerCOM.dll" [null data]


Group Policies {policy setting}:
--------------------------------

Note: detected settings may not have any effect.

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\

"ClearRecentDocsOnExit" = (REG_DWORD) dword:0x00000001
{unrecognized setting}

"NoLogOff" = (REG_DWORD) dword:0x00000001
{Disable Logoff}

"NoSaveSettings" = (REG_DWORD) dword:0x00000000
{Don''t save settings at exit}

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\

"NoCDBurning" = (REG_DWORD) dword:0x00000000
{unrecognized setting}

"NoRemoteRecursiveEvents" = (REG_DWORD) dword:0x00000001
{unrecognized setting}

"ClearRecentDocsOnExit" = (REG_DWORD) dword:0x00000001
{unrecognized setting}

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\

"shutdownwithoutlogon" = (REG_DWORD) dword:0x00000001
{Shutdown: Allow system to be shut down without having to log on}

"undockwithoutlogon" = (REG_DWORD) dword:0x00000001
{Devices: Allow undock without having to log on}


Active Desktop and Wallpaper:
-----------------------------

Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
"Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp"

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\Documents and Settings\KOMPUTER\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp"


Windows Portable Device AutoPlay Handlers
-----------------------------------------

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\

MSWPDShellNamespaceHandler\
"Provider" = "@%SystemRoot%\System32\WPDShextRes.dll,-501"
"CLSID" = "{A55803CC-4D53-404c-8557-FD63DBA95D24}"
"InitCmdLine" = " "
-> {HKLM...CLSID} = "WPDShextAutoplay"
\LocalServer32\(Default) = "C:\WINDOWS\system32\WPDShextAutoplay.exe" [MS]


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

Transport Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name] , (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS] , 01 - 03, 06 - 17
%SystemRoot%\system32\rsvpsp.dll [MS] , 04 - 05


Toolbars, Explorer Bars, Extensions:
------------------------------------

Toolbars

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\
"{F2CF5485-4E02-4F68-819C-B92DE9277049}"
-> {HKLM...CLSID} = "&Links"
\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
"MenuText" = "Sun Java Console"
"CLSIDExtension" = "{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}"
-> {HKCU...CLSID} = "Java Plug-in 1.6.0_07"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll" ["Sun Microsystems, Inc."]
-> {HKLM...CLSID} = "Java Plug-in 1.6.0_07"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll" ["Sun Microsystems, Inc."]

{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}\
"MenuText" = "Spybot - Search && Destroy Configuration"
"CLSIDExtension" = "{53707962-6F74-2D53-2644-206D7942484F}"
-> {HKLM...CLSID} = "Spybot-S&D IE Protection"
\InProcServer32\(Default) = "C:\PROGRAMY\Spybot - Search & Destroy\SDHelper.dll" ["Safer Networking Limited"]

{E2E2DD38-D088-4134-82B7-F2BA38496583}\
"MenuText" = "@xpsp3res.dll,-20001"
"Exec" = "%windir%\Network Diagnostic\xpnetdiag.exe" [MS]


Miscellaneous IE Hijack Points
------------------------------

HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\
<<H>> "{08C06D61-F1F3-4799-86F8-BE1A89362C85}" = (no title provided)
-> {HKLM...CLSID} = "Search Class"
\InProcServer32\(Default) = "C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL" [empty string]


Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

Avira AntiVir Personal - Free Antivirus Guard, AntiVirService, ""C:\PROGRAMY\Avira\AntiVir PersonalEdition Classic\avguard.exe"" ["Avira GmbH"]
Avira AntiVir Personal - Free Antivirus Scheduler, AntiVirScheduler, ""C:\PROGRAMY\Avira\AntiVir PersonalEdition Classic\sched.exe"" ["Avira GmbH"]
CacheBoost Performance Optimizer and Tuner Service, CacheBoost Service, "C:\PROGRAMY\CacheBoost\cbsrv.exe" ["Systweak India"]
cFosSpeed System Service, cFosSpeedS, ""C:\PROGRAMY\CfosSpeed\spd.exe" -service" ["cFos Software GmbH"]


Print Monitors:
---------------

HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\
Canon BJ Language Monitor MP170\Driver = "CNMLM7J.DLL" [file not found]


---------- (launch time: 2008-09-24 10:42:45)
<<!>>: Suspicious data at a malware launch point.
<<H>>: Suspicious data at a browser hijack point.

+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ The search for DESKTOP.INI DLL launch points on all local fixed drives
took 9 seconds.
---------- (total run time: 54 seconds)

[Serafin]

lunaticdreams Jaki masz problem że wstawiasz log?
Log jest ucięty - nie ma nagłówka. Logi wstawiamy obydwa hijack + silent runners.
Logi obejmujemy w tagi [code ] [/code ](bez spacji)
Proszę zapoznać się z

[Aby zobaczyć linki, zarejestruj się tutaj]

i poprawić posta.

[lunaticdreams]

ok poprawiłem

[zbycho]

Poza paroma pustymi wpisami w rejestrze,nic tu nie ma

[lunaticdreams]

czymogę bezpiecznie wykasować te wpisy?

[Serafin]

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =

Możesz skasować te wpisy

[lunaticdreams]

Wielkie dzięki

[lunaticdreams]

Dzięki bardzo

[Serafin]

Te wpisy nie kwalifikują się do usunięcia.

[lunaticdreams]

więc usuwać czy nie?

[Serafin]

Nie usuwaj

[lunaticdreams]

Why?
jeślichodzi o używalność IE7 to czasem używam,więc nie chciał bym aby po wywaleniu ich siadła mi przeglądarka

[Serafin]

W twoim logu nic nie ma. Ja oceniam wpisy po ich szkodliwości, a nie zbyteczności, czasem tylko każę usuwać puste strony startowe.