Przesyłam dwa logi i prosze o sprawdzenie. Mam probelmy z grą dla dziecka, nie uruchamia sie za każdym razem. Inna po pewnym czasie sie zawiesza. Drugi problem ma z porgramem winDVD 5, po wylaczeniu programu, komputer sie calkowicie zawiesza, a mszyka ani klawiatura nie reagują. Bardzo proszę o pomoc.
Z góry dzieki!
Logfile of HijackThis v1.99.1 Scan saved at 18:58:57, on 2007-01-05 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe D:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.6962\GoogleToolbarNotifier.exe D:\Program Files\YDP\YdpDict\Watch.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe D:\Program Files\BitComet\BitComet.exe C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\DOCUME~1\WACICI~1\USTAWI~1\Temp\Katalog tymczasowy 1 dla hijackthis.zip\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL (file missing) O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (file missing) O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM…\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM…\Run: [CaAvTray] “C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe” O4 - HKLM…\Run: [CAVRID] “C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe” O4 - HKLM…\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe O4 - HKLM…\Run: [Picasa Media Detector] d:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM…\Run: [bearShare] “C:\Program Files\BearShare\BearShare.exe” /pause O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM…\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKCU…\Run: [taoetray] C:\Program Files\poleng\Translatica2\bin\win\int\ms-oe\taoetray.exe O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background O4 - HKCU…\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe /tray O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU…\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.6962\GoogleToolbarNotifier.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Aktywacja Testera.lnk = D:\Program Files\YDP\YdpDict\Watch.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O8 - Extra context menu item: Download all links using BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Tłumacz na angielski - {CCCE5D70-9AA2-40F1-9C6B-12A255F08500} - C:\Program Files\poleng\Translatica2\bin\win\int\browser\iepolengextension.dll (HKCU) O9 - Extra ‘Tools’ menuitem: Tłumacz na angielski - {CCCE5D70-9AA2-40F1-9C6B-12A255F08500} - C:\Program Files\poleng\Translatica2\bin\win\int\browser\iepolengextension.dll (HKCU) O9 - Extra button: Tłumacz na polski - {CCCE5D71-9AA2-40F1-9C6B-12A255F08500} - C:\Program Files\poleng\Translatica2\bin\win\int\browser\iepolengextension.dll (HKCU) O9 - Extra ‘Tools’ menuitem: Tłumacz na polski - {CCCE5D71-9AA2-40F1-9C6B-12A255F08500} - C:\Program Files\poleng\Translatica2\bin\win\int\browser\iepolengextension.dll (HKCU) O9 - Extra button: Zachowaj przetłumaczoną stronę - {CCCE5D72-9AA2-40F1-9C6B-12A255F08500} - C:\Program Files\poleng\Translatica2\bin\win\int\browser\iepolengextension.dll (HKCU) O9 - Extra ‘Tools’ menuitem: Zachowaj przetłumaczoną stronę - {CCCE5D72-9AA2-40F1-9C6B-12A255F08500} - C:\Program Files\poleng\Translatica2\bin\win\int\browser\iepolengextension.dll (HKCU) O9 - Extra button: Opcje - {CCCE5D73-9AA2-40F1-9C6B-12A255F08500} - C:\Program Files\poleng\Translatica2\bin\win\int\browser\iepolengextension.dll (HKCU) O9 - Extra ‘Tools’ menuitem: Opcje - {CCCE5D73-9AA2-40F1-9C6B-12A255F08500} - C:\Program Files\poleng\Translatica2\bin\win\int\browser\iepolengextension.dll (HKCU) O11 - Options group: [iNTERNATIONAL] International* O15 - Trusted Zone: http://bezpieczenstwo.onet.pl O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} (MainControl Class) - http://bezpieczenstwo.onet.pl/skaner/ArcaOnline.cab O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MainControl Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup … 5515285390 O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) - http://skaner.mks.com.pl/SkanerOnline.cab O17 - HKLM\System\CCS\Services\Tcpip…{1B81C41C-1C22-475D-B79A-6FF647FE81CD}: NameServer = 194.204.152.34 217.98.63.164 O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
“Silent Runners.vbs”, revision 49, http://www.silentrunners.org/ Operating System: Windows XP SP2 Output limited to non-default values, except where indicated by “{++}” Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} “taoetray” = “C:\Program Files\poleng\Translatica2\bin\win\int\ms-oe\taoetray.exe” [file not found] “MSMSGS” = ““C:\Program Files\Messenger\msmsgs.exe” /background” [MS] “Gadu-Gadu” = “C:\Program Files\Gadu-Gadu\gg.exe /tray” [file not found] “ctfmon.exe” = “C:\WINDOWS\system32\ctfmon.exe” [MS] “swg” = “C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.6962\GoogleToolbarNotifier.exe” [“Google Inc.”] HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++} “ATIPTA” = “C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe” [“ATI Technologies, Inc.”] “CaAvTray” = ““C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe”” [“Computer Associates International, Inc.”] “CAVRID” = ““C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe”” [“Computer Associates International, Inc.”] “NVRTCLK” = “C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe” [empty string] “Picasa Media Detector” = “d:\Program Files\Picasa2\PicasaMediaDetector.exe” [“Google Inc.”] “BearShare” = ““C:\Program Files\BearShare\BearShare.exe” /pause” [file not found] “NeroFilterCheck” = “C:\WINDOWS\system32\NeroCheck.exe” [“Ahead Software Gmbh”] “WinampAgent” = “C:\Program Files\Winamp\winampa.exe” [null data] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {02478D38-C3F9-4EFB-9B51-7695ECA05670}(Default) = (no title provided) -> {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = “C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll” [file not found] {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}(Default) = “BitComet ClickCapture” -> {HKLM…CLSID} = “BitComet Helper” \InProcServer32(Default) = “D:\Program Files\BitComet\tools\BitCometBHO.dll” [“BitComet”] {AA58ED58-01DD-4d91-8333-CF10577473F7}(Default) = (no title provided) -> {HKLM…CLSID} = “Google Toolbar Helper” \InProcServer32(Default) = “c:\program files\google\googletoolbar1.dll” [“Google Inc.”] HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ “{88895560-9AA2-1069-930E-00AA0030EBC8}” = “Rozszerzenie ikony HyperTerminalu” -> {HKLM…CLSID} = “HyperTerminal Icon Ext” \InProcServer32(Default) = “C:\WINDOWS\system32\hticons.dll” [“Hilgraeve, Inc.”] “{1CE2AA40-1317-11D3-9922-00104B0AD431}” = “CA_AntiVirus” -> {HKLM…CLSID} = “CA_AntiVirus” \InProcServer32(Default) = “C:\WINDOWS\avshlext.dll” [“Computer Associates International, Inc.”] “{40950107-FEA6-4d53-A65F-B2DCBA57DD58}” = “Nokia Phone Browser” -> {HKLM…CLSID} = “Nokia Phone Browser” \InProcServer32(Default) = “D:\Program Files\Nokia\Nokia PC Suite 6\Components\PhoneBrowserComponents\NokiaPhoneBrowser.dll” [“Nokia”] “{FBFE7864-D495-41f0-B7DC-4BB601CC295E}” = “Contact View” -> {HKLM…CLSID} = “Contact View” \InProcServer32(Default) = “D:\Program Files\Nokia\Nokia PC Suite 6\Components\PhoneBrowserComponents\ContactView.dll” [“Nokia”] “{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}” = “OpenOffice.org Column Handler” -> {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = ““C:\Program Files\OpenOffice.ux.pl 2.0.4\program\shlxthdl.dll”” [“Sun Microsystems, Inc.”] “{087B3AE3-E237-4467-B8DB-5A38AB959AC9}” = “OpenOffice.org Infotip Handler” -> {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = ““C:\Program Files\OpenOffice.ux.pl 2.0.4\program\shlxthdl.dll”” [“Sun Microsystems, Inc.”] “{63542C48-9552-494A-84F7-73AA6A7C99C1}” = “OpenOffice.org Property Sheet Handler” -> {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = ““C:\Program Files\OpenOffice.ux.pl 2.0.4\program\shlxthdl.dll”” [“Sun Microsystems, Inc.”] “{3B092F0C-7696-40E3-A80F-68D74DA84210}” = “OpenOffice.org Thumbnail Viewer” -> {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = ““C:\Program Files\OpenOffice.ux.pl 2.0.4\program\shlxthdl.dll”” [“Sun Microsystems, Inc.”] HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ “WPDShServiceObj” = “{AAA288BA-9A4C-45B0-95D7-94D524869DB5}” -> {HKLM…CLSID} = “WPDShServiceObj Class” \InProcServer32(Default) = “C:\WINDOWS\system32\WPDShServiceObj.dll” [MS] HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ <> AtiExtEvent\DLLName = “Ati2evxx.dll” [“ATI Technologies Inc.”] HKLM\Software\Classes\Folder\shellex\ColumnHandlers\ {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}(Default) = “OpenOffice.org Column Handler” -> {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = ““C:\Program Files\OpenOffice.ux.pl 2.0.4\program\shlxthdl.dll”” [“Sun Microsystems, Inc.”] {F9DB5320-233E-11D1-9F84-707F02C10627}(Default) = “PDF Column Info” -> {HKLM…CLSID} = “PDF Shell Extension” \InProcServer32(Default) = “D:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll” [“Adobe Systems, Inc.”] HKLM\Software\Classes*\shellex\ContextMenuHandlers\ CA_AntiVirus(Default) = “{1CE2AA40-1317-11D3-9922-00104B0AD431}” -> {HKLM…CLSID} = “CA_AntiVirus” \InProcServer32(Default) = “C:\WINDOWS\avshlext.dll” [“Computer Associates International, Inc.”] HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ CA_AntiVirus(Default) = “{1CE2AA40-1317-11D3-9922-00104B0AD431}” -> {HKLM…CLSID} = “CA_AntiVirus” \InProcServer32(Default) = “C:\WINDOWS\avshlext.dll” [“Computer Associates International, Inc.”] Group Policies {policy setting}: -------------------------------- Note: detected settings may not have any effect. HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\ “shutdownwithoutlogon” = (REG_DWORD) hex:0x00000001 {Shutdown: Allow system to be shut down without having to log on} “undockwithoutlogon” = (REG_DWORD) hex:0x00000001 {Devices: Allow undock without having to log on} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop enabled and wallpaper not set by Group Policy: HKCU\Software\Microsoft\Internet Explorer\Desktop\General\ “Wallpaper” = “C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp” Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ “Wallpaper” = “C:\Documents and Settings\Właściciel\Moje dokumenty\Moje obrazy\Prace z programu Picasa\picasabackground.bmp” Startup items in “Właściciel” & “All Users” startup folders: ------------------------------------------------------------ C:\Documents and Settings\All Users\Menu Start\Programy\Autostart “Adobe Reader Speed Launch” -> shortcut to: “D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe” [“Adobe Systems Incorporated”] “Aktywacja Testera” -> shortcut to: “D:\Program Files\YDP\YdpDict\Watch.exe” [“Young Digital Poland”] “DSLMON” -> shortcut to: “C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe” [empty string] “InterVideo WinCinema Manager” -> shortcut to: “C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe” [“InterVideo Inc.”] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS] 000000000002\LibraryPath = “%SystemRoot%\System32\winrnr.dll” [MS] 000000000003\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS] Transport Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: C:\WINDOWS\system32\VetRedir.dll [“Computer Associates International, Inc.”], 01, 07 %SystemRoot%\system32\mswsock.dll [MS], 02 - 04, 08 - 19 %SystemRoot%\system32\rsvpsp.dll [MS], 05 - 06 Toolbars, Explorer Bars, Extensions: ------------------------------------ Toolbars HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ “{EF99BD32-C1FB-11D2-892F-0090271D4F88}” -> {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = “C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll” [file not found] “{2318C2B1-4965-11D4-9B18-009027A5CD4F}” -> {HKLM…CLSID} = “&Google” \InProcServer32(Default) = “c:\program files\google\googletoolbar1.dll” [“Google Inc.”] HKLM\Software\Microsoft\Internet Explorer\Toolbar\ “{EF99BD32-C1FB-11D2-892F-0090271D4F88}” = (no title provided) -> {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = “C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll” [file not found] “{2318C2B1-4965-11D4-9B18-009027A5CD4F}” = (no title provided) -> {HKLM…CLSID} = “&Google” \InProcServer32(Default) = “c:\program files\google\googletoolbar1.dll” [“Google Inc.”] Extensions (Tools menu items, main toolbar menu buttons) HKCU\Software\Microsoft\Internet Explorer\Extensions\ {CCCE5D70-9AA2-40F1-9C6B-12A255F08500}\ “ButtonText” = “Tłumacz na angielski” “MenuText” = “Tłumacz na angielski” “CLSIDExtension” = “{CC4371C0-D2F6-11D7-BDC4-00605209B788}” -> {HKCU…CLSID} = (no title provided) \InProcServer32(Default) = “C:\Program Files\poleng\Translatica2\bin\win\int\browser\iepolengextension.dll” [“POLENG”] {CCCE5D71-9AA2-40F1-9C6B-12A255F08500}\ “ButtonText” = “Tłumacz na polski” “MenuText” = “Tłumacz na polski” “CLSIDExtension” = “{CC4371C1-D2F6-11D7-BDC4-00605209B788}” -> {HKCU…CLSID} = (no title provided) \InProcServer32(Default) = “C:\Program Files\poleng\Translatica2\bin\win\int\browser\iepolengextension.dll” [“POLENG”] {CCCE5D72-9AA2-40F1-9C6B-12A255F08500}\ “ButtonText” = “Zachowaj przetłumaczoną stronę” “MenuText” = “Zachowaj przetłumaczoną stronę” “CLSIDExtension” = “{CC4371C2-D2F6-11D7-BDC4-00605209B788}” -> {HKCU…CLSID} = (no title provided) \InProcServer32(Default) = “C:\Program Files\poleng\Translatica2\bin\win\int\browser\iepolengextension.dll” [“POLENG”] {CCCE5D73-9AA2-40F1-9C6B-12A255F08500}\ “ButtonText” = “Opcje” “MenuText” = “Opcje” “CLSIDExtension” = “{CC4371C3-D2F6-11D7-BDC4-00605209B788}” -> {HKCU…CLSID} = (no title provided) \InProcServer32(Default) = “C:\Program Files\poleng\Translatica2\bin\win\int\browser\iepolengextension.dll” [“POLENG”] Miscellaneous IE Hijack Points ------------------------------ HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\ <> “{08C06D61-F1F3-4799-86F8-BE1A89362C85}” = (no title provided) -> {HKLM…CLSID} = “Search Class” \InProcServer32(Default) = “C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL” [file not found] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ Ati HotKey Poller, Ati HotKey Poller, “C:\WINDOWS\system32\Ati2evxx.exe” [“ATI Technologies Inc.”] CAISafe, CAISafe, “C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe” [“Computer Associates International, Inc.”] VET Message Service, VETMSGNT, “C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe” [“Computer Associates International, Inc.”] ---------- <>: Suspicious data at a malware launch point. <>: Suspicious data at a browser hijack point. + This report excludes default entries except where indicated. + To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter. + The search for DESKTOP.INI DLL launch points on all local fixed drives took 34 seconds. ---------- (total run time: 80 seconds)
Bieniol
(Bbieniol)
5 Styczeń 2007 17:59
#2
Usuń kosmetycznie te wpisy:
Przeczyść rejestr (polecam do tego jv16 PowerTools ), zrób defragmentację, oraz przejrzyj: Optymalizacja XP
Wejdź: Start -> uruchom -> msconfig i w zakładce uruchamianie odznacz (według Ciebie) niepotrzebne przy autostarcie programy