Nadgminne wieszanie kompa

Dla specjalistów Bezpieczeństwo
#1

Problem z kompem wiesza mi się na ekranie z logo winows i uruchamia się raz na jakiś czas w awaryjnym, dziś jakimś cudem się uruchomił w trybie normalnym.Bardzo proszę o pomoc bo już nie wiem co dalej , czy go przeinstalować czy jak.Z góry dzięki za odpowiedzi…

Logfile of HijackThis v1.99.1

Scan saved at 17:57:08, on 06-12-29

Platform: Windows 98 SE (Win9x 4.10.2222A)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)


Running processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL

C:\WINDOWS\SYSTEM\MSGSRV32.EXE

C:\WINDOWS\SYSTEM\MPREXE.EXE

C:\WINDOWS\SYSTEM\MSTASK.EXE

C:\PROGRAM FILES\ESET\NOD32KRN.EXE

C:\WINDOWS\SYSTEM\HIDSERV.EXE

C:\WINDOWS\SYSTEM\SPOOL32.EXE

C:\WINDOWS\SYSTEM\mmtask.tsk

C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE

C:\WINDOWS\EXPLORER.EXE

C:\WINDOWS\TASKMON.EXE

C:\WINDOWS\SYSTEM\SYSTRAY.EXE

C:\PROGRAM FILES\ESET\NOD32KUI.EXE

C:\WINDOWS\SYSTEM\INTERNAT.EXE

C:\WINDOWS\RUNDLL32.EXE

C:\WINDOWS\SYSTEM\IGFXTRAY.EXE

C:\WINDOWS\SYSTEM\HKCMD.EXE

C:\WINDOWS\SYSTEM\STIMON.EXE

C:\PROGRAM FILES\HP\HP SOFTWARE UPDATE\HPWUSCHD2.EXE

C:\PROGRAM FILES\WINAMP\WINAMPA.EXE

C:\PROGRAM FILES\SKYPE\PHONE\SKYPE.EXE

C:\GPG\GNUPT\GPGRELAY\GPGRELAY.EXE

C:\WINDOWS\SYSTEM\DDHELP.EXE

C:\PROGRAM FILES\HP\DIGITAL IMAGING\BIN\HPQTRA08.EXE

C:\WINDOWS\PULPIT\OPENOFFICE.ORG 1.9.108\PROGRAM\SOFFICE.EXE

C:\PROGRAM FILES\OPENOFFICE.ORG 2.0.2\PROGRAM\SOFFICE.EXE

C:\WINDOWS\SYSTEM\WMIEXE.EXE

C:\PROGRAM FILES\OPENOFFICE.ORG 2.0.2\PROGRAM\SOFFICE.BIN

C:\WINDOWS\PULPIT\OPENOFFICE.ORG 1.9.108\PROGRAM\SOFFICE.BIN

C:\PROGRAM FILES\HP\DIGITAL IMAGING\BIN\HPQSTE08.EXE

C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE

C:\WINDOWS\SYSTEM\PSTORES.EXE

C:\WINDOWS\PULPIT\HIJACKTHIS\HIJACKTHIS.EXE


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YT.DLL

O2 - BHO: (no name) - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - (no file)

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YT.DLL

O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun

O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe

O4 - HKLM\..\Run: [SystemTray] SysTray.Exe

O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM\..\Run: [Zasobnik systemowy] SysTray.Exe

O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE

O4 - HKLM\..\Run: [odk_mcd] C:\PROGRAM FILES\ODKURZACZ 10.0 PRO BETA\odk_mcd.exe

O4 - HKLM\..\Run: [internat.exe] internat.exe

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\SYSTEM\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\SYSTEM\hkcmd.exe

O4 - HKLM\..\Run: [Transparent] Trans.exe

O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe

O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp

O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe

O4 - HKLM\..\RunServices: [NOD32kernel] "C:\Program Files\Eset\nod32krn.exe"

O4 - HKLM\..\RunServices: [Hidserv] Hidserv.exe run

O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE

O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [Gadu-Gadu] "C:\PROGRAM FILES\GADU-GADU\GG.EXE" /tray

O4 - Startup: GPGRelay.lnk = C:\gpg\GnuPT\GPGRelay\GPGRelay.exe

O4 - Startup: OpenOffice.org 1.9.108.lnk = C:\WINDOWS\Pulpit\OpenOffice.org 1.9.108\program\quickstart.exe

O4 - Startup: OpenOffice.org 2.0.2.lnk = C:\Program Files\OpenOffice.org 2.0.2\program\quickstart.exe

O4 - Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll

O12 - Plugin for .pdf: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll

O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
#2

Usuń Hijackiem te wpisy:

Po zabiegach nowy log z Hijacka + log z Silent Runners

#3

Niestety mam problem , wczoraj po wykasowaniu wpisów, komp mi się zawiesił i startuje tylko w awaryjnym i nie mam dostępu z niego do neta.Więc stanełam w miejscu , nie mam jak przesłać loga.pozdrawiam

Spróbuję wymienić bateryjkę , może to coś da i system będzie się ładował normalnie :slight_smile:

#4

Spróbuj wygenerować logi w trybie awaryjnym, przenieść je na iny komputer i wkleić tutaj na forum :slight_smile:

#5

Niemożliwe ale wymiana bateryki pomogła ( jak narazie), komp startuje normalnie , tyle że nadal nie moge przesłac loga dopiero jak go podłącze do neta w domu , nie mam stacji dyskietek a nagrywarka do wymiany( jak pech to pech) , a teraz korzystam z laptopa z bezprzewodówką więc nie mam jak narazie przenieść logów. serdeczne pozdro

Złączono Posta : 02.01.2007 (Wto) 11:48

Witam serdecznie w Nowym Roku , bardzo proszę o ponowne sprawdzenie loga. pozdrawiam

Logfile of HijackThis v1.99.1

Scan saved at 11:27:41, on 07-01-02

Platform: Windows 98 SE (Win9x 4.10.2222A)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)


Running processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL

C:\WINDOWS\SYSTEM\MSGSRV32.EXE

C:\WINDOWS\SYSTEM\SPOOL32.EXE

C:\WINDOWS\SYSTEM\MPREXE.EXE

C:\WINDOWS\SYSTEM\MSTASK.EXE

C:\PROGRAM FILES\ESET\NOD32KRN.EXE

C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE

C:\WINDOWS\SYSTEM\HIDSERV.EXE

C:\WINDOWS\SYSTEM\mmtask.tsk

C:\WINDOWS\EXPLORER.EXE

C:\WINDOWS\TASKMON.EXE

C:\WINDOWS\SYSTEM\SYSTRAY.EXE

C:\PROGRAM FILES\ESET\NOD32KUI.EXE

C:\WINDOWS\RUNDLL32.EXE

C:\WINDOWS\SYSTEM\IGFXTRAY.EXE

C:\WINDOWS\SYSTEM\HKCMD.EXE

C:\WINDOWS\SYSTEM\STIMON.EXE

C:\PROGRAM FILES\HP\HP SOFTWARE UPDATE\HPWUSCHD2.EXE

C:\PROGRAM FILES\WINAMP\WINAMPA.EXE

C:\PROGRAM FILES\AXBX\VIRUSKEEPER 2007 PRO TRIAL\VIRUSKEEPER.EXE

C:\PROGRAM FILES\HP\DIGITAL IMAGING\BIN\HPQTRA08.EXE

C:\WINDOWS\SYSTEM\WMIEXE.EXE

C:\WINDOWS\SYSTEM\DDHELP.EXE

C:\WINDOWS\SYSTEM\WBEM\WINMGMT.EXE

C:\PROGRAM FILES\HP\DIGITAL IMAGING\BIN\HPQSTE08.EXE

C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE

C:\WINDOWS\PULPIT\HIJACKTHIS\HIJACKTHIS.EXE


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YT.DLL

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YT.DLL

O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun

O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe

O4 - HKLM\..\Run: [SystemTray] SysTray.Exe

O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM\..\Run: [Zasobnik systemowy] SysTray.Exe

O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\SYSTEM\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\SYSTEM\hkcmd.exe

O4 - HKLM\..\Run: [Transparent] Trans.exe

O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe

O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp

O4 - HKLM\..\Run: [VirusKeeper] C:\Program Files\AxBx\VirusKeeper 2007 Pro Trial\VirusKeeper.exe

O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe

O4 - HKLM\..\RunServices: [NOD32kernel] "C:\Program Files\Eset\nod32krn.exe"

O4 - HKLM\..\RunServices: [Hidserv] Hidserv.exe run

O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE

O4 - HKCU\..\Run: [Gadu-Gadu] "C:\PROGRAM FILES\GADU-GADU\GG.EXE" /tray

O4 - Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll

O12 - Plugin for .pdf: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll

“Silent Runners.vbs”, revision 49, http://www.silentrunners.org/

Operating System: Windows 98

Output limited to non-default values, except where indicated by “{++}”

Startup items buried in registry:

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}

“Gadu-Gadu” = ““C:\PROGRAM FILES\GADU-GADU\GG.EXE” /tray” [“Gadu-Gadu S.A.”]

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}

“ScanRegistry” = “C:\WINDOWS\scanregw.exe /autorun” [MS]

“TaskMonitor” = “C:\WINDOWS\taskmon.exe” [MS]

“SystemTray” = “SysTray.Exe” [MS]

“LoadPowerProfile” = “Rundll32.exe powrprof.dll,LoadCurrentPwrScheme” [MS]

“Zasobnik systemowy” = “SysTray.Exe” [MS]

“nod32kui” = ““C:\Program Files\Eset\nod32kui.exe” /WAITSERVICE” ["Eset "]

“Cmaudio” = “RunDll32 cmicnfg.cpl,CMICtrlWnd” [MS]

“IgfxTray” = “C:\WINDOWS\SYSTEM\igfxtray.exe” [“Intel Corporation”]

“HotKeysCmds” = “C:\WINDOWS\SYSTEM\hkcmd.exe” [“Intel Corporation”]

“Transparent” = “Trans.exe” [null data]

“StillImageMonitor” = “C:\WINDOWS\SYSTEM\STIMON.EXE” [MS]

“HP Software Update” = “C:\Program Files\HP\HP Software Update\HPWuSchd2.exe” [“Hewlett-Packard Co.”]

“WinampAgent” = “C:\Program Files\Winamp\winampa.exe” [null data]

“Tweak UI” = “RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp” [MS]

“VirusKeeper” = “C:\Program Files\AxBx\VirusKeeper 2007 Pro Trial\VirusKeeper.exe” [“AxBx”]

HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices\ {++}

“LoadPowerProfile” = “Rundll32.exe powrprof.dll,LoadCurrentPwrScheme” [MS]

“SchedulingAgent” = “mstask.exe” [MS]

“NOD32kernel” = ““C:\Program Files\Eset\nod32krn.exe”” ["Eset "]

“Hidserv” = “Hidserv.exe run” [MS]

“KB891711” = “C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE” [MS]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{02478D38-C3F9-4EFB-9B51-7695ECA05670}(Default) = (no title provided)

-> {HKLM…CLSID} = “Yahoo! Toolbar Helper”

\InProcServer32(Default) = “C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YT.DLL” [“Yahoo! Inc.”]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

“{B41DB860-8EE4-11D2-9906-E49FADC173CA}” = “WinRAR shell extension”

-> {HKLM…CLSID} = “WinRAR”

\InProcServer32(Default) = “C:\PROGRAM FILES\WINRAR\rarext.dll” [null data]

“{23170F69-40C1-278A-1000-000100020000}” = “7-Zip Shell Extension”

-> {HKLM…CLSID} = “7-Zip Shell Extension”

\InProcServer32(Default) = “C:\Program Files\7-Zip\7-zip.dll” [“Igor Pavlov”]

“{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}” = “OpenOffice.org Column Handler”

-> {HKLM…CLSID} = (no title provided)

\InProcServer32(Default) = ““C:\Program Files\OpenOffice.org 2.0.2\program\shlxthdl.dll”” [“Sun Microsystems, Inc.”]

“{087B3AE3-E237-4467-B8DB-5A38AB959AC9}” = “OpenOffice.org Infotip Handler”

-> {HKLM…CLSID} = (no title provided)

\InProcServer32(Default) = ““C:\Program Files\OpenOffice.org 2.0.2\program\shlxthdl.dll”” [“Sun Microsystems, Inc.”]

“{63542C48-9552-494A-84F7-73AA6A7C99C1}” = “OpenOffice.org Property Sheet Handler”

-> {HKLM…CLSID} = (no title provided)

\InProcServer32(Default) = ““C:\Program Files\OpenOffice.org 2.0.2\program\shlxthdl.dll”” [“Sun Microsystems, Inc.”]

“{3B092F0C-7696-40E3-A80F-68D74DA84210}” = “OpenOffice.org Thumbnail Viewer”

-> {HKLM…CLSID} = (no title provided)

\InProcServer32(Default) = ““C:\Program Files\OpenOffice.org 2.0.2\program\shlxthdl.dll”” [“Sun Microsystems, Inc.”]

HKLM\Software\Classes\Folder\shellex\ColumnHandlers\

{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}(Default) = “OpenOffice.org Column Handler”

-> {HKLM…CLSID} = (no title provided)

\InProcServer32(Default) = ““C:\Program Files\OpenOffice.org 2.0.2\program\shlxthdl.dll”” [“Sun Microsystems, Inc.”]

HKLM\Software\Classes*\shellex\ContextMenuHandlers\

NOD32 Context Menu Shell Extension(Default) = “{B089FE88-FB52-11d3-BDF1-0050DA34150D}”

-> {HKLM…CLSID} = “NOD32 Context Menu Shell Extension”

\InProcServer32(Default) = “C:\Program Files\Eset\nodshex.dll” ["Eset "]

WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}”

-> {HKLM…CLSID} = “WinRAR”

\InProcServer32(Default) = “C:\PROGRAM FILES\WINRAR\rarext.dll” [null data]

7-Zip(Default) = “{23170F69-40C1-278A-1000-000100020000}”

-> {HKLM…CLSID} = “7-Zip Shell Extension”

\InProcServer32(Default) = “C:\Program Files\7-Zip\7-zip.dll” [“Igor Pavlov”]

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\

WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}”

-> {HKLM…CLSID} = “WinRAR”

\InProcServer32(Default) = “C:\PROGRAM FILES\WINRAR\rarext.dll” [null data]

7-Zip(Default) = “{23170F69-40C1-278A-1000-000100020000}”

-> {HKLM…CLSID} = “7-Zip Shell Extension”

\InProcServer32(Default) = “C:\Program Files\7-Zip\7-zip.dll” [“Igor Pavlov”]

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\

NOD32 Context Menu Shell Extension(Default) = “{B089FE88-FB52-11d3-BDF1-0050DA34150D}”

-> {HKLM…CLSID} = “NOD32 Context Menu Shell Extension”

\InProcServer32(Default) = “C:\Program Files\Eset\nodshex.dll” ["Eset "]

WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}”

-> {HKLM…CLSID} = “WinRAR”

\InProcServer32(Default) = “C:\PROGRAM FILES\WINRAR\rarext.dll” [null data]

Active Desktop and Wallpaper:

Active Desktop may be enabled at this entry:

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop enabled and wallpaper not set by System Policy:

HKCU\Software\Microsoft\Internet Explorer\Desktop\General\

“Wallpaper” = “C:\WINDOWS\Chmury.bmp”

Displayed if Active Desktop disabled and wallpaper not set by System Policy:

HKCU\Control Panel\Desktop\

“Wallpaper” = “C:\WINDOWS\Chmury.bmp”

Active Desktop web content (hidden if disabled):

HKCU\Software\Microsoft\Internet Explorer\Desktop\Components\0\

“FriendlyName” = “”

“Source” = “http://www.dombank.pl/_iMg/site/icons/ico_site_pdf.gif

“SubscribedURL” = “http://www.dombank.pl/_iMg/site/icons/ico_site_pdf.gif

WIN.INI & SYSTEM.INI launch points:

SYSTEM.INI

[boot]

“SCRNSAVE.EXE=C:\WINDOWS\SYSTEM\DELFIN~1.SCR” [file not found]

Startup items in “Startup” & “All Users…Startup” folders:

C:\WINDOWS\Menu Start\Programy\Autostart

“HP Digital Imaging Monitor” -> shortcut to: “C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe” [“Hewlett-Packard Co.”]

Enabled Scheduled Tasks:

“Rozpoczęcie aplikacji dostrajania” -> launches: “walign” [MS]

“Konserwacja — Scandisk” -> launches: “C:\WINDOWS\SCANDSKW.EXE /SAGERUN:0 /ALL /N” [MS]

“Konserwacja — programy Defragmentacji” -> launches: “C:\WINDOWS\DEFRAG.EXE /SAGERUN:0” [MS]

“Konserwacja — Porządkowanie dysku” -> launches: “C:\WINDOWS\CLEANMGR.EXE /SAGERUN:0” [MS]

Winsock2 Service Provider DLLs:

Namespace Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}

000000000001\LibraryPath = “C:\WINDOWS\SYSTEM\rnr20.dll” [MS]

Transport Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}

0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:

C:\WINDOWS\SYSTEM\imon.dll [null data], 01 - 05, 15

C:\WINDOWS\SYSTEM\msafd.dll [MS], 06 - 08

C:\WINDOWS\SYSTEM\rsvpsp.dll [MS], 09 - 10

C:\WINDOWS\SYSTEM\mswsosp.dll [MS], 11 - 14

Toolbars, Explorer Bars, Extensions:

Toolbars

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\

“{EF99BD32-C1FB-11D2-892F-0090271D4F88}”

-> {HKLM…CLSID} = “Yahoo! Toolbar”

\InProcServer32(Default) = “C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YT.DLL” [“Yahoo! Inc.”]

HKLM\Software\Microsoft\Internet Explorer\Toolbar\

“{EF99BD32-C1FB-11D2-892F-0090271D4F88}” = (no title provided)

-> {HKLM…CLSID} = “Yahoo! Toolbar”

\InProcServer32(Default) = “C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YT.DLL” [“Yahoo! Inc.”]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\Software\Microsoft\Internet Explorer\Extensions\

{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\

“MenuText” = “Sun Java Console”

“CLSIDExtension” = “{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}”

-> {HKLM…CLSID} = “Java Plug-in 1.5.0_04”

\InProcServer32(Default) = “C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll” [“Sun Microsystems, Inc.”]

Miscellaneous IE Hijack Points

HKLM\Software\Microsoft\Internet Explorer\Version = (invalid data)

The Internet Explorer version cannot be found!

C:\WINDOWS\INF\IERESET.INF (used to “Reset Web Settings”)

The contents of IERESET.INF cannot be reliably checked!

Added lines (compared with English-language version):

Missing lines (compared with English-language version):

strings: 2 lines

HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\

<> “{08C06D61-F1F3-4799-86F8-BE1A89362C85}” = (no title provided)

-> {HKLM…CLSID} = “Search Class”

\InProcServer32(Default) = “C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL” [","]

Print Monitors:

HKLM\System\CurrentControlSet\Control\Print\Monitors\

HP Standard TCP/IP Port\Driver = “HpTcpMon.dll” [“Hewlett Packard”]

usbmon\Driver = “usbmon.dll” [MS]

hpzl9x12\Driver = “hpzl9x12.dll” [“HP”]

usbmon.dll\Driver = “usbmon.dll” [MS]

<>: Suspicious data at a browser hijack point.

  • This report excludes default entries except where indicated.

  • To see *everywhere* the script checks and *everything* it finds,

launch it from a command prompt or a shortcut with the -all parameter.

  • The search for DESKTOP.INI DLL launch points on all local fixed drives

took 8 seconds.

---------- (total run time: 72 seconds)

#6

Logi są ok.

Przeczyść rejestr – użyj do tego jv16 PowerTools 2006 1.5.2.344.

Pozatym przejrzyj: Lista zbędników w autostarcie oraz Optymalizacja Windows 95/98/Me.

Wejdź: Start > uruchom > msconfig i w zakładce „Uruchamianie” odznacz, niepotrzebne według Ciebie, programy w autostarcie. :slight_smile:

#7

Ok , już zrobione . Wielkie Dzięki za sprawdzenie .pozdrawiam