Problem dotyczący gry ( spadanie fpsów ) i problemów z kopem

Mój problem polega na tym:

Dzisiaj grałem sobie w gre counter-strike 1.6 i wszystko chodziło normalnie (100 fps czyli klatek na sekunde ) i tak dalej. Gdy zaczął internet źle chodzic czyli miałem laga zresetowałem komputer. Gdy włączylem nie moglem nic włączyc ledwo co kurson chodził mój komputer włączył sie po paru minutach tak samo inne rzeczy przeglądarka etc. Niedawno ustawiłem takie coś że na starcie jak sie komp włącza pojawia sie okienko i tam moge odznaczyc co chcem żeby sie włączało automatycznie a co nie podczas uruchomiania komputera no i po 6 resecie kompa gdy to sie włączyło zazanczylem 1 opcje i wszystko dobrze zaczeło chodzic … ale gdy wszedłem do gry fpsy spadają do 50! albo niżej chociaż wtedy miałem 100 i wogóle nie spadały. W grze brakuje konfiguracji paru przycisków musialem wszystko od nowa poustawiac nie wiem co sie dzieje prosze o pomoc… chciałbym zrobic przywracanie systemu ale nie wiem jak prosze o pomoc :frowning:

z!pPy wrzuć logi z HJT i SR. Może masz jakiś syf. :slight_smile:

dobrze zachwile wrzuce w innym topicu tylko sciągne HTJ a moge wiedziec co to SR bo takze nie posiadam :frowning:

z!pPy tutaj masz opis.

:arrow: http://forum.dobreprogramy.pl/viewtopic.php?t=36654

Wrzuć tutaj - Moderaotr wydzieli. :slight_smile:

Oki wlasnie znalazlem ten topic sciągne 2 programy przeczytam instrukcje i wrzuce logi :slight_smile:

Złączono Posty : 24.01.2007 (Sro) 14:36

oto log z hjt zachwile dodam z tego drugiego progsa :slight_smile:

Logfile of HijackThis v1.99.1

Scan saved at 14:39:36, on 2007-01-24

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Razer\Krait\razerhid.exe

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\WINDOWS\system32\sstray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Creative\MediaSource5\MtdAcqu.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\OpenOffice.ux.pl 2.0\program\soffice.exe

C:\Program Files\OpenOffice.ux.pl 2.0\program\soffice.BIN

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe

C:\Program Files\BullGuard Ltd\SteelSecurity\SteelUpdate.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\CTsvcCDA.exe

C:\Program Files\Razer\Krait\razerofa.exe

C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Steam\Steam.exe

C:\Program Files\Gadu-Gadu\gg.exe

c:\program files\steam\steamapps\galeczek\counter-strike\hl.exe

C:\Program Files\Save\Save.exe

C:\Documents and Settings\DOM\Pulpit\hijackthis\HijackThis.exe


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.ninemsn.com.au/0SEENAU/SAOS01?FORM=TOOLBR

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.ninemsn.com.au/0SEENAU/SAOS01?FORM=TOOLBR

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.ninemsn.com.au/0SEENAU/SAOS01?FORM=TOOLBR

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: Alcohol Toolbar Helper - {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll

O3 - Toolbar: Alcohol Toolbar - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [Krait] C:\Program Files\Razer\Krait\razerhid.exe

O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"

O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MtdAcqu] "C:\Program Files\Creative\MediaSource5\MtdAcqu.exe" /s

O4 - HKCU\..\Run: [WhenUSave] "C:\Program Files\Save\Save.exe"

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray

O4 - Startup: OpenOffice.ux.pl 2.0.lnk = C:\Program Files\OpenOffice.ux.pl 2.0\program\quickstart.exe

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm

O8 - Extra context menu item: Download with Star Downloader - C:\PROGRA~1\STARDO~1\sdie.htm

O8 - Extra context menu item: Enqueue in Star Downloader - C:\PROGRA~1\STARDO~1\sdieenq.htm

O8 - Extra context menu item: Leech with Star Downloader - C:\PROGRA~1\STARDO~1\leechie.htm

O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-au\msntabres.dll.mui/229?66273188099148838929092d80b642ba

O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-au\msntabres.dll.mui/230?66273188099148838929092d80b642ba

O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Ochrona WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll

O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe

O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe

O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe

O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe

O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe

O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1146678340871

O16 - DPF: {9BF607E0-4CC1-4099-9A07-362C9E4FB090} (WStarter Control) - http://live.pdbox.co.kr:8057/WStarter.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{097B1CE5-116B-4E46-B25F-B431E46E927F}: NameServer = 194.104.159.1,194.204.152.34

O17 - HKLM\System\CCS\Services\Tcpip\..\{0FB1489F-024F-48CA-AA3F-9BB08B30B00D}: NameServer = 194.204.152.34 217.98.63.164

O17 - HKLM\System\CS1\Services\Tcpip\..\{097B1CE5-116B-4E46-B25F-B431E46E927F}: NameServer = 194.104.159.1,194.204.152.34

O17 - HKLM\System\CS2\Services\Tcpip\..\{097B1CE5-116B-4E46-B25F-B431E46E927F}: NameServer = 194.104.159.1,194.204.152.34

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - AppInit_DLLs: bggp.dll

O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)

O23 - Service: SteelSecurity LiveUpdate (BGLiveSvc) - BullGuard Software - C:\Program Files\BullGuard Ltd.\SteelSecurity\SteelUpdate.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

No to czekamy. Wrzucaj loga z HJT i SR.

Możesz przejrzeć:

:arrow: http://forum.dobreprogramy.pl/viewtopic … ymalizacja

:arrow: http://forum.dobreprogramy.pl/viewtopic … ymalizacja

:arrow: http://forum.dobreprogramy.pl/viewtopic … ymalizacja

z!pPy Na forum obowiązuje używanie polskiej pisowni (włączając w to znaki typu ą, ś, ć, ł, ó itd). Zastosuj się proszę do tej zasady i popraw błędy. W przeciwnym wypadku temat może wylądować w koszu.

Proszę również o zmianę tytułu na bardziej konkretny.

Użyj opcji icon_edit.gif

poprawiłem nazwe tematu i pozmieniałem na snaki :wink: ale nie moge napisac c z kreska poniewaz pojawia mi sie taki komunikat ;(

Złączono Posty : 24.01.2007 (Sro) 14:51

log z silentrun:

"Silent Runners.vbs", revision R50, http://www.silentrunners.org/

Operating System: Windows XP SP2

Output limited to non-default values, except where indicated by "{++}"



Startup items buried in registry:

---------------------------------


HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}

"ctfmon.exe" = "C:\WINDOWS\system32\ctfmon.exe" [MS]

"Steam" = "(empty string)" [file not found]

"MtdAcqu" = ""C:\Program Files\Creative\MediaSource5\MtdAcqu.exe" /s" ["Creative Technology Ltd"]

"WhenUSave" = ""C:\Program Files\Save\Save.exe"" ["WhenU.com, Inc."]

"MSMSGS" = ""C:\Program Files\Messenger\msmsgs.exe" /background" [MS]

"Gadu-Gadu" = ""C:\Program Files\Gadu-Gadu\gg.exe" /tray" ["sms-express.com"]


HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}

"Krait" = "C:\Program Files\Razer\Krait\razerhid.exe" [empty string]

"kav" = ""C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"" ["Kaspersky Lab"]

"(Default)" = "(empty string)" [file not found]

"DAEMON Tools" = ""C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033" ["DT Soft Ltd."]

"ATICCC" = ""C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay" [null data]

"QuickTime Task" = ""C:\Program Files\QuickTime\qttask.exe" -atboottime" ["Apple Computer, Inc."]

"MSConfig" = "C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto" [MS]

"ATIPTA" = "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" ["ATI Technologies, Inc."]

"RemoteControl" = ""C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"" ["Cyberlink Corp."]

"nForce Tray Options" = "sstray.exe /r" ["NVIDIA Corporation"]


HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{31FF080D-12A3-439A-A2EF-4BA95A3148E8}\(Default) = (no title provided)

  -> {HKLM...CLSID} = "bho2gr Class"

                   \InProcServer32\(Default) = "C:\Program Files\GetRight\xx2gr.dll" ["Headlight Software, Inc."]

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)

  -> {HKLM...CLSID} = "SSVHelper Class"

                   \InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll" ["Sun Microsystems, Inc."]

{8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489}\(Default) = (no title provided)

  -> {HKLM...CLSID} = "Alcohol Toolbar Helper"

                   \InProcServer32\(Default) = "C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll" [null data]

{9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided)

  -> {HKLM...CLSID} = "Windows Live Sign-in Helper"

                   \InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll" [MS]

{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\(Default) = (no title provided)

  -> {HKLM...CLSID} = "Windows Live Toolbar Helper"

                   \InProcServer32\(Default) = "C:\Program Files\Windows Live Toolbar\msntb.dll" [MS]

{FFFFFEF0-5B30-21D4-945D-000000000000}\(Default) = (no title provided)

  -> {HKLM...CLSID} = (no title provided)

                   \InProcServer32\(Default) = "C:\PROGRA~1\STARDO~1\SDIEInt.dll" [null data]


HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania"

  -> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania"

                   \InProcServer32\(Default) = "deskpan.dll" [file not found]

"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"

  -> {HKLM...CLSID} = "HyperTerminal Icon Ext"

                   \InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]

"{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" = "OpenOffice.org Column Handler"

  -> {HKLM...CLSID} = (no title provided)

                   \InProcServer32\(Default) = ""C:\Program Files\OpenOffice.ux.pl 2.0\program\shlxthdl.dll"" ["Sun Microsystems, Inc."]

"{087B3AE3-E237-4467-B8DB-5A38AB959AC9}" = "OpenOffice.org Infotip Handler"

  -> {HKLM...CLSID} = (no title provided)

                   \InProcServer32\(Default) = ""C:\Program Files\OpenOffice.ux.pl 2.0\program\shlxthdl.dll"" ["Sun Microsystems, Inc."]

"{63542C48-9552-494A-84F7-73AA6A7C99C1}" = "OpenOffice.org Property Sheet Handler"

  -> {HKLM...CLSID} = (no title provided)

                   \InProcServer32\(Default) = ""C:\Program Files\OpenOffice.ux.pl 2.0\program\shlxthdl.dll"" ["Sun Microsystems, Inc."]

"{3B092F0C-7696-40E3-A80F-68D74DA84210}" = "OpenOffice.org Thumbnail Viewer"

  -> {HKLM...CLSID} = (no title provided)

                   \InProcServer32\(Default) = ""C:\Program Files\OpenOffice.ux.pl 2.0\program\shlxthdl.dll"" ["Sun Microsystems, Inc."]

"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player"

  -> {HKLM...CLSID} = "RealOne Player Context Menu Class"

                   \InProcServer32\(Default) = "C:\Program Files\ACE Mega CoDecS Pack\SystemS\RealMedia\rpshell.dll" ["RealNetworks, Inc."]

"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"

  -> {HKLM...CLSID} = "WinRAR"

                   \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

"{73B24247-042E-4EF5-ADC2-42F62E6FD654}" = "ICQ Lite Shell Extension"

  -> {HKLM...CLSID} = "MCLiteShellExt Class"

                   \InProcServer32\(Default) = "C:\Program Files\ICQLite\ICQLiteShell.dll" [empty string]

"{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}" = "Messenger Sharing Folders"

  -> {HKLM...CLSID} = "My Sharing Folders"

                   \InProcServer32\(Default) = "C:\Program Files\MSN Messenger\fsshext.8.0.0812.00.dll" [MS]

"{0561EC90-CE54-4f0c-9C55-E226110A740C}" = "Haali Column Provider"

  -> {HKLM...CLSID} = "Haali Column Provider"

                   \InProcServer32\(Default) = "C:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll" [null data]

"{85E0B171-04FA-11D1-B7DA-00A0C90348D6}" = "Ochrona WWW"

  -> {HKLM...CLSID} = "Ochrona WWW"

                   \InProcServer32\(Default) = "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll" ["Kaspersky Lab"]

"{5E2121EE-0300-11D4-8D3B-444553540000}" = "Catalyst Context Menu extension"

  -> {HKLM...CLSID} = "SimpleShlExt Class"

                   \InProcServer32\(Default) = "C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll" [empty string]

"{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu"

  -> {HKLM...CLSID} = "Portable Media Devices Menu"

                   \InProcServer32\(Default) = "C:\WINDOWS\system32\Audiodev.dll" [MS]

"{377BF0A0-F755-4469-BA0C-BEB93AAB5454}" = "MuVo V100 Media Explorer"

  -> {HKLM...CLSID} = "MuVo V100 Media Explorer"

                   \InProcServer32\(Default) = "C:\Program Files\Creative\Creative MuVo V100\MuVo V100 Media Explorer\CTMvnsu.dll" ["Creative Technology Ltd"]


HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\

<> "AppInit_DLLs" = "bggp.dll" ["BullGuard Software"]


HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\

<> AtiExtEvent\DLLName = "Ati2evxx.dll" ["ATI Technologies Inc."]

<> klogon\DLLName = "C:\WINDOWS\system32\klogon.dll" ["Kaspersky Lab"]


HKLM\Software\Classes\Folder\shellex\ColumnHandlers\

{0561EC90-CE54-4f0c-9C55-E226110A740C}\(Default) = "Haali Column Provider"

  -> {HKLM...CLSID} = "Haali Column Provider"

                   \InProcServer32\(Default) = "C:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll" [null data]

{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\(Default) = "OpenOffice.org Column Handler"

  -> {HKLM...CLSID} = (no title provided)

                   \InProcServer32\(Default) = ""C:\Program Files\OpenOffice.ux.pl 2.0\program\shlxthdl.dll"" ["Sun Microsystems, Inc."]


HKLM\Software\Classes\*\shellex\ContextMenuHandlers\

ICQLiteMenu\(Default) = "{73B24247-042E-4EF5-ADC2-42F62E6FD654}"

  -> {HKLM...CLSID} = "MCLiteShellExt Class"

                   \InProcServer32\(Default) = "C:\Program Files\ICQLite\ICQLiteShell.dll" [empty string]

Kaspersky Anti-Virus\(Default) = "{dd230880-495a-11d1-b064-008048ec2fc5}"

  -> {HKLM...CLSID} = (no title provided)

                   \InProcServer32\(Default) = "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\shellex.dll" ["Kaspersky Lab"]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

  -> {HKLM...CLSID} = "WinRAR"

                   \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

WinUHA\(Default) = "{095177B8-8097-4D32-9081-A8949C47020E}"

  -> {HKLM...CLSID} = (no title provided)

                   \InProcServer32\(Default) = "C:\PROGRA~1\WinUHA\SHELLW~1.DLL" [null data]


HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\

ICQLiteMenu\(Default) = "{73B24247-042E-4EF5-ADC2-42F62E6FD654}"

  -> {HKLM...CLSID} = "MCLiteShellExt Class"

                   \InProcServer32\(Default) = "C:\Program Files\ICQLite\ICQLiteShell.dll" [empty string]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

  -> {HKLM...CLSID} = "WinRAR"

                   \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]


HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\

bgshellext\(Default) = "{F4BF1657-195F-4A0F-ACA2-9AE99D65BC0E}"

  -> {HKLM...CLSID} = "MyShellExt Class"

                   \InProcServer32\(Default) = "C:\Program Files\BullGuard Ltd\SteelSecurity\BGShellExt.dll" ["BullGuard Software"]

Kaspersky Anti-Virus\(Default) = "{dd230880-495a-11d1-b064-008048ec2fc5}"

  -> {HKLM...CLSID} = (no title provided)

                   \InProcServer32\(Default) = "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\shellex.dll" ["Kaspersky Lab"]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

  -> {HKLM...CLSID} = "WinRAR"

                   \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

WinUHA\(Default) = "{095177B8-8097-4D32-9081-A8949C47020E}"

  -> {HKLM...CLSID} = (no title provided)

                   \InProcServer32\(Default) = "C:\PROGRA~1\WinUHA\SHELLW~1.DLL" [null data]



Group Policies {policy setting}:

--------------------------------


Note: detected settings may not have any effect.


HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\


"shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001

{Shutdown: Allow system to be shut down without having to log on}


"undockwithoutlogon" = (REG_DWORD) hex:0x00000001

{Devices: Allow undock without having to log on}



Active Desktop and Wallpaper:

-----------------------------


Active Desktop may be disabled at this entry:

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState


Displayed if Active Desktop enabled and wallpaper not set by Group Policy:

HKCU\Software\Microsoft\Internet Explorer\Desktop\General\

"Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Moje dokumenty\Longhorn.52xxa.bmp"


Displayed if Active Desktop disabled and wallpaper not set by Group Policy:

HKCU\Control Panel\Desktop\

"Wallpaper" = "C:\Documents and Settings\DOM\Moje dokumenty\Longhorn.52xxa.bmp"



Enabled Screen Saver:

---------------------


HKCU\Control Panel\Desktop\

"SCRNSAVE.EXE" = "C:\WINDOWS\system32\logon.scr" [MS]



Startup items in "DOM" & "All Users" startup folders:

-----------------------------------------------------


C:\Documents and Settings\DOM\Menu Start\Programy\Autostart

"OpenOffice.ux.pl 2.0" -> shortcut to: "C:\Program Files\OpenOffice.ux.pl 2.0\program\quickstart.exe" [null data]



Enabled Scheduled Tasks:

------------------------


"Check Updates for Windows Live Toolbar" -> launches: "C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE" [MS]



Winsock2 Service Provider DLLs:

-------------------------------


Namespace Service Providers


HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}

000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]

000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]


Transport Service Providers


HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}

0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:

%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 19

%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05



Toolbars, Explorer Bars, Extensions:

------------------------------------


Toolbars


HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\

"{4D5C8C2A-D075-11D0-B416-00C04FB90376}"

  -> {HKLM...CLSID} = "Pasek poleceń Microsoft"

                   \InProcServer32\(Default) = "C:\WINDOWS\system32\browseui.dll" [MS]

"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}"

  -> {HKLM...CLSID} = "Windows Live Toolbar"

                   \InProcServer32\(Default) = "C:\Program Files\Windows Live Toolbar\msntb.dll" [MS]

"{ED4BD629-C1B6-4399-8A34-02CCAA921DC9}"

  -> {HKLM...CLSID} = "Alcohol Toolbar"

                   \InProcServer32\(Default) = "C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll" [null data]


HKLM\Software\Microsoft\Internet Explorer\Toolbar\

"{ED4BD629-C1B6-4399-8A34-02CCAA921DC9}" = "Alcohol Toolbar"

  -> {HKLM...CLSID} = "Alcohol Toolbar"

                   \InProcServer32\(Default) = "C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll" [null data]

"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" = (no title provided)

  -> {HKLM...CLSID} = "Windows Live Toolbar"

                   \InProcServer32\(Default) = "C:\Program Files\Windows Live Toolbar\msntb.dll" [MS]


Explorer Bars


HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\


HKLM\Software\Classes\CLSID\{85E0B171-04FA-11D1-B7DA-00A0C90348D6}\(Default) = "Ochrona WWW"

Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]

InProcServer32\(Default) = "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll" ["Kaspersky Lab"]


Extensions (Tools menu items, main toolbar menu buttons)


HKLM\Software\Microsoft\Internet Explorer\Extensions\

{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\

"MenuText" = "Sun Java Console"

"CLSIDExtension" = "{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}"

  -> {HKCU...CLSID} = "Java Plug-in"

                   \InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll" ["Sun Microsystems, Inc."]

  -> {HKLM...CLSID} = "Java Plug-in 1.5.0_06"

                   \InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll" ["Sun Microsystems, Inc."]


{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}\

"ButtonText" = "Ochrona WWW"


{49783ED4-258D-4F9F-BE11-137C18D3E543}\

"ButtonText" = "Titan Poker"

"MenuText" = "Titan Poker"

"Exec" = "C:\Program Files\Titan Poker\casino.exe" [null data]


{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}\

"ButtonText" = "PartyPoker.com"

"MenuText" = "PartyPoker.com"

"Exec" = "C:\Program Files\PartyGaming\PartyPoker\RunApp.exe" [empty string]


{B863453A-26C3-4E1F-A54D-A2CD196348E9}\

"ButtonText" = "ICQ Lite"

"MenuText" = "ICQ Lite"

"Exec" = "C:\Program Files\ICQLite\ICQLite.exe" ["ICQ Ltd."]


{CD67F990-D8E9-11D2-98FE-00C0F0318AFE}\


{FB5F1910-F110-11D2-BB9E-00C04F795683}\

"ButtonText" = "Messenger"

"MenuText" = "Windows Messenger"

"Exec" = "C:\Program Files\Messenger\msmsgs.exe" [MS]



Running Services (Display Name, Service Name, Path {Service DLL}):

------------------------------------------------------------------


Ati HotKey Poller, Ati HotKey Poller, "C:\WINDOWS\system32\Ati2evxx.exe" ["ATI Technologies Inc."]

Creative Service for CDROM Access, Creative Service for CDROM Access, "C:\WINDOWS\system32\CTsvcCDA.exe" ["Creative Technology Ltd"]

Kaspersky Anti-Virus 6.0, AVP, ""C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r" ["Kaspersky Lab"]

StarWind iSCSI Service, StarWindService, "C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe" ["Rocket Division Software"]

SteelSecurity Email Monitoring Service, BsMailProxy, "C:\WINDOWS\System32\svchost.exe -k SteelSecurity" {"C:\Program Files\BullGuard Ltd.\SteelSecurity\BsMailProxy.dll" ["BullGuard Software"]}

SteelSecurity File Monitoring Service, BsFileSpy, "C:\WINDOWS\System32\svchost.exe -k SteelSecurity" {"C:\Program Files\BullGuard Ltd.\SteelSecurity\BsFileSpy.dll" ["BullGuard Software"]}

SteelSecurity Firewall Service, BsFirewall, "C:\WINDOWS\System32\svchost.exe -k SteelSecurity" {"C:\Program Files\BullGuard Ltd.\SteelSecurity\BsFirewall.dll" ["BullGuard Software"]}

SteelSecurity LiveUpdate, BGLiveSvc, ""C:\Program Files\BullGuard Ltd.\SteelSecurity\SteelUpdate.exe"" ["BullGuard Software"]

SteelSecurity Main Service, BgMainSvc, "C:\WINDOWS\System32\svchost.exe -k SteelSecurity" {"C:\Program Files\BullGuard Ltd.\SteelSecurity\BsMain.dll" ["SteelSecurity, Ltd."]}

Windows User Mode Driver Framework, UMWdf, "C:\WINDOWS\system32\wdfmgr.exe" [MS]



Print Monitors:

---------------


HKLM\System\CurrentControlSet\Control\Print\Monitors\

Canon BJ Language Monitor i350\Driver = "CNMLM53.DLL" ["CANON INC."]



----------

<>: Suspicious data at a malware launch point.


+ This report excludes default entries except where indicated.

+ To see *everywhere* the script checks and *everything* it finds,

  launch it from a command prompt or a shortcut with the -all parameter.

+ To search all directories of local fixed drives for DESKTOP.INI

  DLL launch points, use the -supp parameter or answer "No" at the

  first message box and "Yes" at the second message box.

---------- (total run time: 82 seconds, including 18 seconds for message boxes)

Złączono Posty : 24.01.2007 (Sro) 14:57

nie wiem czy to ma cos do tego ale w uruchom -> MSCONFIG w usługach mam wszystki zaznaczone w ogólnym opcje trzecią “Uruchamianie selektywne”