LOG
====================================
Uwaga: Jak wklejasz loga to obejmuj go znacznikiem (tagiem) CODE lub QUOTE
Proponuje poczytać TEN temat i zobacz jaka jest prośba do userów wklejających loga.
Widziałeś ten komunikat Ważny komunikat dotyczący tytułowania tematów zastosuj sie do niego => inaczej temat poleci do śmietnika :evil:
Pozdrawiam kuz5
Widziałeś ten komunikat Ważny komunikat dotyczący tytułowania tematów zastosuj sie do niego
Jak na moje oko, to log czysty 
Zainstaluj nowszą wersję Internet Explorer
Jaki problem?
SORKI JUZ nie uzyje[prosze o spr.loga].ale dalem log poniewarz niektore skanery mi wykrywaja ze mam szpiega tylko darmowki nie usowaja ich.a zaczely sie moje podejzenia od odczytania poczty jak chce otworzyc jakas wiadomosc to slychac dzwiek[pum]i wiadomosc sie nie otwiera skanowalem panda 21 szpiegow pozniej adwards 13szpiegow cos jest nie tak mysle ze opisalem dokladnie co mi dolega .jest na to jakies lekarstwo.dzieki za wyrozumialosc
log
“Silent Runners.vbs”, revision 41, http://www.silentrunners.org/
Operating System: Windows Me (Millennium Edition)
Output limited to non-default values, except where indicated by “{++}”
Startup items buried in registry:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
“LanLite” = “lanlite.exe” [","]
“Taskbar Display Controls” = “RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY” [MS]
“Gadu-Gadu” = ““C:\PROGRAM FILES\GADU-GADU\GG.EXE” /tray” [“sms-express.com”]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
“Windows Millennium Edition Intro Video” = “C:\WINDOWS\Applic~1\Micros~1\Intro\content.hta” [file not found]
“SelfHostUtil” = “C:\WINDOWS\selfhost.exe /L” [MS]
“TaskMonitor” = “C:\WINDOWS\taskmon.exe” [MS]
“PCHealth” = “C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s” [MS]
“SystemTray” = “SysTray.Exe” [MS]
“LoadPowerProfile” = “Rundll32.exe powrprof.dll,LoadCurrentPwrScheme” [MS]
“CloneCDTray” = ““C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe” /s” [“SlySoft, Inc.”]
“WinampAgent” = “C:\Program Files\Winamp\winampa.exe” [null data]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\ {++}
“HiberMonitor” = “C:\WINDOWS\HCount.exe” [null data]
“LoadPowerProfile” = “Rundll32.exe powrprof.dll,LoadCurrentPwrScheme” [MS]
“SchedulingAgent” = “mstask.exe” [MS]
“SSDPSRV” = “C:\WINDOWS\SYSTEM\ssdpsrv.exe” [MS]
“*StateMgr” = “C:\WINDOWS\System\Restore\StateMgr.exe” [MS]
HKLM\Software\Microsoft\Active Setup\Installed Components\
PerUser_CVT_Inis(Default) = “Instalator systemu Windows — Konwerter FAT32”
\StubPath = “rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_CVT_Inis 64 C:\WINDOWS\INF\applets1.inf” [MS]
{44BBA840-CC51-11CF-AAFA-00AA00B6015C}(Default) = “Microsoft Outlook Express 5”
\StubPath = ““C:\Program Files\Outlook Express\setup50.exe” /APP:OE /CALLER:WIN9X /user /uninstall” [MS]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{02478D38-C3F9-4EFB-9B51-7695ECA05670}(Default) = “Yahoo! Toolbar Helper” [from CLSID]
-> {CLSID}\InProcServer32(Default) = “C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YT.DLL” [“Yahoo! Inc.”]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}(Default) = “SSVHelper Class” [from CLSID]
-> {CLSID}\InProcServer32(Default) = “C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll” [“Sun Microsystems, Inc.”]
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
“{e57ce731-33e8-4c51-8354-bb4de9d215d1}” = “Universal Plug and Play Devices”
-> {CLSID}\InProcServer32(Default) = “C:\WINDOWS\SYSTEM\UPNPUI.DLL” [MS]
“{B41DB860-8EE4-11D2-9906-E49FADC173CA}” = “WinRAR shell extension”
-> {CLSID}\InProcServer32(Default) = “C:\PROGRAM FILES\WINRAR\rarext.dll” [null data]
HKLM\Software\Classes*\shellex\ContextMenuHandlers\
WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}”
-> {CLSID}\InProcServer32(Default) = “C:\PROGRAM FILES\WINRAR\rarext.dll” [null data]
HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}”
-> {CLSID}\InProcServer32(Default) = “C:\PROGRAM FILES\WINRAR\rarext.dll” [null data]
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}”
-> {CLSID}\InProcServer32(Default) = “C:\PROGRAM FILES\WINRAR\rarext.dll” [null data]
Active Desktop and Wallpaper:
Active Desktop is enabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
“Wallpaper” = “C:\Moje dokumenty\Moje obrazy\1024_wall_4.jpg”
WIN.INI & SYSTEM.INI launch points:
WIN.INI
[windows]
INFECTION WARNING! “load=ptsnoop.exe” [null data]
INFECTION WARNING! “run=C:\WINDOWS\SYSTEM\cmmpu.exe hpfsched” [null data], [null data]
Enabled Scheduled Tasks:
“XoftSpy” -> launches: “C:\PROGRAM FILES\XOFTSPY\XoftSpy.exe -t” [“ParetoLogic Inc.”]
“Rozpoczęcie aplikacji dostrajania” -> launches: “walign” [MS]
“Harmonogram programu PCHealth dla zbierania danych” -> launches: “C:\WINDOWS\PCHEALTH\SUPPORT\PCHSCHD.EXE -c” [MS]
Winsock2 Service Provider DLLs:
Namespace Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = “C:\WINDOWS\SYSTEM\rnr20.dll” [MS]
Transport Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
00000000000#\PackedCatalogItem (contains) DLL [Company Name], (at) # range:
C:\WINDOWS\SYSTEM\mswsosp.dll [MS], 1
C:\WINDOWS\SYSTEM\msafd.dll [MS], 2 - 4
C:\WINDOWS\SYSTEM\rsvpsp.dll [MS], 5 - 6
Toolbars, Explorer Bars, Extensions:
Toolbars
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\
“{2318C2B1-4965-11D4-9B18-009027A5CD4F}” = “&Google” [from CLSID]
-> {CLSID}\InProcServer32(Default) = “C:\WINDOWS\DOWNLOADED PROGRAM FILES\GOOGLENAV.DLL” [“Google Inc.”]
“{EF99BD32-C1FB-11D2-892F-0090271D4F88}” = “Yahoo! Toolbar” [from CLSID]
-> {CLSID}\InProcServer32(Default) = “C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YT.DLL” [“Yahoo! Inc.”]
HKCU\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\
“{2318C2B1-4965-11D4-9B18-009027A5CD4F}” = “&Google” [from CLSID]
-> {CLSID}\InProcServer32(Default) = “C:\WINDOWS\DOWNLOADED PROGRAM FILES\GOOGLENAV.DLL” [“Google Inc.”]
HKLM\Software\Microsoft\Internet Explorer\Toolbar\
“{2318C2B1-4965-11D4-9B18-009027A5CD4F}” = “&Google” [from CLSID]
-> {CLSID}\InProcServer32(Default) = “C:\WINDOWS\DOWNLOADED PROGRAM FILES\GOOGLENAV.DLL” [“Google Inc.”]
“{EF99BD32-C1FB-11D2-892F-0090271D4F88}” = “Yahoo! Toolbar” [from CLSID]
-> {CLSID}\InProcServer32(Default) = “C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YT.DLL” [“Yahoo! Inc.”]
Miscellaneous IE Hijack Points
HKLM\Software\Microsoft\Internet Explorer\Version = (invalid data)
The Internet Explorer version cannot be found!
C:\WINDOWS\INF\IERESET.INF (used to “Reset Web Settings”)
The contents of IERESET.INF cannot be reliably checked!
Added lines (compared with English-language version):
Missing lines (compared with English-language version):
strings: 2 lines
This report excludes default entries except where indicated.
To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
DLL launch points and all Registry CLSIDs for dormant Explorer Bars,
use the -supp parameter or answer “No” at the first message box.
---------- (total run time: 45 seconds, including 6 seconds for message boxes)
tomh2o zostałeś poproszony o przestrzeganie pewnych zasad - proszę poprawić posty i poprawić błędy - na forum używamy polskiej pisowni
Reszta loga ok
Wygląda na to, że wszystko jest już dobrze…
Przeskanuj jeszcze dysk: Ad-aware SE Personal 1.06 oraz Spybot Search & Destroy 1.4