Problem polega na tym, iż java.exe zawsze jest w procesach i nie można jej zamknąć, zakoń zadanie działa chwilowo, po paru sekundach proces znowu sie odnawia.

Drugim problemem jest zmiana “formatu” klawiatury(Polski programista[zapomniałem jak to sie nazywa dokładnie]) i zamiast ‘z’ mam ‘y’, następnie jak sie zmieni już “format”, to w programie gadu-gadu nie działają polskie litery, a w np. w wordzie działają, naciśnięcie shift + alt częściowo naprawia problem, tzn. ‘z’ jest ‘z’, a ‘y’ jest ‘y’, ale nie działają polskie literki(śćżółą).

Z java jest kolejny problem, wczoraj zdenerwowałem się, że nie działają mi programy,gry itp. napisane w javie i usunąłem Java 1.3.1 Plug-in sposobem shift+del(wyskoczyła informacja, że mogą przestać działać pewne programy, nie zraziło mnie to za bardzo),następnie w dodaj usuń programy usunąłem resztę javy (1.5_5 itd do 1.5_11), ściągnąłem najnowsza(1.5_11) zainstalowałem i przy próbie uruchomienia programu napisanego w javie wyskoczył Błąd: can not find main class, zaglądnąłem na stronę javy było tam rozwiązanie, a mianowicie miałem z rejestru usunąć wpis, no więc usunąłem prawie wszystkie[:P] jakie były wpisy dotyczące Javy(jeden zostawiłem, który odnosił się do Sony Vegsa), niestety ikonka javy 1.3.1 dalej była[i jest nadal] w panelu sterowania, jedynie java 1.5 zniknęła. Teraz jak probuje włączyć z panelu sterowania jave 1.3.1 wyskakuje:

The system cannot find the registry key specified:

HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Plug-in\1.3.1_03

Rozwiązanie problemu z java jest dla mnie teraz najważniejsze. W systemie mam na pewno masę innego świństwa, Windows ostatni raz był rok temu przeinstalowany, duża liczba użytkowników z niego korzysta, ciężko kontrolować, kto gdzie wchodzi i co ściąga.

Logfile of HijackThis v1.99.1

Scan saved at 14:27:47, on 2007-03-24

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\Program Files\cFosSpeed\spd.exe

D:\gry\maya 70\docs\wrapper.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

D:\gry\maya 70\docs\jre\bin\java.exe

C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe

C:\PROGRA~1\WANADOO\TaskbarIcon.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\cFosSpeed\cFosSpeed.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe

C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Gadu-Gadu\gg.exe

C:\Program Files\Deluxe Ski Jump 3\DSJ3.exe

E:\hijackthis\HijackThis.exe


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearshare.com/pl

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada Plus wita Cie w Internecie

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll

O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL

O3 - Toolbar: &Tłumaczenie - {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll

O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe

O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe

O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\TaskbarIcon.exe

O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cFosSpeed.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [AtiTrayTools] "C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe"

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe

O4 - Global Startup: officejet 6100.lnk = ?

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Ściągnij przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_link.htm

O8 - Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_all.htm

O9 - Extra button: (no name) - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll,-103 - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe

O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {5A09E43F-A0A7-4ABF-AF80-11367CF1DC8F} (MainControl Class) - http://mks.com.pl/skaner/SkanerOnline.cab

O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MainControl Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{8B6FAC57-AA79-4DF4-BD8D-86CD0821370A}: NameServer = 194.204.159.1 217.98.63.164

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: cFosSpeed System Service (cFosSpeedS) - Unknown owner - C:\Program Files\cFosSpeed\spd.exe" -service (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Maya 7.0 Documentation Server (maya70docserver) - Unknown owner - D:\gry\maya 70\docs\wrapper.exe" -s "D:\gry\maya 70\docs\Wrapper.conf (file missing)

O23 - Service: Maya 7 PLE Documentation Server (mple7docserver) - Unknown owner - D:\gry\maya\docs\wrapper.exe (file missing)

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe

O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

"Silent Runners.vbs", revision R50, http://www.silentrunners.org/

Operating System: Windows XP SP2

Output limited to non-default values, except where indicated by "{++}"



Startup items buried in registry:

---------------------------------


HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}

"ctfmon.exe" = "C:\WINDOWS\system32\ctfmon.exe" [MS]

"AtiTrayTools" = ""C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe"" ["Ray Adams"]

"LDM" = "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" ["Logitech Inc."]


HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}

"WOOWATCH" = "C:\PROGRA~1\WANADOO\Watch.exe" ["France Télécom R&D"]

"Share-to-Web Namespace Daemon" = "C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" ["Hewlett-Packard"]

"WOOTASKBARICON" = "C:\PROGRA~1\WANADOO\TaskbarIcon.exe" ["France Télécom R&D"]

"AtiPTA" = "atiptaxx.exe" ["ATI Technologies, Inc."]

"Logitech Hardware Abstraction Layer" = "KHALMNPR.EXE" ["Logitech Inc."]

"cFosSpeed" = "C:\Program Files\cFosSpeed\cFosSpeed.exe" ["cFos Software GmbH"]

"avast!" = "C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [null data]

"SunJavaUpdateSched" = ""C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"" ["Sun Microsystems, Inc."]


HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)

  -> {HKLM...CLSID} = "AcroIEHlprObj Class"

                   \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]

{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}\(Default) = (no title provided)

  -> {HKLM...CLSID} = "Megaupload Toolbar"

                   \InProcServer32\(Default) = "C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL" ["MegaUpload"]

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)

  -> {HKLM...CLSID} = "SSVHelper Class"

                   \InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll" ["Sun Microsystems, Inc."]


HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

"{23170F69-40C1-278A-1000-000100020000}" = "7-Zip Shell Extension"

  -> {HKLM...CLSID} = "7-Zip Shell Extension"

                   \InProcServer32\(Default) = "C:\Program Files\7-Zip\7-zip.dll" ["Igor Pavlov"]


HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\

<> AtiExtEvent\DLLName = "Ati2evxx.dll" ["ATI Technologies Inc."]


HKLM\Software\Classes\*\shellex\ContextMenuHandlers\

7-Zip\(Default) = "{23170F69-40C1-278A-1000-000100020000}"

  -> {HKLM...CLSID} = "7-Zip Shell Extension"

                   \InProcServer32\(Default) = "C:\Program Files\7-Zip\7-zip.dll" ["Igor Pavlov"]

avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"

  -> {HKLM...CLSID} = "avast"

                   \InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"]

TuneUp Shredder Shell Extension\(Default) = "{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}"

  -> {HKLM...CLSID} = "TuneUp Shredder Shell Extension"

                   \InProcServer32\(Default) = "C:\Program Files\TuneUp Utilities 2007\SDShelEx-win32.dll" ["TuneUp Software GmbH"]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

  -> {HKLM...CLSID} = "WinRAR"

                   \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]


HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\

7-Zip\(Default) = "{23170F69-40C1-278A-1000-000100020000}"

  -> {HKLM...CLSID} = "7-Zip Shell Extension"

                   \InProcServer32\(Default) = "C:\Program Files\7-Zip\7-zip.dll" ["Igor Pavlov"]

TuneUp Shredder Shell Extension\(Default) = "{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}"

  -> {HKLM...CLSID} = "TuneUp Shredder Shell Extension"

                   \InProcServer32\(Default) = "C:\Program Files\TuneUp Utilities 2007\SDShelEx-win32.dll" ["TuneUp Software GmbH"]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

  -> {HKLM...CLSID} = "WinRAR"

                   \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]


HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\

avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"

  -> {HKLM...CLSID} = "avast"

                   \InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

  -> {HKLM...CLSID} = "WinRAR"

                   \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]



Group Policies {policy setting}:

--------------------------------


Note: detected settings may not have any effect.


HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\


"DisableTaskMgr" = (REG_DWORD) hex:0x00000000

{Remove Task Manager}


HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\


"shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001

{Shutdown: Allow system to be shut down without having to log on}


"undockwithoutlogon" = (REG_DWORD) hex:0x00000001

{Devices: Allow undock without having to log on}



Active Desktop and Wallpaper:

-----------------------------


Active Desktop may be disabled at this entry:

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState


Displayed if Active Desktop enabled and wallpaper not set by Group Policy:

HKCU\Software\Microsoft\Internet Explorer\Desktop\General\

"Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp"


Displayed if Active Desktop disabled and wallpaper not set by Group Policy:

HKCU\Control Panel\Desktop\

"Wallpaper" = "C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp"



Enabled Screen Saver:

---------------------


HKCU\Control Panel\Desktop\

"SCRNSAVE.EXE" = "C:\WINDOWS\System32\logon.scr" [MS]



Startup items in "Mateusz" & "All Users" startup folders:

---------------------------------------------------------


C:\Documents and Settings\All Users\Menu Start\Programy\Autostart

"DSLMON" -> shortcut to: "C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe /W" [empty string]

"hp psc 2000 Series" -> shortcut to: "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe" ["Hewlett-Packard Co."]

"officejet 6100" -> shortcut to: "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe" ["Hewlett-Packard Co."]

"Microsoft Office" -> shortcut to: "C:\Program Files\Microsoft Office\Office\OSA9.EXE -b -l" [MS]

"Logitech SetPoint" -> shortcut to: "C:\Program Files\Logitech\SetPoint\SetPoint.exe" ["Logitech Inc."]

"Logitech Desktop Messenger" -> shortcut to: "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe -startup" ["Logitech Inc."]



Enabled Scheduled Tasks:

------------------------


"FRU Task #Hewlett-Packard#hp psc 2100 series#1150470056" -> launches: "C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe -I "#Hewlett-Packard#hp psc 2100 series#1150470056"" [empty string]

"1-Click Maintenance" -> launches: "C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe /schedulestart" ["TuneUp Software GmbH"]



Winsock2 Service Provider DLLs:

-------------------------------


Namespace Service Providers


HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}

000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]

000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]


Transport Service Providers


HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}

0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:

%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 17

%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05



Toolbars, Explorer Bars, Extensions:

------------------------------------


Toolbars


HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\

"{4D5C8C2A-D075-11D0-B416-00C04FB90376}"

  -> {HKLM...CLSID} = "Pasek poleceń Microsoft"

                   \InProcServer32\(Default) = "C:\WINDOWS\System32\browseui.dll" [MS]

"{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}"

  -> {HKLM...CLSID} = "Megaupload Toolbar"

                   \InProcServer32\(Default) = "C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL" ["MegaUpload"]


HKLM\Software\Microsoft\Internet Explorer\Toolbar\

"{E0E899AB-F487-11D5-8D29-0050BA6940E3}" = "FlashGet Bar"

  -> {HKLM...CLSID} = "FlashGet Bar"

                   \InProcServer32\(Default) = "C:\PROGRA~1\FLASHGET\fgiebar.dll" ["Amaze Soft"]

"{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}" = (no title provided)

  -> {HKLM...CLSID} = "Megaupload Toolbar"

                   \InProcServer32\(Default) = "C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL" ["MegaUpload"]

"{0D704FAD-66E9-4F0A-BFED-4F665770DDB3}" = (no title provided)

  -> {HKLM...CLSID} = "&Tłumaczenie"

                   \InProcServer32\(Default) = "C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll" ["Techland"]


Explorer Bars


HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\


HKLM\Software\Classes\CLSID\{175556B1-4D91-4E9A-9C4B-D6888D5DEE6C}\(Default) = "&Ramka Tłumaczenia"

Implemented Categories\{00021494-0000-0000-C000-000000000046}\ [horizontal bar]

InProcServer32\(Default) = "C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll" ["Techland"]


HKLM\Software\Classes\CLSID\{D553F157-2AB0-4B46-98D2-7BA7CA418491}\(Default) = "&Słownik Podręczny"

Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]

InProcServer32\(Default) = "C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll" ["Techland"]


Extensions (Tools menu items, main toolbar menu buttons)


HKLM\Software\Microsoft\Internet Explorer\Extensions\

{B46B0919-62BA-4D99-A5C4-916B57A6805C}\

"MenuText" = "@C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll,-103"

"CLSIDExtension" = "{B46B0919-62BA-4D99-A5C4-916B57A6805C}"

  -> {HKLM...CLSID} = "InternetTranslatorProperties Class"

                   \InProcServer32\(Default) = "C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll" ["Techland"]


{D6E814A0-E0C5-11D4-8D29-0050BA6940E3}\

"ButtonText" = "FlashGet"

"MenuText" = "&FlashGet"

"Exec" = "C:\PROGRA~1\FLASHGET\flashget.exe" ["FlashGet.com"]


{FB5F1910-F110-11D2-BB9E-00C04F795683}\

"ButtonText" = "Messenger"

"MenuText" = "Windows Messenger"

"Exec" = "C:\Program Files\Messenger\msmsgs.exe" [MS]



Miscellaneous IE Hijack Points

------------------------------


HKLM\Software\Microsoft\Internet Explorer\AboutURLs\

<> "TuneUp" = "file://C|/Documents and Settings/All Users/Dane aplikacji/TuneUp Software/Common/base.css" [file not found]



Running Services (Display Name, Service Name, Path {Service DLL}):

------------------------------------------------------------------


Ati HotKey Poller, Ati HotKey Poller, "C:\WINDOWS\system32\Ati2evxx.exe" ["ATI Technologies Inc."]

avast! Antivirus, avast! Antivirus, ""C:\Program Files\Alwil Software\Avast4\ashServ.exe"" [null data]

avast! iAVS4 Control Service, aswUpdSv, ""C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"" [null data]

avast! Mail Scanner, avast! Mail Scanner, ""C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service" ["ALWIL Software"]

avast! Web Scanner, avast! Web Scanner, ""C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service" ["ALWIL Software"]

cFosSpeed System Service, cFosSpeedS, ""C:\Program Files\cFosSpeed\spd.exe" -service" ["cFos Software GmbH"]

Machine Debug Manager, MDM, ""C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"" [MS]

Maya 7.0 Documentation Server, maya70docserver, ""D:\gry\maya 70\docs\wrapper.exe" -s "D:\gry\maya 70\docs\Wrapper.conf"" [null data]

Pml Driver HPZ12, Pml Driver HPZ12, "C:\WINDOWS\system32\HPZipm12.exe" ["HP"]

SoundMAX Agent Service, SoundMAX Agent Service (default), "C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe" ["Analog Devices, Inc."]

StarWind iSCSI Service, StarWindService, "C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe" ["Rocket Division Software"]

TuneUp Design Expansion, UxTuneUp, "C:\WINDOWS\System32\svchost.exe -k netsvcs" {"C:\WINDOWS\System32\uxtuneup.dll" ["TuneUp Software GmbH"]}

Windows User Mode Driver Framework, UMWdf, "C:\WINDOWS\system32\wdfmgr.exe" [MS]



Print Monitors:

---------------


HKLM\System\CurrentControlSet\Control\Print\Monitors\

hpzlnt05\Driver = "hpzlnt05.dll" ["HP"]



----------

<>: Suspicious data at a malware launch point.

<>: Suspicious data at a browser hijack point.


+ This report excludes default entries except where indicated.

+ To see *everywhere* the script checks and *everything* it finds,

  launch it from a command prompt or a shortcut with the -all parameter.

+ The search for DESKTOP.INI DLL launch points on all local fixed drives

  took 110 seconds.

---------- (total run time: 178 seconds)

Zainstaluj nową wersję Javy albo z innej firmy i powiedz czy dalej jest ten problem

Logi są czyste.

Zajrzyj tutaj:

http://forum.dobreprogramy.pl/viewtopic.php?t=100399

Zapuść Registry Search Tool na szukanie Java Plug-in lub Java i pokaż wynik.

Log z Registry Search Tool:

Czyszczenie rejestru:

RegCleaner - http://www.dobreprogramy.pl/index.php?dz=2&t=29&id=177 albo jv16 PowerTools - http://www.dobreprogramy.pl/index.php?dz=2&t=29&id=509