FastClick
Wchdze tylko na pewne strony ale załapałem jakiś syf ( FastClick ). To jest za kaźtdym razem kiedy wejdena jedna z tych stron. Tylko Spybot to znajduje. Jak sie przedytm obronić????
Log jest czysty co zrobić zeby to na dober usunąć???
Log jest czysty co zrobić zeby to na dober usunąć???
Odpowiedzi: 15
Hijack This nieda rady.
Przeskanowałem system program coś znalazł jakieś "wirusy" ale kidy popatrzyłem do kwarantany to one tam były.
To ten program to usuną czy nie??
Kiedy pojawiała sie infomacja źe cos znalazł to dawałem usuń.
Znalazłem plik shdocvw.dll moźe go usunąć rencznie czy co.????? :( :( :( :( :( :( :( :( :( :? :? :? :? :? :? :? :? :? :cry: :cry: :cry: :cry: :cry:
Przeskanowałem system program coś znalazł jakieś "wirusy" ale kidy popatrzyłem do kwarantany to one tam były.
To ten program to usuną czy nie??
Kiedy pojawiała sie infomacja źe cos znalazł to dawałem usuń.
Znalazłem plik shdocvw.dll moźe go usunąć rencznie czy co.????? :( :( :( :( :( :( :( :( :( :? :? :? :? :? :? :? :? :? :cry: :cry: :cry: :cry: :cry:
Hijack This nieda rady.
Przeskanowałem system program coś znalazł jakieś "wirusy" ale kidy popatrzyłem do kwarantany to one tam były.
To ten program to usuną czy nie??
Kiedy pojawiała sie infomacja źe cos znalazł to dawałem usuń.
Znalazłem plik shdocvw.dll moźe go usunąć rencznie czy co.????? :( :( :( :( :( :( :( :( :( :? :? :? :? :? :? :? :? :? :cry: :cry: :cry: :cry: :cry:
Przeskanowałem system program coś znalazł jakieś "wirusy" ale kidy popatrzyłem do kwarantany to one tam były.
To ten program to usuną czy nie??
Kiedy pojawiała sie infomacja źe cos znalazł to dawałem usuń.
Znalazłem plik shdocvw.dll moźe go usunąć rencznie czy co.????? :( :( :( :( :( :( :( :( :( :? :? :? :? :? :? :? :? :? :cry: :cry: :cry: :cry: :cry:
Under:
Niemoge tego usunąć!!!!!!!!!!!!!!!!11
Pomocy.
Czego nie moźesz usunąć ten wpis.(to błahostka) Jak tak to pójdzie ci w Hijack This usunięcie łatwo. Oczyść pliki cookies. Katalogi temp. w trybie awaryjnym. Lub przeskanuj ewido gdzie linka dał ci szzzzz
Niemoge tego usunąć!!!!!!!!!!!!!!!!11
Pomocy.
Pomocy.
O9 – Extra button: ShopperReports – Compare product prices – {946B3E9E–E21A–49c8–9F63
przelec sobie tym:
http://www.searchengines.pl/phpbb203/lofiversion/index.php/t16762.html
Kolega Wiewia ma racje tylko to.:)
A to od czego moźe być??????
Poczekam ale chyba nikt nienapisze.
Czy potym jak to usune musze cos włonczyć?????/
A co do Silent Runners to jest jakaś strona atka jak w Hijack This do sprawdzania loginu??????
Jeśli tak to prosze o jej podanie.
Poczekam ale chyba nikt nienapisze.
Czy potym jak to usune musze cos włonczyć?????/
A co do Silent Runners to jest jakaś strona atka jak w Hijack This do sprawdzania loginu??????
Jeśli tak to prosze o jej podanie.
O9 – Extra button: ShopperReports – Compare product prices – {946B3E9E–E21A–49c8–9F63–900533FAFE15} – D:\WINDOWS\System32\shdocvw.dll
Jest tylko to. I troche w innej postaci jak się spodziewałem. Poczekaj moźe na wypowiedz jeszcze kogos innego. Bo nie jestem dokońca pewny
Niestety niema. To log z Hijack This.
A moźe jakiś program źeby coś z tym syfem zrobić???
Logfile of HijackThis v1.99.1
Scan saved at 20:29:18, on 2006–01–25
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\System32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Spybot – Search & Destroy\TeaTimer.exe
E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
E:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\taskmgr.exe
E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
E:\Program Files\Alwil Software\Avast4\ashDisp.exe
E:\Program Files\Opera\Opera.exe
D:\Documents and Settings\bbbb\Pulpit\TORRENT\HijackThis.exe
R1 – HKLM\Software\Microsoft\Internet Explorer,SearchAssistant = about:blank
R0 – HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 – HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: (no name) – {53707962–6F74–2D53–2644–206D7942484F} – E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 – HKCU\..\Run: [Gadu–Gadu] "F:\Program Files\Gadu–Gadu\gg.exe" /tray
O4 – HKCU\..\Run: [SpybotSD TeaTimer] E:\Program Files\Spybot – Search & Destroy\TeaTimer.exe
O4 – HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\MSMSGS.EXE" /background
O4 – Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 – Extra button: ShopperReports – Compare product prices – {946B3E9E–E21A–49c8–9F63–900533FAFE15} – D:\WINDOWS\System32\shdocvw.dll
O17 – HKLM\System\CCS\Services\Tcpip\..\{5F6AE2BF–D96E–4A81–85CC–08F83FE34199}: NameServer = 194.204.159.1,194.204.152.34
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – Unknown owner – E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: Ati HotKey Poller – ATI Technologies Inc. – D:\WINDOWS\System32\Ati2evxx.exe
O23 – Service: ATI Smart – Unknown owner – D:\WINDOWS\system32\ati2sgag.exe
O23 – Service: avast! Antivirus – Unknown owner – E:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – Unknown owner – E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 – Service: avast! Web Scanner – Unknown owner – E:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
A moźe jakiś program źeby coś z tym syfem zrobić???
Logfile of HijackThis v1.99.1
Scan saved at 20:29:18, on 2006–01–25
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\System32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Spybot – Search & Destroy\TeaTimer.exe
E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
E:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\taskmgr.exe
E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
E:\Program Files\Alwil Software\Avast4\ashDisp.exe
E:\Program Files\Opera\Opera.exe
D:\Documents and Settings\bbbb\Pulpit\TORRENT\HijackThis.exe
R1 – HKLM\Software\Microsoft\Internet Explorer,SearchAssistant = about:blank
R0 – HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 – HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: (no name) – {53707962–6F74–2D53–2644–206D7942484F} – E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 – HKCU\..\Run: [Gadu–Gadu] "F:\Program Files\Gadu–Gadu\gg.exe" /tray
O4 – HKCU\..\Run: [SpybotSD TeaTimer] E:\Program Files\Spybot – Search & Destroy\TeaTimer.exe
O4 – HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\MSMSGS.EXE" /background
O4 – Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 – Extra button: ShopperReports – Compare product prices – {946B3E9E–E21A–49c8–9F63–900533FAFE15} – D:\WINDOWS\System32\shdocvw.dll
O17 – HKLM\System\CCS\Services\Tcpip\..\{5F6AE2BF–D96E–4A81–85CC–08F83FE34199}: NameServer = 194.204.159.1,194.204.152.34
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – Unknown owner – E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: Ati HotKey Poller – ATI Technologies Inc. – D:\WINDOWS\System32\Ati2evxx.exe
O23 – Service: ATI Smart – Unknown owner – D:\WINDOWS\system32\ati2sgag.exe
O23 – Service: avast! Antivirus – Unknown owner – E:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – Unknown owner – E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 – Service: avast! Web Scanner – Unknown owner – E:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
HKLM\Software\Microsoft\Internet Explorer\Extensions\
{946B3E9E–E21A–49C8–9F63–900533FAFE15}\
"ButtonText" = "ShopperReports – Compare product prices"
"CLSIDExtension" = "{580a1f3f–89b4–433b–bbdb–b97aeb13f3fc}"
To mi się nie podoba daj jeszcze loga z HijackThis.
Wpis na czerwono zobacz czy masz w dodaj usuń programy
Oto logo z Silent Runners. Jest cos ?????
A niewiem jak coś usunąc tym programem wrazie gdyby coś było prosze o nałą instrukcje jak to usunąć.
"Silent Runners.vbs", revision 43, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non–default values, except where indicated by "{++}"
Startup items buried in registry:
–––––––––––––––––––––––––––––––––
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"Gadu–Gadu" = ""F:\Program Files\Gadu–Gadu\gg.exe" /tray" ["sms–express.com"]
"SpybotSD TeaTimer" = "E:\Program Files\Spybot – Search & Destroy\TeaTimer.exe" ["Safer Networking Limited"]
"MSMSGS" = ""D:\Program Files\Messenger\MSMSGS.EXE" /background" [MS]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{53707962–6F74–2D53–2644–206D7942484F}\(Default) = (no title provided)
–> {CLSID}\InProcServer32\(Default) = "E:\PROGRA~1\SPYBOT~1\SDHelper.dll" ["Safer Networking Limited"]
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714–76d4–11d1–8b24–00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania"
–> {CLSID}\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560–9AA2–1069–930E–00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"
–> {CLSID}\InProcServer32\(Default) = "D:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]
"{63542C48–9552–494A–84F7–73AA6A7C99C1}" = "OpenOffice Property Sheet Handler"
–> {CLSID}\InProcServer32\(Default) = "F:\Program Files\OpenOffice.org1.1.4\program\shlxthdl.dll" ["Sun Microsystems, Inc."]
"{0006F045–0000–0000–C000–000000000046}" = "Microsoft Outlook Custom Icon Handler"
–> {CLSID}\InProcServer32\(Default) = "D:\PROGRA~1\MICROS~2\Office\OLKFSTUB.DLL" [MS]
"{B41DB860–8EE4–11D2–9906–E49FADC173CA}" = "WinRAR shell extension"
–> {CLSID}\InProcServer32\(Default) = "E:\Program Files\WinRAR\rarext.dll" [null data]
"{21569614–B795–46b1–85F4–E737A8DC09AD}" = "Shell Search Band"
–> {CLSID}\InProcServer32\(Default) = "D:\WINDOWS\system32\browseui.dll" [MS]
"{472083B0–C522–11CF–8763–00608CC02F24}" = "avast"
–> {CLSID}\InProcServer32\(Default) = "E:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\
INFECTION WARNING! "{9EF34FF2–3396–4527–9D27–04C8C1C67806}" = "Microsoft AntiSpyware Service Hook"
–> {CLSID}\InProcServer32\(Default) = "F:\Program Files\Microsoft AntiSpyware\shellextension.dll" [MS]
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
INFECTION WARNING! AtiExtEvent\DLLName = "Ati2evxx.dll" ["ATI Technologies Inc."]
HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
avast\(Default) = "{472083B0–C522–11CF–8763–00608CC02F24}"
–> {CLSID}\InProcServer32\(Default) = "E:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"]
WinRAR\(Default) = "{B41DB860–8EE4–11D2–9906–E49FADC173CA}"
–> {CLSID}\InProcServer32\(Default) = "E:\Program Files\WinRAR\rarext.dll" [null data]
HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
WinRAR\(Default) = "{B41DB860–8EE4–11D2–9906–E49FADC173CA}"
–> {CLSID}\InProcServer32\(Default) = "E:\Program Files\WinRAR\rarext.dll" [null data]
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
avast\(Default) = "{472083B0–C522–11CF–8763–00608CC02F24}"
–> {CLSID}\InProcServer32\(Default) = "E:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"]
WinRAR\(Default) = "{B41DB860–8EE4–11D2–9906–E49FADC173CA}"
–> {CLSID}\InProcServer32\(Default) = "E:\Program Files\WinRAR\rarext.dll" [null data]
Active Desktop and Wallpaper:
–––––––––––––––––––––––––––––
Active Desktop is disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
HKCU\Control Panel\Desktop\
"Wallpaper" = "D:\Documents and Settings\bbbb\Menu Start\Moje dokumenty\Moje obrazy\Paweł Małaszynski.bmp"
Startup items in "bbbb" & "All Users" startup folders:
––––––––––––––––––––––––––––––––––––––––––––––––––––––
D:\Documents and Settings\All Users\Menu Start\Programy\Autostart
"Microsoft Office" –> shortcut to: "D:\Program Files\Microsoft Office\Office\OSA9.EXE –b –l" [MS]
Winsock2 Service Provider DLLs:
–––––––––––––––––––––––––––––––
Namespace Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
Transport Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 – 03, 06 – 13
%SystemRoot%\system32\rsvpsp.dll [MS], 04 – 05
Toolbars, Explorer Bars, Extensions:
––––––––––––––––––––––––––––––––––––
Extensions (Tools menu items, main toolbar menu buttons)
HKLM\Software\Microsoft\Internet Explorer\Extensions\
{946B3E9E–E21A–49C8–9F63–900533FAFE15}\
"ButtonText" = "ShopperReports – Compare product prices"
"CLSIDExtension" = "{580a1f3f–89b4–433b–bbdb–b97aeb13f3fc}"
Running Services (Display Name, Service Name, Path {Service DLL}):
––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––
Ati HotKey Poller, Ati HotKey Poller, "D:\WINDOWS\System32\Ati2evxx.exe" ["ATI Technologies Inc."]
avast! Antivirus, avast! Antivirus, ""E:\Program Files\Alwil Software\Avast4\ashServ.exe"" [null data]
avast! iAVS4 Control Service, aswUpdSv, ""E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"" [null data]
avast! Mail Scanner, avast! Mail Scanner, ""E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service" ["ALWIL Software"]
avast! Web Scanner, avast! Web Scanner, ""E:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service" ["ALWIL Software"]
Print Monitors:
–––––––––––––––
HKLM\System\CurrentControlSet\Control\Print\Monitors\
hpzsnt08\Driver = "hpzsnt08.dll" ["HP"]
––––––––––
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the –all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points and all Registry CLSIDs for dormant Explorer Bars,
use the –supp parameter or answer "No" at the first message box.
–––––––––– (total run time: 39 seconds, including 9 seconds for message boxes)
A niewiem jak coś usunąc tym programem wrazie gdyby coś było prosze o nałą instrukcje jak to usunąć.
"Silent Runners.vbs", revision 43, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non–default values, except where indicated by "{++}"
Startup items buried in registry:
–––––––––––––––––––––––––––––––––
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"Gadu–Gadu" = ""F:\Program Files\Gadu–Gadu\gg.exe" /tray" ["sms–express.com"]
"SpybotSD TeaTimer" = "E:\Program Files\Spybot – Search & Destroy\TeaTimer.exe" ["Safer Networking Limited"]
"MSMSGS" = ""D:\Program Files\Messenger\MSMSGS.EXE" /background" [MS]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{53707962–6F74–2D53–2644–206D7942484F}\(Default) = (no title provided)
–> {CLSID}\InProcServer32\(Default) = "E:\PROGRA~1\SPYBOT~1\SDHelper.dll" ["Safer Networking Limited"]
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714–76d4–11d1–8b24–00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania"
–> {CLSID}\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560–9AA2–1069–930E–00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"
–> {CLSID}\InProcServer32\(Default) = "D:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]
"{63542C48–9552–494A–84F7–73AA6A7C99C1}" = "OpenOffice Property Sheet Handler"
–> {CLSID}\InProcServer32\(Default) = "F:\Program Files\OpenOffice.org1.1.4\program\shlxthdl.dll" ["Sun Microsystems, Inc."]
"{0006F045–0000–0000–C000–000000000046}" = "Microsoft Outlook Custom Icon Handler"
–> {CLSID}\InProcServer32\(Default) = "D:\PROGRA~1\MICROS~2\Office\OLKFSTUB.DLL" [MS]
"{B41DB860–8EE4–11D2–9906–E49FADC173CA}" = "WinRAR shell extension"
–> {CLSID}\InProcServer32\(Default) = "E:\Program Files\WinRAR\rarext.dll" [null data]
"{21569614–B795–46b1–85F4–E737A8DC09AD}" = "Shell Search Band"
–> {CLSID}\InProcServer32\(Default) = "D:\WINDOWS\system32\browseui.dll" [MS]
"{472083B0–C522–11CF–8763–00608CC02F24}" = "avast"
–> {CLSID}\InProcServer32\(Default) = "E:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\
INFECTION WARNING! "{9EF34FF2–3396–4527–9D27–04C8C1C67806}" = "Microsoft AntiSpyware Service Hook"
–> {CLSID}\InProcServer32\(Default) = "F:\Program Files\Microsoft AntiSpyware\shellextension.dll" [MS]
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
INFECTION WARNING! AtiExtEvent\DLLName = "Ati2evxx.dll" ["ATI Technologies Inc."]
HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
avast\(Default) = "{472083B0–C522–11CF–8763–00608CC02F24}"
–> {CLSID}\InProcServer32\(Default) = "E:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"]
WinRAR\(Default) = "{B41DB860–8EE4–11D2–9906–E49FADC173CA}"
–> {CLSID}\InProcServer32\(Default) = "E:\Program Files\WinRAR\rarext.dll" [null data]
HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
WinRAR\(Default) = "{B41DB860–8EE4–11D2–9906–E49FADC173CA}"
–> {CLSID}\InProcServer32\(Default) = "E:\Program Files\WinRAR\rarext.dll" [null data]
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
avast\(Default) = "{472083B0–C522–11CF–8763–00608CC02F24}"
–> {CLSID}\InProcServer32\(Default) = "E:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"]
WinRAR\(Default) = "{B41DB860–8EE4–11D2–9906–E49FADC173CA}"
–> {CLSID}\InProcServer32\(Default) = "E:\Program Files\WinRAR\rarext.dll" [null data]
Active Desktop and Wallpaper:
–––––––––––––––––––––––––––––
Active Desktop is disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
HKCU\Control Panel\Desktop\
"Wallpaper" = "D:\Documents and Settings\bbbb\Menu Start\Moje dokumenty\Moje obrazy\Paweł Małaszynski.bmp"
Startup items in "bbbb" & "All Users" startup folders:
––––––––––––––––––––––––––––––––––––––––––––––––––––––
D:\Documents and Settings\All Users\Menu Start\Programy\Autostart
"Microsoft Office" –> shortcut to: "D:\Program Files\Microsoft Office\Office\OSA9.EXE –b –l" [MS]
Winsock2 Service Provider DLLs:
–––––––––––––––––––––––––––––––
Namespace Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
Transport Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 – 03, 06 – 13
%SystemRoot%\system32\rsvpsp.dll [MS], 04 – 05
Toolbars, Explorer Bars, Extensions:
––––––––––––––––––––––––––––––––––––
Extensions (Tools menu items, main toolbar menu buttons)
HKLM\Software\Microsoft\Internet Explorer\Extensions\
{946B3E9E–E21A–49C8–9F63–900533FAFE15}\
"ButtonText" = "ShopperReports – Compare product prices"
"CLSIDExtension" = "{580a1f3f–89b4–433b–bbdb–b97aeb13f3fc}"
Running Services (Display Name, Service Name, Path {Service DLL}):
––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––
Ati HotKey Poller, Ati HotKey Poller, "D:\WINDOWS\System32\Ati2evxx.exe" ["ATI Technologies Inc."]
avast! Antivirus, avast! Antivirus, ""E:\Program Files\Alwil Software\Avast4\ashServ.exe"" [null data]
avast! iAVS4 Control Service, aswUpdSv, ""E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"" [null data]
avast! Mail Scanner, avast! Mail Scanner, ""E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service" ["ALWIL Software"]
avast! Web Scanner, avast! Web Scanner, ""E:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service" ["ALWIL Software"]
Print Monitors:
–––––––––––––––
HKLM\System\CurrentControlSet\Control\Print\Monitors\
hpzsnt08\Driver = "hpzsnt08.dll" ["HP"]
––––––––––
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the –all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points and all Registry CLSIDs for dormant Explorer Bars,
use the –supp parameter or answer "No" at the first message box.
–––––––––– (total run time: 39 seconds, including 9 seconds for message boxes)
Skanowałem system Avastem znalazł 3 wirusy moźe to od tego.
Wieczorem zapuszcze Spybota i sie zobaczy!!
To nie od tego!!! Co mam zrobić????
Wieczorem zapuszcze Spybota i sie zobaczy!!
To nie od tego!!! Co mam zrobić????
Wydajemy się ze ten FastClick to są pliki cookie (ciasteczka). Czyść regularnie te pliki w swojej przeglądarce.
Wydajemy się ze ten FastClick to są pliki cookie (ciasteczka). Czyść regularnie te pliki w swojej przeglądarce.
Ale niewiem na jaką strone mam niewchodzić????
Jest jakis sopsób źeby przed tym sie obronić??
Jest jakis sopsób źeby przed tym sie obronić??
Nie wchodzić na te strony.
Strona 1 / 1