Gość: maly problemik
IP: *.aster.pl / *.aster.pl
22.12.04, 14:25
No własnie, w awaryjnym tez nie da się usunać :-( mało sie znam, ale mysle ze
to powoduje jakieś problemy, w sumie nic sie nie dzieje, ale nie lubie mieć
smieci, mozna to wywalic ale wraca,Hijck nie fixuje tego bo pisze ze uzywa
tego jakis proces, w awaryjnym też, Ad Aware wykrywa stała ilosć smieci 30, i
to zawsze, mam małe podejrzenie ze złapałem to przez yahoo, albo inny
komunikator,ale nie wiem,emule jest raczej bezpieczny, Zone alarm działa, nie
wchodze na dziwne strony, ale to mnie wybitnie denerwuje...
Tak wiec jeśli ktos by miał chwilke i jakies sugestie to bede wielce wdzieczny
P.S wpisy trzy Netsec-a rozpakowałem i uruchomiłem
Pozdrawiam
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.e-finder.cc/search/ (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant =
about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.e-
finder.cc/search/ (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.e-finder.cc/search/ (obfuscated)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://default.home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.e-finder.cc/search/ (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant =
about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.e-
finder.cc/search/ (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.e-finder.cc/search/ (obfuscated)
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://default.home
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.e-finder.cc/search/ (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://www.e-finder.cc/search/ (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,(Default) =
http://www.e-finder.cc/search/ (obfuscated)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.e-finder.cc/search/ (obfuscated)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://www.e-finder.cc/search/ (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,(Default) =
http://www.e-finder.cc/search/ (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://www.e-finder.cc/search/ (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://www.e-finder.cc/search/ (obfuscated)
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,AutoConfigURL = http://www.aster.pl/aster.pac
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyServer = 212.106.162.125:443
O2 - BHO: DOMPeek Class - {834261E1-DD97-4177-853B-C907E5D5BD6E} -
C:\WINNT\dpe.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CreateCD50] "C:\Program Files\Common Files\Adaptec
Shared\CreateCD\CreateCD50.exe" -r
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator
5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\System32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -
atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [wpkontakt] C:\Program Files\Wirtualna
Polska\wpkontakt\wpkontakt.exe -autostart
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone
Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN
Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!
\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy
Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [MSMsgSvc] C:\WINNT\System\MSMSGSVC.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common
Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: GetRight - Tray Icon.lnk = C:\Program
Files\GetRight\getright.exe
O9 - Extra button: Microsoft® JavaScript® Console - {FD3BFB69-3053-4ABC-9AD5-
D88ECCCEF09B} - C:\WINNT\System32\COMDLG32.OCX
O9 - Extra 'Tools' menuitem: JavaScript Console - {FD3BFB69-3053-4ABC-9AD5-
D88ECCCEF09B} - C:\WINNT\System32\COMDLG32.OCX
O9 - Extra button: Microsoft® JavaScript® Console - {FD3BFB69-3053-4ABC-9AD5-
D88ECCCEF09B} - C:\WINNT\System32\COMDLG32.OCX (HKCU)
O9 - Extra 'Tools' menuitem: JavaScript Console - {FD3BFB69-3053-4ABC-9AD5-
D88ECCCEF09B} - C:\WINNT\System32\COMDLG32.OCX (HKCU)
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/houseca
ll/xscan53.cab
O16 - DPF: {A6212120-01D4-11D5-9A39-0080C8D85044} (GameDesire Slots 70th) -
http://67.15.101.3/g_bin/pl/slots70_2_0_0_20.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) -
http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O18 - Protocol: wpmsg - {2E0AC5A0-3597-11D6-B3ED-0001021DC1C3} - C:\Program
Files\Wirtualna Polska\wpkontakt\url_wpmsg.dll
O23 - Service: avast! iAVS4 Control Service - Unknown - C:\Program
Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Unknown - C:\Program Files\Common
Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - Unknown - C:\Program Files\Alwil
Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil
Software\Avast4\ashMaiSv.exe
O23 - Service: Digimation Protection Server - Digimation, Inc. - C:\3DSMAX~1
\DIGIPSRV.EXE
O23 - Service: Usługa administracyjna Menedżera dysków logicznych - VERITAS
Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Macromedia Licensing Service - Unknown - C:\Program
Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Driver Helper Service - NVIDIA Corporation -
C:\WINNT\System32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) - Unknown - %
ProgramFiles%\WinPcap\rpcapd.exe (file missing)
O23 - Service: TrueVector Internet Monitor - Zone Labs Inc. -
C:\WINNT\system32\ZONELABS\vsmon.exe