Skocz do zawartości


Zdjęcie

Brak połączenia w BearShare


  • Zaloguj się, aby dodać odpowiedź
2 odpowiedzi w tym temacie

#1 matixon

matixon

    Nowy

  • 2 postów

Napisano 27 01 2008 - 15:42

Witam
Mam problem z połączeniem bearshara z internetem.
Cały czas pierwsze kółeczko mruga na czerwono i pisze że "Hosty - not connected"
Jeszcze wczoraj było wszystko dobrze, dzisiaj natomiast już totalna klapa.
Reinstalacja kilka razy, a nie chcę używać miśka w wersji 6 (chociaż ta się łączy)
Mam zainstalowanego avasta i CounterSpy który wyłączany jest prawie zawsze).
Zapora systemowa włączona, ale z wyjątkiem dla Bearshara.

Zamieszczam fotki:
Zdjęcie 1
Zdjęcie 2

Nie wiem co jest źle, prosze o pomoc.

  • 0

#2 Bardock

Bardock

    Ocean of Apathy

  • 985 postów

Napisano 27 01 2008 - 15:48

Hmm...Może pokaż log z HJT.

  • 0

#3 matixon

matixon

    Nowy

  • 2 postów

Napisano 27 01 2008 - 15:58

Dziękuję za szybką odpowiedź.
Oto log z HJT

Logfile of HijackThis v1.99.1
Scan saved at 15:08, on 2008-01-27
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\spoolsv.exe
E:\PPP\Program Files\English Translator 3\ET.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\[url="http://www.download.net.pl/44/BearShare-Free/"]BearShare[/url]\[url="http://www.download.net.pl/44/BearShare-Free/"]BearShare[/url].exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\DOCUME~1\User\USTAWI~1\Temp\7zO2C7.tmp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = L1cza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SBCSTray] C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe
O4 - HKLM\..\Run: [[url="http://www.download.net.pl/44/BearShare-Free/"]BearShare[/url]] "C:\Program Files\[url="http://www.download.net.pl/44/BearShare-Free/"]BearShare[/url]\[url="http://www.download.net.pl/44/BearShare-Free/"]BearShare[/url].exe" /pause
O4 - HKLM\..\RunOnce: [My Global Search Uninstall] rundll32 C:\PROGRA~1\UNINST~1.DLL,O -2
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} - http://www.mks.com.pl/skaner/SkanerOnline.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe

i mam na wszelki wypadek SR.

"Silent Runners.vbs", revision R50, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"Gadu-Gadu" = ""C:\Program Files\Gadu-Gadu\gg.exe" /tray" ["Gadu-Gadu S.A."]

HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\ {++}
"FlashPlayerUpdate" = "C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p" ["Adobe Systems, Inc."]

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"ATIPTA" = ""C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"" ["ATI Technologies, Inc."]
"avast!" = "C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" ["ALWIL Software"]
"SunJavaUpdateSched" = ""C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"" ["Sun Microsystems, Inc."]
"(Default)" = "(empty string)" [file not found]
"SBCSTray" = "C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe" ["Sunbelt Software"]
"[url="http://www.download.net.pl/44/BearShare-Free/"]BearShare[/url]" = ""C:\Program Files\[url="http://www.download.net.pl/44/BearShare-Free/"]BearShare[/url]\[url="http://www.download.net.pl/44/BearShare-Free/"]BearShare[/url].exe" /pause" ["Free Peers, Inc."]

HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\ {++}
"My Global Search Uninstall" = "rundll32 C:\PROGRA~1\UNINST~1.DLL,O -2" [MS]

HKLM\Software\Microsoft\Active Setup\Installed Components\
>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}\(Default) = "Outlook Express"
										\StubPath   = "C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE" [MS]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
  -> {HKLM...CLSID} = "AcroIEHlprObj Class"
				   \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
  -> {HKLM...CLSID} = "SSVHelper Class"
				   \InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll" ["Sun Microsystems, Inc."]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{EFA24E62-B078-11d0-89E4-00C04FC9E26E}" = "History Band"
  -> {HKLM...CLSID} = "History Band"
				   \InProcServer32\(Default) = "C:\WINDOWS\system32\shdocvw.dll" [MS]

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
<<!>> AtiExtEvent\DLLName = "Ati2evxx.dll" ["ATI Technologies Inc."]

HKLM\Software\Classes\PROTOCOLS\Filter\
<<!>> text/xml\CLSID = "{807553E5-5146-11D5-A672-00B0D022E945}"
  -> {HKLM...CLSID} = (no title provided)
				   \InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL" [MS]

HKLM\Software\Classes\Folder\shellex\ColumnHandlers\
{7D4D6379-F301-4311-BEBA-E26EB0561882}\(Default) = "NeroDigitalExt.NeroDigitalColumnHandler"
  -> {HKLM...CLSID} = "NeroDigitalColumnHandler Class"
				   \InProcServer32\(Default) = "C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll" ["Nero AG"]
{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"
  -> {HKLM...CLSID} = "PDF Shell Extension"
				   \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
7-Zip\(Default) = "{23170F69-40C1-278A-1000-000100020000}"
  -> {HKLM...CLSID} = "7-Zip Shell Extension"
				   \InProcServer32\(Default) = "C:\Program Files\7-Zip\7-zip.dll" ["Igor Pavlov"]
avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"
  -> {HKLM...CLSID} = "avast"
				   \InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"]

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
7-Zip\(Default) = "{23170F69-40C1-278A-1000-000100020000}"
  -> {HKLM...CLSID} = "7-Zip Shell Extension"
				   \InProcServer32\(Default) = "C:\Program Files\7-Zip\7-zip.dll" ["Igor Pavlov"]

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"
  -> {HKLM...CLSID} = "avast"
				   \InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"]


Group Policies {GPedit.msc branch and setting}:
-----------------------------------------------

Note: detected settings may not have any effect.

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\

"LinkResolveIgnoreLinkInfo" = (REG_DWORD) hex:0x00000001
{unrecognized setting}

"NoResolveSearch" = (REG_DWORD) hex:0x00000000
{unrecognized setting}

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\

"DisableRegistryTools" = (REG_DWORD) hex:0x00000000
{User Configuration|Administrative Templates|System|
Prevent access to registry editing tools}

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\

"shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Shutdown: Allow system to be shut down without having to log on}

"undockwithoutlogon" = (REG_DWORD) hex:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Devices: Allow undock without having to log on}


Active Desktop and Wallpaper:
-----------------------------

Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
"Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp"

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp"


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

Transport Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 15
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05


Toolbars, Explorer Bars, Extensions:
------------------------------------

Explorer Bars

HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\

HKLM\Software\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = "&Badanie"
Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL" [MS]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\Software\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
"MenuText" = "Sun Java Console"
"CLSIDExtension" = "{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}"
  -> {HKCU...CLSID} = "Java Plug-in 1.6.0_03"
				   \InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll" ["Sun Microsystems, Inc."]
  -> {HKLM...CLSID} = "Java Plug-in 1.6.0_03"
				   \InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll" ["Sun Microsystems, Inc."]

{85D1F590-48F4-11D9-9669-0800200C9A66}\
"MenuText" = "Uninstall BitDefender Online Scanner v8"

{92780B25-18CC-41C8-B9BE-3C9C571A8263}\
"ButtonText" = "Badanie"


Miscellaneous IE Hijack Points
------------------------------

C:\WINDOWS\INF\IERESET.INF (used to "Reset Web Settings")

Added lines (compared with English-language version):
: ˙ţ[ V e r s i o n ] 
 
:  S i g n a t u r e = " $ C H I C A G O $ " 
 
:  A d v a n c e d I N F = 2 . 5 , " Y o u   n e e d   a   n e w   v e r s i o n   o f   a d v p a c k . d l l " 
 
:  
 
:  [ R e s t o r e H o m e P a g e ] 
 
:  A d d R e g = R e s t o r e H o m e P a g e . r e g 
 
:  
 
:  [ R e s t o r e B r o w s e r S e t t i n g s ] 
 
:  A d d R e g = R e s t o r e B r o w s e r S e t t i n g s . r e g 
 
:  D e l R e g = D e l e t e T e m p l a t e s . r e g ,   D e l e t e A u t o s e a r c h . r e g 
 
:  
 
:  [ R e s t o r e H o m e P a g e . r e g ] 
 
:  H K C U , " S o f t w a r e \ M i c r o s o f t \ I n t e r n e t   E x p l o r e r \ M a i n " , " S t a r t   P a g e " , 0 , % S T A R T _ P A G E _ U R L % 
 
:  
 
:  [ R e s t o r e B r o w s e r S e t t i n g s . r e g ] 
 
:  H K L M , " S o f t w a r e \ M i c r o s o f t \ I n t e r n e t   E x p l o r e r \ M a i n " , " D e f a u l t _ P a g e _ U R L " , 0 , % S T A R T _ P A G E _ U R L % 
 
:  H K L M , " S o f t w a r e \ M i c r o s o f t \ I n t e r n e t   E x p l o r e r \ M a i n " , " D e f a u l t _ S e a r c h _ U R L " , 0 , % S E A R C H _ P A G E _ U R L % 
 
:  H K L M , " S o f t w a r e \ M i c r o s o f t \ I n t e r n e t   E x p l o r e r \ M a i n " , " S e a r c h   P a g e " , 0 , % S E A R C H _ P A G E _ U R L % 
 
:  H K L M , " S o f t w a r e \ M i c r o s o f t \ I n t e r n e t   E x p l o r e r \ M a i n \ U r l T e m p l a t e " , " 1 " , 0 , " w w w . % s . c o m " 
 
:  H K L M , " S o f t w a r e \ M i c r o s o f t \ I n t e r n e t   E x p l o r e r \ M a i n \ U r l T e m p l a t e " , " 2 " , 0 , " w w w . % s . o r g " 
 
:  H K L M , " S o f t w a r e \ M i c r o s o f t \ I n t e r n e t   E x p l o r e r \ M a i n \ U r l T e m p l a t e " , " 3 " , 0 , " w w w . % s . n e t " 
 
:  H K L M , " S o f t w a r e \ M i c r o s o f t \ I n t e r n e t   E x p l o r e r \ M a i n \ U r l T e m p l a t e " , " 4 " , 0 , " w w w . % s . e d u " 
 
:  H K C U , " S o f t w a r e \ M i c r o s o f t \ I n t e r n e t   E x p l o r e r \ M a i n " , " S e a r c h   P a g e " , 0 , % S E A R C H _ P A G E _ U R L % 
 
:  
 
: ;   N O T E   ( a n d r e w g u )   i e 5 . 5   b # 1 0 8 2 5 9   -   a u t o s e a r c h   s e t t i n g s   a r e   n o t   p r o p e r l y   r e s e t 
 
:  H K C U , " S o f t w a r e \ M i c r o s o f t \ I n t e r n e t   E x p l o r e r \ S e a r c h U r l " , " P r o v i d e r " , 0 , " " 
 
:  
 
:																																																																	  t m " 
 
:																																																																	  t m " 
 
:  H K L M , " S o f t w a r e \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ I n t e r n e t   S e t t i n g s \ S a f e S i t e s " , % S A F E S I T E _ V A L U E % , 0 , " h t t p : / / i e . s e a r c h . m s n . c o m / * " 
 
:  
 
:  [ D e l e t e T e m p l a t e s . r e g ] 
 
:  H K L M , " S o f t w a r e \ M i c r o s o f t \ I n t e r n e t   E x p l o r e r \ M a i n \ U r l T e m p l a t e " , " 5 " 
 
:  H K L M , " S o f t w a r e \ M i c r o s o f t \ I n t e r n e t   E x p l o r e r \ M a i n \ U r l T e m p l a t e " , " 6 " 
 
:  H K L M , " S o f t w a r e \ M i c r o s o f t \ I n t e r n e t   E x p l o r e r \ M a i n \ U r l T e m p l a t e " , " 7 " 
 
:  H K L M , " S o f t w a r e \ M i c r o s o f t \ I n t e r n e t   E x p l o r e r \ M a i n \ U r l T e m p l a t e " , " 8 " 
 
:  H K L M , " S o f t w a r e \ M i c r o s o f t \ I n t e r n e t   E x p l o r e r \ M a i n \ U r l T e m p l a t e " , " 9 " 
 
:  
 
:  [ D e l e t e A u t o s e a r c h . r e g ] 
 
: ;   N O T E   ( a n d r e w g u )   i e 5 . 5   b # 1 0 8 2 5 9   -   a u t o s e a r c h   s e t t i n g s   a r e   n o t   p r o p e r l y   r e s e t 
 
:  H K C U , " S o f t w a r e \ M i c r o s o f t \ I n t e r n e t   E x p l o r e r \ M a i n " , " A u t o S e a r c h " 
 
:  
 
:  [ S t r i n g s ] 
 
:  S T A R T _ P A G E _ U R L = " h t t p : / / w w w . m i c r o s o f t . c o m / i s a p i / r e d i r . d l l ? p r d = i e & p v e r = 6 & a r = m s n h o m e " 
 
:  S E A R C H _ P A G E _ U R L = " h t t p : / / w w w . m i c r o s o f t . c o m / i s a p i / r e d i r . d l l ? p r d = i e & a r = i e s e a r c h " 
 
:  S A F E S I T E _ V A L U E = " i e . s e a r c h . m s n . c o m " 
 
:  
 
: ;   I M P O R T A N T   N O T E : 
 
: ;   I E   b r a n d i n g   d l l   ( i e d k c s 3 2 . d l l )   u s e s   t h e   f o l l o w i n g   e n t r i e s   t o   r e s t o r e   t h e   d e f a u l t   M S   v a l u e s . 
 
: ;   I n   t h e   v a n i l l a   v e r s i o n   o f   I E ,   t h e   v a l u e s   m u s t   b e   t h e   s a m e   a s   t h e i r   c o r r e s p o n d i n g   n o n   M S _ *   v a l u e s . 
 
: ;   F o r   e x a m p l e ,   S T A R T _ P A G E _ U R L   a n d   M S _ S T A R T _ P A G E _ U R L   m u s t   h a v e   t h e   s a m e   U R L   i n   t h e   I E   v e r s i o n   r e l e a s e d   b y   M S . 
 
:  M S _ S T A R T _ P A G E _ U R L = " h t t p : / / w w w . m i c r o s o f t . c o m / i s a p i / r e d i r . d l l ? p r d = i e & p v e r = 6 & a r = m s n h o m e " 
 
:  

Missing lines (compared with English-language version):
[Version]: 2 lines
[RestoreHomePage]: 1 line
[RestoreHomePage.reg]: 1 line
[RestoreBrowserSettings.reg]: 12 lines
[DeleteTemplates.reg]: 5 lines
[DeleteAutosearch.reg]: 1 line
[Strings]: 1 line
[RestoreBrowserSettings]: 2 lines
[Strings]: 3 lines


Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

Ati HotKey Poller, Ati HotKey Poller, "C:\WINDOWS\system32\Ati2evxx.exe" ["ATI Technologies Inc."]
avast! Antivirus, avast! Antivirus, ""C:\Program Files\Alwil Software\Avast4\ashServ.exe"" ["ALWIL Software"]
avast! iAVS4 Control Service, aswUpdSv, ""C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"" ["ALWIL Software"]
avast! Web Scanner, avast! Web Scanner, ""C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service" ["ALWIL Software"]
Windows User Mode Driver Framework, UMWdf, "C:\WINDOWS\system32\wdfmgr.exe" [MS]


Print Monitors:
---------------

HKLM\System\CurrentControlSet\Control\Print\Monitors\
LIDIL hpzll4pi\Driver = "hpzll4pi.dll" ["Hewlett-Packard Company"]
Microsoft Document Imaging Writer Monitor\Driver = "mdimon.dll" [MS]


----------
<<!>>: Suspicious data at a malware launch point.

+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
  launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
  DLL launch points, use the -supp parameter or answer "No" at the
  first message box and "Yes" at the second message box.
---------- (total run time: 25 seconds, including 3 seconds for message boxes)


  • 0




Użytkownicy przeglądający ten temat: 0

0 użytkowników, 0 gości, 0 anonimowych