Logfile of HijackThis v1.99.1
Scan saved at 15:10:28, on 4.2.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\hphmon04.exe
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\localhost\apache2\bin\httpd.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\localhost\apache2\bin\httpd.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\NetLimiter 2 Pro\NLClient.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Mefistos\Totalcmd\TOTALCMD.EXE
C:\Program Files\DAEMON Tools\daemon.exe
c:\Mefistos\ProcessExplorer\procexp.exe
c:\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\system32\hphmon04.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [vdrdpup] C:\WINDOWS\system32\rundll32 C:\WINDOWS\system32\vdrdpup.dll,RegisterVirtualChannel
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
O4 - HKLM\..\Run: [Vampiro] C:\WINDOWS\system32\WDD.EXE
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1029 -noicon
O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Startup: SaveSnap.lnk.disabled
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk.disabled
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Analyzovat LeechGetem - file://C:\Program Files\LeechGet 2006\\Parser.html
O8 - Extra context menu item: Download LeechGetem - file://C:\Program Files\LeechGet 2006\\AddUrl.html
O8 - Extra context menu item: Download s průvodcem LeechGetu - file://C:\Program Files\LeechGet 2006\\Wizard.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/in ... er_gmn.cab
O18 - Protocol: bw+0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apache2.2 - Unknown owner - C:\localhost\apache2\bin\httpd.exe" -k runservice (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: MySQL - Unknown owner - c:\Program.exe (file missing)
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcSandraSrv.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe (file missing)
Prosím o kontrolu
No v HJT fixni:
O4 - HKLM\..\Run: [Vampiro] C:\WINDOWS\system32\WDD.EXE
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - Startup: PowerReg Scheduler V3.exe
Ty červeně označené soubory najdi a smaž Pro lepší nalezení si zapni Zobrazovat skryté a systémové soubory.
Poté nech tenhle soubor zkontrolovat na Virustotallu:
C:\WINDOWS\system32\vdrdpup.dll
Pro lepší nalezení si zapni Zobrazovat skryté a systémové soubory.
Poté sem zkopíruj výsledky + nový log z HJT.
O4 - HKLM\..\Run: [Vampiro] C:\WINDOWS\system32\WDD.EXE
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - Startup: PowerReg Scheduler V3.exe
Ty červeně označené soubory najdi a smaž Pro lepší nalezení si zapni Zobrazovat skryté a systémové soubory.
Poté nech tenhle soubor zkontrolovat na Virustotallu:
C:\WINDOWS\system32\vdrdpup.dll
Pro lepší nalezení si zapni Zobrazovat skryté a systémové soubory.
Poté sem zkopíruj výsledky + nový log z HJT.
Naposledy upravil(a) sakiri dne 04 úno 2007 16:35, celkem upraveno 1 x.
-
Baron Prášil
- Master Level 7
- Příspěvky: 4882
- Registrován: červen 06
- Pohlaví:
- Stav:
Offline
fixni
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O4 - HKLM\..\Run: [Vampiro] C:\WINDOWS\system32\WDD.EXE
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - Startup: PowerReg Scheduler V3.exe
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
najdi a smaž tučné
(líp najdeš když si zapneš zobrazování skrytých a systémových souborů(otevři jakoukoliv složku,Nástroje>Možnosti složky>Zobrazení)
potom restartni a pošli novej log
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O4 - HKLM\..\Run: [Vampiro] C:\WINDOWS\system32\WDD.EXE
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - Startup: PowerReg Scheduler V3.exe
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
najdi a smaž tučné
(líp najdeš když si zapneš zobrazování skrytých a systémových souborů(otevři jakoukoliv složku,Nástroje>Možnosti složky>Zobrazení)
potom restartni a pošli novej log
Mám podezření že v PC je rootkit a tak se ho pokouším najít RootkitRevealerem ... trvá to déle než jsem předpokládal :(
Ještě dotaz, nevíte jak se dá odstranit SecuROM v7?
Ještě dotaz, nevíte jak se dá odstranit SecuROM v7?
Kód: Vybrat vše
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe (file missing)tak poté sem vlož ten log z RootkitRevealerem.
Vypadá to že Securom už bylo odstraněno zbyla po tom jenom služba.
a co ten soubor jak dopadl na testování zkopíruj sem výsledky + sem vlož log z HJT
Nikdy sem Securom neodstraňoval tak nevím jak poté bude šlapat PC ale dej Start-Spustit a do toho řádku
napiš services.msc
a tuto službu zastav a typ spuštění dej na zakázáno (pokud tu službu ovšem chceš zakázat):
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe (file missing)
Poté restartuj PC.
Ale jak jsem říkal nevím jak bude PC šlapat po zakázání té služby.
Vypadá to že Securom už bylo odstraněno zbyla po tom jenom služba.
a co ten soubor jak dopadl na testování zkopíruj sem výsledky + sem vlož log z HJT
Nikdy sem Securom neodstraňoval tak nevím jak poté bude šlapat PC ale dej Start-Spustit a do toho řádku
napiš services.msc
a tuto službu zastav a typ spuštění dej na zakázáno (pokud tu službu ovšem chceš zakázat):
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe (file missing)
Poté restartuj PC.
Ale jak jsem říkal nevím jak bude PC šlapat po zakázání té služby.
Log RootkitReveal
------
Complete scanning result of "vdrdpup.dll", received in VirusTotal at 02.04.2007, 17:20:21 (CET).
---
Log HJT
Nikde jsem nenašel soubor "PowerReg Scheduler V3.exe" abych ho mohl smazat jak radíte.
Kód: Vybrat vše
HKU\S-1-5-21-1606980848-764733703-839522115-1003\Software\Adobe\MediaBrowser\MRU\illustrator\ApplicationPath 17.10.2005 16:10 91 bytes Data mismatch between Windows API and raw hive data.
HKU\S-1-5-21-1606980848-764733703-839522115-1003\Software\SecuROM\!CAUTION! NEVER DELETE OR CHANGE ANY KEY* 26.9.2006 11:27 0 bytes Key name contains embedded nulls (*)
HKU\S-1-5-21-1606980848-764733703-839522115-1003\Software\Zepter Software\RegLib*44d7e9fb 15.5.2006 13:03 0 bytes Key name contains embedded nulls (*)
HKLM\SECURITY\Policy\Secrets\SAC* 30.9.2005 14:14 0 bytes Key name contains embedded nulls (*)
HKLM\SECURITY\Policy\Secrets\SAI* 30.9.2005 14:14 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Eset\Nod\CurrentVersion\Modules\Update\Settings\LastUpdateAttempt 4.2.2007 15:06 4 bytes Data mismatch between Windows API and raw hive data.
HKLM\SOFTWARE\Eset\Nod\CurrentVersion\Scheduler\Timestamp 4.2.2007 15:06 4 bytes Data mismatch between Windows API and raw hive data.
HKLM\SOFTWARE\Eset\Nod\CurrentVersion\Scheduler\100\LastExec 4.2.2007 15:06 4 bytes Data mismatch between Windows API and raw hive data.
HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg 10.12.2006 12:57 0 bytes Access is denied.
C:\Documents and Settings\***\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\emtacqi2.default\Cache\0FB44955d01 4.2.2007 16:17 83.10 KB Hidden from Windows API.------
Complete scanning result of "vdrdpup.dll", received in VirusTotal at 02.04.2007, 17:20:21 (CET).
Kód: Vybrat vše
Antivirus Version Update Result
AntiVir 7.3.1.34 02.04.2007 no virus found
Authentium 4.93.8 02.03.2007 no virus found
Avast 4.7.936.0 02.03.2007 no virus found
AVG 386 02.04.2007 no virus found
BitDefender 7.2 02.04.2007 no virus found
CAT-QuickHeal 9.00 02.03.2007 no virus found
ClamAV devel-20060426 02.03.2007 no virus found
DrWeb 4.33 02.04.2007 no virus found
eSafe 7.0.14.0 02.03.2007 no virus found
eTrust-InoculateIT 30.4.3364 02.02.2007 no virus found
eTrust-Vet 30.3.3366 02.03.2007 no virus found
Ewido 4.0 02.04.2007 no virus found
Fortinet 2.85.0.0 02.04.2007 no virus found
F-Prot 4.2.1.29 02.03.2007 no virus found
Ikarus T3.1.0.31 02.04.2007 no virus found
Kaspersky 4.0.2.24 02.04.2007 no virus found
McAfee 4955 02.02.2007 no virus found
Microsoft 1.2101 02.04.2007 no virus found
Norman 5.80.02 02.02.2007 no virus found
Panda 9.0.0.4 02.04.2007 no virus found
Prevx1 V2 02.04.2007 no virus found
Sophos 4.13.0 02.02.2007 no virus found
Sunbelt 2.2.907.0 02.02.2007 no virus found
Symantec 10 02.04.2007 no virus found
TheHacker 6.0.3.162 02.02.2007 no virus found
UNA 1.83 02.03.2007 no virus found
VBA32 3.11.2 02.04.2007 no virus found
VirusBuster 4.3.19:9 02.03.2007 no virus found
Aditional Information
File size: 71680 bytes
MD5: 77c1305460bffb06a6d4dc2dbeb2f773
SHA1: f645c40eeaf0fa6e17f9bd8aa65676d7c0c39476---
Log HJT
Nikde jsem nenašel soubor "PowerReg Scheduler V3.exe" abych ho mohl smazat jak radíte.
Kód: Vybrat vše
Logfile of HijackThis v1.99.1
Scan saved at 17:57:52, on 4.2.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\hphmon04.exe
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\localhost\apache2\bin\httpd.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\localhost\apache2\bin\httpd.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\NetLimiter 2 Pro\NLClient.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Mefistos\Totalcmd\TOTALCMD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
c:\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\system32\hphmon04.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [vdrdpup] C:\WINDOWS\system32\rundll32 C:\WINDOWS\system32\vdrdpup.dll,RegisterVirtualChannel
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1029 -noicon
O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: SaveSnap.lnk.disabled
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk.disabled
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Analyzovat LeechGetem - file://C:\Program Files\LeechGet 2006\\Parser.html
O8 - Extra context menu item: Download LeechGetem - file://C:\Program Files\LeechGet 2006\\AddUrl.html
O8 - Extra context menu item: Download s průvodcem LeechGetu - file://C:\Program Files\LeechGet 2006\\Wizard.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O18 - Protocol: bw+0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {F5774FD5-0A2B-4136-95C6-6CA27C19C625} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apache2.2 - Unknown owner - C:\localhost\apache2\bin\httpd.exe" -k runservice (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: MySQL - Unknown owner - c:\Program.exe (file missing)
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcSandraSrv.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe (file missing)Myslim si to ... mám dojem že mi něco blokuje správnou instalaci AutoCADu 2005. Instalace proběhne v pořádku, ale při spuštění mi Autocad hází kritickou chybu. Podle hlášky jde o instalaci při které některý program brání jejímu správnému provedení. Takže všechny programy běžící na pozadí jsem ukončil, přesto instalace opět neproběhla správně.
Někde je zakopanej pes, ale já netušim kde.
Někde je zakopanej pes, ale já netušim kde.
Tak jsem to projel MWAVem a podle návodu sem dávám výpis
Kód: Vybrat vše
Sun Feb 04 18:49:50 2007 => ***** Scanning Registry and File system for Adware/Spyware *****
Sun Feb 04 18:49:50 2007 => Loading Spyware Signatures from new External Database [Name: C:\DOCUME~1\smrz\LOCALS~1\Temp\spydb.avs, Size: 206443].
Sun Feb 04 18:49:50 2007 => Indexed Spyware Databases Successfully Created...
Sun Feb 04 18:49:50 2007 => System found infected with flashfxp Spyware/Adware ({e5a1691b-d188-4419-ad02-90002030b8ee})! Action taken: No Action Taken.
Sun Feb 04 18:49:50 2007 => System found infected with flashfxp Spyware/Adware ({e5a1691b-d188-4419-ad02-90002030b8ee})! Action taken: No Action Taken.
Sun Feb 04 18:49:52 2007 => Offending Key found: HKLM\Software\magnet !!!
Sun Feb 04 18:49:52 2007 => Object "grokster Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sun Feb 04 18:49:52 2007 => Offending Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\media-motor.net !!!
Sun Feb 04 18:49:52 2007 => Object "medload Adware" found in File System! Action Taken: No Action Taken.
Sun Feb 04 18:49:54 2007 => Offending Key found: HKCU\\magnet !!!
Sun Feb 04 18:49:54 2007 => Object "grokster Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sun Feb 04 18:49:57 2007 => Offending file found: C:\DOCUME~1\***\LOCALS~1\Temp\ginstall.dll
Sun Feb 04 18:49:57 2007 => System found infected with direct advertiser Spyware/Adware (ginstall.dll)! Action taken: No Action Taken.
Sun Feb 04 18:50:19 2007 => Offending file found: C:\Documents and Settings\***\Local Settings\temp\ginstall.dll
Sun Feb 04 18:50:19 2007 => System found infected with direct advertiser Spyware/Adware (ginstall.dll)! Action taken: No Action Taken.
Sun Feb 04 18:50:43 2007 => Offending file found: C:\WINDOWS\system32\unrar.dll
Sun Feb 04 18:50:43 2007 => System found infected with savenow Adware (C:\WINDOWS\system32\unrar.dll)! Action taken: No Action Taken.
Sun Feb 04 22:30:43 2007 => ***** Scanning complete. *****
Sun Feb 04 22:30:43 2007 => Total Objects Scanned: 201981
Sun Feb 04 22:30:43 2007 => Total Critical Objects: 14
Sun Feb 04 22:30:43 2007 => Total Disinfected Objects: 0
Sun Feb 04 22:30:43 2007 => Total Objects Renamed: 0
Sun Feb 04 22:30:43 2007 => Total Deleted Objects: 0
Sun Feb 04 22:30:43 2007 => Total Errors: 6088
Sun Feb 04 22:30:43 2007 => Time Elapsed: 03:41:42
Sun Feb 04 22:30:43 2007 => Virus Database Date: 2/4/2007
Sun Feb 04 22:30:43 2007 => Virus Database Count: 264390
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 3 hosti