Zdravím, podle návodu: http://www.pc-help.cz/viewtopic.php?t=7940 jsem se snažil odstranit vir. Zkončil jsem u MWAV. Nevím jak daný/é viry smazat.
LOG z MWAVu
Soubor C:\Documents and Settings\Jana_2\Plocha\SmitfraudFix\SmitfraudFix\Reboot.exe indentifikován jako "not-a-virus:RiskTool.Win32.Reboot.f". Provedené akce: Nic nebylo provedeno.
Objekt "whenu.savenow Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "grokster Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "grokster Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "trojan-downloader.bat.ftp.ab Trojan-Downloader" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "trojan-downloader.bat.ftp.ab Trojan-Downloader" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "trojan-downloader.bat.ftp.ab Trojan-Downloader" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "smitfraud Browser Hijacker" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "trojan-downloader.bat.ftp.ab Trojan-Downloader" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "trojan-downloader.bat.ftp.ab Trojan-Downloader" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "trojan-downloader.bat.ftp.ab Trojan-Downloader" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "trojan-downloader.bat.ftp.ab Trojan-Downloader" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "savenow Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "savenow Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Soubor C:\Documents and Settings\Jana_2\Plocha\SmitfraudFix\SmitfraudFix\Reboot.exe indentifikován jako "not-a-virus:RiskTool.Win32.Reboot.f". Provedené akce: Nic nebylo provedeno.
Sat Nov 03 16:55:24 2007 => Testovaných objektů: 51170
Sat Nov 03 16:55:24 2007 => Kritických objektů: 15
Sat Nov 03 16:55:24 2007 => Celkem vyléčených objektů: 0
Sat Nov 03 16:55:24 2007 => Celkem přejmenováno: 0
Sat Nov 03 16:55:24 2007 => Smazaných objektů: 0
Sat Nov 03 16:55:24 2007 => Celkem chyb: 4
Sat Nov 03 16:55:24 2007 => Uplynulý čas: 00:09:30
Sat Nov 03 16:55:24 2007 => Datum vydání databáze: 11/3/2007
Sat Nov 03 16:55:24 2007 => Verze virové databáze: 450817
LOG z HiJackThis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:03:56, on 3.11.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\DOCUME~1\Jana_2\LOCALS~1\Temp\mexe.com
C:\Programy\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\msiexec.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\notepad.exe
C:\Programy\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programy\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: MSVPS System - {CF368FC4-3241-409B-B1D6-0EA4FE33A555} - C:\WINDOWS\advrepdow.dll
O3 - Toolbar: The sdrmod - {210F79EC-C4B8-4AD5-B5B7-2B228F4376E9} - C:\WINDOWS\sdrmod.dll
O4 - HKLM\..\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\RunServices: [PcEXEreg] C:\WINDOWS\system\kl.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Programy\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Programy\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Programy\Verdict Free\etnxp.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programy\ICQLite\5.1\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programy\ICQLite\5.1\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.volny.cz/
O16 - DPF: {A20B1BB0-AC3D-4530-85F3-791B81303190} (ICQDevilImg Control) - http://xtraz.icq.com/xtraz/products/pho ... vilImg.cab
O18 - Protocol: bw+0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O21 - SSODL: hupsrv - {8423447A-9BD9-49AD-8FAA-B2B55FD40709} - C:\WINDOWS\hupsrv.dll
O21 - SSODL: bindmod - {F4B2AAD1-A126-4E99-98B3-39793EDC13B7} - C:\WINDOWS\bindmod.dll
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 18454 bytes
IE nepoužívám. POužívám Firefox.
Předem díky za pomoc!
Částečně smazaný Zlob Trojan?
-
fredik
- člen Security týmu
-
Master Level 7
- Příspěvky: 4680
- Registrován: červenec 06
- Pohlaví:
- Stav:
Offline
Vítej na fóru
Stáhni si SDFix
- Spusť ho a rozbalí se ti na disk kde je nainstalovaný Windows (typicky to je C:\SDfix)
- Pak restartuj PC do nouzového režimu (zvol možnost: Stav nouze, ne Stav nouze s práci v síti)
- Otevři adresář kde je vybalený SDFix a spusť soubor RunThis.bat tím spustíš program.
* Pak stiskni klávesu Y a pak Enter pro zahájení čistícího procesu.
* Pro dokončení kontroly budeš vyzván ke stisknoutí libovolné klávesy a počítač se restartuje.
* Při nabíhání operačního systému se program spustí znovu a dokončí čistící proces. Až se objeví Finish, budeš muset po vyzvání stisknout libovolnou klávesu, tim se ukončí program a zobrazí se ti ikony na ploše
- Když se skončí načítání ikon na ploše, otevře se ti na obrazovce log z SDFix a zároveň ho uloží do adresáře kde je rozbalený SDFix jako soubor Report.txt
Pak sem zkopíruj jeho obsah.
+
dej sem nový log z HijackThis
Stáhni si SDFix
- Spusť ho a rozbalí se ti na disk kde je nainstalovaný Windows (typicky to je C:\SDfix)
- Pak restartuj PC do nouzového režimu (zvol možnost: Stav nouze, ne Stav nouze s práci v síti)
- Otevři adresář kde je vybalený SDFix a spusť soubor RunThis.bat tím spustíš program.
* Pak stiskni klávesu Y a pak Enter pro zahájení čistícího procesu.
* Pro dokončení kontroly budeš vyzván ke stisknoutí libovolné klávesy a počítač se restartuje.
* Při nabíhání operačního systému se program spustí znovu a dokončí čistící proces. Až se objeví Finish, budeš muset po vyzvání stisknout libovolnou klávesu, tim se ukončí program a zobrazí se ti ikony na ploše
- Když se skončí načítání ikon na ploše, otevře se ti na obrazovce log z SDFix a zároveň ho uloží do adresáře kde je rozbalený SDFix jako soubor Report.txt
Pak sem zkopíruj jeho obsah.
+
dej sem nový log z HijackThis
Pardon, moje hloupost. 
SDFix: Version 1.113
Run by Jana_2 on so 03.11.2007 at 17:37
Microsoft Windows XP [Verze 5.1.2600]
Running From: C:\sd\SDFix
Safe Mode:
Checking Services:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Default HomePage Value
Restoring Default Desktop Components Value
Rebooting...
Normal Mode:
Checking Files:
Trojan Files Found:
C:\WINDOWS\advrepdow.dll - Deleted
C:\WINDOWS\bindmod.dll - Deleted
C:\WINDOWS\hupsrv.dll - Deleted
C:\WINDOWS\regedit.com - Deleted
C:\WINDOWS\sdrmod.dll - Deleted
C:\WINDOWS\system32\Bifrost\klog.dat - Deleted
C:\WINDOWS\wtopmod.exe - Deleted
Folder C:\WINDOWS\system32\Bifrost - Removed
Removing Temp Files...
ADS Check:
C:\WINDOWS
No streams found.
C:\WINDOWS\system32
No streams found.
C:\WINDOWS\system32\svchost.exe
No streams found.
C:\WINDOWS\system32\ntoskrnl.exe
No streams found.
Final Check:
catchme 0.3.1253 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-03 17:42:59
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000272c316c3]
"00164e605d28"=hex:1b,a4,54,c1,f4,c7,c3,7b,46,fa,7c,a5,f4,25,4e,b5
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s0"=dword:552cc0ca
"s1"=dword:d0bb9cf5
"s2"=dword:61a8744d
"h0"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:c2,aa,4e,c6,3a,b2,d6,da,ed,6b,77,05,ff,a4,64,06,61,38,73,14,1a,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,79,d8,cc,57,06,ae,c4,3c,89,4c,47,93,07,8d,89,23,4f,..
"khjeh"=hex:78,64,69,80,01,f3,5a,3f,c3,1f,89,06,75,21,52,4b,71,d9,e2,9d,6e,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:91,28,52,41,ed,ee,50,bc,3b,59,97,50,d6,ae,fb,44,66,75,a9,74,81,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000272c316c3]
"00164e605d28"=hex:1b,a4,54,c1,f4,c7,c3,7b,46,fa,7c,a5,f4,25,4e,b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:c2,aa,4e,c6,3a,b2,d6,da,ed,6b,77,05,ff,a4,64,06,61,38,73,14,1a,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,79,d8,cc,57,06,ae,c4,3c,89,4c,47,93,07,8d,89,23,4f,..
"khjeh"=hex:78,64,69,80,01,f3,5a,3f,c3,1f,89,06,75,21,52,4b,71,d9,e2,9d,6e,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:91,28,52,41,ed,ee,50,bc,3b,59,97,50,d6,ae,fb,44,66,75,a9,74,81,..
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Cursors\Schemes]
"\f\1e?r?n?\xe9? ?u?k?a?z?a?t?e?l?e? ?"="C:\WINDOWS\cursors\arrow_r.cur,C:\WINDOWS\cursors\help_r.cur,C:\WINDOWS\cursors\wait_r.cur,C:\WINDOWS\cursors\busy_r.cur,C:\WINDOWS\cursors\cross_r.cur,C:\WINDOWS\cursors\beam_r.cur,C:\WINDOWS\cursors\pen_r.cur,C:\WINDOWS\cursors\no_r.cur,C:\WINDOWS\cursors\size4_r.cur,C:\WINDOWS\cursors\size3_r.cur,C:\WINDOWS\cursors\size2_r.cur,C:\WINDOWS\cursors\size1_r.cur,C:\WINDOWS\cursors\move_r.cur,C:\WINDOWS\cursors\up_r.cur"
"\f\1e?r?n?\xe9? ?u?k?a?z?a?t?e?l?e? ?(?v?e?l?k?\xe9?)?"="C:\WINDOWS\cursors\arrow_rm.cur,C:\WINDOWS\cursors\help_rm.cur,C:\WINDOWS\cursors\wait_rm.cur,C:\WINDOWS\cursors\busy_rm.cur,C:\WINDOWS\cursors\cross_rm.cur,C:\WINDOWS\cursors\beam_rm.cur,C:\WINDOWS\cursors\pen_rm.cur,C:\WINDOWS\cursors\no_rm.cur,C:\WINDOWS\cursors\size4_rm.cur,C:\WINDOWS\cursors\size3_rm.cur,C:\WINDOWS\cursors\size2_rm.cur,C:\WINDOWS\cursors\size1_rm.cur,C:\WINDOWS\cursors\move_rm.cur,C:\WINDOWS\cursors\up_rm.cur"
"\f\1e?r?n?\xe9? ?u?k?a?z?a?t?e?l?e? ?(?n?e?j?v?\e\1t?a\1\xed?)?"="C:\WINDOWS\cursors\arrow_rl.cur,C:\WINDOWS\cursors\help_rl.cur,C:\WINDOWS\cursors\wait_rl.cur,C:\WINDOWS\cursors\busy_rl.cur,C:\WINDOWS\cursors\cross_rl.cur,C:\WINDOWS\cursors\beam_rl.cur,C:\WINDOWS\cursors\pen_rl.cur,C:\WINDOWS\cursors\no_rl.cur,C:\WINDOWS\cursors\size4_rl.cur,C:\WINDOWS\cursors\size3_rl.cur,C:\WINDOWS\cursors\size2_rl.cur,C:\WINDOWS\cursors\size1_rl.cur,C:\WINDOWS\cursors\move_rl.cur,C:\WINDOWS\cursors\up_rl.cur"
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Remaining Services:
------------------
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\hry\\Quake 3 Arena\\quake3.exe"="C:\\Program Files\\hry\\Quake 3 Arena\\quake3.exe:*:Disabled:quake3"
"C:\\Program Files\\Steam\\Steam.exe"="C:\\Program Files\\Steam\\Steam.exe:*:Enabled:Steam"
"C:\\Program Files\\hry\\EA GAMES\\MOHAA\\MOHAA.exe"="C:\\Program Files\\hry\\EA GAMES\\MOHAA\\MOHAA.exe:*:Enabled:Medal of Honor Allied Assault"
"C:\\Program Files\\hry\\Call of Duty\\CoDMP.exe"="C:\\Program Files\\hry\\Call of Duty\\CoDMP.exe:*:Enabled:CoDMP"
"C:\\Program Files\\hry\\UT2004Demo\\System\\UT2004.exe"="C:\\Program Files\\hry\\UT2004Demo\\System\\UT2004.exe:*:Enabled:UT2004"
"C:\\Program Files\\hry\\Codemasters\\Worms 4 Mayhem Demo\\Worms 4 Mayhem Demo.exe"="C:\\Program Files\\hry\\Codemasters\\Worms 4 Mayhem Demo\\Worms 4 Mayhem Demo.exe:*:Enabled:Worms 4 Mayhem Demo"
"C:\\Program Files\\hry\\Half-Life 2\\hl2.exe"="C:\\Program Files\\hry\\Half-Life 2\\hl2.exe:*:Enabled:hl2"
"C:\\Sdileni Martin\\Hry\\Quake 3 Arena\\Quake3\\quake3.exe"="C:\\Sdileni Martin\\Hry\\Quake 3 Arena\\Quake3\\quake3.exe:*:Enabled:quake3"
"C:\\Sdileni Martin\\Hry\\Half-Life 2\\hl2.exe"="C:\\Sdileni Martin\\Hry\\Half-Life 2\\hl2.exe:*:Enabled:hl2"
"C:\\Programy\\ICQLite\\ICQLite.exe"="C:\\Programy\\ICQLite\\ICQLite.exe:*:Enabled:ICQ Lite"
"C:\\Program Files\\hry\\EA GAMES\\The Battle for Middle-earth (tm)\\game.dat"="C:\\Program Files\\hry\\EA GAMES\\The Battle for Middle-earth (tm)\\game.dat:*:Enabled:The Battle for Middle-earth (tm)"
"C:\\Program Files\\GIGABYTE\\VGA Utility Manager\\G-vga.exe"="C:\\Program Files\\GIGABYTE\\VGA Utility Manager\\G-vga.exe:*:Enabled:Menu"
"C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\shade441\\counter-strike\\hl.exe"="C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\shade441\\counter-strike\\hl.exe:*:Disabled:Half-Life Launcher"
"C:\\Program Files\\hry\\Valve\\hl.exe"="C:\\Program Files\\hry\\Valve\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\shade441\\condition zero\\hl.exe"="C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\shade441\\condition zero\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\shade441\\condition zero deleted scenes\\hl.exe"="C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\shade441\\condition zero deleted scenes\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\shade441\\day of defeat\\hl.exe"="C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\shade441\\day of defeat\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\shade441\\deathmatch classic\\hl.exe"="C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\shade441\\deathmatch classic\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\shade441\\ricochet\\hl.exe"="C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\shade441\\ricochet\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\hry\\Valvecs\\hl.exe"="C:\\Program Files\\hry\\Valvecs\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\hry\\Valvec\\hl.exe"="C:\\Program Files\\hry\\Valvec\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Sdileni Martin\\Hry\\Warcraft III\\Warcraft III.exe"="C:\\Sdileni Martin\\Hry\\Warcraft III\\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\mates442\\counter-strike\\hl.exe"="C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\mates442\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\hry\\Non Steam\\Counter-Strike 1.6\\cstrike.exe"="C:\\Program Files\\hry\\Non Steam\\Counter-Strike 1.6\\cstrike.exe:*:Enabled:Counter-Strike Launcher"
"C:\\Program Files\\hry\\Non Steam\\Counter-Strike 1.6\\hl.exe"="C:\\Program Files\\hry\\Non Steam\\Counter-Strike 1.6\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\hry\\Non Steam\\Counter-Strike 1.6\\hlds.exe"="C:\\Program Files\\hry\\Non Steam\\Counter-Strike 1.6\\hlds.exe:*:Enabled:HLDS Launcher"
"C:\\Programy\\ICQLite\\5.1\\ICQLite.exe"="C:\\Programy\\ICQLite\\5.1\\ICQLite.exe:*:Enabled:ICQ Lite"
"C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\strejdabruny1177\\condition zero\\hl.exe"="C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\strejdabruny1177\\condition zero\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\strejdabruny1177\\counter-strike\\hl.exe"="C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\strejdabruny1177\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\VOLNY\\akcelerator\\VOLNYakc.exe"="C:\\Program Files\\VOLNY\\akcelerator\\VOLNYakc.exe:*:Enabled:CPROXY.com"
"C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\strejdabruny1177\\day of defeat\\hl.exe"="C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\strejdabruny1177\\day of defeat\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\hry\\Electronic Arts\\The Battle for Middle-earth (tm) II\\game.dat"="C:\\Program Files\\hry\\Electronic Arts\\The Battle for Middle-earth (tm) II\\game.dat:*:Enabled:The Battle for Middle-earth(tm) II"
"C:\\WINDOWS\\system32\\svchost.exe"="C:\\WINDOWS\\system32\\svchost.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\81exmodul32d.4.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\81exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\55exinjs.d.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\55exinjs.d.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\46exmodul32d.5.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\46exmodul32d.5.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\10exinjs.e.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\10exinjs.e.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\49exmodul32d.5.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\49exmodul32d.5.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\61exmodul32d.5.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\61exmodul32d.5.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\18exinjs.e.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\18exinjs.e.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\27exinjs.e.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\27exinjs.e.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\35exmodul32d.6.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\35exmodul32d.6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\22exmodul32d.6.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\22exmodul32d.6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\97exinjs.e.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\97exinjs.e.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\12exmodul32d.a.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\12exmodul32d.a.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\51exmodul32d.a.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\51exmodul32d.a.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\99exinjs.e.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\99exinjs.e.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\11exmodul32d.a.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\11exmodul32d.a.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\76exmodul32d.a.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\76exmodul32d.a.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\58exinjs.f.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\58exinjs.f.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\33exmodul32d.b.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\33exmodul32d.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\10exinjs.f.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\10exinjs.f.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\7exmodul32d.b.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\7exmodul32d.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\89exinjs.f.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\89exinjs.f.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\15exmodul32d.b.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\15exmodul32d.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\46exinjs.f.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\46exinjs.f.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\52exmodul32d.b.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\52exmodul32d.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\54exinjs.f.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\54exinjs.f.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\44exmodul32d.b.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\44exmodul32d.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\90exmodul32d.b.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\90exmodul32d.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\45exinjs.f.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\45exinjs.f.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\77exmodul32d.b.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\77exmodul32d.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\99exinjs.f.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\99exinjs.f.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\12exinjs.f.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\12exinjs.f.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\43exmodul32d.c.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\43exmodul32d.c.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\82exmodul32d.c.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\82exmodul32d.c.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\91exinjs.f.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\91exinjs.f.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\32exmodul32d.c.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\32exmodul32d.c.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\9exinjs.f.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\9exinjs.f.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\30exmodul32d.c.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\30exmodul32d.c.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\95exinjs.f.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\95exinjs.f.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\43exinjs.g.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\43exinjs.g.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\46exinjs.g.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\46exinjs.g.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\68exinjs.g.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\68exinjs.g.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\27exinjs.g.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\27exinjs.g.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\99exinjs.g.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\99exinjs.g.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\72exinjs.i.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\72exinjs.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\4exinjs.i.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\4exinjs.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\89exinjs.i.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\89exinjs.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\7exinjs.i.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\7exinjs.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\62exinjs.i.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\62exinjs.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\27exinjs.i.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\27exinjs.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\75exinjs.i.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\75exinjs.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\96exinjs.i.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\96exinjs.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\28exml32.1.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\28exml32.1.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\27exed32_2.1.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\27exed32_2.1.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\50exinjs.i.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\50exinjs.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\37exinjs.i.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\37exinjs.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\44exml32.1.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\44exml32.1.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\63exinjs.i.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\63exinjs.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\38exinjs.i.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\38exinjs.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\0exinjs.i.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\0exinjs.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\88exinjs.i.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\88exinjs.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\98exed32.1.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\98exed32.1.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\54exinjs.i.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\54exinjs.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\24exinjs.i.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\24exinjs.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\7exinjs.j.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\7exinjs.j.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\88exinjs.j.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\88exinjs.j.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\43exinjs.j.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\43exinjs.j.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\80exinjs.j.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\80exinjs.j.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\13exinjs.j.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\13exinjs.j.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\16exinjs.j.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\16exinjs.j.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\40exml32.1.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\40exml32.1.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\9exed32_2.1.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\9exed32_2.1.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\62exed32.1.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\62exed32.1.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\52exinjs.j.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\52exinjs.j.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\47exinjs.j.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\47exinjs.j.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\15exinjs.j.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\15exinjs.j.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\22exed32_2.1.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\22exed32_2.1.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\6exinjs.j.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\6exinjs.j.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\75exinjs.j.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\75exinjs.j.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\10exinjs.j.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\10exinjs.j.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\27exed32.1.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\27exed32.1.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\36exed32_2.1.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\36exed32_2.1.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\15exed32_2.1.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\15exed32_2.1.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\5exinjs.j.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\5exinjs.j.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\41exed32.1.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\41exed32.1.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\44exinjs.j.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\44exinjs.j.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\60exed32_2.1.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\60exed32_2.1.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\96exml32.1.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\96exml32.1.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\80exed32.1.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\80exed32.1.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\75exed32.1.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\75exed32.1.exe:*:Enabled:Microsoft Update"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\hry\\Electronic Arts\\The Lord of the Rings, The Rise of the Witch-king\\game.dat"="C:\\Program Files\\hry\\Electronic Arts\\The Lord of the Rings, The Rise of the Witch-king\\game.dat:*:Enabled:The Lord of the Rings, The Rise of the Witch-king"
"C:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"="C:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe:*:Disabled:Sunbelt Kerio Firewall GUI"
"C:\\Programy\\Hamachi\\hamachi.exe"="C:\\Programy\\Hamachi\\hamachi.exe:*:Enabled:Hamachi Client"
"C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\vosak01\\counter-strike source\\hl2.exe"="C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\vosak01\\counter-strike source\\hl2.exe:*:Disabled:hl2"
"C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\vosak01\\half-life 2 deathmatch\\hl2.exe"="C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\vosak01\\half-life 2 deathmatch\\hl2.exe:*:Enabled:hl2"
"C:\\Program Files\\hry\\Microsoft Games\\Age of Mythology\\aom.exe"="C:\\Program Files\\hry\\Microsoft Games\\Age of Mythology\\aom.exe:*:Enabled:Age of Mythology"
"H:\\Quake 3 Arena\\Quake3\\quake3.exe"="H:\\Quake 3 Arena\\Quake3\\quake3.exe:*:Enabled:quake3"
"C:\\Programy\\iolo\\System Mechanic Professional 7\\Personal Firewall\\ioloFW.exe"="C:\\Programy\\iolo\\System Mechanic Professional 7\\Personal Firewall\\ioloFW.exe:*:Enabled:iolo FirewallR"
"C:\\Programy\\iolo\\System Mechanic Professional 7\\AntiVirus\\ioloAV.exe"="C:\\Programy\\iolo\\System Mechanic Professional 7\\AntiVirus\\ioloAV.exe:*:Enabled:iolo AntiVirusR"
"C:\\Programy\\iolo\\System Mechanic Professional 7\\AntiVirus\\iAVEmailScanner.exe"="C:\\Programy\\iolo\\System Mechanic Professional 7\\AntiVirus\\iAVEmailScanner.exe:*:Enabled:iolo AntiVirusR Email Protection"
"C:\\Programy\\Skype\\Phone\\Skype.exe"="C:\\Programy\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
Remaining Files:
---------------
File Backups: - C:\sd\SDFix\backups\backups.zip
Files with Hidden Attributes:
Sun 11 Sep 2005 548,352 A..H. --- "C:\Programy\Miranda\Miranda IM\imgdecoder.dll"
Sun 25 Feb 2007 50,241 A..H. --- "C:\Programy\Miranda\Miranda IM\zlib.dll"
Sat 13 Jan 2007 61,952 A..H. --- "C:\Programy\Miranda\Miranda IM\plugins\FontService.dll"
Wed 25 Oct 2006 20,480 A..H. --- "C:\Programy\Miranda\Miranda IM\plugins\icolib.dll"
Finished!
HJT
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:45:43, on 3.11.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\msiexec.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\MsiExec.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Programy\Mozilla Firefox\firefox.exe
C:\Programy\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programy\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O4 - HKLM\..\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\RunServices: [PcEXEreg] C:\WINDOWS\system\kl.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Programy\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Programy\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Programy\Verdict Free\etnxp.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programy\ICQLite\5.1\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programy\ICQLite\5.1\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.volny.cz/
O16 - DPF: {A20B1BB0-AC3D-4530-85F3-791B81303190} (ICQDevilImg Control) - http://xtraz.icq.com/xtraz/products/pho ... vilImg.cab
O18 - Protocol: bw+0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 18183 bytes
SDFix: Version 1.113
Run by Jana_2 on so 03.11.2007 at 17:37
Microsoft Windows XP [Verze 5.1.2600]
Running From: C:\sd\SDFix
Safe Mode:
Checking Services:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Default HomePage Value
Restoring Default Desktop Components Value
Rebooting...
Normal Mode:
Checking Files:
Trojan Files Found:
C:\WINDOWS\advrepdow.dll - Deleted
C:\WINDOWS\bindmod.dll - Deleted
C:\WINDOWS\hupsrv.dll - Deleted
C:\WINDOWS\regedit.com - Deleted
C:\WINDOWS\sdrmod.dll - Deleted
C:\WINDOWS\system32\Bifrost\klog.dat - Deleted
C:\WINDOWS\wtopmod.exe - Deleted
Folder C:\WINDOWS\system32\Bifrost - Removed
Removing Temp Files...
ADS Check:
C:\WINDOWS
No streams found.
C:\WINDOWS\system32
No streams found.
C:\WINDOWS\system32\svchost.exe
No streams found.
C:\WINDOWS\system32\ntoskrnl.exe
No streams found.
Final Check:
catchme 0.3.1253 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-03 17:42:59
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000272c316c3]
"00164e605d28"=hex:1b,a4,54,c1,f4,c7,c3,7b,46,fa,7c,a5,f4,25,4e,b5
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s0"=dword:552cc0ca
"s1"=dword:d0bb9cf5
"s2"=dword:61a8744d
"h0"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:c2,aa,4e,c6,3a,b2,d6,da,ed,6b,77,05,ff,a4,64,06,61,38,73,14,1a,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,79,d8,cc,57,06,ae,c4,3c,89,4c,47,93,07,8d,89,23,4f,..
"khjeh"=hex:78,64,69,80,01,f3,5a,3f,c3,1f,89,06,75,21,52,4b,71,d9,e2,9d,6e,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:91,28,52,41,ed,ee,50,bc,3b,59,97,50,d6,ae,fb,44,66,75,a9,74,81,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000272c316c3]
"00164e605d28"=hex:1b,a4,54,c1,f4,c7,c3,7b,46,fa,7c,a5,f4,25,4e,b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:c2,aa,4e,c6,3a,b2,d6,da,ed,6b,77,05,ff,a4,64,06,61,38,73,14,1a,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,79,d8,cc,57,06,ae,c4,3c,89,4c,47,93,07,8d,89,23,4f,..
"khjeh"=hex:78,64,69,80,01,f3,5a,3f,c3,1f,89,06,75,21,52,4b,71,d9,e2,9d,6e,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:91,28,52,41,ed,ee,50,bc,3b,59,97,50,d6,ae,fb,44,66,75,a9,74,81,..
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Cursors\Schemes]
"\f\1e?r?n?\xe9? ?u?k?a?z?a?t?e?l?e? ?"="C:\WINDOWS\cursors\arrow_r.cur,C:\WINDOWS\cursors\help_r.cur,C:\WINDOWS\cursors\wait_r.cur,C:\WINDOWS\cursors\busy_r.cur,C:\WINDOWS\cursors\cross_r.cur,C:\WINDOWS\cursors\beam_r.cur,C:\WINDOWS\cursors\pen_r.cur,C:\WINDOWS\cursors\no_r.cur,C:\WINDOWS\cursors\size4_r.cur,C:\WINDOWS\cursors\size3_r.cur,C:\WINDOWS\cursors\size2_r.cur,C:\WINDOWS\cursors\size1_r.cur,C:\WINDOWS\cursors\move_r.cur,C:\WINDOWS\cursors\up_r.cur"
"\f\1e?r?n?\xe9? ?u?k?a?z?a?t?e?l?e? ?(?v?e?l?k?\xe9?)?"="C:\WINDOWS\cursors\arrow_rm.cur,C:\WINDOWS\cursors\help_rm.cur,C:\WINDOWS\cursors\wait_rm.cur,C:\WINDOWS\cursors\busy_rm.cur,C:\WINDOWS\cursors\cross_rm.cur,C:\WINDOWS\cursors\beam_rm.cur,C:\WINDOWS\cursors\pen_rm.cur,C:\WINDOWS\cursors\no_rm.cur,C:\WINDOWS\cursors\size4_rm.cur,C:\WINDOWS\cursors\size3_rm.cur,C:\WINDOWS\cursors\size2_rm.cur,C:\WINDOWS\cursors\size1_rm.cur,C:\WINDOWS\cursors\move_rm.cur,C:\WINDOWS\cursors\up_rm.cur"
"\f\1e?r?n?\xe9? ?u?k?a?z?a?t?e?l?e? ?(?n?e?j?v?\e\1t?a\1\xed?)?"="C:\WINDOWS\cursors\arrow_rl.cur,C:\WINDOWS\cursors\help_rl.cur,C:\WINDOWS\cursors\wait_rl.cur,C:\WINDOWS\cursors\busy_rl.cur,C:\WINDOWS\cursors\cross_rl.cur,C:\WINDOWS\cursors\beam_rl.cur,C:\WINDOWS\cursors\pen_rl.cur,C:\WINDOWS\cursors\no_rl.cur,C:\WINDOWS\cursors\size4_rl.cur,C:\WINDOWS\cursors\size3_rl.cur,C:\WINDOWS\cursors\size2_rl.cur,C:\WINDOWS\cursors\size1_rl.cur,C:\WINDOWS\cursors\move_rl.cur,C:\WINDOWS\cursors\up_rl.cur"
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Remaining Services:
------------------
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\hry\\Quake 3 Arena\\quake3.exe"="C:\\Program Files\\hry\\Quake 3 Arena\\quake3.exe:*:Disabled:quake3"
"C:\\Program Files\\Steam\\Steam.exe"="C:\\Program Files\\Steam\\Steam.exe:*:Enabled:Steam"
"C:\\Program Files\\hry\\EA GAMES\\MOHAA\\MOHAA.exe"="C:\\Program Files\\hry\\EA GAMES\\MOHAA\\MOHAA.exe:*:Enabled:Medal of Honor Allied Assault"
"C:\\Program Files\\hry\\Call of Duty\\CoDMP.exe"="C:\\Program Files\\hry\\Call of Duty\\CoDMP.exe:*:Enabled:CoDMP"
"C:\\Program Files\\hry\\UT2004Demo\\System\\UT2004.exe"="C:\\Program Files\\hry\\UT2004Demo\\System\\UT2004.exe:*:Enabled:UT2004"
"C:\\Program Files\\hry\\Codemasters\\Worms 4 Mayhem Demo\\Worms 4 Mayhem Demo.exe"="C:\\Program Files\\hry\\Codemasters\\Worms 4 Mayhem Demo\\Worms 4 Mayhem Demo.exe:*:Enabled:Worms 4 Mayhem Demo"
"C:\\Program Files\\hry\\Half-Life 2\\hl2.exe"="C:\\Program Files\\hry\\Half-Life 2\\hl2.exe:*:Enabled:hl2"
"C:\\Sdileni Martin\\Hry\\Quake 3 Arena\\Quake3\\quake3.exe"="C:\\Sdileni Martin\\Hry\\Quake 3 Arena\\Quake3\\quake3.exe:*:Enabled:quake3"
"C:\\Sdileni Martin\\Hry\\Half-Life 2\\hl2.exe"="C:\\Sdileni Martin\\Hry\\Half-Life 2\\hl2.exe:*:Enabled:hl2"
"C:\\Programy\\ICQLite\\ICQLite.exe"="C:\\Programy\\ICQLite\\ICQLite.exe:*:Enabled:ICQ Lite"
"C:\\Program Files\\hry\\EA GAMES\\The Battle for Middle-earth (tm)\\game.dat"="C:\\Program Files\\hry\\EA GAMES\\The Battle for Middle-earth (tm)\\game.dat:*:Enabled:The Battle for Middle-earth (tm)"
"C:\\Program Files\\GIGABYTE\\VGA Utility Manager\\G-vga.exe"="C:\\Program Files\\GIGABYTE\\VGA Utility Manager\\G-vga.exe:*:Enabled:Menu"
"C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\shade441\\counter-strike\\hl.exe"="C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\shade441\\counter-strike\\hl.exe:*:Disabled:Half-Life Launcher"
"C:\\Program Files\\hry\\Valve\\hl.exe"="C:\\Program Files\\hry\\Valve\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\shade441\\condition zero\\hl.exe"="C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\shade441\\condition zero\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\shade441\\condition zero deleted scenes\\hl.exe"="C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\shade441\\condition zero deleted scenes\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\shade441\\day of defeat\\hl.exe"="C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\shade441\\day of defeat\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\shade441\\deathmatch classic\\hl.exe"="C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\shade441\\deathmatch classic\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\shade441\\ricochet\\hl.exe"="C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\shade441\\ricochet\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\hry\\Valvecs\\hl.exe"="C:\\Program Files\\hry\\Valvecs\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\hry\\Valvec\\hl.exe"="C:\\Program Files\\hry\\Valvec\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Sdileni Martin\\Hry\\Warcraft III\\Warcraft III.exe"="C:\\Sdileni Martin\\Hry\\Warcraft III\\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\mates442\\counter-strike\\hl.exe"="C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\mates442\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\hry\\Non Steam\\Counter-Strike 1.6\\cstrike.exe"="C:\\Program Files\\hry\\Non Steam\\Counter-Strike 1.6\\cstrike.exe:*:Enabled:Counter-Strike Launcher"
"C:\\Program Files\\hry\\Non Steam\\Counter-Strike 1.6\\hl.exe"="C:\\Program Files\\hry\\Non Steam\\Counter-Strike 1.6\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\hry\\Non Steam\\Counter-Strike 1.6\\hlds.exe"="C:\\Program Files\\hry\\Non Steam\\Counter-Strike 1.6\\hlds.exe:*:Enabled:HLDS Launcher"
"C:\\Programy\\ICQLite\\5.1\\ICQLite.exe"="C:\\Programy\\ICQLite\\5.1\\ICQLite.exe:*:Enabled:ICQ Lite"
"C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\strejdabruny1177\\condition zero\\hl.exe"="C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\strejdabruny1177\\condition zero\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\strejdabruny1177\\counter-strike\\hl.exe"="C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\strejdabruny1177\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\VOLNY\\akcelerator\\VOLNYakc.exe"="C:\\Program Files\\VOLNY\\akcelerator\\VOLNYakc.exe:*:Enabled:CPROXY.com"
"C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\strejdabruny1177\\day of defeat\\hl.exe"="C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\strejdabruny1177\\day of defeat\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\hry\\Electronic Arts\\The Battle for Middle-earth (tm) II\\game.dat"="C:\\Program Files\\hry\\Electronic Arts\\The Battle for Middle-earth (tm) II\\game.dat:*:Enabled:The Battle for Middle-earth(tm) II"
"C:\\WINDOWS\\system32\\svchost.exe"="C:\\WINDOWS\\system32\\svchost.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\81exmodul32d.4.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\81exmodul32d.4.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\55exinjs.d.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\55exinjs.d.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\46exmodul32d.5.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\46exmodul32d.5.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\10exinjs.e.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\10exinjs.e.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\49exmodul32d.5.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\49exmodul32d.5.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\61exmodul32d.5.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\61exmodul32d.5.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\18exinjs.e.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\18exinjs.e.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\27exinjs.e.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\27exinjs.e.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\35exmodul32d.6.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\35exmodul32d.6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\22exmodul32d.6.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\22exmodul32d.6.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\97exinjs.e.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\97exinjs.e.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\12exmodul32d.a.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\12exmodul32d.a.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\51exmodul32d.a.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\51exmodul32d.a.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\99exinjs.e.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\99exinjs.e.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\11exmodul32d.a.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\11exmodul32d.a.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\76exmodul32d.a.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\76exmodul32d.a.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\58exinjs.f.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\58exinjs.f.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\33exmodul32d.b.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\33exmodul32d.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\10exinjs.f.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\10exinjs.f.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\7exmodul32d.b.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\7exmodul32d.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\89exinjs.f.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\89exinjs.f.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\15exmodul32d.b.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\15exmodul32d.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\46exinjs.f.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\46exinjs.f.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\52exmodul32d.b.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\52exmodul32d.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\54exinjs.f.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\54exinjs.f.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\44exmodul32d.b.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\44exmodul32d.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\90exmodul32d.b.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\90exmodul32d.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\45exinjs.f.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\45exinjs.f.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\77exmodul32d.b.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\77exmodul32d.b.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\99exinjs.f.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\99exinjs.f.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\12exinjs.f.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\12exinjs.f.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\43exmodul32d.c.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\43exmodul32d.c.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\82exmodul32d.c.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\82exmodul32d.c.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\91exinjs.f.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\91exinjs.f.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\32exmodul32d.c.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\32exmodul32d.c.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\9exinjs.f.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\9exinjs.f.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\30exmodul32d.c.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\30exmodul32d.c.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\95exinjs.f.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\95exinjs.f.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\43exinjs.g.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\43exinjs.g.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\46exinjs.g.exe"="C:\\DOCUME~1\\Jana_2\\LOCALS~1\\Temp\\46exinjs.g.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\68exinjs.g.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\68exinjs.g.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\27exinjs.g.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\27exinjs.g.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\99exinjs.g.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\99exinjs.g.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\72exinjs.i.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\72exinjs.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\4exinjs.i.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\4exinjs.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\89exinjs.i.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\89exinjs.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\7exinjs.i.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\7exinjs.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\62exinjs.i.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\62exinjs.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\27exinjs.i.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\27exinjs.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\75exinjs.i.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\75exinjs.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\96exinjs.i.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\96exinjs.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\28exml32.1.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\28exml32.1.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\27exed32_2.1.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\27exed32_2.1.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\50exinjs.i.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\50exinjs.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\37exinjs.i.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\37exinjs.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\44exml32.1.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\44exml32.1.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\63exinjs.i.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\63exinjs.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\38exinjs.i.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\38exinjs.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\0exinjs.i.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\0exinjs.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\88exinjs.i.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\88exinjs.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\98exed32.1.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\98exed32.1.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\54exinjs.i.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\54exinjs.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\24exinjs.i.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\24exinjs.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\7exinjs.j.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\7exinjs.j.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\88exinjs.j.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\88exinjs.j.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\43exinjs.j.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\43exinjs.j.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\80exinjs.j.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\80exinjs.j.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\13exinjs.j.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\13exinjs.j.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\16exinjs.j.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\16exinjs.j.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\40exml32.1.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\40exml32.1.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\9exed32_2.1.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\9exed32_2.1.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\62exed32.1.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\62exed32.1.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\52exinjs.j.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\52exinjs.j.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\47exinjs.j.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\47exinjs.j.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\15exinjs.j.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\15exinjs.j.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\22exed32_2.1.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\22exed32_2.1.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\6exinjs.j.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\6exinjs.j.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\75exinjs.j.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\75exinjs.j.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\10exinjs.j.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\10exinjs.j.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\27exed32.1.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\27exed32.1.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\36exed32_2.1.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\36exed32_2.1.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\15exed32_2.1.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\15exed32_2.1.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\5exinjs.j.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\5exinjs.j.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\41exed32.1.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\41exed32.1.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\44exinjs.j.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\44exinjs.j.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\60exed32_2.1.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\60exed32_2.1.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\96exml32.1.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\96exml32.1.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\80exed32.1.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\80exed32.1.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\75exed32.1.exe"="C:\\DOCUME~1\\Jana\\LOCALS~1\\Temp\\75exed32.1.exe:*:Enabled:Microsoft Update"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\hry\\Electronic Arts\\The Lord of the Rings, The Rise of the Witch-king\\game.dat"="C:\\Program Files\\hry\\Electronic Arts\\The Lord of the Rings, The Rise of the Witch-king\\game.dat:*:Enabled:The Lord of the Rings, The Rise of the Witch-king"
"C:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"="C:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe:*:Disabled:Sunbelt Kerio Firewall GUI"
"C:\\Programy\\Hamachi\\hamachi.exe"="C:\\Programy\\Hamachi\\hamachi.exe:*:Enabled:Hamachi Client"
"C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\vosak01\\counter-strike source\\hl2.exe"="C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\vosak01\\counter-strike source\\hl2.exe:*:Disabled:hl2"
"C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\vosak01\\half-life 2 deathmatch\\hl2.exe"="C:\\Program Files\\hry\\Valve\\Steam\\SteamApps\\vosak01\\half-life 2 deathmatch\\hl2.exe:*:Enabled:hl2"
"C:\\Program Files\\hry\\Microsoft Games\\Age of Mythology\\aom.exe"="C:\\Program Files\\hry\\Microsoft Games\\Age of Mythology\\aom.exe:*:Enabled:Age of Mythology"
"H:\\Quake 3 Arena\\Quake3\\quake3.exe"="H:\\Quake 3 Arena\\Quake3\\quake3.exe:*:Enabled:quake3"
"C:\\Programy\\iolo\\System Mechanic Professional 7\\Personal Firewall\\ioloFW.exe"="C:\\Programy\\iolo\\System Mechanic Professional 7\\Personal Firewall\\ioloFW.exe:*:Enabled:iolo FirewallR"
"C:\\Programy\\iolo\\System Mechanic Professional 7\\AntiVirus\\ioloAV.exe"="C:\\Programy\\iolo\\System Mechanic Professional 7\\AntiVirus\\ioloAV.exe:*:Enabled:iolo AntiVirusR"
"C:\\Programy\\iolo\\System Mechanic Professional 7\\AntiVirus\\iAVEmailScanner.exe"="C:\\Programy\\iolo\\System Mechanic Professional 7\\AntiVirus\\iAVEmailScanner.exe:*:Enabled:iolo AntiVirusR Email Protection"
"C:\\Programy\\Skype\\Phone\\Skype.exe"="C:\\Programy\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
Remaining Files:
---------------
File Backups: - C:\sd\SDFix\backups\backups.zip
Files with Hidden Attributes:
Sun 11 Sep 2005 548,352 A..H. --- "C:\Programy\Miranda\Miranda IM\imgdecoder.dll"
Sun 25 Feb 2007 50,241 A..H. --- "C:\Programy\Miranda\Miranda IM\zlib.dll"
Sat 13 Jan 2007 61,952 A..H. --- "C:\Programy\Miranda\Miranda IM\plugins\FontService.dll"
Wed 25 Oct 2006 20,480 A..H. --- "C:\Programy\Miranda\Miranda IM\plugins\icolib.dll"
Finished!
HJT
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:45:43, on 3.11.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\msiexec.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\MsiExec.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Programy\Mozilla Firefox\firefox.exe
C:\Programy\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programy\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O4 - HKLM\..\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\RunServices: [PcEXEreg] C:\WINDOWS\system\kl.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Programy\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Programy\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Programy\Verdict Free\etnxp.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programy\ICQLite\5.1\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programy\ICQLite\5.1\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.volny.cz/
O16 - DPF: {A20B1BB0-AC3D-4530-85F3-791B81303190} (ICQDevilImg Control) - http://xtraz.icq.com/xtraz/products/pho ... vilImg.cab
O18 - Protocol: bw+0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 18183 bytes
-
fredik
- člen Security týmu
-
Master Level 7
- Příspěvky: 4680
- Registrován: červenec 06
- Pohlaví:
- Stav:
Offline
Stáhni si Avengera spusť ho pod účtem administrátora.
Zvol možnost - Input script manually a klikni na ikonku lupy vyskočí prázdné okno kam zkopíruj tento tučný text:
Files to delete:
C:\WINDOWS\system\kl.exe
Folders to Delete:
C:\sd\SDFix
Poté klikni na Done.
Pak klikni na ikonku semafory.
Vyskočí ti hláška kde odklikni Yes. PC se restartuje po restartu by ti měl "vyskočit" výpis z Avengeru tak ho sem zkopíruj.
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Spusť znovu HijackThis a zaškrtni v něm okénka před řádky:
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O4 - HKLM\..\RunServices: [PcEXEreg] C:\WINDOWS\system\kl.exe
po zaškrtnutí klikni na tlačítko Fix Checked
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Máš tam starší verzi Javy tak bych ti doporučil provést její aktualizaci:
- Stáhni si poslení verzi Java Runtime Environment (JRE) 6 Update 3
- Posuň se dolů kde je napsáno Java Runtime Environment (JRE) 6u2 a klikni na tlačítko Download
- Zatrhni možnost kde je napsáno: Accept License Agreement
- Stránka se ti znovu načte.
- Klikni na odkaz pro stažení: Windows Offline Installation, Multi-language a ulož si ho na disk
- Ukonči běžící programy které máš spuštěné, hlavě webový prohlížeč
- Jdi přes Start -> Ovládací panely -> Přidat nebo odebrat programy a odinstaluj všechny staré verze Javy
- Podívej se po položkách s názvem Java Runtime Environment (JRE or J2SE)
* příklady starých verzí v Přidat nebo odebrat programy:
- Odinstaluj postupně po sobě případné všechny staré verze Javy
- Po skončení odinstalovaní restartuj Pc.
- Pak už jen spusť instalaci poslední verze ze souboru jre-6u3-windows-i586-p.exe, který sis stáhl na začátku.
Dej sem pak nový log.
Zvol možnost - Input script manually a klikni na ikonku lupy vyskočí prázdné okno kam zkopíruj tento tučný text:
Files to delete:
C:\WINDOWS\system\kl.exe
Folders to Delete:
C:\sd\SDFix
Poté klikni na Done.
Pak klikni na ikonku semafory.
Vyskočí ti hláška kde odklikni Yes. PC se restartuje po restartu by ti měl "vyskočit" výpis z Avengeru tak ho sem zkopíruj.
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Spusť znovu HijackThis a zaškrtni v něm okénka před řádky:
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O4 - HKLM\..\RunServices: [PcEXEreg] C:\WINDOWS\system\kl.exe
po zaškrtnutí klikni na tlačítko Fix Checked
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Máš tam starší verzi Javy tak bych ti doporučil provést její aktualizaci:
- Stáhni si poslení verzi Java Runtime Environment (JRE) 6 Update 3
- Posuň se dolů kde je napsáno Java Runtime Environment (JRE) 6u2 a klikni na tlačítko Download
- Zatrhni možnost kde je napsáno: Accept License Agreement
- Stránka se ti znovu načte.
- Klikni na odkaz pro stažení: Windows Offline Installation, Multi-language a ulož si ho na disk
- Ukonči běžící programy které máš spuštěné, hlavě webový prohlížeč
- Jdi přes Start -> Ovládací panely -> Přidat nebo odebrat programy a odinstaluj všechny staré verze Javy
- Podívej se po položkách s názvem Java Runtime Environment (JRE or J2SE)
* příklady starých verzí v Přidat nebo odebrat programy:
- J2SE Runtime Environment 5.0
J2SE Runtime Environment 5.0 Update 8
Java 2 Runtime Environment, SE v1.4.2
- Odinstaluj postupně po sobě případné všechny staré verze Javy
- Po skončení odinstalovaní restartuj Pc.
- Pak už jen spusť instalaci poslední verze ze souboru jre-6u3-windows-i586-p.exe, který sis stáhl na začátku.
Dej sem pak nový log.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:52:49, on 3.11.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\msiexec.exe
C:\WINDOWS\System32\MsiExec.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Programy\Mozilla Firefox\firefox.exe
C:\Programy\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearshare.com/cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = VOLNÝ Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programy\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programy\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Programy\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Programy\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Programy\Verdict Free\etnxp.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programy\ICQLite\5.1\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programy\ICQLite\5.1\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.volny.cz/
O16 - DPF: {A20B1BB0-AC3D-4530-85F3-791B81303190} (ICQDevilImg Control) - http://xtraz.icq.com/xtraz/products/pho ... vilImg.cab
O18 - Protocol: bw+0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 18006 bytes
Přes ten avanger mi to nic nedělalo... :-\ zkoušel jsem to asi 20x a nic.
Scan saved at 18:52:49, on 3.11.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\msiexec.exe
C:\WINDOWS\System32\MsiExec.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Programy\Mozilla Firefox\firefox.exe
C:\Programy\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearshare.com/cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = VOLNÝ Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programy\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programy\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Programy\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Programy\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Programy\Verdict Free\etnxp.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programy\ICQLite\5.1\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programy\ICQLite\5.1\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.volny.cz/
O16 - DPF: {A20B1BB0-AC3D-4530-85F3-791B81303190} (ICQDevilImg Control) - http://xtraz.icq.com/xtraz/products/pho ... vilImg.cab
O18 - Protocol: bw+0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {BFBD9896-F56D-4084-8701-79C22235B812} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 18006 bytes
Přes ten avanger mi to nic nedělalo... :-\ zkoušel jsem to asi 20x a nic.
-
fredik
- člen Security týmu
-
Master Level 7
- Příspěvky: 4680
- Registrován: červenec 06
- Pohlaví:
- Stav:
Offline
Tak smaž ručně adresář/složku, kterou si vytvořil SDFix:
C:\sd\SDFix
Stáhni si Killbox
do volného řádku zkopíruj tento tučně označený text:
C:\WINDOWS\system\kl.exe
a zaškrtni Delete on Reboot
pak stiskni bílý křížek v červeném kolečku. PC bude chtít restart tak to povol.
Pro lepší zabezpečení by bylo dobré si doinstalovat firewall, můžeš si vybrat některý zde uvedený nebo některý jiný z odkazu: Přehled osobních firewallů
Firewally zdarma:
Comodo - kvalitní, pokročilý, s mnoha funkcemi, originálně v angličtině, čeština by měla být asi až od verze 3 která by se měl objevit v brzké době
Kerio - přehledný, větší možnosti nastavení, náročnější na systémové prostředky, v češtině
ZoneAlarm - jednoduchý, kompatibilní, nenáročný na systémové prostředky, málo možností nastavení, v angličtině
Máš tam nainstalovaný antivir od Authentium, protože ti tam běží od něho služby?
Zkus sem když tak vložit log nainstalovaných program:
Spusť znovu HijackThis
Klikni na tlačítko: Open the Mics Tools section (případně tlačítko Config... pokud jsi v okně kde se zobrazuje log z HJT)
Na hoře klikni na položku: Misc Tools pokud už nebudu vybraná
pak klikni pod položkou System tools na tlačítko: Open Uninstall Manager...
tam klikni na tlačítko: Save list...
ulož si daný log a jeho výsledek sem zkopíruj
C:\sd\SDFix
Stáhni si Killbox
do volného řádku zkopíruj tento tučně označený text:
C:\WINDOWS\system\kl.exe
a zaškrtni Delete on Reboot
pak stiskni bílý křížek v červeném kolečku. PC bude chtít restart tak to povol.
Pro lepší zabezpečení by bylo dobré si doinstalovat firewall, můžeš si vybrat některý zde uvedený nebo některý jiný z odkazu: Přehled osobních firewallů
Firewally zdarma:
Comodo - kvalitní, pokročilý, s mnoha funkcemi, originálně v angličtině, čeština by měla být asi až od verze 3 která by se měl objevit v brzké době
Kerio - přehledný, větší možnosti nastavení, náročnější na systémové prostředky, v češtině
ZoneAlarm - jednoduchý, kompatibilní, nenáročný na systémové prostředky, málo možností nastavení, v angličtině
Máš tam nainstalovaný antivir od Authentium, protože ti tam běží od něho služby?
Zkus sem když tak vložit log nainstalovaných program:
Spusť znovu HijackThis
Klikni na tlačítko: Open the Mics Tools section (případně tlačítko Config... pokud jsi v okně kde se zobrazuje log z HJT)
Na hoře klikni na položku: Misc Tools pokud už nebudu vybraná
pak klikni pod položkou System tools na tlačítko: Open Uninstall Manager...
tam klikni na tlačítko: Save list...
ulož si daný log a jeho výsledek sem zkopíruj
ACE Mega CoDecS Pack
Ad-Aware SE Personal
Adobe Flash Player 9 ActiveX
Adobe Flash Player Plugin
Adobe Reader 6.0.1
AGEIA PhysX v7.05.17
Alcohol 120%
Anglický překladový slovník Lingea pro MS Office 2003
Antivirový systém NOD32
AudibleManager
AusLogics BoostSpeed
Authentium AntiVirus SDK - 2
AVS DVD Player version 2.2
Azureus
Azureus Ultra Accelerator
Balíček ovladače systému Windows - Nokia (WUDFRd) WPD (06/01/2007 6.84.33.0)
Balíček ovladače systému Windows - Nokia Modem (02/15/2007 3.1)
Balíček ovladače systému Windows - Nokia Modem (02/15/2007 3.1)
Balíček ovladače systému Windows - Nokia Modem (05/24/2007 6.84.0.1)
Balíček ovladače systému Windows - Nokia Modem (08/03/2007 6.84.0.2)
Balíček ovladače systému Windows - Nokia Modem (08/08/2007 3.3)
BearShare
BSplayer Pro 2.12.941
CCleaner (remove only)
Counter-Strike(TM)
Counter-Strike: Source
Creative Mass Storage Drivers
Creative MediaSource
Creative System Information
Creative Zen Nano Plus
DivX Codec
DivX Player
FLV Player 1.3.3
GIGABYTE VGA Utility Manager
Hamachi 1.0.2.2
Hardlock Device Driver
HijackThis 2.0.2
HLSW v1.2.0
ICQ 5.1
ijji Auto Installer
InterActual Player
Java(TM) 6 Update 3
Logitech Audio Echo Cancellation Component
Logitech Desktop Messenger
Logitech QuickCam
Logitech SetPoint
Logitech Video Enumerator
Logitech® Camera Driver
Marvell Miniport Driver
MathType 5
Medal of Honor Allied Assault
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft Office Professional Edition 2003
Mozilla Firefox (2.0.0.9)
Mozilla Thunderbird (2.0.0.6)
MSXML 6.0 Parser (KB927977)
MSXML4 Parser
Music Manager
Německý překladový slovník Lingea pro MS Office 2003
Nemetschek Allplan FT V16
Nero 7 Ultra Edition
NOD32 FiX v1.9
Nokia Connectivity Cable Driver
Nokia PC Suite
Nokia PC Suite
NVIDIA Drivers
Pack Vista Inspirat 1.1
PC Connectivity Solution
PowerDVD
Real Alternative 1.42
Realtek AC'97 Audio
Shockwave
Skype™ 3.5
Sony Ericsson PC Suite 1.20.173
SpeechRedist
Steam(TM)
System Requirements Lab
The Battle for Middle-earth (tm) II
TuneUp Utilities 2003
UMVPLStandalone
Ventrilo Client
VentriloMIX
Windows Media Format Runtime
Windows Media Player 10
Windows XP Service Pack 2
WinFast DTV
WinFast Entertainment Center
WinZip 11.1
XoftSpySE
CENZURA 2.52
Zoner Photo Studio 8
Ad-Aware SE Personal
Adobe Flash Player 9 ActiveX
Adobe Flash Player Plugin
Adobe Reader 6.0.1
AGEIA PhysX v7.05.17
Alcohol 120%
Anglický překladový slovník Lingea pro MS Office 2003
Antivirový systém NOD32
AudibleManager
AusLogics BoostSpeed
Authentium AntiVirus SDK - 2
AVS DVD Player version 2.2
Azureus
Azureus Ultra Accelerator
Balíček ovladače systému Windows - Nokia (WUDFRd) WPD (06/01/2007 6.84.33.0)
Balíček ovladače systému Windows - Nokia Modem (02/15/2007 3.1)
Balíček ovladače systému Windows - Nokia Modem (02/15/2007 3.1)
Balíček ovladače systému Windows - Nokia Modem (05/24/2007 6.84.0.1)
Balíček ovladače systému Windows - Nokia Modem (08/03/2007 6.84.0.2)
Balíček ovladače systému Windows - Nokia Modem (08/08/2007 3.3)
BearShare
BSplayer Pro 2.12.941
CCleaner (remove only)
Counter-Strike(TM)
Counter-Strike: Source
Creative Mass Storage Drivers
Creative MediaSource
Creative System Information
Creative Zen Nano Plus
DivX Codec
DivX Player
FLV Player 1.3.3
GIGABYTE VGA Utility Manager
Hamachi 1.0.2.2
Hardlock Device Driver
HijackThis 2.0.2
HLSW v1.2.0
ICQ 5.1
ijji Auto Installer
InterActual Player
Java(TM) 6 Update 3
Logitech Audio Echo Cancellation Component
Logitech Desktop Messenger
Logitech QuickCam
Logitech SetPoint
Logitech Video Enumerator
Logitech® Camera Driver
Marvell Miniport Driver
MathType 5
Medal of Honor Allied Assault
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft Office Professional Edition 2003
Mozilla Firefox (2.0.0.9)
Mozilla Thunderbird (2.0.0.6)
MSXML 6.0 Parser (KB927977)
MSXML4 Parser
Music Manager
Německý překladový slovník Lingea pro MS Office 2003
Nemetschek Allplan FT V16
Nero 7 Ultra Edition
NOD32 FiX v1.9
Nokia Connectivity Cable Driver
Nokia PC Suite
Nokia PC Suite
NVIDIA Drivers
Pack Vista Inspirat 1.1
PC Connectivity Solution
PowerDVD
Real Alternative 1.42
Realtek AC'97 Audio
Shockwave
Skype™ 3.5
Sony Ericsson PC Suite 1.20.173
SpeechRedist
Steam(TM)
System Requirements Lab
The Battle for Middle-earth (tm) II
TuneUp Utilities 2003
UMVPLStandalone
Ventrilo Client
VentriloMIX
Windows Media Format Runtime
Windows Media Player 10
Windows XP Service Pack 2
WinFast DTV
WinFast Entertainment Center
WinZip 11.1
XoftSpySE
CENZURA 2.52
Zoner Photo Studio 8
Zpět na “Viry, antiviry, firewally…”
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 3 hosti