Tak sice úplně přesně nevím o co go ale dívám se že je to tu moderní tak jestli by se na to někdo nemrkl.Díky
Hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:38:14, on 1.11.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\Program Files\ICQ6\ICQ.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
C:\Program Files\DU Meter\DUMeter.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Last.fm\LastFMHelper.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\DU Meter\DUMeterSvc.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Last.fm\LastFM.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Documents and Settings\Pavel\Plocha\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: 66.98.148.65 auto.search.msn.com
O1 - Hosts: 66.98.148.65 auto.search.msn.es
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6\ICQ.exe" silent
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKCU\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{17D40E19-4849-48A5-8F04-2941C7CC9009}: NameServer = 10.3.3.1,82.113.57.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{17D40E19-4849-48A5-8F04-2941C7CC9009}: NameServer = 10.3.3.1,82.113.57.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{17D40E19-4849-48A5-8F04-2941C7CC9009}: NameServer = 10.3.3.1,82.113.57.2
O18 - Protocol: bw+0 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: offline-8876480 - {95C9EB2D-D975-4366-BA32-23830C5C66CC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd - C:\Program Files\DU Meter\DUMeterSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
--
End of file - 21134 bytes
Combofix2:
ComboFix 07-11-01.2 - Pavel 2007-11-01 20:39:49.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1029.18.2492 [GMT 1:00]
Running from: C:\Documents and Settings\Pavel\Plocha\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((( Files Created from 2007-10-01 to 2007-11-01 )))))))))))))))))))))))))))))))
.
2007-11-01 20:39 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-29 16:51 <DIR> d-------- C:\ProgramData
2007-10-27 20:52 <DIR> d-------- C:\Program Files\Codemasters
2007-10-27 20:50 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Pro
2007-10-25 20:08 <DIR> d-------- C:\Program Files\The Witcher
2007-10-25 18:42 <DIR> d-------- C:\Program Files\DAEMON Tools Pro
2007-10-25 17:11 <DIR> d-------- C:\Program Files\Microsoft Games
2007-10-18 18:21 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Hagel Technologies
2007-10-17 22:31 1,358,192 --a------ C:\WINDOWS\system32\D3DCompiler_35.dll
2007-10-17 22:31 444,776 --a------ C:\WINDOWS\system32\d3dx10_35.dll
2007-10-17 22:31 267,112 --a------ C:\WINDOWS\system32\xactengine2_9.dll
2007-10-17 22:30 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll
2007-10-09 16:16 <DIR> d-------- C:\Documents and Settings\Pavel\Data aplikací\SolidWorks
2007-10-09 16:15 <DIR> d-------- C:\Documents and Settings\Pavel\Data aplikací\DWGeditor
2007-10-09 16:14 <DIR> d-------- C:\Program Files\SolidWorks Installation Manager
2007-10-09 16:14 <DIR> d-------- C:\Program Files\DWGeditor
2007-10-09 16:13 670,208 --a------ C:\WINDOWS\system32\drivers\hardlock.sys
2007-10-09 16:11 <DIR> d-------- C:\Program Files\Common Files\eDrawings2007
2007-10-09 16:06 <DIR> d-------- C:\WINDOWS\system32\GroupPolicy
2007-10-09 16:04 <DIR> d-------- C:\Program Files\SolidWorks
2007-10-09 16:04 <DIR> d-------- C:\Program Files\Common Files\SolidWorks Shared
2007-10-09 16:04 <DIR> d-------- C:\Program Files\Common Files\Solidworks Data
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-30 18:05 --------- d-----w C:\Documents and Settings\Pavel\Data aplikací\uTorrent
2007-10-29 15:51 --------- d-----w C:\Documents and Settings\Pavel\Data aplikací\Codemasters
2007-10-27 19:52 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-10-25 19:25 278,984 ----a-w C:\WINDOWS\system32\drivers\atksgt.sys
2007-10-25 17:40 --------- d-----w C:\Program Files\DAEMON Tools
2007-10-05 13:25 81,920 ----a-w C:\WINDOWS\system32\nvwddi.dll
2007-10-05 13:25 81,920 ----a-w C:\WINDOWS\system32\nvmctray.dll
2007-10-05 13:25 8,491,008 ----a-w C:\WINDOWS\system32\nvcpl.dll
2007-10-05 13:25 6,854,368 ----a-w C:\WINDOWS\system32\drivers\nv4_mini.sys
2007-10-05 13:25 6,750,208 ----a-w C:\WINDOWS\system32\nvoglnt.dll
2007-10-05 13:25 6,344,704 ----a-w C:\WINDOWS\system32\nvdisps.dll
2007-10-05 13:25 5,755,520 ----a-w C:\WINDOWS\system32\nv4_disp.dll
2007-10-05 13:25 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll
2007-10-05 13:25 45,056 ----a-w C:\WINDOWS\system32\nvmccsrs.dll
2007-10-05 13:25 442,368 ----a-w C:\WINDOWS\system32\nvappbar.exe
2007-10-05 13:25 425,984 ----a-w C:\WINDOWS\system32\keystone.exe
2007-10-05 13:25 364,544 ----a-w C:\WINDOWS\system32\nvapi.dll
2007-10-05 13:25 36,864 ----a-w C:\WINDOWS\system32\nvcodins.dll
2007-10-05 13:25 36,864 ----a-w C:\WINDOWS\system32\nvcod.dll
2007-10-05 13:25 3,551,232 ----a-w C:\WINDOWS\system32\nvvitvs.dll
2007-10-05 13:25 3,334,144 ----a-w C:\WINDOWS\system32\nvgames.dll
2007-10-05 13:25 286,720 ----a-w C:\WINDOWS\system32\nvnt4cpl.dll
2007-10-05 13:25 229,376 ----a-w C:\WINDOWS\system32\nvmccs.dll
2007-10-05 13:25 2,371,584 ----a-w C:\WINDOWS\system32\nvwss.dll
2007-10-05 13:25 188,416 ----a-w C:\WINDOWS\system32\nvmccss.dll
2007-10-05 13:25 155,716 ----a-w C:\WINDOWS\system32\nvsvc32.exe
2007-10-05 13:25 147,456 ----a-w C:\WINDOWS\system32\nvcolor.exe
2007-10-05 13:25 1,703,936 ----a-w C:\WINDOWS\system32\nvwdmcpl.dll
2007-10-05 13:25 1,626,112 ----a-w C:\WINDOWS\system32\nwiz.exe
2007-10-05 13:25 1,478,656 ----a-w C:\WINDOWS\system32\nview.dll
2007-10-05 13:25 1,339,392 ----a-w C:\WINDOWS\system32\nvdspsch.exe
2007-10-05 13:25 1,150,976 ----a-w C:\WINDOWS\system32\nvmobls.dll
2007-10-05 13:25 1,019,904 ----a-w C:\WINDOWS\system32\nvwimg.dll
2007-09-27 18:16 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2007-09-27 18:14 --------- d-----w C:\Documents and Settings\Pavel\Data aplikací\InstallShield
2007-09-27 18:12 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2007-09-24 18:40 --------- d-----w C:\Program Files\AMD
2007-09-24 16:30 --------- d-----w C:\Program Files\Gothic III
2007-09-21 16:59 --------- d-----w C:\Program Files\Last.fm
2007-09-14 14:31 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Last.fm
2007-09-06 13:45 --------- d-----w C:\Program Files\MSXML 4.0
2007-09-05 14:41 --------- d-----w C:\Documents and Settings\Pavel\Data aplikací\Teleca
2007-09-05 14:38 --------- d-----w C:\Program Files\Sony Ericsson
2007-09-05 14:38 --------- d-----w C:\Program Files\Common Files\Teleca Shared
2007-09-05 14:38 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Teleca
2007-09-05 14:38 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Sony Ericsson
2007-09-05 14:36 6,176 ----a-w C:\WINDOWS\system32\drivers\w810cm.sys
2007-09-05 14:36 5,808 ----a-w C:\WINDOWS\system32\drivers\w810wh.sys
2007-09-05 14:34 --------- d-----w C:\Program Files\Disc2Phone
2007-09-05 14:34 --------- d-----w C:\Program Files\Common Files\InstallShield
2007-08-21 06:18 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-08-05 16:54 87,608 ----a-w C:\Documents and Settings\Pavel\Data aplikací\ezpinst.exe
2007-08-05 16:54 47,360 ----a-w C:\Documents and Settings\Pavel\Data aplikací\pcouffin.sys
2007-08-02 16:04 1 ----a-w C:\Documents and Settings\Pavel\SI.bin
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-05-08 09:40]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2006-05-08 15:32]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-07-22 19:33]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2006-09-10 21:56]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-09-10 21:56]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-10-05 14:25]
"nwiz"="nwiz.exe" [2007-10-05 14:25 C:\WINDOWS\system32\nwiz.exe]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 15:17]
"amd_dc_opt"="C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2006-11-17 15:49]
"NvMediaCenter"="NvMCTray.dll" [2007-10-05 14:25 C:\WINDOWS\system32\nvmctray.dll]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="C:\Program Files\ICQ6\ICQ.exe" [2007-08-08 16:03]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-07-22 20:13]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 14:49]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2006-09-10 21:56]
"DU Meter"="C:\Program Files\DU Meter\DUMeter.exe" [2007-10-18 18:23]
"DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 14:08]
C:\Documents and Settings\Pavel\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 19:24:54]
C:\Documents and Settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
hp psc 2000 Series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe [2003-04-05 23:37:10]
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-04-06 00:06:58]
Last.fm Helper.lnk - C:\Program Files\Last.fm\LastFMHelper.exe [2007-07-22 19:27:01]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-07-22 20:13:41]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-07-22 20:12:46]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Synchronizer.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Synchronizer.lnk
backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
"C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
"C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B};\??\C:\Program Files\CyberLink\PowerDVD\000.fcl
R2 DUMeterSvc;DU Meter Service;C:\Program Files\DU Meter\DUMeterSvc.exe /startedbyscm:E1F6D4BE-40E33354-DUMeterService
R3 AmdLLD;AMD Low Level Device Driver;C:\WINDOWS\system32\DRIVERS\AmdLLD.sys
R3 LUsbKbd;Logitech SetPoint USB Filter Driver;C:\WINDOWS\system32\drivers\LUsbKbd.sys
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys
*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder
"2007-10-14 15:54:04 C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 2170 series#1187020397.job"
.
**************************************************************************
catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-01 20:42:52
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\DUMeterSvc]
"ImagePath"="C:\Program Files\DU Meter\DUMeterSvc.exe /startedbyscm:E1F6D4BE-40E33354-DUMeterService"
.
Completion time: 2007-11-01 20:43:18
.
--- E O F ---
Kontrola logu z hjt a combofix2
-
bellatrix
- Level 2
- Příspěvky: 225
- Registrován: březen 07
- Bydliště: mám
- Pohlaví:
- Stav:
Offline
- Kontakt:
fix v hjt:
O1 - Hosts: 66.98.148.65 auto.search.msn.com
O1 - Hosts: 66.98.148.65 auto.search.msn.es
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
+ doinstalovat firewall
log z CF je ok...
O1 - Hosts: 66.98.148.65 auto.search.msn.com
O1 - Hosts: 66.98.148.65 auto.search.msn.es
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
+ doinstalovat firewall
log z CF je ok...
*´¨)
¸.•´¸.•*´¨) ¸.•*¨)
(¸.•´ (¸.•Pokiaľ ide všetko podľa plánu, niekde sa stala chyba..
MWAV || Killbox || Avenger|| SmitFraudFix || SDFix
¸.•´¸.•*´¨) ¸.•*¨)
(¸.•´ (¸.•Pokiaľ ide všetko podľa plánu, niekde sa stala chyba..
MWAV || Killbox || Avenger|| SmitFraudFix || SDFix
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 47 hostů