Pěkně prosím o kontrolu logu

[Prince]

Ahoj, tak tady to je.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:13:47, on 30.12.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\IEXPLORE.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\System32\PnkBstrA.exe
C:\hry\Steam\Steam.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\uTorrent\utorrent.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Peta\Plocha\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [GBB36X Configure] C:\WINDOWS\System32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [EasyTuneV] C:\Program Files\Gigabyte\ET5\GUI.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Windows Vista Transformation] C:\WINDOWS\system32\IEXPLORE.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\RunServices: [Windows Vista Transformation] C:\WINDOWS\system32\IEXPLORE.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"
O4 - HKCU\..\Run: [AtiTrayTools] "C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: ATI Tray Tools.lnk = C:\Program Files\Radeon Omega Drivers\v3.8.330\ATI Tray Tools\atitray.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{690A8150-8F2A-4200-9FED-E433BD008FBF}: NameServer = 10.132.32.1
O18 - Protocol: bw+0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\System32\PnkBstrA.exe

--
End of file - 16857 bytes

[Reklama]

[fredik]

Stáhni si SDFix
- Spusť ho a rozbalí se ti na disk kde je nainstalovaný Windows (typicky to je C:\SDfix)
- Pak restartuj PC do nouzového režimu (zvol možnost: Stav nouze, ne Stav nouze s práci v síti)
- Otevři adresář kde je vybalený SDFix a spusť soubor RunThis.bat tím spustíš program.
* Pak stiskni klávesu Y a pak Enter pro zahájení čistícího procesu.
* Pro dokončení kontroly budeš vyzván ke stisknoutí libovolné klávesy a počítač se restartuje.
* Při nabíhání operačního systému se program spustí znovu a dokončí čistící proces. Až se objeví Finish, budeš muset po vyzvání stisknout libovolnou klávesu, tim se ukončí program a zobrazí se ti ikony na ploše
- Když se skončí načítání ikon na ploše, otevře se ti na obrazovce log z SDFix a zároveň ho uloží do adresáře kde je rozbalený SDFix jako soubor Report.txt
Pak sem zkopíruj jeho obsah + dej sem i nový log z HJT.

[Prince]

SDFix: Version 1.120

Run by Peta on ne 30.12.2007 at 18:33

Microsoft Windows XP [Verze 5.1.2600]

Running From: C:\SDFix

Safe Mode:
Checking Services:


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...


Normal Mode:
Checking Files:

Trojan Files Found:

C:\WINDOWS\system32\iexplore.exe - Deleted




Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found.

C:\WINDOWS\system32
No streams found.

C:\WINDOWS\system32\svchost.exe
No streams found.

C:\WINDOWS\system32\ntoskrnl.exe
No streams found.



Final Check:

catchme 0.3.1333.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-30 18:36:38
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:2c,40,25,91,fe,21,a1,2d,a5,79,6f,1e,80,9a,be,28,f7,fe,6a,be,75,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,e2,d8,0a,64,9b,e6,06,33,f6,83,03,78,42,47,f5,b1,54,..
"khjeh"=hex:01,a8,e5,7a,95,0d,03,8f,f1,ef,cd,d2,d6,ba,7c,fa,41,d7,99,eb,c1,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:0a,38,77,b4,b6,24,d1,3d,7b,d9,12,99,44,ca,61,f3,7e,89,46,7c,5e,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:76,4c,34,91,4c,19,09,c0,5f,04,11,94,e4,44,bf,60,47,46,20,64,c1,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,e2,d8,0a,64,9b,e6,06,33,f6,83,03,78,42,47,f5,b1,54,..
"khjeh"=hex:01,a8,e5,7a,95,0d,03,8f,f1,ef,cd,d2,d6,ba,7c,fa,41,d7,99,eb,c1,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:43,ce,93,a7,b9,8d,5f,b7,c7,40,55,47,f7,ad,13,9b,8f,9f,d5,ac,d5,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:2c,40,25,91,fe,21,a1,2d,a5,79,6f,1e,80,9a,be,28,f7,fe,6a,be,75,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,e2,d8,0a,64,9b,e6,06,33,f6,83,03,78,42,47,f5,b1,54,..
"khjeh"=hex:01,a8,e5,7a,95,0d,03,8f,f1,ef,cd,d2,d6,ba,7c,fa,41,d7,99,eb,c1,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:0a,38,77,b4,b6,24,d1,3d,7b,d9,12,99,44,ca,61,f3,7e,89,46,7c,5e,..

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Cursors\Schemes]
"\f\1e?r?n?\xe9? ?u?k?a?z?a?t?e?l?e? ?"="C:\WINDOWS\cursors\arrow_r.cur,C:\WINDOWS\cursors\help_r.cur,C:\WINDOWS\cursors\wait_r.cur,C:\WINDOWS\cursors\busy_r.cur,C:\WINDOWS\cursors\cross_r.cur,C:\WINDOWS\cursors\beam_r.cur,C:\WINDOWS\cursors\pen_r.cur,C:\WINDOWS\cursors\no_r.cur,C:\WINDOWS\cursors\size4_r.cur,C:\WINDOWS\cursors\size3_r.cur,C:\WINDOWS\cursors\size2_r.cur,C:\WINDOWS\cursors\size1_r.cur,C:\WINDOWS\cursors\move_r.cur,C:\WINDOWS\cursors\up_r.cur"
"\f\1e?r?n?\xe9? ?u?k?a?z?a?t?e?l?e? ?(?v?e?l?k?\xe9?)?"="C:\WINDOWS\cursors\arrow_rm.cur,C:\WINDOWS\cursors\help_rm.cur,C:\WINDOWS\cursors\wait_rm.cur,C:\WINDOWS\cursors\busy_rm.cur,C:\WINDOWS\cursors\cross_rm.cur,C:\WINDOWS\cursors\beam_rm.cur,C:\WINDOWS\cursors\pen_rm.cur,C:\WINDOWS\cursors\no_rm.cur,C:\WINDOWS\cursors\size4_rm.cur,C:\WINDOWS\cursors\size3_rm.cur,C:\WINDOWS\cursors\size2_rm.cur,C:\WINDOWS\cursors\size1_rm.cur,C:\WINDOWS\cursors\move_rm.cur,C:\WINDOWS\cursors\up_rm.cur"
"\f\1e?r?n?\xe9? ?u?k?a?z?a?t?e?l?e? ?(?n?e?j?v?\e\1t?a\1\xed?)?"="C:\WINDOWS\cursors\arrow_rl.cur,C:\WINDOWS\cursors\help_rl.cur,C:\WINDOWS\cursors\wait_rl.cur,C:\WINDOWS\cursors\busy_rl.cur,C:\WINDOWS\cursors\cross_rl.cur,C:\WINDOWS\cursors\beam_rl.cur,C:\WINDOWS\cursors\pen_rl.cur,C:\WINDOWS\cursors\no_rl.cur,C:\WINDOWS\cursors\size4_rl.cur,C:\WINDOWS\cursors\size3_rl.cur,C:\WINDOWS\cursors\size2_rl.cur,C:\WINDOWS\cursors\size1_rl.cur,C:\WINDOWS\cursors\move_rl.cur,C:\WINDOWS\cursors\up_rl.cur"

scanning hidden files ...

C:\WINDOWS\SoftwareDistribution\Download\8b3f0b76a887dad5988d39ddc24cfa31\backup
C:\WINDOWS\SoftwareDistribution\Download\8b3f0b76a887dad5988d39ddc24cfa31\sp1qfe\tcpip.sys 340480 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\8b3f0b76a887dad5988d39ddc24cfa31\sp2gdr\tcpip.sys 359808 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\8b3f0b76a887dad5988d39ddc24cfa31\sp2qfe\tcpip.sys 360576 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\8b3f0b76a887dad5988d39ddc24cfa31\update\branches.inf 705 bytes
C:\WINDOWS\SoftwareDistribution\Download\8b3f0b76a887dad5988d39ddc24cfa31\update\eula.txt 858 bytes
C:\WINDOWS\SoftwareDistribution\Download\8b3f0b76a887dad5988d39ddc24cfa31\update\KB917953.cat 10925 bytes
C:\WINDOWS\SoftwareDistribution\Download\8b3f0b76a887dad5988d39ddc24cfa31\update\spcustom.dll 22752 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\8b3f0b76a887dad5988d39ddc24cfa31\update\update.exe 720096 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\8b3f0b76a887dad5988d39ddc24cfa31\update\update.url 5324 bytes
C:\WINDOWS\SoftwareDistribution\Download\8b3f0b76a887dad5988d39ddc24cfa31\update\update.ver 285 bytes
C:\WINDOWS\SoftwareDistribution\Download\8b3f0b76a887dad5988d39ddc24cfa31\update\updatebr.inf 592 bytes
C:\WINDOWS\SoftwareDistribution\Download\8b3f0b76a887dad5988d39ddc24cfa31\update\update_SP1QFE.inf 8619 bytes
C:\WINDOWS\SoftwareDistribution\Download\8b3f0b76a887dad5988d39ddc24cfa31\update\update_SP2GDR.inf 10129 bytes
C:\WINDOWS\SoftwareDistribution\Download\8b3f0b76a887dad5988d39ddc24cfa31\update\update_SP2QFE.inf 18338 bytes
C:\WINDOWS\SoftwareDistribution\Download\8b3f0b76a887dad5988d39ddc24cfa31\update\updspapi.dll 379616 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\8c1705d14088c777800e56ab49e0b165\backup
C:\WINDOWS\SoftwareDistribution\Download\8c1705d14088c777800e56ab49e0b165\backup\sp1qfe
C:\WINDOWS\SoftwareDistribution\Download\8c1705d14088c777800e56ab49e0b165\sp1qfe
C:\WINDOWS\SoftwareDistribution\Download\8c1705d14088c777800e56ab49e0b165\sp1qfe\ip
C:\WINDOWS\SoftwareDistribution\Download\8c1705d14088c777800e56ab49e0b165\sp1qfe\ip\mqac.sys 67456 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\8c1705d14088c777800e56ab49e0b165\sp1qfe\ip\mqad.dll 130048 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\8c1705d14088c777800e56ab49e0b165\sp1qfe\ip\mqdscli.dll 44032 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\8c1705d14088c777800e56ab49e0b165\sp1qfe\ip\mqise.dll 14848 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\8c1705d14088c777800e56ab49e0b165\sp1qfe\ip\mqqm.dll 608768 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\8c1705d14088c777800e56ab49e0b165\sp1qfe\ip\mqrt.dll 165888 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\8c1705d14088c777800e56ab49e0b165\sp1qfe\ip\mqsec.dll 88576 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\8c1705d14088c777800e56ab49e0b165\sp1qfe\ip\mqupgrd.dll 44544 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\8c1705d14088c777800e56ab49e0b165\sp1qfe\ip\mqutil.dll 485376 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\8c1705d14088c777800e56ab49e0b165\spmsg.dll 15072 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\8c1705d14088c777800e56ab49e0b165\spuninst.exe 211680 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\8c1705d14088c777800e56ab49e0b165\susdl.rq0 939 bytes
C:\WINDOWS\SoftwareDistribution\Download\8c1705d14088c777800e56ab49e0b165\update
C:\WINDOWS\SoftwareDistribution\Download\8c1705d14088c777800e56ab49e0b165\update\branches.inf 705 bytes
C:\WINDOWS\SoftwareDistribution\Download\8c1705d14088c777800e56ab49e0b165\update\eula.txt 3825 bytes
C:\WINDOWS\SoftwareDistribution\Download\8c1705d14088c777800e56ab49e0b165\update\KB892944.cat 12324 bytes
C:\WINDOWS\SoftwareDistribution\Download\8c1705d14088c777800e56ab49e0b165\update\spcustom.dll 22240 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\8c1705d14088c777800e56ab49e0b165\update\update.exe 722144 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\8c1705d14088c777800e56ab49e0b165\update\update.url 5324 bytes
C:\WINDOWS\SoftwareDistribution\Download\8c1705d14088c777800e56ab49e0b165\update\update.ver 860 bytes
C:\WINDOWS\SoftwareDistribution\Download\8c1705d14088c777800e56ab49e0b165\update\updatebr.inf 412 bytes
C:\WINDOWS\SoftwareDistribution\Download\8c1705d14088c777800e56ab49e0b165\update\update_SP1QFE.inf 8875 bytes
C:\WINDOWS\SoftwareDistribution\Download\8c1705d14088c777800e56ab49e0b165\update\updspapi.dll 380128 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\8c1705d14088c777800e56ab49e0b165\WindowsXP-KB892944-x86-CSY.psm 1547 bytes
C:\WINDOWS\SoftwareDistribution\Download\8c1705d14088c777800e56ab49e0b165\_downloadprogress_.state 4 bytes
C:\WINDOWS\SoftwareDistribution\Download\8c1705d14088c777800e56ab49e0b165\_file_to_execute_.txt 17 bytes
C:\WINDOWS\SoftwareDistribution\Download\8c1705d14088c777800e56ab49e0b165\_unpacked_.state 34 bytes
C:\WINDOWS\SoftwareDistribution\Download\8c1705d14088c777800e56ab49e0b165\_usedelta_.state 34 bytes
C:\WINDOWS\SoftwareDistribution\Download\ca12fe35f9090c05abe382aee918c976\backup
C:\WINDOWS\SoftwareDistribution\Download\ca12fe35f9090c05abe382aee918c976\sp1qfe
C:\WINDOWS\SoftwareDistribution\Download\ca12fe35f9090c05abe382aee918c976\sp1qfe\gdi32.dll 260608 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\ca12fe35f9090c05abe382aee918c976\sp1qfe\mf3216.dll 36864 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\ca12fe35f9090c05abe382aee918c976\sp2gdr
C:\WINDOWS\SoftwareDistribution\Download\ca12fe35f9090c05abe382aee918c976\sp2gdr\gdi32.dll 280064 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\ca12fe35f9090c05abe382aee918c976\sp2qfe
C:\WINDOWS\SoftwareDistribution\Download\ca12fe35f9090c05abe382aee918c976\sp2qfe\gdi32.dll 280064 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\ca12fe35f9090c05abe382aee918c976\spmsg.dll 15072 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\ca12fe35f9090c05abe382aee918c976\spuninst.exe 215776 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\ca12fe35f9090c05abe382aee918c976\susdl.rq0 448 bytes
C:\WINDOWS\SoftwareDistribution\Download\ca12fe35f9090c05abe382aee918c976\update
C:\WINDOWS\SoftwareDistribution\Download\ca12fe35f9090c05abe382aee918c976\update\branches.inf 705 bytes
C:\WINDOWS\SoftwareDistribution\Download\ca12fe35f9090c05abe382aee918c976\update\eula.txt 858 bytes
C:\WINDOWS\SoftwareDistribution\Download\ca12fe35f9090c05abe382aee918c976\update\KB912919.cat 11223 bytes
C:\WINDOWS\SoftwareDistribution\Download\ca12fe35f9090c05abe382aee918c976\update\spcustom.dll 22752 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\ca12fe35f9090c05abe382aee918c976\update\update.exe 720096 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\ca12fe35f9090c05abe382aee918c976\update\update.url 5324 bytes
C:\WINDOWS\SoftwareDistribution\Download\ca12fe35f9090c05abe382aee918c976\update\update.ver 370 bytes
C:\WINDOWS\SoftwareDistribution\Download\ca12fe35f9090c05abe382aee918c976\update\updatebr.inf 592 bytes
C:\WINDOWS\SoftwareDistribution\Download\ca12fe35f9090c05abe382aee918c976\update\update_SP1QFE.inf 8836 bytes
C:\WINDOWS\SoftwareDistribution\Download\ca12fe35f9090c05abe382aee918c976\update\update_SP2GDR.inf 10051 bytes
C:\WINDOWS\SoftwareDistribution\Download\ca12fe35f9090c05abe382aee918c976\update\update_SP2QFE.inf 10766 bytes
C:\WINDOWS\SoftwareDistribution\Download\ca12fe35f9090c05abe382aee918c976\update\updspapi.dll 379616 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\ca12fe35f9090c05abe382aee918c976\WindowsXP-KB912919-x86-CSY.psm 1012 bytes
C:\WINDOWS\SoftwareDistribution\Download\ca12fe35f9090c05abe382aee918c976\_downloadprogress_.state 4 bytes
C:\WINDOWS\SoftwareDistribution\Download\ca12fe35f9090c05abe382aee918c976\_unpacked_.state 34 bytes
C:\WINDOWS\SoftwareDistribution\Download\ca12fe35f9090c05abe382aee918c976\_usedelta_.state 34 bytes
C:\WINDOWS\SoftwareDistribution\Download\cbe5915cd7436d31b07dd66e0fa42ae8\backup
C:\WINDOWS\SoftwareDistribution\Download\cbe5915cd7436d31b07dd66e0fa42ae8\sp1qfe
C:\WINDOWS\SoftwareDistribution\Download\cbe5915cd7436d31b07dd66e0fa42ae8\sp1qfe\jscript.dll 458752 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\cbe5915cd7436d31b07dd66e0fa42ae8\sp2gdr
C:\WINDOWS\SoftwareDistribution\Download\cbe5915cd7436d31b07dd66e0fa42ae8\sp2gdr\jscript.dll 450560 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\cbe5915cd7436d31b07dd66e0fa42ae8\sp2qfe
C:\WINDOWS\SoftwareDistribution\Download\cbe5915cd7436d31b07dd66e0fa42ae8\sp2qfe\jscript.dll 450560 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\cbe5915cd7436d31b07dd66e0fa42ae8\spmsg.dll 15072 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\cbe5915cd7436d31b07dd66e0fa42ae8\spuninst.exe 215776 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\cbe5915cd7436d31b07dd66e0fa42ae8\susdl.rq0 371 bytes
C:\WINDOWS\SoftwareDistribution\Download\cbe5915cd7436d31b07dd66e0fa42ae8\update
C:\WINDOWS\SoftwareDistribution\Download\cbe5915cd7436d31b07dd66e0fa42ae8\update\branches.inf 705 bytes
C:\WINDOWS\SoftwareDistribution\Download\cbe5915cd7436d31b07dd66e0fa42ae8\update\eula.txt 858 bytes
C:\WINDOWS\SoftwareDistribution\Download\cbe5915cd7436d31b07dd66e0fa42ae8\update\KB917344.cat 10925 bytes
C:\WINDOWS\SoftwareDistribution\Download\cbe5915cd7436d31b07dd66e0fa42ae8\update\spcustom.dll 22752 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\cbe5915cd7436d31b07dd66e0fa42ae8\update\update.exe 720096 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\cbe5915cd7436d31b07dd66e0fa42ae8\update\update.url 5324 bytes
C:\WINDOWS\SoftwareDistribution\Download\cbe5915cd7436d31b07dd66e0fa42ae8\update\update.ver 291 bytes
C:\WINDOWS\SoftwareDistribution\Download\cbe5915cd7436d31b07dd66e0fa42ae8\update\updatebr.inf 592 bytes
C:\WINDOWS\SoftwareDistribution\Download\cbe5915cd7436d31b07dd66e0fa42ae8\update\update_SP1QFE.inf 8614 bytes
C:\WINDOWS\SoftwareDistribution\Download\cbe5915cd7436d31b07dd66e0fa42ae8\update\update_SP2GDR.inf 10469 bytes
C:\WINDOWS\SoftwareDistribution\Download\cbe5915cd7436d31b07dd66e0fa42ae8\update\update_SP2QFE.inf 18678 bytes
C:\WINDOWS\SoftwareDistribution\Download\cbe5915cd7436d31b07dd66e0fa42ae8\update\updspapi.dll 379616 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\cbe5915cd7436d31b07dd66e0fa42ae8\WindowsXP-KB917344-x86-CSY.psm 277 bytes
C:\WINDOWS\SoftwareDistribution\Download\cbe5915cd7436d31b07dd66e0fa42ae8\_downloadprogress_.state 4 bytes
C:\WINDOWS\SoftwareDistribution\Download\cbe5915cd7436d31b07dd66e0fa42ae8\_unpacked_.state 34 bytes
C:\WINDOWS\SoftwareDistribution\Download\cbe5915cd7436d31b07dd66e0fa42ae8\_usedelta_.state 34 bytes
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\backup
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\backup\sp1qfe
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\sp1qfe
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\sp1qfe\6to4svc.dll 95232 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\sp1qfe\dhcpcsvc.dll 102912 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\sp1qfe\dnsapi.dll 140288 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\sp1qfe\inetmib1.dll 31232 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\sp1qfe\ip
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\sp1qfe\ip\netip6.inf 12434 bytes
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\sp1qfe\iphlpapi.dll 84480 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\sp1qfe\ipv6.exe 49152 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\sp1qfe\ipv6mon.dll 54272 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\sp1qfe\netsh.exe 83456 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\sp1qfe\obrs0405.dll 171008 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\sp1qfe\tcpip6.sys 203008 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\sp1qfe\tunmp.sys 11776 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\sp1qfe\ws2_32.dll 70656 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\sp1qfe\wship6.dll 13312 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\sp2gdr
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\sp2gdr\dhcpcsvc.dll 110592 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\sp2gdr\dnsapi.dll 148480 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\sp2gdr\iphlpapi.dll 95744 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\sp2qfe
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\sp2qfe\dhcpcsvc.dll 111104 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\sp2qfe\dnsapi.dll 147456 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\sp2qfe\iphlpapi.dll 95744 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\spmsg.dll 15072 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\spuninst.exe 215776 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\susdl.rq0 1902 bytes
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\update
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\update\branches.inf 705 bytes
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\update\eula.txt 858 bytes
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\update\KB914388.cat 16203 bytes
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\update\spcustom.dll 22752 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\update\update.exe 720096 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\update\update.url 5324 bytes
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\update\update.ver 1867 bytes
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\update\updatebr.inf 592 bytes
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\update\update_SP1QFE.inf 11106 bytes
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\update\update_SP2GDR.inf 10524 bytes
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\update\update_SP2QFE.inf 18733 bytes
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\update\updspapi.dll 379616 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\WindowsXP-KB914388-x86-CSY.psm 1740 bytes
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\_downloadprogress_.state 4 bytes
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\_unpacked_.state 34 bytes
C:\WINDOWS\SoftwareDistribution\Download\d56643730cd61a949deb31f31a59ee33\_usedelta_.state 34 bytes
C:\WINDOWS\SoftwareDistribution\Download\53b93e590dd39674fa59d021f6f718fd\backup
C:\WINDOWS\SoftwareDistribution\Download\53b93e590dd39674fa59d021f6f718fd\sp1qfe
C:\WINDOWS\SoftwareDistribution\Download\53b93e590dd39674fa59d021f6f718fd\sp1qfe\dhtmled.ocx 118272 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\53b93e590dd39674fa59d021f6f718fd\sp2gdr
C:\WINDOWS\SoftwareDistribution\Download\53b93e590dd39674fa59d021f6f718fd\sp2gdr\dhtmled.ocx 128512 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\53b93e590dd39674fa59d021f6f718fd\sp2qfe
C:\WINDOWS\SoftwareDistribution\Download\53b93e590dd39674fa59d021f6f718fd\sp2qfe\dhtmled.ocx 128512 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\53b93e590dd39674fa59d021f6f718fd\spmsg.dll 8192 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\53b93e590dd39674fa59d021f6f718fd\spuninst.exe 170496 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\53b93e590dd39674fa59d021f6f718fd\susdl.rq0 367 bytes
C:\WINDOWS\SoftwareDistribution\Download\53b93e590dd39674fa59d021f6f718fd\update
C:\WINDOWS\SoftwareDistribution\Download\53b93e590dd39674fa59d021f6f718fd\update\branches.inf 668 bytes
C:\WINDOWS\SoftwareDistribution\Download\53b93e590dd39674fa59d021f6f718fd\update\eula.txt 3825 bytes
C:\WINDOWS\SoftwareDistribution\Download\53b93e590dd39674fa59d021f6f718fd\update\KB891781.cat 11068 bytes
C:\WINDOWS\SoftwareDistribution\Download\53b93e590dd39674fa59d021f6f718fd\update\spcustom.dll 21504 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\53b93e590dd39674fa59d021f6f718fd\update\update.exe 657920 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\53b93e590dd39674fa59d021f6f718fd\update\update.url 5324 bytes
C:\WINDOWS\SoftwareDistribution\Download\53b93e590dd39674fa59d021f6f718fd\update\update.ver 297 bytes
C:\WINDOWS\SoftwareDistribution\Download\53b93e590dd39674fa59d021f6f718fd\update\updatebr.inf 569 bytes
C:\WINDOWS\SoftwareDistribution\Download\53b93e590dd39674fa59d021f6f718fd\update\update_SP1QFE.inf 7041 bytes
C:\WINDOWS\SoftwareDistribution\Download\53b93e590dd39674fa59d021f6f718fd\update\update_SP2GDR.inf 9157 bytes
C:\WINDOWS\SoftwareDistribution\Download\53b93e590dd39674fa59d021f6f718fd\update\update_SP2QFE.inf 9662 bytes
C:\WINDOWS\SoftwareDistribution\Download\53b93e590dd39674fa59d021f6f718fd\WindowsXP-KB891781-x86-CSY.psm 842 bytes
C:\WINDOWS\SoftwareDistribution\Download\53b93e590dd39674fa59d021f6f718fd\_downloadprogress_.state 4 bytes
C:\WINDOWS\SoftwareDistribution\Download\53b93e590dd39674fa59d021f6f718fd\_file_to_execute_.txt 17 bytes
C:\WINDOWS\SoftwareDistribution\Download\53b93e590dd39674fa59d021f6f718fd\_unpacked_.state 34 bytes
C:\WINDOWS\SoftwareDistribution\Download\53b93e590dd39674fa59d021f6f718fd\_usedelta_.state 34 bytes
C:\WINDOWS\SoftwareDistribution\Download\562cd1f9b61ce6fa00f3a454b668409b\backup
C:\WINDOWS\SoftwareDistribution\Download\562cd1f9b61ce6fa00f3a454b668409b\sp1qfe
C:\WINDOWS\SoftwareDistribution\Download\562cd1f9b61ce6fa00f3a454b668409b\sp1qfe\dnsapi.dll 140288 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\562cd1f9b61ce6fa00f3a454b668409b\sp1qfe\rasadhlp.dll 6144 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\562cd1f9b61ce6fa00f3a454b668409b\sp2gdr
C:\WINDOWS\SoftwareDistribution\Download\562cd1f9b61ce6fa00f3a454b668409b\sp2gdr\dnsapi.dll 148480 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\562cd1f9b61ce6fa00f3a454b668409b\sp2gdr\rasadhlp.dll 8192 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\562cd1f9b61ce6fa00f3a454b668409b\sp2qfe
C:\WINDOWS\SoftwareDistribution\Download\562cd1f9b61ce6fa00f3a454b668409b\sp2qfe\dnsapi.dll 147456 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\562cd1f9b61ce6fa00f3a454b668409b\sp2qfe\rasadhlp.dll 7680 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\562cd1f9b61ce6fa00f3a454b668409b\spmsg.dll 15072 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\562cd1f9b61ce6fa00f3a454b668409b\spuninst.exe 215776 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\562cd1f9b61ce6fa00f3a454b668409b\susdl.rq0 638 bytes
C:\WINDOWS\SoftwareDistribution\Download\562cd1f9b61ce6fa00f3a454b668409b\update
C:\WINDOWS\SoftwareDistribution\Download\562cd1f9b61ce6fa00f3a454b668409b\update\branches.inf 705 bytes
C:\WINDOWS\SoftwareDistribution\Download\562cd1f9b61ce6fa00f3a454b668409b\update\eula.txt 858 bytes
C:\WINDOWS\SoftwareDistribution\Download\562cd1f9b61ce6fa00f3a454b668409b\update\KB920683.cat 11929 bytes
C:\WINDOWS\SoftwareDistribution\Download\562cd1f9b61ce6fa00f3a454b668409b\update\spcustom.dll 22752 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\562cd1f9b61ce6fa00f3a454b668409b\update\update.exe 720096 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\562cd1f9b61ce6fa00f3a454b668409b\update\update.url 5324 bytes
C:\WINDOWS\SoftwareDistribution\Download\562cd1f9b61ce6fa00f3a454b668409b\update\update.ver 558 bytes
C:\WINDOWS\SoftwareDistribution\Download\562cd1f9b61ce6fa00f3a454b668409b\update\updatebr.inf 592 bytes
C:\WINDOWS\SoftwareDistribution\Download\562cd1f9b61ce6fa00f3a454b668409b\update\update_SP1QFE.inf 8712 bytes
C:\WINDOWS\SoftwareDistribution\Download\562cd1f9b61ce6fa00f3a454b668409b\update\update_SP2GDR.inf 10222 bytes
C:\WINDOWS\SoftwareDistribution\Download\562cd1f9b61ce6fa00f3a454b668409b\update\update_SP2QFE.inf 18431 bytes
C:\WINDOWS\SoftwareDistribution\Download\562cd1f9b61ce6fa00f3a454b668409b\update\updspapi.dll 379616 bytes executable
C:\WINDOWS\SoftwareDistribution\Download\562cd1f9b61ce6fa00f3a454b668409b\WindowsXP-KB920683-x86-CSY.psm 526 bytes
C:\WINDOWS\SoftwareDistribution\Download\562cd1f9b61ce6fa00f3a454b668409b\_downloadprogress_.state 4 bytes
C:\WINDOWS\SoftwareDistribution\Download\562cd1f9b61ce6fa00f3a454b668409b\_unpacked_.state 34 bytes
C:\WINDOWS\SoftwareDistribution\Download\562cd1f9b61ce6fa00f3a454b668409b\_usedelta_.state 34 bytes

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 206


Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Disabled:Logitech Desktop Messenger"
"C:\\WINDOWS\\System32\\IEXPLORE.exe"="C:\\WINDOWS\\system32\\IEXPLORE.exe:*:Enabled:Windows Vista Transformation"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\QIP\\qip.exe"="C:\\Program Files\\QIP\\qip.exe:*:Enabled:Quiet Internet Pager"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\uTorrent\\utorrent.exe"="C:\\Program Files\\uTorrent\\utorrent.exe:*:Enabled:uTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

Remaining Files:
---------------

File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes:


Finished!

[Prince]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:39:41, on 30.12.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\System32\PnkBstrA.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Peta\Plocha\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [GBB36X Configure] C:\WINDOWS\System32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [EasyTuneV] C:\Program Files\Gigabyte\ET5\GUI.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Windows Vista Transformation] C:\WINDOWS\system32\IEXPLORE.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\RunServices: [Windows Vista Transformation] C:\WINDOWS\system32\IEXPLORE.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"
O4 - HKCU\..\Run: [AtiTrayTools] "C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: ATI Tray Tools.lnk = C:\Program Files\Radeon Omega Drivers\v3.8.330\ATI Tray Tools\atitray.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{690A8150-8F2A-4200-9FED-E433BD008FBF}: NameServer = 10.132.32.1
O18 - Protocol: bw+0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D14171E2-B284-4399-8B5A-0D78F228AA5A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\System32\PnkBstrA.exe

--
End of file - 16793 bytes

[fredik]

Smaž adresář/složku kterou vytvořil SDFix:
C:\SDFix

Spusť znovu HijackThis a zaškrtni v něm okénka před řádky:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Windows Vista Transformation] C:\WINDOWS\system32\IEXPLORE.exe
O4 - HKLM\..\RunServices: [Windows Vista Transformation] C:\WINDOWS\system32\IEXPLORE.exe
po zaškrtnutí klikni na tlačítko Fix Checked

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok)
Zkopíruj do něj následující text označený zeleně:

Kód: Vybrat vše

REGEDIT4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\WINDOWS\\System32\\IEXPLORE.exe"=-

Pak dej Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: fix.reg
Uložit jako typ: tak tam vyber Všechny soubory
Ulož si daný soubor na plochu
Na ploše by se měl objevit soubor fix.reg spusť ho vyskočí hláška kde odklikni Ano poté je další hláška kde odklikni OK

Log jinak vypadá dobře. Máš ještě problémy?

[Prince]

Mockrát děkuji. Problémy jsem měl hlavně s tou aplikaci IEXPLORE.exe . Dokud jsem ji ve firewallu nezakázal komunikaci tak měla asi 100 spojení s nějakými servery a samozřejmě to brzdilo celé PC a hlavně net.

Teď už vím jak se vytváří "registromakery" . Děkuji ještě jednou :)

[fredik]

Nemáš za co