problém hlavně s SHLWAPI.dll . Chybových hlášek je víc,ale hlavně nejde na compu prakticky nic spustit.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:39:32, on 19.1.2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\AVPersonal\AVGUARD.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\AVPersonal\AVGNT.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\TuneUp Utilities 2004\MemOptimizer.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Jirka.JIRKA-TTBU8G1D9\Plocha\HiJack\HiJackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\tbu37\toolbaru.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\tbu37\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\tbu37\toolbaru.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe /WAITSERVICE
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2004\MemOptimizer.exe" autostart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Analyzovat LeechGetem - file://C:\Program Files\LeechGet 2006\\Parser.html
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: Download LeechGetem - file://C:\Program Files\LeechGet 2006\\AddUrl.html
O8 - Extra context menu item: Download s průvodcem LeechGetu - file://C:\Program Files\LeechGet 2006\\Wizard.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O17 - HKLM\System\CCS\Services\Tcpip\..\{697E148D-FFF8-46BC-936B-A5D50B0DF545}: NameServer = 10.1.0.200,10.1.0.201
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Performance Monitor - Unknown owner - C:\WINDOWS\perfmon.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Spyware Terminator Clam Service (sp_clamsrv) - Crawler.com - C:\Program Files\WinClamAVShield\sp_clamsrv.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe
--
End of file - 7175 bytes
Prosím o kontrolu
-
Baron Prášil
- Master Level 7
- Příspěvky: 4882
- Registrován: červen 06
- Pohlaví:
- Stav:
Offline
vítám tě na fóru PC-HELP 
a k věci-běžej ti najednou tři antiviry,takže-odinstaluj Aviru nebo Noda nebo alespoň vypni štíty u jednoho z nich.
spust služby - napsáním příkazu services.msc do Spustit... v nabídce START a klik na OK
najdi Spyware Terminator Clam Service a Performance Monitor
tyto zastav a typ spuštění dej na zakázáno
najdi a smaž C:\WINDOWS\perfmon.exe
odinstaluj též crowlertoolbar pokud nepoužíváš
fixni
v okně programu HJT zaškrtni nalevo u položek co napíšu a potom klik na Fix checked
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
vyčisti systém CCleanerem a RegCleanerem
když to nepomůže,udělej log z MWAVu(návod v podpisu)
a k věci-běžej ti najednou tři antiviry,takže-odinstaluj Aviru nebo Noda nebo alespoň vypni štíty u jednoho z nich.
spust služby - napsáním příkazu services.msc do Spustit... v nabídce START a klik na OK
najdi Spyware Terminator Clam Service a Performance Monitor
tyto zastav a typ spuštění dej na zakázáno
najdi a smaž C:\WINDOWS\perfmon.exe
odinstaluj též crowlertoolbar pokud nepoužíváš
fixni
v okně programu HJT zaškrtni nalevo u položek co napíšu a potom klik na Fix checked
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
vyčisti systém CCleanerem a RegCleanerem
když to nepomůže,udělej log z MWAVu(návod v podpisu)
To byl fofr.Dík.
Antiviry jsem tam nacpal další tři až teď a už je tam zase jen jeden.
Udělal jsem skoro všechno podle toho jak jsi psal.
Největší problém je ale ten,že nemůžu dokončit žádnou kontrolu antivirem,ani MWAV,protože se mi vždycky v průběhu scanu restartuje comp.
Jinak MWAV našel během 20-ti minut co běžel 28 kritických objektů.Byli mezi nimi viry,napadené soubory,troják,spyboot atd.
Takže hlavní otázka zní,jak to nechat projet komplet antivirem,aniž by se to v průběhu testu restartovalo.Podotýkám,že v nouzovém režimu je to stejné.
Antiviry jsem tam nacpal další tři až teď a už je tam zase jen jeden.
Udělal jsem skoro všechno podle toho jak jsi psal.
Největší problém je ale ten,že nemůžu dokončit žádnou kontrolu antivirem,ani MWAV,protože se mi vždycky v průběhu scanu restartuje comp.
Jinak MWAV našel během 20-ti minut co běžel 28 kritických objektů.Byli mezi nimi viry,napadené soubory,troják,spyboot atd.
Takže hlavní otázka zní,jak to nechat projet komplet antivirem,aniž by se to v průběhu testu restartovalo.Podotýkám,že v nouzovém režimu je to stejné.
-
Baron Prášil
- Master Level 7
- Příspěvky: 4882
- Registrován: červen 06
- Pohlaví:
- Stav:
Offline
zkus to s vypnutým restartem
1. Pravym tlacitkem na Tento pocitac a Vlastnosti.
2. Zalozka Upresnit.
3. V casti Spusteni a zotaveni systemu tlacitko Nastaveni.
4. Zrus zaskrtnuti u polozky Automaticky restartovat
možná to půjde do modrý smrti,tak to ofoť nebo opiš a pošli.
když se tak stane a mwav opět nedojede udělej COMBOFIX
Stáhni si ComboFix (by sUBs) a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem klávesy 1
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log, který se ti zobrazí, jinak ho najdeš zde: C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
mimochodem,jistě víš,že absence SP2 není dobrá věc
zatím ho neinstaluj
na špinavej systém se to nemá
ale do budoucna určitě.systém je děravej jak cedník
1. Pravym tlacitkem na Tento pocitac a Vlastnosti.
2. Zalozka Upresnit.
3. V casti Spusteni a zotaveni systemu tlacitko Nastaveni.
4. Zrus zaskrtnuti u polozky Automaticky restartovat
možná to půjde do modrý smrti,tak to ofoť nebo opiš a pošli.
když se tak stane a mwav opět nedojede udělej COMBOFIX
Stáhni si ComboFix (by sUBs) a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem klávesy 1
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log, který se ti zobrazí, jinak ho najdeš zde: C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
mimochodem,jistě víš,že absence SP2 není dobrá věc
zatím ho neinstaluj
na špinavej systém se to nemá
ale do budoucna určitě.systém je děravej jak cedníkJeště jsem to projel Avastem před startem OS
současný log vypadá takto:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:31:34, on 19.1.2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\AVPersonal\AVGUARD.EXE
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\cidaemon.exe
C:\Documents and Settings\Jirka.JIRKA-TTBU8G1D9\Plocha\HiJack\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\tbu37\toolbaru.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\tbu37\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\tbu37\toolbaru.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Analyzovat LeechGetem - file://C:\Program Files\LeechGet 2006\\Parser.html
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: Download LeechGetem - file://C:\Program Files\LeechGet 2006\\AddUrl.html
O8 - Extra context menu item: Download s průvodcem LeechGetu - file://C:\Program Files\LeechGet 2006\\Wizard.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{697E148D-FFF8-46BC-936B-A5D50B0DF545}: NameServer = 10.1.0.200,10.1.0.201
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
--
End of file - 6108 bytes
Budu pokračovat dál podle rad.
Zatím moc a moc dík.
Jo a Avast mi smazal mraky zavirovaných souborů,ale stále nic nespustím.
Chybová hláška: Vstupní bod procedury SHRegGetValueW se nepodařilo v dynamicky propojované knihovně SHLWAPI.dll nalézt
současný log vypadá takto:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:31:34, on 19.1.2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\AVPersonal\AVGUARD.EXE
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\cidaemon.exe
C:\Documents and Settings\Jirka.JIRKA-TTBU8G1D9\Plocha\HiJack\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\tbu37\toolbaru.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\tbu37\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\tbu37\toolbaru.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Analyzovat LeechGetem - file://C:\Program Files\LeechGet 2006\\Parser.html
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: Download LeechGetem - file://C:\Program Files\LeechGet 2006\\AddUrl.html
O8 - Extra context menu item: Download s průvodcem LeechGetu - file://C:\Program Files\LeechGet 2006\\Wizard.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{697E148D-FFF8-46BC-936B-A5D50B0DF545}: NameServer = 10.1.0.200,10.1.0.201
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
--
End of file - 6108 bytes
Budu pokračovat dál podle rad.
Zatím moc a moc dík.
Jo a Avast mi smazal mraky zavirovaných souborů,ale stále nic nespustím.
Chybová hláška: Vstupní bod procedury SHRegGetValueW se nepodařilo v dynamicky propojované knihovně SHLWAPI.dll nalézt
ComboFix 08-01-18.5 - Jirka 2008-01-19 23:40:25.3 - NTFSx86
Running from: C:\Documents and Settings\Jirka.JIRKA-TTBU8G1D9\Plocha\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\regedit.com
C:\WINDOWS\system32\taskmgr.com
.
---- Previous Run -------
.
C:\WINDOWS\regedit.com
C:\WINDOWS\system32\taskmgr.com
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\LEGACY_PERFORMANCE_MONITOR
-------\Performance Monitor
((((((((((((((((((((((((( Files Created from 2007-12-19 to 2008-01-19 )))))))))))))))))))))))))))))))
.
2008-01-19 20:53 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-19 19:34 . 2008-01-19 19:34 <DIR> d-------- C:\Program Files\Alwil Software
2008-01-19 19:34 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-01-19 19:34 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-01-19 19:34 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-01-19 19:34 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-01-19 19:34 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-01-19 19:34 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-01-19 19:34 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-01-19 19:34 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-01-19 18:19 . 2008-01-19 18:19 <DIR> d-a------ C:\WINDOWS\zts2.exe
2008-01-19 18:19 . 2008-01-19 18:19 <DIR> d-a------ C:\WINDOWS\system32\vcmgcd32.dll
2008-01-19 18:19 . 2008-01-19 18:19 <DIR> d-a------ C:\WINDOWS\system32\iifgfgf.dll
2008-01-19 18:19 . 2008-01-19 18:19 <DIR> d-a------ C:\WINDOWS\rundll16.exe
2008-01-19 18:19 . 2008-01-19 18:19 <DIR> d-a------ C:\WINDOWS\rundl132.dll
2008-01-19 18:19 . 2008-01-19 18:19 <DIR> d-a------ C:\WINDOWS\logo1_.exe
2008-01-19 18:11 . 2008-01-19 21:27 50 --a------ C:\WINDOWS\Lic.xxx
2008-01-19 18:10 . 2001-10-25 11:00 135,680 --a------ C:\WINDOWS\R.COM
2008-01-19 18:10 . 2001-10-25 11:00 130,048 --a------ C:\WINDOWS\system32\T.COM
2008-01-19 17:53 . 2008-01-19 17:53 <DIR> d-------- C:\Program Files\Yahoo!
2008-01-19 17:53 . 2008-01-19 17:53 <DIR> d-------- C:\Program Files\CCleaner
2008-01-19 16:04 . 2008-01-19 17:37 12 --a------ C:\WINDOWS\system32\mapisvc.inf
2008-01-19 14:13 . 2001-10-25 11:00 178,696 --------- C:\WINDOWS\system32\SHLWAPI.DL_
2008-01-14 15:53 . 2001-10-24 11:45 13,952 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys
2008-01-14 15:53 . 2001-10-24 11:54 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-01-14 15:09 . 2008-01-14 15:48 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Bluetooth
2008-01-14 15:08 . 2008-01-14 15:08 <DIR> d-------- C:\Documents and Settings\Jirka.JIRKA-TTBU8G1D9\Data aplikací\LGSync
2008-01-14 15:06 . 2007-03-05 05:53 44,304 --a------ C:\WINDOWS\system32\drivers\VcommMgr.sys
2008-01-14 15:06 . 2007-05-09 01:59 36,496 --a------ C:\WINDOWS\system32\drivers\btcusb.sys
2008-01-14 15:06 . 2007-03-05 05:56 35,600 --a------ C:\WINDOWS\system32\drivers\BTHidMgr.sys
2008-01-14 15:06 . 2007-03-05 05:52 34,448 --a------ C:\WINDOWS\system32\drivers\VComm.sys
2008-01-14 15:06 . 2007-03-05 06:00 27,792 --a------ C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys
2008-01-14 15:06 . 2007-03-05 05:55 20,880 --a------ C:\WINDOWS\system32\drivers\vbtenum.sys
2008-01-14 15:06 . 2007-03-05 05:59 18,320 --a------ C:\WINDOWS\system32\drivers\btnetdrv.sys
2008-01-14 15:05 . 2001-08-18 05:24 135,040 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2008-01-14 15:05 . 2001-08-17 21:01 57,344 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2008-01-14 15:05 . 2004-07-09 03:27 48,512 --a------ C:\WINDOWS\system32\drivers\stream.sys
2008-01-14 15:05 . 2007-05-11 03:10 34,704 --a------ C:\WINDOWS\system32\drivers\blueletaudio.sys
2008-01-14 15:05 . 2001-10-24 11:25 22,016 --a------ C:\WINDOWS\system32\wdmaud.drv
2008-01-14 15:05 . 2002-12-11 23:14 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2008-01-14 15:05 . 2008-01-14 15:44 32 --a------ C:\WINDOWS\0
2008-01-14 15:05 . 2008-01-14 15:05 0 --a------ C:\WINDOWS\system32\0
2008-01-14 10:48 . 2008-01-18 17:34 <DIR> d-------- C:\WINDOWS\LastGood
2008-01-14 10:48 . 2008-01-14 10:48 <DIR> d-------- C:\Program Files\LG Electronics
2008-01-14 10:47 . 2005-07-22 10:43 1,233,920 --a------ C:\WINDOWS\system32\msxml4.dll
2008-01-14 10:47 . 2006-04-05 17:45 798,773 --a------ C:\WINDOWS\system32\MFCO42D.DLL
2008-01-14 10:47 . 2005-09-26 22:55 419,240 --a------ C:\WINDOWS\system32\Vsflex7L.ocx
2008-01-14 10:47 . 2000-05-22 00:00 244,416 --a------ C:\WINDOWS\system32\Msflxgrd.ocx
2008-01-14 10:47 . 2005-11-24 11:34 82,432 --a------ C:\WINDOWS\system32\msxml4r.dll
2008-01-14 10:47 . 2005-06-28 22:12 36,864 --a------ C:\WINDOWS\system32\CSDLGE1LIB.dll
2008-01-14 10:46 . 2008-01-14 10:47 <DIR> d-------- C:\Program Files\LGE GSM PC Sync
2008-01-14 10:46 . 2005-05-25 19:12 929,844 --a------ C:\WINDOWS\system32\MFC42D.DLL
2008-01-14 10:46 . 2006-01-02 21:29 434,252 --a------ C:\WINDOWS\system32\MSVCRTD.DLL
2008-01-14 10:46 . 2002-10-17 05:19 291,840 --a------ C:\WINDOWS\system32\msvcirtd.dll
2008-01-10 08:03 . 2008-01-10 08:03 <DIR> d-------- C:\Program Files\Common Files\NSV
2008-01-07 13:08 . 2008-01-07 13:10 <DIR> d-------- C:\Program Files\Rally Championship Xtreme
2008-01-07 08:02 . 2003-07-17 14:01 55,871 --a------ C:\WINDOWS\system32\drivers\eugssxp.sys
2008-01-07 08:02 . 2003-07-17 14:02 39,197 --a------ C:\WINDOWS\system32\drivers\skeyusb.sys
2008-01-07 08:02 . 2003-07-17 14:01 16,695 --a------ C:\WINDOWS\system32\drivers\eusk2par.sys
2008-01-07 07:58 . 2008-01-09 13:00 <DIR> d-------- C:\Program Files\RikFerProject
2008-01-07 07:58 . 2002-07-15 16:49 28,672 --a------ C:\WINDOWS\system32\DetectOS.exe
2008-01-05 15:02 . 2005-12-06 04:27 287,360 -ra------ C:\WINDOWS\system32\drivers\LV561AV.SYS
2008-01-04 19:23 . 2008-01-07 07:45 1,905 --a------ C:\WINDOWS\diagwrn.xml
2008-01-04 19:23 . 2008-01-07 07:45 1,905 --a------ C:\WINDOWS\diagerr.xml
2007-12-30 13:44 . 2007-12-30 13:44 <DIR> d-------- C:\Documents and Settings\Jirka.JIRKA-TTBU8G1D9\Data aplikací\Samsung
2007-12-30 13:42 . 2007-12-30 13:42 <DIR> d-------- C:\Program Files\Samsung
2007-12-19 12:15 . 2007-12-19 12:15 <DIR> d-------- C:\Program Files\iGO POI Explorer beta
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-19 19:31 --------- d-----w C:\Program Files\Mozilla Thunderbird
2008-01-19 18:19 --------- d-----w C:\Documents and Settings\Jirka.JIRKA-TTBU8G1D9\Data aplikací\OpenOffice.org2
2008-01-19 16:22 --------- d-----w C:\Program Files\AVPersonal
2008-01-19 13:24 --------- d-----w C:\Program Files\Spyware Terminator
2008-01-18 22:55 --------- d-----w C:\Documents and Settings\Jirka.JIRKA-TTBU8G1D9\Data aplikací\Skype
2008-01-18 14:25 65,536 ----a-w C:\WINDOWS\DUMP49ab.tmp
2008-01-18 14:00 --------- d-----w C:\Program Files\Norton Security Scan
2008-01-16 17:09 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-01-16 11:42 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Spyware Terminator
2008-01-14 15:08 --------- d-----w C:\Documents and Settings\Jirka.JIRKA-TTBU8G1D9\Data aplikací\MyPhoneExplorer
2008-01-14 09:48 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-10 08:09 --------- d-----w C:\Documents and Settings\Jirka.JIRKA-TTBU8G1D9\Data aplikací\Winamp
2008-01-09 16:42 --------- d-----w C:\Program Files\Winamp Toolbar
2008-01-09 16:42 --------- d-----w C:\Program Files\Winamp
2007-12-25 17:20 --------- d--h--w C:\Program Files\Zero G Registry
2007-12-25 16:53 --------- d-----w C:\Program Files\ICQLite
2007-12-21 15:01 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Data aplikací\DVD Shrink
2007-12-17 12:03 --------- d-----w C:\Program Files\TuneUp Utilities 2004
2007-12-07 13:15 --------- d-----w C:\Program Files\MachrSoft
2007-12-05 22:26 --------- d-----w C:\Program Files\WinClamAVShield
2007-11-30 15:59 --------- d-----w C:\Program Files\Maxon
2007-11-30 11:26 --------- d-----w C:\Program Files\Rockstar Games
2007-11-29 18:15 --------- d-----w C:\Program Files\Return to Castle Wolfenstein
2007-11-29 10:18 --------- d-----w C:\Documents and Settings\Jirka.JIRKA-TTBU8G1D9\Data aplikací\Autodesk
2007-11-29 10:17 --------- d-----w C:\Program Files\AutoCAD 2004
2007-11-29 10:16 54,784 ----a-w C:\WINDOWS\system32\drivers\CDAC11BA.EXE
2007-11-29 10:16 12,464 ----a-w C:\WINDOWS\system32\drivers\CDAC15BA.SYS
2007-11-29 10:16 --------- d-----w C:\Program Files\Common Files\Macrovision Shared
2007-11-29 10:14 --------- d-----w C:\Program Files\Common Files\Autodesk Shared
2007-11-29 10:14 --------- d-----w C:\Program Files\AnswerWorks 4.0
2007-11-29 10:12 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Autodesk
2007-11-29 09:25 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Macrovision
2007-11-29 09:02 --------- d-----w C:\Program Files\Richard Burns Rally
2007-11-24 10:03 --------- d-----w C:\Program Files\Webster
2007-11-24 10:03 --------- d-----w C:\Program Files\Replay Converter
2007-11-24 10:03 --------- d-----w C:\Program Files\Mozilla ActiveX Control v1.7.1
2007-11-24 10:03 --------- d-----w C:\Program Files\MozBackup
2007-11-24 10:03 --------- d-----w C:\Program Files\GameSpy Arcade
2007-11-24 10:03 --------- d-----w C:\Program Files\Disc2Phone
2007-11-24 10:03 --------- d-----w C:\Program Files\ActiveX Control Pad
2007-11-24 10:03 --------- d-----w C:\Documents and Settings\Jirka\Data aplikací\Skype
2007-11-24 10:03 --------- d-----w C:\Documents and Settings\Jirka.JIRKA-TTBU8G1D9\Data aplikací\VersionTracker Pro
2007-11-24 10:03 --------- d-----w C:\Documents and Settings\Jirka.JIRKA-TTBU8G1D9\Data aplikací\GetRightToGo
2007-11-04 11:34 737,280 ----a-w C:\WINDOWS\iun6002.exe
2007-11-01 06:57 41,984 ----a-w C:\WINDOWS\system32\ftp.exe
2007-11-01 06:57 16,896 ----a-w C:\WINDOWS\system32\tftp.exe
2001-11-23 04:08 712,704 ----a-w C:\WINDOWS\inf\OTHER\AUDIO3D.DLL
2007-03-09 08:12 27,648 --sha-w C:\WINDOWS\system32\AVSredirect.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
2007-12-13 17:49 1185120 --a------ C:\Program Files\Winamp Toolbar\winamptb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E718888-423F-11D2-876E-00A0C9082467}
{855F3B16-6D32-4FE6-8A56-BBB695989046}
{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
[HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= C:\Program Files\Winamp Toolbar\winamptb.dll [2007-12-13 17:49 1185120]
[HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2004-04-23 05:24 3756032]
"KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" [ ]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2001-10-25 11:00 13312]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^BlueSoleil.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\BlueSoleil.lnk
backup=C:\WINDOWS\pss\BlueSoleil.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^hp psc 1000 series.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\hp psc 1000 series.lnk
backup=C:\WINDOWS\pss\hp psc 1000 series.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^hpoddt01.exe.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\hpoddt01.exe.lnk
backup=C:\WINDOWS\pss\hpoddt01.exe.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Logitech Desktop Messenger.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\Logitech Desktop Messenger.lnk
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^ScheduleTV.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\ScheduleTV.lnk
backup=C:\WINDOWS\pss\ScheduleTV.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^VersionTrackerPro.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\VersionTrackerPro.lnk
backup=C:\WINDOWS\pss\VersionTrackerPro.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Windows Desktop Search.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\Windows Desktop Search.lnk
backup=C:\WINDOWS\pss\Windows Desktop Search.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Jirka.JIRKA-TTBU8G1D9^Nabídka Start^Programy^Po spuštění^OpenOffice.org 2.0.lnk]
path=C:\Documents and Settings\Jirka.JIRKA-TTBU8G1D9\Nabídka Start\Programy\Po spuštění\OpenOffice.org 2.0.lnk
backup=C:\WINDOWS\pss\OpenOffice.org 2.0.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Jirka.JIRKA-TTBU8G1D9^Nabídka Start^Programy^Po spuštění^Reminder-cor40212.lnk]
path=C:\Documents and Settings\Jirka.JIRKA-TTBU8G1D9\Nabídka Start\Programy\Po spuštění\Reminder-cor40212.lnk
backup=C:\WINDOWS\pss\Reminder-cor40212.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!]
--a------ 2007-12-04 14:00 79224 C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVGCtrl]
--a------ 2005-11-03 17:06 180327 C:\Program Files\AVPersonal\AVGNT.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cmaudio]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2001-10-25 11:00 13312 C:\WINDOWS\System32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033]
--a------ 2004-03-12 21:43 81920 C:\Program Files\D-Tools\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite]
--a------ 2006-07-11 11:06 3144800 C:\Program Files\ICQLite\ICQLite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
--a------ 2007-08-22 17:00 67128 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCameraAssistant]
--a------ 2005-12-07 09:26 489472 C:\Program Files\Logitech\Video\CameraAssistant.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCameraService(E)]
--a------ 2004-11-01 16:22 262144 C:\WINDOWS\System32\ElkCtrl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideo[inspector]]
--a------ 2005-12-07 09:33 73728 C:\Program Files\Logitech\Video\InstallHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]
--a------ 2005-12-09 14:32 225280 C:\WINDOWS\System32\LVCOMSX.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 10:50 155648 C:\WINDOWS\System32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
-ra------ 2004-04-23 05:24 3756032 C:\WINDOWS\System32\NvCpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NWEReboot]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
-ra------ 2004-04-23 05:24 831488 C:\WINDOWS\system32\nwiz.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]
--a------ 2007-10-23 01:47 360448 C:\Program Files\Winamp Remote\bin\OrbTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-08-19 09:30 282624 C:\Program Files\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiSUSBRG]
--a------ 2002-07-12 11:15 106496 C:\WINDOWS\SiSUSBrg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
-ra------ 2005-10-26 15:17 159744 C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
--a------ 2007-10-12 14:54 2778112 C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2007-09-25 00:11 132496 C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TuneUp MemOptimizer]
--a------ 2004-11-09 21:11 302592 C:\Program Files\TuneUp Utilities 2004\MemOptimizer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
--a------ 2007-12-20 16:16 37376 C:\Program Files\Winamp\winampa.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"KernelFaultCheck"=%systemroot%\system32\dumprep 0 -k
"NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
"NvMediaCenter"=RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
"TV Card Remote Control Applet"=C:\WINDOWS\713xRMT.exe
R0 d346bus;d346bus;C:\WINDOWS\System32\DRIVERS\d346bus.sys [2004-03-12 21:41]
R0 d346prt;d346prt;C:\WINDOWS\System32\Drivers\d346prt.sys [2004-03-12 21:41]
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\System32\drivers\sp_rsdrv2.sys [2007-10-12 14:56]
R2 713xTVCard;SAA7134 TV Card;C:\WINDOWS\System32\DRIVERS\SAA713x.sys [2004-11-30 05:00]
R2 eugss;EUTRON SmartKey GSS2 Driver;C:\WINDOWS\System32\Drivers\eugssxp.sys [2003-07-17 14:01]
R2 eusk2par;EUTRON SmartKey Parallel Driver;C:\WINDOWS\System32\Drivers\eusk2par.sys [2003-07-17 14:01]
R2 WDMTVTuner;Universal WDM TV Tuner;C:\WINDOWS\System32\drivers\WDMTuner.sys [2004-11-30 05:00]
R3 avgntdw;avgntdw;C:\Program Files\AVPersonal\AVGNTDW.SYS [2005-04-29 08:07]
R3 LVPrcMon;Logitech LVPrcMon Driver;C:\WINDOWS\system32\drivers\LVPrcMon.sys [2005-12-09 14:37]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\System32\DRIVERS\psched.sys [2001-10-25 11:00]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB;C:\WINDOWS\System32\DRIVERS\usbohci.sys [2001-10-25 11:00]
S3 AVWUpSrv;AntiVir Update;"C:\Program Files\AVPersonal\AVWUPSRV.EXE" [2005-10-13 15:32]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\System32\DRIVERS\ss_bus.sys [2005-08-30 17:57]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\System32\DRIVERS\ss_mdfl.sys [2005-08-30 17:58]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\System32\DRIVERS\ss_mdm.sys [2005-08-30 17:59]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB;C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2001-10-25 11:00]
S3 usbscan;Ovladač skeneru USB;C:\WINDOWS\System32\DRIVERS\usbscan.sys [2001-08-17 20:53]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB;C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2001-08-17 21:03]
.
Contents of the 'Scheduled Tasks' folder
"2008-01-18 16:27:50 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2004\SystemOptimizer.exe
"2008-01-18 14:00:54 C:\WINDOWS\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-19 23:44:23
Windows 5.1.2600 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\vorbis.dll
-> C:\WINDOWS\system32\ogg.dll
.
Completion time: 2008-01-19 23:45:17
ComboFix-quarantined-files.txt 2008-01-19 22:45:08
Running from: C:\Documents and Settings\Jirka.JIRKA-TTBU8G1D9\Plocha\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\regedit.com
C:\WINDOWS\system32\taskmgr.com
.
---- Previous Run -------
.
C:\WINDOWS\regedit.com
C:\WINDOWS\system32\taskmgr.com
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\LEGACY_PERFORMANCE_MONITOR
-------\Performance Monitor
((((((((((((((((((((((((( Files Created from 2007-12-19 to 2008-01-19 )))))))))))))))))))))))))))))))
.
2008-01-19 20:53 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-19 19:34 . 2008-01-19 19:34 <DIR> d-------- C:\Program Files\Alwil Software
2008-01-19 19:34 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-01-19 19:34 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-01-19 19:34 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-01-19 19:34 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-01-19 19:34 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-01-19 19:34 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-01-19 19:34 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-01-19 19:34 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-01-19 18:19 . 2008-01-19 18:19 <DIR> d-a------ C:\WINDOWS\zts2.exe
2008-01-19 18:19 . 2008-01-19 18:19 <DIR> d-a------ C:\WINDOWS\system32\vcmgcd32.dll
2008-01-19 18:19 . 2008-01-19 18:19 <DIR> d-a------ C:\WINDOWS\system32\iifgfgf.dll
2008-01-19 18:19 . 2008-01-19 18:19 <DIR> d-a------ C:\WINDOWS\rundll16.exe
2008-01-19 18:19 . 2008-01-19 18:19 <DIR> d-a------ C:\WINDOWS\rundl132.dll
2008-01-19 18:19 . 2008-01-19 18:19 <DIR> d-a------ C:\WINDOWS\logo1_.exe
2008-01-19 18:11 . 2008-01-19 21:27 50 --a------ C:\WINDOWS\Lic.xxx
2008-01-19 18:10 . 2001-10-25 11:00 135,680 --a------ C:\WINDOWS\R.COM
2008-01-19 18:10 . 2001-10-25 11:00 130,048 --a------ C:\WINDOWS\system32\T.COM
2008-01-19 17:53 . 2008-01-19 17:53 <DIR> d-------- C:\Program Files\Yahoo!
2008-01-19 17:53 . 2008-01-19 17:53 <DIR> d-------- C:\Program Files\CCleaner
2008-01-19 16:04 . 2008-01-19 17:37 12 --a------ C:\WINDOWS\system32\mapisvc.inf
2008-01-19 14:13 . 2001-10-25 11:00 178,696 --------- C:\WINDOWS\system32\SHLWAPI.DL_
2008-01-14 15:53 . 2001-10-24 11:45 13,952 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys
2008-01-14 15:53 . 2001-10-24 11:54 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-01-14 15:09 . 2008-01-14 15:48 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Bluetooth
2008-01-14 15:08 . 2008-01-14 15:08 <DIR> d-------- C:\Documents and Settings\Jirka.JIRKA-TTBU8G1D9\Data aplikací\LGSync
2008-01-14 15:06 . 2007-03-05 05:53 44,304 --a------ C:\WINDOWS\system32\drivers\VcommMgr.sys
2008-01-14 15:06 . 2007-05-09 01:59 36,496 --a------ C:\WINDOWS\system32\drivers\btcusb.sys
2008-01-14 15:06 . 2007-03-05 05:56 35,600 --a------ C:\WINDOWS\system32\drivers\BTHidMgr.sys
2008-01-14 15:06 . 2007-03-05 05:52 34,448 --a------ C:\WINDOWS\system32\drivers\VComm.sys
2008-01-14 15:06 . 2007-03-05 06:00 27,792 --a------ C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys
2008-01-14 15:06 . 2007-03-05 05:55 20,880 --a------ C:\WINDOWS\system32\drivers\vbtenum.sys
2008-01-14 15:06 . 2007-03-05 05:59 18,320 --a------ C:\WINDOWS\system32\drivers\btnetdrv.sys
2008-01-14 15:05 . 2001-08-18 05:24 135,040 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2008-01-14 15:05 . 2001-08-17 21:01 57,344 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2008-01-14 15:05 . 2004-07-09 03:27 48,512 --a------ C:\WINDOWS\system32\drivers\stream.sys
2008-01-14 15:05 . 2007-05-11 03:10 34,704 --a------ C:\WINDOWS\system32\drivers\blueletaudio.sys
2008-01-14 15:05 . 2001-10-24 11:25 22,016 --a------ C:\WINDOWS\system32\wdmaud.drv
2008-01-14 15:05 . 2002-12-11 23:14 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2008-01-14 15:05 . 2008-01-14 15:44 32 --a------ C:\WINDOWS\0
2008-01-14 15:05 . 2008-01-14 15:05 0 --a------ C:\WINDOWS\system32\0
2008-01-14 10:48 . 2008-01-18 17:34 <DIR> d-------- C:\WINDOWS\LastGood
2008-01-14 10:48 . 2008-01-14 10:48 <DIR> d-------- C:\Program Files\LG Electronics
2008-01-14 10:47 . 2005-07-22 10:43 1,233,920 --a------ C:\WINDOWS\system32\msxml4.dll
2008-01-14 10:47 . 2006-04-05 17:45 798,773 --a------ C:\WINDOWS\system32\MFCO42D.DLL
2008-01-14 10:47 . 2005-09-26 22:55 419,240 --a------ C:\WINDOWS\system32\Vsflex7L.ocx
2008-01-14 10:47 . 2000-05-22 00:00 244,416 --a------ C:\WINDOWS\system32\Msflxgrd.ocx
2008-01-14 10:47 . 2005-11-24 11:34 82,432 --a------ C:\WINDOWS\system32\msxml4r.dll
2008-01-14 10:47 . 2005-06-28 22:12 36,864 --a------ C:\WINDOWS\system32\CSDLGE1LIB.dll
2008-01-14 10:46 . 2008-01-14 10:47 <DIR> d-------- C:\Program Files\LGE GSM PC Sync
2008-01-14 10:46 . 2005-05-25 19:12 929,844 --a------ C:\WINDOWS\system32\MFC42D.DLL
2008-01-14 10:46 . 2006-01-02 21:29 434,252 --a------ C:\WINDOWS\system32\MSVCRTD.DLL
2008-01-14 10:46 . 2002-10-17 05:19 291,840 --a------ C:\WINDOWS\system32\msvcirtd.dll
2008-01-10 08:03 . 2008-01-10 08:03 <DIR> d-------- C:\Program Files\Common Files\NSV
2008-01-07 13:08 . 2008-01-07 13:10 <DIR> d-------- C:\Program Files\Rally Championship Xtreme
2008-01-07 08:02 . 2003-07-17 14:01 55,871 --a------ C:\WINDOWS\system32\drivers\eugssxp.sys
2008-01-07 08:02 . 2003-07-17 14:02 39,197 --a------ C:\WINDOWS\system32\drivers\skeyusb.sys
2008-01-07 08:02 . 2003-07-17 14:01 16,695 --a------ C:\WINDOWS\system32\drivers\eusk2par.sys
2008-01-07 07:58 . 2008-01-09 13:00 <DIR> d-------- C:\Program Files\RikFerProject
2008-01-07 07:58 . 2002-07-15 16:49 28,672 --a------ C:\WINDOWS\system32\DetectOS.exe
2008-01-05 15:02 . 2005-12-06 04:27 287,360 -ra------ C:\WINDOWS\system32\drivers\LV561AV.SYS
2008-01-04 19:23 . 2008-01-07 07:45 1,905 --a------ C:\WINDOWS\diagwrn.xml
2008-01-04 19:23 . 2008-01-07 07:45 1,905 --a------ C:\WINDOWS\diagerr.xml
2007-12-30 13:44 . 2007-12-30 13:44 <DIR> d-------- C:\Documents and Settings\Jirka.JIRKA-TTBU8G1D9\Data aplikací\Samsung
2007-12-30 13:42 . 2007-12-30 13:42 <DIR> d-------- C:\Program Files\Samsung
2007-12-19 12:15 . 2007-12-19 12:15 <DIR> d-------- C:\Program Files\iGO POI Explorer beta
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-19 19:31 --------- d-----w C:\Program Files\Mozilla Thunderbird
2008-01-19 18:19 --------- d-----w C:\Documents and Settings\Jirka.JIRKA-TTBU8G1D9\Data aplikací\OpenOffice.org2
2008-01-19 16:22 --------- d-----w C:\Program Files\AVPersonal
2008-01-19 13:24 --------- d-----w C:\Program Files\Spyware Terminator
2008-01-18 22:55 --------- d-----w C:\Documents and Settings\Jirka.JIRKA-TTBU8G1D9\Data aplikací\Skype
2008-01-18 14:25 65,536 ----a-w C:\WINDOWS\DUMP49ab.tmp
2008-01-18 14:00 --------- d-----w C:\Program Files\Norton Security Scan
2008-01-16 17:09 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-01-16 11:42 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Spyware Terminator
2008-01-14 15:08 --------- d-----w C:\Documents and Settings\Jirka.JIRKA-TTBU8G1D9\Data aplikací\MyPhoneExplorer
2008-01-14 09:48 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-10 08:09 --------- d-----w C:\Documents and Settings\Jirka.JIRKA-TTBU8G1D9\Data aplikací\Winamp
2008-01-09 16:42 --------- d-----w C:\Program Files\Winamp Toolbar
2008-01-09 16:42 --------- d-----w C:\Program Files\Winamp
2007-12-25 17:20 --------- d--h--w C:\Program Files\Zero G Registry
2007-12-25 16:53 --------- d-----w C:\Program Files\ICQLite
2007-12-21 15:01 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Data aplikací\DVD Shrink
2007-12-17 12:03 --------- d-----w C:\Program Files\TuneUp Utilities 2004
2007-12-07 13:15 --------- d-----w C:\Program Files\MachrSoft
2007-12-05 22:26 --------- d-----w C:\Program Files\WinClamAVShield
2007-11-30 15:59 --------- d-----w C:\Program Files\Maxon
2007-11-30 11:26 --------- d-----w C:\Program Files\Rockstar Games
2007-11-29 18:15 --------- d-----w C:\Program Files\Return to Castle Wolfenstein
2007-11-29 10:18 --------- d-----w C:\Documents and Settings\Jirka.JIRKA-TTBU8G1D9\Data aplikací\Autodesk
2007-11-29 10:17 --------- d-----w C:\Program Files\AutoCAD 2004
2007-11-29 10:16 54,784 ----a-w C:\WINDOWS\system32\drivers\CDAC11BA.EXE
2007-11-29 10:16 12,464 ----a-w C:\WINDOWS\system32\drivers\CDAC15BA.SYS
2007-11-29 10:16 --------- d-----w C:\Program Files\Common Files\Macrovision Shared
2007-11-29 10:14 --------- d-----w C:\Program Files\Common Files\Autodesk Shared
2007-11-29 10:14 --------- d-----w C:\Program Files\AnswerWorks 4.0
2007-11-29 10:12 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Autodesk
2007-11-29 09:25 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Macrovision
2007-11-29 09:02 --------- d-----w C:\Program Files\Richard Burns Rally
2007-11-24 10:03 --------- d-----w C:\Program Files\Webster
2007-11-24 10:03 --------- d-----w C:\Program Files\Replay Converter
2007-11-24 10:03 --------- d-----w C:\Program Files\Mozilla ActiveX Control v1.7.1
2007-11-24 10:03 --------- d-----w C:\Program Files\MozBackup
2007-11-24 10:03 --------- d-----w C:\Program Files\GameSpy Arcade
2007-11-24 10:03 --------- d-----w C:\Program Files\Disc2Phone
2007-11-24 10:03 --------- d-----w C:\Program Files\ActiveX Control Pad
2007-11-24 10:03 --------- d-----w C:\Documents and Settings\Jirka\Data aplikací\Skype
2007-11-24 10:03 --------- d-----w C:\Documents and Settings\Jirka.JIRKA-TTBU8G1D9\Data aplikací\VersionTracker Pro
2007-11-24 10:03 --------- d-----w C:\Documents and Settings\Jirka.JIRKA-TTBU8G1D9\Data aplikací\GetRightToGo
2007-11-04 11:34 737,280 ----a-w C:\WINDOWS\iun6002.exe
2007-11-01 06:57 41,984 ----a-w C:\WINDOWS\system32\ftp.exe
2007-11-01 06:57 16,896 ----a-w C:\WINDOWS\system32\tftp.exe
2001-11-23 04:08 712,704 ----a-w C:\WINDOWS\inf\OTHER\AUDIO3D.DLL
2007-03-09 08:12 27,648 --sha-w C:\WINDOWS\system32\AVSredirect.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
2007-12-13 17:49 1185120 --a------ C:\Program Files\Winamp Toolbar\winamptb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E718888-423F-11D2-876E-00A0C9082467}
{855F3B16-6D32-4FE6-8A56-BBB695989046}
{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
[HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= C:\Program Files\Winamp Toolbar\winamptb.dll [2007-12-13 17:49 1185120]
[HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2004-04-23 05:24 3756032]
"KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" [ ]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2001-10-25 11:00 13312]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^BlueSoleil.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\BlueSoleil.lnk
backup=C:\WINDOWS\pss\BlueSoleil.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^hp psc 1000 series.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\hp psc 1000 series.lnk
backup=C:\WINDOWS\pss\hp psc 1000 series.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^hpoddt01.exe.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\hpoddt01.exe.lnk
backup=C:\WINDOWS\pss\hpoddt01.exe.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Logitech Desktop Messenger.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\Logitech Desktop Messenger.lnk
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^ScheduleTV.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\ScheduleTV.lnk
backup=C:\WINDOWS\pss\ScheduleTV.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^VersionTrackerPro.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\VersionTrackerPro.lnk
backup=C:\WINDOWS\pss\VersionTrackerPro.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Windows Desktop Search.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\Windows Desktop Search.lnk
backup=C:\WINDOWS\pss\Windows Desktop Search.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Jirka.JIRKA-TTBU8G1D9^Nabídka Start^Programy^Po spuštění^OpenOffice.org 2.0.lnk]
path=C:\Documents and Settings\Jirka.JIRKA-TTBU8G1D9\Nabídka Start\Programy\Po spuštění\OpenOffice.org 2.0.lnk
backup=C:\WINDOWS\pss\OpenOffice.org 2.0.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Jirka.JIRKA-TTBU8G1D9^Nabídka Start^Programy^Po spuštění^Reminder-cor40212.lnk]
path=C:\Documents and Settings\Jirka.JIRKA-TTBU8G1D9\Nabídka Start\Programy\Po spuštění\Reminder-cor40212.lnk
backup=C:\WINDOWS\pss\Reminder-cor40212.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!]
--a------ 2007-12-04 14:00 79224 C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVGCtrl]
--a------ 2005-11-03 17:06 180327 C:\Program Files\AVPersonal\AVGNT.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cmaudio]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2001-10-25 11:00 13312 C:\WINDOWS\System32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033]
--a------ 2004-03-12 21:43 81920 C:\Program Files\D-Tools\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite]
--a------ 2006-07-11 11:06 3144800 C:\Program Files\ICQLite\ICQLite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
--a------ 2007-08-22 17:00 67128 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCameraAssistant]
--a------ 2005-12-07 09:26 489472 C:\Program Files\Logitech\Video\CameraAssistant.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCameraService(E)]
--a------ 2004-11-01 16:22 262144 C:\WINDOWS\System32\ElkCtrl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideo[inspector]]
--a------ 2005-12-07 09:33 73728 C:\Program Files\Logitech\Video\InstallHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]
--a------ 2005-12-09 14:32 225280 C:\WINDOWS\System32\LVCOMSX.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 10:50 155648 C:\WINDOWS\System32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
-ra------ 2004-04-23 05:24 3756032 C:\WINDOWS\System32\NvCpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NWEReboot]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
-ra------ 2004-04-23 05:24 831488 C:\WINDOWS\system32\nwiz.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]
--a------ 2007-10-23 01:47 360448 C:\Program Files\Winamp Remote\bin\OrbTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-08-19 09:30 282624 C:\Program Files\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiSUSBRG]
--a------ 2002-07-12 11:15 106496 C:\WINDOWS\SiSUSBrg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
-ra------ 2005-10-26 15:17 159744 C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
--a------ 2007-10-12 14:54 2778112 C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2007-09-25 00:11 132496 C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TuneUp MemOptimizer]
--a------ 2004-11-09 21:11 302592 C:\Program Files\TuneUp Utilities 2004\MemOptimizer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
--a------ 2007-12-20 16:16 37376 C:\Program Files\Winamp\winampa.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"KernelFaultCheck"=%systemroot%\system32\dumprep 0 -k
"NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
"NvMediaCenter"=RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
"TV Card Remote Control Applet"=C:\WINDOWS\713xRMT.exe
R0 d346bus;d346bus;C:\WINDOWS\System32\DRIVERS\d346bus.sys [2004-03-12 21:41]
R0 d346prt;d346prt;C:\WINDOWS\System32\Drivers\d346prt.sys [2004-03-12 21:41]
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\System32\drivers\sp_rsdrv2.sys [2007-10-12 14:56]
R2 713xTVCard;SAA7134 TV Card;C:\WINDOWS\System32\DRIVERS\SAA713x.sys [2004-11-30 05:00]
R2 eugss;EUTRON SmartKey GSS2 Driver;C:\WINDOWS\System32\Drivers\eugssxp.sys [2003-07-17 14:01]
R2 eusk2par;EUTRON SmartKey Parallel Driver;C:\WINDOWS\System32\Drivers\eusk2par.sys [2003-07-17 14:01]
R2 WDMTVTuner;Universal WDM TV Tuner;C:\WINDOWS\System32\drivers\WDMTuner.sys [2004-11-30 05:00]
R3 avgntdw;avgntdw;C:\Program Files\AVPersonal\AVGNTDW.SYS [2005-04-29 08:07]
R3 LVPrcMon;Logitech LVPrcMon Driver;C:\WINDOWS\system32\drivers\LVPrcMon.sys [2005-12-09 14:37]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\System32\DRIVERS\psched.sys [2001-10-25 11:00]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB;C:\WINDOWS\System32\DRIVERS\usbohci.sys [2001-10-25 11:00]
S3 AVWUpSrv;AntiVir Update;"C:\Program Files\AVPersonal\AVWUPSRV.EXE" [2005-10-13 15:32]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\System32\DRIVERS\ss_bus.sys [2005-08-30 17:57]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\System32\DRIVERS\ss_mdfl.sys [2005-08-30 17:58]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\System32\DRIVERS\ss_mdm.sys [2005-08-30 17:59]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB;C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2001-10-25 11:00]
S3 usbscan;Ovladač skeneru USB;C:\WINDOWS\System32\DRIVERS\usbscan.sys [2001-08-17 20:53]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB;C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2001-08-17 21:03]
.
Contents of the 'Scheduled Tasks' folder
"2008-01-18 16:27:50 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2004\SystemOptimizer.exe
"2008-01-18 14:00:54 C:\WINDOWS\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-19 23:44:23
Windows 5.1.2600 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\vorbis.dll
-> C:\WINDOWS\system32\ogg.dll
.
Completion time: 2008-01-19 23:45:17
ComboFix-quarantined-files.txt 2008-01-19 22:45:08
-
Baron Prášil
- Master Level 7
- Příspěvky: 4882
- Registrován: červen 06
- Pohlaví:
- Stav:
Offline
log je v pořádku.v tom posledním HJT stále běží avira,tak jí odinstaluj-teoreticky ty potíže
můžou způsobit nebo značně podpořit právě dva AV najednou.
co ta modrá smrt-nějaká hláška?
no a protože v zásadě nějak nemám z čeho vyjít,tak aplikuj SDFix a uvidíme co smázne.
Stáhni si SDFix
a spusť ho,vybalí se do vlastní složky (bude asi na C:\SDfix).
Poté restartuj PC do nouzového režimu.Otevři složku kde je vybalený SDFix a spusť soubor RunThis.bat a stiskni Y pro zahájení čistícího procesu.
Pro dokončení bude třeba stisknout libovolnou klávesu a počítač se restartuje.
Při nabíhání operačního systému budeš muset po vyzvání stisknout libovolnou klávesu pro vstup do do Win.
Po naběhnutí OS by ti měl zobrazit výpis SDFixu tak ho sem zkopíruj. pokud ti nevyběhne tak je umístěný ve své vlastní složce jako Report.txt(nezapomeň sem zkopírovat jeho obsah)
můžou způsobit nebo značně podpořit právě dva AV najednou.
co ta modrá smrt-nějaká hláška?
no a protože v zásadě nějak nemám z čeho vyjít,tak aplikuj SDFix a uvidíme co smázne.
Stáhni si SDFix
a spusť ho,vybalí se do vlastní složky (bude asi na C:\SDfix).
Poté restartuj PC do nouzového režimu.Otevři složku kde je vybalený SDFix a spusť soubor RunThis.bat a stiskni Y pro zahájení čistícího procesu.
Pro dokončení bude třeba stisknout libovolnou klávesu a počítač se restartuje.
Při nabíhání operačního systému budeš muset po vyzvání stisknout libovolnou klávesu pro vstup do do Win.
Po naběhnutí OS by ti měl zobrazit výpis SDFixu tak ho sem zkopíruj. pokud ti nevyběhne tak je umístěný ve své vlastní složce jako Report.txt(nezapomeň sem zkopírovat jeho obsah)
-
Baron Prášil
- Master Level 7
- Příspěvky: 4882
- Registrován: červen 06
- Pohlaví:
- Stav:
Offline
) a stejně se to nenašlo.tu smrt by bylo asi lepší řešit v sekci Předně,klobouk dolů před machry na tomto foru co dokáží číst v pro mě naprosto nepochopitelných řádcích logu a ještě radit co s tím.
Toto je současný log.Snad už to je lepší i když MWAV mi stále ještě dokáže najít 17 kritických objektů.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:12:25, on 22.1.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\713xRMT.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\ElkCtrl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\viphone communicator\viphone communicator.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
J:\ICQ6\ICQ.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
D:\HiJack\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/?from=icqhp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O4 - HKLM\..\Run: [TV Card Remote Control Applet] C:\WINDOWS\713xRMT.exe
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: viphone communicator.lnk = C:\Program Files\viphone communicator\viphone communicator.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - J:\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - J:\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{9FBBDC8F-6503-4133-BA92-7CE2B366981E}: NameServer = 10.1.0.200,10.1.0.201
O18 - Protocol: bw+0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
--
End of file - 16099 bytes
Toto je současný log.Snad už to je lepší i když MWAV mi stále ještě dokáže najít 17 kritických objektů.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:12:25, on 22.1.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\713xRMT.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\ElkCtrl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\viphone communicator\viphone communicator.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
J:\ICQ6\ICQ.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
D:\HiJack\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/?from=icqhp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O4 - HKLM\..\Run: [TV Card Remote Control Applet] C:\WINDOWS\713xRMT.exe
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: viphone communicator.lnk = C:\Program Files\viphone communicator\viphone communicator.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - J:\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - J:\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{9FBBDC8F-6503-4133-BA92-7CE2B366981E}: NameServer = 10.1.0.200,10.1.0.201
O18 - Protocol: bw+0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {65A72B82-B185-40BD-9474-367508858220} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
--
End of file - 16099 bytes
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 2 hosti