HiJackThis - log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:54:22, on 11.1.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Dokumenty\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.alzasoft.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ICQ] "C:\PROGRA~1\ICQ6\ICQ.exe" silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.alzasoft.cz
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://asp04.photoprintit.de/microsite/ ... loader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BAA4DA4A-9CAD-42A2-B2EF-1A9BFA1FC5D4}: NameServer = 62.240.161.226,62.240.161.227
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 5385 bytes
Dále jsem pustila MWAW - ve spodním okně výsledek:
Object "smitfraud Browser Hijacker" found in File System! Action Taken: No Action Taken.
Entry "HKCR\ComPlusMetaData.MsCorHost" refers to invalid object "{727CDF4F-3BA0-11D3-8738-00C04F79ED0D}". Action Taken: No Action Taken.
Entry "HKCR\ComPlusMetaData.MsCorHost.2" refers to invalid object "{727CDF4F-3BA0-11D3-8738-00C04F79ED0D}". Action Taken: No Action Taken.
Entry "HKCR\DirectAnimation.PathControl" refers to invalid object "{D7A7D7C3-D47F-11D0-89D3-00A0C90833E6}". Action Taken: No Action Taken.
Entry "HKCR\DirectAnimation.Sequence" refers to invalid object "{4F241DB1-EE9F-11D0-9824-006097C99E51}". Action Taken: No Action Taken.
Entry "HKCR\DirectAnimation.SequencerControl" refers to invalid object "{B0A6BAE2-AAF0-11D0-A152-00A0C908DB96}". Action Taken: No Action Taken.
Entry "HKCR\DirectAnimation.SpriteControl" refers to invalid object "{FD179533-D86E-11D0-89D6-00A0C90833E6}". Action Taken: No Action Taken.
Entry "HKCR\DirectAnimation.StructuredGraphicsControl" refers to invalid object "{369303C2-D7AC-11D0-89D5-00A0C90833E6}". Action Taken: No Action Taken.
Entry "HKCR\Icq.XtraApi" refers to invalid object "{95E8BB28-911A-45CE-9AE8-EC05FA106D2F}". Action Taken: No Action Taken.
Entry "HKCR\MISB.DhtmlPluginWrapper" refers to invalid object "{8D18DFF4-0943-4347-8BCA-0C57033F6820}". Action Taken: No Action Taken.
Entry "HKCR\MXtra.DhtmlWrapper" refers to invalid object "{8D18DFF4-0943-4347-8BCA-0C57033F6820}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Documents and Settings\All Users\Data aplikací\Ahead\NeroDigital\settings.xml". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\CoverDesigner\covered-dan.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\CoverDesigner\covered-cht.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\CoverDesigner\covered-nld.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\CoverDesigner\covered-fra.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\CoverDesigner\covered-deu.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\CoverDesigner\covered-ita.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\CoverDesigner\covered-jpn.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\CoverDesigner\covered-kor.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\CoverDesigner\covered-nor.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\CoverDesigner\covered-ptg.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\CoverDesigner\covered-rus.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\CoverDesigner\covered-esp.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\CoverDesigner\covered-sve.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\CoverDesigner\covered-fin.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\CoverDesigner\covered-ptb.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\CoverDesigner\covered-chs.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\CoverDesigner\covered-plk.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\CoverDesigner\covered-sky.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\CoverDesigner\covered-slv.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\CoverDesigner\covered-hun.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\CoverDesigner\covered-tha.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\CoverDesigner\covered-trk.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\CoverDesigner\covered-ell.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\CoverDesigner\covered-esl.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero ShowTime\ShowTime-Chs.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero ShowTime\ShowTime-Cht.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero ShowTime\ShowTime-Dan.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero ShowTime\ShowTime-Deu.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero ShowTime\ShowTime-Ell.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero ShowTime\ShowTime-Esl.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero ShowTime\ShowTime-Esp.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero ShowTime\ShowTime-Fin.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero ShowTime\ShowTime-Fra.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero ShowTime\ShowTime-Hun.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero ShowTime\ShowTime-Ita.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero ShowTime\ShowTime-Jpn.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero ShowTime\ShowTime-kor.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero ShowTime\ShowTime-Plk.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero ShowTime\ShowTime-Nld.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero ShowTime\ShowTime-Nor.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero ShowTime\ShowTime-Ptb.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero ShowTime\ShowTime-Ptg.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero ShowTime\ShowTime-Rus.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero ShowTime\ShowTime-Sky.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero ShowTime\ShowTime-Slv.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero ShowTime\ShowTime-sve.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero ShowTime\ShowTime-Tha.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero ShowTime\ShowTime-Trk.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero BackItUp\BackItUp-Chs.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero BackItUp\BackItUp-Cht.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero BackItUp\BackItUp-Deu.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero BackItUp\BackItUp-Esp.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero BackItUp\BackItUp-Fra.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero BackItUp\BackItUp-Ita.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero BackItUp\BackItUp-Kor.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero BackItUp\BackItUp-Nld.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero BackItUp\BackItUp-Ptg.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero BackItUp\BackItUp-Dan.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero BackItUp\BackItUp-Ell.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero BackItUp\BackItUp-Esl.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero BackItUp\BackItUp-Fin.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero BackItUp\BackItUp-Hun.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero BackItUp\BackItUp-Nor.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero BackItUp\BackItUp-Plk.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero BackItUp\BackItUp-Ptb.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero BackItUp\BackItUp-Rus.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero BackItUp\BackItUp-Sky.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero BackItUp\BackItUp-Slv.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero BackItUp\BackItUp-Sve.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero BackItUp\BackItUp-Tha.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero BackItUp\BackItUp-Trk.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero StartSmart\NeroStartSmart_chs.chm". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero StartSmart\NeroStartSmart_cht.chm". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero StartSmart\NeroStartSmart_deu.chm". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero StartSmart\NeroStartSmart_esl.chm". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero StartSmart\NeroStartSmart_esp.chm". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero StartSmart\NeroStartSmart_fra.chm". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero StartSmart\NeroStartSmart_ita.chm". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero StartSmart\NeroStartSmart_jpn.chm". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero StartSmart\NeroStartSmart_kor.chm". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero StartSmart\NeroStartSmart_nld.chm". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero StartSmart\NeroStartSmart_ptg.chm". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero StartSmart\NeroStartSmart_sve.chm". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Nero\Nero BackItUp\BackItUp-Jpn.nls". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Common Files\Borland Shared\BDE\IDAPINST.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Program Files\Panzer Elite Action\Panzer Elite Action\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Program Files\Panzer Elite Action\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Program Files\Panzer Elite Action\Panzer Elite Action\data\". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".$$$". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".CDP". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".cfg". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".cz/getAttachment?session=%2C%E6%D9%F5%93%0BA%00%2A%B5%88%8A%3E%A6%9Ay%B3%B7%E6%3E%F6VR%60%9E%07%D4%F6%F2%98r%16%A7uS%10%D6%A1%03%D3C%91H%CE%10%F0%9D%FC%A6L%C6J%A2g39%AB%FD%7D%E5%97n%F6%A9%98%FB%F9%2". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".cz/getAttachment?session=%7C%D0-%E2%E8%E7%FE%90%91%AE%C4%A2%8E%B8f%19e%AF%9A%B5%C5%D6%8D%17%9E%07%D4%F6%F2%98r%16%A7uS%10%D6%A1%03%D3C%91H%CE%10%F0%9D%FCPN%83%12%C1N%06%40%AB%FD%7D%E5%97n%F6%A9%98%F". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".cz/getAttachment?session=%8CWp%CF%FBHm%1B9%83%C4%D0%0FX%B5%E5%BF%D6L%99%C6s8C%9E%07%D4%F6%F2%98r%16%A7uS%10%D6%A1%03%D3C%91H%CE%10%F0%9D%FCPN%83%12%C1N%06%40%AB%FD%7D%E5%97n%F6%A9%98%FB%F9%26%97%C8I". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".cz/getAttachment?session=%9D%21%BE%A7%82%D1%27%BCvs%BD%8F%19%1A%BA%9B%EA%A5D%AFr%E7%866%9E%07%D4%F6%F2%98r%16%A7uS%10%D6%A1%03%D3C%91H%CE%10%F0%9D%FCPN%83%12%C1N%06%40%AB%FD%7D%E5%97n%F6%A9%98%FB%F9". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".cz/getAttachment?session=%A70%A5%C6%81%AF%5B%27%F9%F4%BC%DC%D4%07%9F%7Cy%05%7E4z%E5%7Cn%9E%07%D4%F6%F2%98r%16%A7uS%10%D6%A1%03%D3C%91H%CE%10%F0%9D%FCPN%83%12%C1N%06%40%AB%FD%7D%E5%97n%F6%A9%98%FB%F9". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".cz/getAttachment?session=%E0%23U%C9%DC%FD%FAu%A42%FDe%D3A%24%9C%A4%E2%88%CEh%82%FD%2A%9E%07%D4%F6%F2%98r%16%A7uS%10%D6%A1%03%D3C%91H%CE%10%F0%9D%FCPN%83%12%C1N%06%40%AB%FD%7D%E5%97n%F6%A9%98%FB%F9%2". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".cz/getAttachment?session=%E4%CC%D4%88%7D%B8%8E%CF%871%06%81%E6%C5%27w%C2%00_%80%F0p%7D%A3%9E%07%D4%F6%F2%98r%16%A7uS%10%D6%A1%03%D3C%91H%CE%10%F0%9D%FCPN%83%12%C1N%06%40%AB%FD%7D%E5%97n%F6%A9%98%FB%". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".cz/getAttachment?session=%EAb%9E%BA%A0M%C4%08%85%86%B7M%F6I%84%7D%96%F3t%0E%12%84%FBv%5C%86%FC%CB%B6%29%C6%20%07%A1%15%E9%A8%87%C8%FF%CC%DA%9Dz%19%EF%EF%DB%D8W%0AL%EEG%BA%C2%BF%0AS%8C%2A%5EQ%18%0Cg%". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".cz/getAttachment?session=-%3A%DC%AD%B6%BBW%93%0B7G4%BFg%A3%A1_%F5HJ%A3%16%E4%EC%9E%07%D4%F6%F2%98r%16%A7uS%10%D6%A1%03%D3C%91H%CE%10%F0%9D%FCPN%83%12%C1N%06%40%AB%FD%7D%E5%97n%F6%A9%98%FB%F9%26%97%C". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".cz/getAttachment?session=Q%89ha%B4%02%E2%B4%E3%DF%F6%DF%D9za%CC%EBb%20%F1%FC%14I%AB%9E%07%D4%F6%F2%98r%16%A7uS%10%D6%A1%03%D3C%91H%CE%10%F0%9D%FCPN%83%12%C1N%06%40%AB%FD%7D%E5%97n%F6%A9%98%FB%F9%26%". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".cz/getAttachment?session=xa%EFe%5B%60E%AC%8E%0C%991%DDp%D3N%E7%E2%BCh%BFTz%E7%9E%07%D4%F6%F2%98r%16%A7uS%10%D6%A1%03%D3C%91H%CE%10%F0%9D%FCPN%83%12%C1N%06%40%AB%FD%7D%E5%97n%F6%A9%98%FB%F9%26%97%C8I". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".pls". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".sav". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".settings". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".XG1". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "M886903". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Wudf01000". Action Taken: No Action Taken.
Souhrnná info z MWAW:
Fri Jan 11 22:58:29 2008 => ***** Scanning complete. *****
Fri Jan 11 22:58:29 2008 => Total Objects Scanned: 35584
Fri Jan 11 22:58:29 2008 => Total Critical Objects: 1
Fri Jan 11 22:58:29 2008 => Total Disinfected Objects: 0
Fri Jan 11 22:58:29 2008 => Total Objects Renamed: 0
Fri Jan 11 22:58:29 2008 => Total Deleted Objects: 0
Fri Jan 11 22:58:29 2008 => Total Errors: 119
Fri Jan 11 22:58:29 2008 => Time Elapsed: 00:01:39
Fri Jan 11 22:58:29 2008 => Virus Database Date: 12/27/2007
Fri Jan 11 22:58:29 2008 => Virus Database Count: 495625
Fri Jan 11 22:58:29 2008 => Scan Completed.
Dokáže mi s tím někdo pomoct prosím. Případně co ještě do poče doinstalovat, aby to podobný věci nepustilo.. Budu vděčná za každou radu. Děkuji.
Prosím o kontrolu logu
-
Baron Prášil
- Master Level 7
- Příspěvky: 4882
- Registrován: červen 06
- Pohlaví:
- Stav:
Offline
hoď se do pohody,kočko.logy sou ok,takže jestli je komp taky ok,tak můžem bejt všichni ok a jít se s toho v klidu vyspat 
ne vážně,jestli se komp chová standardně,tak ti doporučim jenom instalaci firewallu
vyber si tady,doporučuju ZoneAlarm nebo Comodo
a nějakej rezidentní antispyware
doporučuju Spyware Terminator nebo Spybot S&D
pokud s tím budeš mít jakejkoliv problém,tak se obrať na nás
a ještě něco k pravidelné jednotýdenní hygieně(jako u mě )
vyčisti systém CCleanerem a RegCleanerem
a ještě toto a už vážně vypadnu
defragmentuj,pokud to bude třeba
třeba tímto O&O Defrag 2000 Free
ještě fixni zbytečnosti
v okně programu HJT zaškrtni nalevo u položek co napíšu a potom klik na Fix checked
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
ne vážně,jestli se komp chová standardně,tak ti doporučim jenom instalaci firewallu
vyber si tady,doporučuju ZoneAlarm nebo Comodo
a nějakej rezidentní antispyware
doporučuju Spyware Terminator nebo Spybot S&D
pokud s tím budeš mít jakejkoliv problém,tak se obrať na nás
a ještě něco k pravidelné jednotýdenní hygieně(jako u mě
)
vyčisti systém CCleanerem a RegCleanerem
a ještě toto a už vážně vypadnu
defragmentuj,pokud to bude třeba
třeba tímto O&O Defrag 2000 Free
ještě fixni zbytečnosti
v okně programu HJT zaškrtni nalevo u položek co napíšu a potom klik na Fix checked
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
-
Baron Prášil
- Master Level 7
- Příspěvky: 4882
- Registrován: červen 06
- Pohlaví:
- Stav:
Offline
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 6 hostů