kontrola logu (vyřešeno) Vyřešeno

[Fox8]

Kontrola logu preventivně




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:42:58, on 6.3.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
D:\CS zero\Steam.exe
C:\Program Files\ICQ\ICQ6\ICQ.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aktualne.cz/?ms=ae
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aktualne.cz/?ms=ae
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [EasyTuneV] C:\Program Files\Gigabyte\ET5\ETcall.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Počasí - {0C2574DE-489A-43A9-869B-8EA192CCBE64} - http://pocasi.centrum.cz (file missing) (HKCU)
O9 - Extra button: Slovníky - {0E732F52-6F6F-4B8F-808B-3616418245F6} - http://slovniky.centrum.cz (file missing) (HKCU)
O9 - Extra button: Fotoalba - {260AD0DD-A600-49B9-AC29-62E497272B17} - http://www.fotoalba.cz (file missing) (HKCU)
O9 - Extra button: Xchat.cz - {3F61340E-CA37-47F0-9995-0F5241CD86CB} - http://www.xchat.cz (file missing) (HKCU)
O9 - Extra button: Centrum.cz - {4BD69C81-245D-436C-8924-C38FF21A1428} - http://www.centrum.cz (file missing) (HKCU)
O9 - Extra button: Žena.cz - {782B4CBF-7B30-43C3-9560-187F7C74283A} - http://www.zena.cz (file missing) (HKCU)
O9 - Extra button: Supermapy - {8AC646B0-4DC4-4DB2-855D-CD0505BA2844} - http://www.supermapy.cz (file missing) (HKCU)
O9 - Extra button: Stahuj.cz - {BC73B64D-2937-437F-A8B6-64565B97BAAD} - http://www.stahuj.cz (file missing) (HKCU)
O9 - Extra button: Bleskově - {DB846C39-5CE4-41C8-A6A3-2E4823719640} - http://www.bleskove.cz (file missing) (HKCU)
O9 - Extra button: Aktuálně - {FFD24CAC-EDDF-48F0-87A6-C80E28721A1E} - http://aktualne.centrum.cz (file missing) (HKCU)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

--
End of file - 7406 bytes

[Reklama]

[memphisto]

v logu nic špatného není.můžeš fixnout:

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O9 - Extra button: Počasí - {0C2574DE-489A-43A9-869B-8EA192CCBE64} - http://pocasi.centrum.cz (file missing) (HKCU)
O9 - Extra button: Slovníky - {0E732F52-6F6F-4B8F-808B-3616418245F6} - http://slovniky.centrum.cz (file missing) (HKCU)
O9 - Extra button: Fotoalba - {260AD0DD-A600-49B9-AC29-62E497272B17} - http://www.fotoalba.cz (file missing) (HKCU)
O9 - Extra button: Xchat.cz - {3F61340E-CA37-47F0-9995-0F5241CD86CB} - http://www.xchat.cz (file missing) (HKCU)
O9 - Extra button: Centrum.cz - {4BD69C81-245D-436C-8924-C38FF21A1428} - http://www.centrum.cz (file missing) (HKCU)
O9 - Extra button: Žena.cz - {782B4CBF-7B30-43C3-9560-187F7C74283A} - http://www.zena.cz (file missing) (HKCU)
O9 - Extra button: Supermapy - {8AC646B0-4DC4-4DB2-855D-CD0505BA2844} - http://www.supermapy.cz (file missing) (HKCU)
O9 - Extra button: Stahuj.cz - {BC73B64D-2937-437F-A8B6-64565B97BAAD} - http://www.stahuj.cz (file missing) (HKCU)
O9 - Extra button: Bleskově - {DB846C39-5CE4-41C8-A6A3-2E4823719640} - http://www.bleskove.cz (file missing) (HKCU)
O9 - Extra button: Aktuálně - {FFD24CAC-EDDF-48F0-87A6-C80E28721A1E} - http://aktualne.centrum.cz (file missing) (HKCU)

můžeš ještě přes START-spustit-msconfig-zastavit službu mDNSResponder.exe

[Fox8]

a jak se to dělá je to trapné ale jak se to fixne

[memphisto]

normálně zaškrtneš ty bílé čtverečky před řádky co jsem vypsal a dáš dole fix checked.hotovo.popřípadě tady máš návod

[Fox8]

Děkuji ti mnohokrát alespoň sem se něčemu přiučil