Vyskakují okna v IE a odkazy na nebezpečné programy v liště

[Scisco]

Zdravim, mam problem...vím, ze uz se to tu resilo, ale kazzdy ma jiny log z Hijacku...problem je ten ze me v liste vyskakuje značka, na kterou kdyz kliknu, hodi me na stranky ruznych ''Antiviru'' a ochran a tak...nejsem tak blby, abych na to skocil, navic to ma Mijaja v nebezpecnych programech, za coz dik...no druhy problem je samovolne otevirani oken v IE s tim samym obsahem jak v liste...nainstaloval sem si Antiviry a Anti malwary,... z Computeru, abych zbytecne neco spatnyho nestahl...takze sem to projel vsim, ale nezlepsilo se to...vlastne mozna trochu jo...posilam log z Hijacku:

Logfile of HijackThis v1.99.1
Scan saved at 15:18:13, on 6.5.2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\System32\atmclk.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\System32\Rundll32.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpm.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\dcomcfg.exe
C:\DOCUME~1\Mira\LOCALS~1\Temp\Rar$EX00.641\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Nothing - {b0398eca-0bcd-4645-8261-5e9dc70248d0} - C:\WINDOWS\System32\hpCE3C.tmp
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [CTRegRun] C:\WINDOWS\CTRegRun.EXE
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [Ezthemes_WhenUSaveNow_Installer] C:\Program Files\Ezthemes_WhenUSaveNow_Installer\Ezthemes_WhenUSaveNow_Installer.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [AVPCC] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe" /wait
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Stáhnout webovou stránku Free Download Managerem - file://C:\Program Files\Free Download Manager\dlpage.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O16 - DPF: {005CAC9A-9811-369A-D0CA-7DB43B9A8305} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {03CB677F-3327-1DA6-06B6-3FC74FBCD727} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {08FF1ACB-1B5E-0C95-B662-67167757D0BA} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {0A0BD520-6717-094D-6B7D-54B60ECD2A2D} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {1E0D06AF-E62E-4B6E-D1D4-776E04F2B3A1} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {26610AC7-C700-377C-5F46-226717B2CE42} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {2CF20E83-E9A5-429A-91C5-3E93711F4A08} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {2F8A6C32-7AB4-4DC0-9CD3-29854AEE41EE} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {309D2B85-21A3-685E-0C3D-02AA489A96D6} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {322217F2-09C1-6664-CC3B-04F2263ED6BE} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {37C58239-9654-559C-8526-533F00293029} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {444BA542-FEB6-4551-54A6-12C67755D35E} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {4EBEA306-0D69-3BF1-1CB7-065D17D3137F} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {567AFAB5-82BE-0C7D-F0E3-320D29E54851} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {58731524-6523-60AF-6E5F-2B8F253A806D} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {67730382-4BEC-3F64-1560-348F71BCC725} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {6BA6C67B-10D6-4BDE-48CD-22FB69B5C3F4} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {7D6FF696-CD2E-587A-C61D-45525880E55B} - http://85.255.113.214/1/gdnIT2218.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{F5074E9E-D6C2-4ED3-9578-386E0BB9113E}: NameServer = 194.108.34.2
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVP Control Centre Service (AVPCC) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: KAV Monitor Service (KAVMonitorService) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpm.exe" /service (file missing)
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

tak...neni toho moc, ale myslim ze to v poradku neni...dekuji za pomoc

[Reklama]

[mijaja]

Stáhni si nnncleaner a v nouzovém režimu jej aplikuj. Potom pošli nový log.

[Scisco]

takže sem v nouzáku spustil ten program, jenze nenasel zadny z tech Malwarů, ktere maže...tak sem aspon dal Fix aby mi to prej spravilo nejake nepodstatne Malwary...no pro jistotu sem hodim log z Hijacku, kdyby se nahodou neco zmenilo:

Logfile of HijackThis v1.99.1
Scan saved at 21:11:05, on 6.5.2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpm.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\System32\Rundll32.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUME~1\Mira\LOCALS~1\Temp\Rar$EX00.891\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Nothing - {b0398eca-0bcd-4645-8261-5e9dc70248d0} - C:\WINDOWS\System32\hp6D40.tmp (file missing)
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [CTRegRun] C:\WINDOWS\CTRegRun.EXE
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [Ezthemes_WhenUSaveNow_Installer] C:\Program Files\Ezthemes_WhenUSaveNow_Installer\Ezthemes_WhenUSaveNow_Installer.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [AVPCC] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe" /wait
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Stáhnout webovou stránku Free Download Managerem - file://C:\Program Files\Free Download Manager\dlpage.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O16 - DPF: {005CAC9A-9811-369A-D0CA-7DB43B9A8305} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {03CB677F-3327-1DA6-06B6-3FC74FBCD727} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {08FF1ACB-1B5E-0C95-B662-67167757D0BA} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {0A0BD520-6717-094D-6B7D-54B60ECD2A2D} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {1E0D06AF-E62E-4B6E-D1D4-776E04F2B3A1} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {25301ACD-C137-3814-051F-199955BCE28C} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {26610AC7-C700-377C-5F46-226717B2CE42} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {2CF20E83-E9A5-429A-91C5-3E93711F4A08} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {2F8A6C32-7AB4-4DC0-9CD3-29854AEE41EE} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {309D2B85-21A3-685E-0C3D-02AA489A96D6} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {322217F2-09C1-6664-CC3B-04F2263ED6BE} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {37C58239-9654-559C-8526-533F00293029} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {444BA542-FEB6-4551-54A6-12C67755D35E} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {4EBEA306-0D69-3BF1-1CB7-065D17D3137F} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {521749B4-6946-237B-419F-2AF21243946D} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {567AFAB5-82BE-0C7D-F0E3-320D29E54851} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {58731524-6523-60AF-6E5F-2B8F253A806D} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {67730382-4BEC-3F64-1560-348F71BCC725} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {6BA6C67B-10D6-4BDE-48CD-22FB69B5C3F4} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {6F96D0EA-4FDD-2F9A-DCC1-18AC248236AA} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {795A41A5-D599-55A3-0F12-6AE129F0D643} - http://85.255.113.214/1/gdnIT2218.exe
O16 - DPF: {7D6FF696-CD2E-587A-C61D-45525880E55B} - http://85.255.113.214/1/gdnIT2218.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{F5074E9E-D6C2-4ED3-9578-386E0BB9113E}: NameServer = 194.108.34.2
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVP Control Centre Service (AVPCC) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: KAV Monitor Service (KAVMonitorService) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpm.exe" /service (file missing)
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

[mijaja]

Právě naopak, to nejhorší už máš pryč, teď ten zbytek. Nejdříve odinstaluj WhenUSave:
C:\Program Files\Ezthemes_WhenUSaveNow_Installer\Ezthemes_WhenUSaveNow_Installer.ex

Stáhni si a nainstaluj Service Pack 2, stáhni si Ccleaner (návod + čeština) a nainstaluj.

Až to budeš mít, spusť znovu HijackThis a zaškrtni v něm okénka před řádky:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Nothing - {b0398eca-0bcd-4645-8261-5e9dc70248d0} - C:\WINDOWS\System32\hp6D40.tmp (file missing)
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [CTRegRun] C:\WINDOWS\CTRegRun.EXE
O4 - HKLM\..\Run: [Ezthemes_WhenUSaveNow_Installer] C:\Program Files\Ezthemes_WhenUSaveNow_Installer\Ezthemes_WhenUSaveNow_Installer.exe
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
a
všechny 016
po zaškrtnutí klikni na FixChecked



Spusť Ccleaner a dej vyčistit windows, aplikace i registry. Potom nakoukni do složek Temp a Temporary Internet Files ve všech profilech Documents and Settings a Windows a vysyp koš. Restartuj a dej nový log

[Scisco]

Zdravim, udelal sem vse co jsi mi rekl a vysledek je tu:

Logfile of HijackThis v1.99.1
Scan saved at 10:00:56, on 7.5.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpm.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
C:\DOCUME~1\Mira\LOCALS~1\Temp\Rar$EX00.875\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [AVPCC] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe" /wait
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Stáhnout webovou stránku Free Download Managerem - file://C:\Program Files\Free Download Manager\dlpage.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{F5074E9E-D6C2-4ED3-9578-386E0BB9113E}: NameServer = 194.108.34.2
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVP Control Centre Service (AVPCC) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: KAV Monitor Service (KAVMonitorService) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpm.exe" /service (file missing)
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

[Scisco]

za chvili ti napisu, jak se to vyviji dal, jestli to jeste vyskakuje

[mijaja]

No vypadá to už dobře.

[Scisco]

jj mas jako vzdy pravdu uz je to naprosto v klidu...dekuji moc, si fakt dobrej