hijack this-kontrola prosím

[Jardousil]

Logfile of HijackThis v1.99.1
Scan saved at 19:06:15, on 16.7.2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\T-Mobile\web'n'walk Manager\Manager.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Program Files\Opera\Opera.exe
C:\Documents and Settings\Jarda\Dokumenty\soft\hi-jack\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.toggle.com/index.php?rvs=hompag
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: (no name) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\Program Files\T-Mobile\web'n'walk Manager\Manager.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk.disabled
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Documents and Settings\Jarda\Dokumenty\soft\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Documents and Settings\Jarda\Dokumenty\soft\ICQLite\ICQLite.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{86ABA341-A8F6-40F3-A773-7A5CD678B05C}: NameServer = xxxxxxxxx TOP SECRET to FILES X
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

[Reklama]

[krtenek]

Zbytečnosti:
O2 - BHO: (no name) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file)
O4 - Global Startup: Adobe Gamma Loader.exe.lnk.disabled

A tohle teda nechápu:

Kód: Vybrat vše

O17 - HKLM\System\CCS\Services\Tcpip\..\{86ABA341-A8F6-40F3-A773-7A5CD678B05C}: NameServer = xxxxxxxxx TOP SECRET to FILES X

[Jardousil]

ja to taky nechapu nejak mi ted blbne net....

[krtenek]

Aha. Ono to má vypadat takhle nějak:

Kód: Vybrat vše

O17 - HKLM\System\CCS\Services\Tcpip\..\{061001D4-5125-433C-A5F1-45FBA0914753}: NameServer = 1.1.1.1

(samozřejmě čísla jsem zcenzuroval).

Takže počkej na radu někoho zkušenějšího.

[Baron Prášil]

potřebujeme ten log vidět celej-jak ho hijackthis vyplivne.to že se dovíme adresu tvého providera ti opravdu nemůže uškodit a může nám to ukázat šmejda.

jinak-nemáš Service Pack 2 (nemáš žádnej) a to je špatně! chyběj ti zásadní bezpečnostní záplaty!