Prosim o kontrolu

[MAJOR32]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:22:59, on 20.11.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\csrss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Ahead\InCD\InCDsrv.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\SOUNDMAN.EXE
H:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
H:\WINDOWS\system32\RUNDLL32.EXE
H:\PROGRA~1\Grisoft\AVG7\avgcc.exe
H:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
H:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
H:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
H:\PROGRA~1\Grisoft\AVG7\avgemc.exe
H:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
H:\WINDOWS\system32\nvsvc32.exe
H:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
H:\WINDOWS\system32\wscntfy.exe
H:\WINDOWS\System32\alg.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\MSN Messenger\usnsvc.exe
H:\Program Files\MSN Messenger\msnmsgr.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\Crawler\Toolbar\CToolbar.exe
H:\Program Files\Spyware Terminator\SpywareTerminator.exe
H:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
H:\Program Files\Spyware Terminator\sp_rsser.exe
H:\WINDOWS\system32\dwwin.exe
H:\Documents and Settings\Petr Fordos\Plocha\Nová složka\HiJackThis.exe
H:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... p=aus&qkw=%s&tbid=60327
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - H:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - H:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - H:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - H:\PROGRA~1\ICQTOO~1\toolbaru.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - H:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RemoteControl] "H:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] H:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE H:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG7_CC] H:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [egui] "H:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [qxvrwfmi] H:\xvagrdxq.bat
O4 - HKLM\..\Run: [SpywareTerminator] "H:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "H:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ICQ] "H:\Program Files\ICQ6\ICQ.exe" silent
O4 - HKCU\..\Run: [Longhorn SideBar] H:\WINDOWS\SideBar\SideBar.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] H:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DSLMON.lnk = ?
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - H:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - H:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: H:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{716DB59D-E17D-401B-B15D-46595E967718}: NameServer = 194.228.41.65 194.228.41.113
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - H:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - H:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - H:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - H:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - H:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - H:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - H:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: WinFast(R) Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - H:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - H:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - H:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 7060 bytes

Dekuji

[Reklama]

[Baron Prášil]

mlátíš tam noda a avg dohromady.jeden odinstaluj nebo alespoň vypni rezidentní štíty.

můžeš odinstalovat Crawler Toolbar. je to adware k Spyterminatorovi

toto se mi nelíbí
H:\xvagrdxq.bat
nech to zkontrolovat tady
http://www.virustotal.com/flash/index_en.html
nepoužívej "Procházet" ale vlož do okna celou cestu,tučně označenou,k souboru metodou Ctrl+C > Ctrl+V

[MAJOR32]

Toto mi napsalo po odeslani toho souboru: 0 bytes size received / Se ha recibido un archivo vacio


Co dalsiho bys mi skusil doporucit ??






Diky

[Jakub SAFE]

Hele zkus fixnout:

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

H:\Program Files\Crawler\Toolbar\CToolbar.exe

a melo by to bejt good dyztak se ozvi