prosim o kontrolu logu....malezen vir (worm)

spooks1 · Příspěvek od **spooks1** » čtv 29. bře 2007, 20:41

Logfile of HijackThis v1.99.1
Scan saved at 20:38:09, on 29.3.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
D:\Magik\Moje\Antivir\aswUpdSv.exe
D:\Magik\Moje\Antivir\ashServ.exe
D:\Magik\Moje\firewall\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
D:\Magik\Moje\program\alcohol\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WZCBDL Service\WZCBDLS.exe
D:\Magik\Moje\Antivir\ashMaiSv.exe
D:\Magik\Moje\Antivir\ashWebSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
D:\Magik\Moje\Antivir\ashDisp.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe
D:\Tiskárna\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
D:\Tiskárna\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
D:\Magik\Moje\program\ObjectDock\ObjectDock.exe
D:\Tiskárna\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
D:\Magik\Moje\firewall\Comodo\Firewall\cpf.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Reader\AcroRd32.exe
D:\Magik\Moje\program\ICQLite\ICQLite.exe
D:\Magik\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.weatherstudio.com/dp/search?x ... Jzj0s5pqyD
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {6F45AEA2-9C81-4832-8390-7134102B8DE5} - C:\Program Files\WeatherStudio Desktop\bin\WeatherStudio Desktop.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {FFDD804F-A7F8-4395-93D2-66A85DA2BDAB} - C:\Program Files\WeatherStudio348\bin\WeatherStudio348.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O3 - Toolbar: &S-Rank - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Documents and Settings\Hanka\Plocha\Postak\SRank.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O3 - Toolbar: WeatherStudio Toolbar - {15757333-2BCA-4B77-A807-D0955132F812} - C:\Program Files\WeatherStudio348\bin\WeatherStudio348.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [D-Link Air Utility] C:\Program Files\D-Link\Air Utility\AirCFG.exe
O4 - HKLM\..\Run: [avast!] D:\Magik\Moje\Antivir\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SMail] "C:\Documents and Settings\Hanka\Plocha\Postak\Postak.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ICQ Lite] "D:\Magik\Moje\program\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [Comodo Firewall] "D:\Magik\Moje\firewall\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [YeppStudioAgent] C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe
O4 - HKLM\..\Run: [HP Software Update] D:\Tiskárna\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Vista Sidebar] C:\Program Files\Vista Sidebar\sidebar.exe
O4 - HKLM\..\Run: [Styler] C:\Program Files\Styler\Styler.exe
O4 - HKLM\..\Run: [CloneCDTray] "D:\Magik\Moje\program\daemon\CloneCD\CloneCDTray.exe" /s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\RunOnce: [ICQ Lite] D:\Magik\Moje\program\ICQLite\ICQLite.exe -trayboot
O4 - Startup: Stardock ObjectDock.lnk = D:\Magik\Moje\program\ObjectDock\ObjectDock.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = ?
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Magik\Moje\program\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Magik\Moje\program\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/luxr/defaul ... uncher.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10/St ... b41227.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://arcade.icq.com/online/online2/be ... der_v6.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BA241CF5-8D59-402B-9798-4F5F1617250D}: NameServer = 195.70.130.1,195.70.130.19
O17 - HKLM\System\CCS\Services\Tcpip\..\{C3005B3B-AE24-46C7-A4A4-EA03566826FB}: NameServer = 193.85.1.100,193.85.2.100
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Magik\Moje\Antivir\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - D:\Magik\Moje\Antivir\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - D:\Magik\Moje\Antivir\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - D:\Magik\Moje\Antivir\ashWebSv.exe" /service (file missing)
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - D:\Magik\Moje\firewall\Comodo\Firewall\cmdagent.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\Magik\Moje\program\alcohol\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: WZCBDL Service (WZCBDLService) - D-Link - C:\Program Files\WZCBDL Service\WZCBDLS.exe

likc · Příspěvek od **likc** » čtv 29. bře 2007, 23:02

fixni
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.weatherstudio.com/dp/search?x ... cDaemOVu3E v6d3y8hVp7V6iWawgUqtlTUZdy+DKbWVg87NXnTCzAZIYBZ8W8sdJqefgbEs8VtrMNlkvWZrEvCW49iJ QJvE1q1BKAw67RvZobjFbOTWIKxIh1pMP6MERbxtZMEAu75fQFmMmiXiMrTc77Jzj0s5pqyD
O2 - BHO: (no name) - {6F45AEA2-9C81-4832-8390-7134102B8DE5} - C:\Program Files\WeatherStudio Desktop\bin\WeatherStudio Desktop.dll
jestli pujde kde, tak to cele odinstaluj/smaz.
O3 - Toolbar: &S-Rank - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Documents and Settings\Hanka\Plocha\Postak\SRank.dll (file missing)

tenhle toolbar pouzivas?
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll

nejspis jsi v minulosti odinstaloval avasta, tohle je zbytek
O23 - Service: avast! Mail Scanner - Unknown owner - D:\Magik\Moje\Antivir\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - D:\Magik\Moje\Antivir\ashWebSv.exe" /service (file missing)

pokud me ale zrak nesaly, tak nemas zadny antivir. To neni dobry.

Baron Prášil

je tam avast a je ok. jenom se nás snaží zmást D:\Magik\Moje\Antivir\ashMaiSv.exe

takže toto nefixovat
O23 - Service: avast! Mail Scanner - Unknown owner - D:\Magik\Moje\Antivir\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - D:\Magik\Moje\Antivir\ashWebSv.exe" /service (file missing)

kde byl ten červík identifikovanej?

likc · Příspěvek od **likc** » pát 30. bře 2007, 11:52

Ajo, a to jsem to jeste 2x kontroloval a nevsiml si ho.

Baron Prášil

njn,vono je to asi stejně jedno. nejspíš si fixnul tu předpověď počasí
(co je na ní špatnýho?),pak nevěděl jak je,nastydnul a teď
leží v nemocnici se zápalem plic Obrázek

spooks1 · Příspěvek od **spooks1** » pon 2. dub 2007, 21:05

tady je novy log, snad bude ok

Logfile of HijackThis v1.99.1
Scan saved at 21:02:41, on 2.4.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
D:\Magik\Moje\Antivir\ashDisp.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe
D:\Tiskárna\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
D:\Magik\Moje\Antivir\aswUpdSv.exe
D:\Tiskárna\Digital Imaging\bin\hpqtra08.exe
D:\Magik\Moje\Antivir\ashServ.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
D:\Magik\Moje\program\ObjectDock\ObjectDock.exe
D:\Magik\Moje\firewall\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
D:\Magik\Moje\program\alcohol\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WZCBDL Service\WZCBDLS.exe
D:\Magik\Moje\Antivir\ashMaiSv.exe
D:\Magik\Moje\Antivir\ashWebSv.exe
D:\Tiskárna\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Magik\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {FFDD804F-A7F8-4395-93D2-66A85DA2BDAB} - C:\Program Files\WeatherStudio348\bin\WeatherStudio348.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: WeatherStudio Toolbar - {15757333-2BCA-4B77-A807-D0955132F812} - C:\Program Files\WeatherStudio348\bin\WeatherStudio348.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [D-Link Air Utility] C:\Program Files\D-Link\Air Utility\AirCFG.exe
O4 - HKLM\..\Run: [avast!] D:\Magik\Moje\Antivir\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SMail] "C:\Documents and Settings\Hanka\Plocha\Postak\Postak.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ICQ Lite] "D:\Magik\Moje\program\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [Comodo Firewall] "D:\Magik\Moje\firewall\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [YeppStudioAgent] C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe
O4 - HKLM\..\Run: [HP Software Update] D:\Tiskárna\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Vista Sidebar] C:\Program Files\Vista Sidebar\sidebar.exe
O4 - HKLM\..\Run: [Styler] C:\Program Files\Styler\Styler.exe
O4 - HKLM\..\Run: [CloneCDTray] "D:\Magik\Moje\program\daemon\CloneCD\CloneCDTray.exe" /s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\RunOnce: [ICQ Lite] D:\Magik\Moje\program\ICQLite\ICQLite.exe -trayboot
O4 - Startup: Stardock ObjectDock.lnk = D:\Magik\Moje\program\ObjectDock\ObjectDock.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = ?
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Magik\Moje\program\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Magik\Moje\program\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/luxr/defaul ... uncher.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10/St ... b41227.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://arcade.icq.com/online/online2/be ... der_v6.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BA241CF5-8D59-402B-9798-4F5F1617250D}: NameServer = 195.70.130.1,195.70.130.19
O17 - HKLM\System\CCS\Services\Tcpip\..\{C3005B3B-AE24-46C7-A4A4-EA03566826FB}: NameServer = 193.85.1.100,193.85.2.100
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Magik\Moje\Antivir\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - D:\Magik\Moje\Antivir\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - D:\Magik\Moje\Antivir\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - D:\Magik\Moje\Antivir\ashWebSv.exe" /service (file missing)
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - D:\Magik\Moje\firewall\Comodo\Firewall\cmdagent.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\Magik\Moje\program\alcohol\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: WZCBDL Service (WZCBDLService) - D-Link - C:\Program Files\WZCBDL Service\WZCBDLS.exe

Baron Prášil

v logu si níc špatnýho neměl a nemáš ani teď

Baron Prášil píše: kde byl ten červík identifikovanej?

C-Nooty · Příspěvek od **C-Nooty** » úte 3. dub 2007, 12:02

Jak mám vyjet ten log pomocí čeho?? thx za vysvětlení

ninjin_cz · Příspěvek od **ninjin_cz** » úte 3. dub 2007, 16:48

CarbooNooty: HijackThis -> Spustis, kliknes na "Do a system scan and save a logfile" a vysledny log otevreny v textaku zkopirujes.

Baron Prášil

....do vlastního tématu.

spooks1 · Příspěvek od **spooks1** » úte 3. dub 2007, 19:16

na C:windows/system32

Baron Prášil

no to chápu,ale Avast ti musel napsat celou cestu k souboru