check log prosim, dik .)
Napsal: stř 12. zář 2007, 13:48
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:42:17, on 12.9.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20627)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\_meine\Comodo\Firewall\CPF.exe
C:\_meine\AVS\avp.exe
C:\Program Files\Acronis\TrueImageWorkstation\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageWorkstation\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\_meine\ATI Tray Tools\atitray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\_meine\logitech setpoint260\SetPoint.exe
C:\_meine\SpeedFan432\speedfan.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\_meine\AVS\avp.exe
C:\_meine\Comodo\Firewall\cmdagent.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\_meine\miranda-im-v0.5.1-unicode\miranda32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\_meine\opera\Opera.exe
D:\SKLAD\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\_meine\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Comodo Firewall] "C:\_meine\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [aol] "C:\_meine\AVS\avp.exe"
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageWorkstation\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageWorkstation\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [amd_dc_opt] "C:\_meine\AMD dc optimizer\amd_dc_opt.exe"
O4 - HKCU\..\Run: [AtiTrayTools] "C:\_meine\ATI Tray Tools\atitray.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
O4 - Startup: SpeedFan (2).lnk = C:\_meine\SpeedFan432\speedfan.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\_meine\MSOFFI~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\_meine\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\_meine\SPYBOT~1\SDHelper.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Active Virus Shield (AVP) - AOL - C:\_meine\AVS\avp.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\_meine\Comodo\Firewall\cmdagent.exe
--
End of file - 4246 bytes
Scan saved at 13:42:17, on 12.9.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20627)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\_meine\Comodo\Firewall\CPF.exe
C:\_meine\AVS\avp.exe
C:\Program Files\Acronis\TrueImageWorkstation\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageWorkstation\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\_meine\ATI Tray Tools\atitray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\_meine\logitech setpoint260\SetPoint.exe
C:\_meine\SpeedFan432\speedfan.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\_meine\AVS\avp.exe
C:\_meine\Comodo\Firewall\cmdagent.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\_meine\miranda-im-v0.5.1-unicode\miranda32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\_meine\opera\Opera.exe
D:\SKLAD\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\_meine\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Comodo Firewall] "C:\_meine\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [aol] "C:\_meine\AVS\avp.exe"
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageWorkstation\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageWorkstation\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [amd_dc_opt] "C:\_meine\AMD dc optimizer\amd_dc_opt.exe"
O4 - HKCU\..\Run: [AtiTrayTools] "C:\_meine\ATI Tray Tools\atitray.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
O4 - Startup: SpeedFan (2).lnk = C:\_meine\SpeedFan432\speedfan.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\_meine\MSOFFI~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\_meine\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\_meine\SPYBOT~1\SDHelper.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Active Virus Shield (AVP) - AOL - C:\_meine\AVS\avp.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\_meine\Comodo\Firewall\cmdagent.exe
--
End of file - 4246 bytes
Mne tu vyhodilo , ze sa da zapnut aj manualne . Nie je skodlivy.