tu je ten log
-------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:02:03, on 9. 8. 2008
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\Programy\ESET Smart Security\x86\ekrn.exe
X:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
X:\WINDOWS\RTHDCPL.EXE
C:\Programy\ICQ6\ICQ.exe
X:\WINDOWS\SysWOW64\ctfmon.exe
C:\Programy\Winamp\winampa.exe
C:\Programy\PowerDVD8\PDVD8Serv.exe
X:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
C:\Programy\CloneCD\CloneCDTray.exe
C:\Programy\Mozilla Firefox\firefox.exe
X:\Documents and Settings\Nexus\Desktop\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
F2 - REG:system.ini: UserInit=userinit
O2 - BHO: Podpora odkazu pre aplikáciu Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - X:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Microsoft Web Test Recorder 9.0 Helper - {E31CE47F-C268-41ba-897B-B415E613947D} - C:\Programy\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO90.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programy\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Programy\Winamp\winampa.exe
O4 - HKLM\..\Run: [RemoteControl8] C:\Programy\PowerDVD8\PDVD8Serv.exe
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] C:\Programy\PowerDVD8\Language\Language.exe
O4 - HKLM\..\Run: [BDRegion] "X:\Program Files (x86)\Cyberlink\Shared Files\brs.exe"
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\Programy\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [CloneCDTray] "C:\Programy\CloneCD\CloneCDTray.exe" /s
O4 - HKCU\..\Run: [CTFMON.EXE] X:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ICQ] "C:\Programy\ICQ6\ICQ.exe" silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] X:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] X:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] X:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] X:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = X:\System Volume Information\_restore{18BAA467-0014-46D5-8215-9137BF781087}\RP44\A0020039.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel -
res://C:\Programy\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programy\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programy\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programy\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - X:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - X:\Program Files\Messenger\msmsgs.exe
O15 - ESC Trusted Zone:
http://runonce.msn.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://www.update.microsoft.com/windows ... 5179947250
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - X:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - X:\WINDOWS\System32\dmadmin.exe (file missing)
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Programy\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Programy\ESET Smart Security\x86\ekrn.exe
O23 - Service: Event Log (Eventlog) - Unknown owner - X:\WINDOWS\system32\services.exe (file missing)
O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - X:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - X:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - X:\WINDOWS\system32\imapi.exe (file missing)
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - X:\WINDOWS\system32\msdtc.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\Programy\MySQL.exe (file missing)
O23 - Service: Net Logon (Netlogon) - Unknown owner - X:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - X:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - X:\WINDOWS\system32\nvsvc64.exe (file missing)
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - X:\WINDOWS\system32\services.exe (file missing)
O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - X:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - X:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - X:\WINDOWS\system32\sessmgr.exe (file missing)
O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - X:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Virtual Disk Service (vds) - Unknown owner - X:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - X:\WINDOWS\System32\vssvc.exe (file missing)
O23 - Service: wampapache - Apache Software Foundation - C:\Programy\Wamp\bin\apache\apache2.2.8\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - C:\Programy\Wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe
O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - X:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)
--
End of file - 6707 bytes
-------------------------------------------------------------
ja to uz vidim...
pravdepodobne bude treba fixnut ten cerveny riadok ze?
este ked pozeram je to sucast stardock object dock... neviem ale preco to tam ostalo program som odinstaloval asi 2 tyzdne kym sa tato chyba zacala objavovat!
