Kontrolu logu pls

zac.je.toho.loket · Příspěvekod **zac.je.toho.loket** » 27 črc 2008 09:29

Zdravím, většinu havěti se mi podařilo odstranit SDfixem, jako třeba zmizelé ikony, virus alert atd. Pořád se mi ale zdá, že je systém zpomalený. Připojuji log z Hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:22, on 27.7.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\PowerPanel\Program\PcfMgr.exe
C:\Program Files\Sony\BlueSpace\BlueSpaceNE.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.cz/
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {A8482587-9CF5-4850-9D1F-45A197E96B3A} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [5402e141] rundll32.exe "C:\WINDOWS\system32\wnmqepqm.dll",b
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: BlueSpace NE.lnk = C:\Program Files\Sony\BlueSpace\BlueSpaceNE.exe (User 'Default user')
O4 - Startup: BlueSpace NE.lnk = C:\Program Files\Sony\BlueSpace\BlueSpaceNE.exe
O4 - Global Startup: PowerPanel.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: www.mojebanka.cz
O17 - HKLM\System\CCS\Services\Tcpip\..\{3E74A81D-6E8D-4F5F-8D3E-A9D1EFF34AFE}: NameServer = 10.149.192.2
O20 - Winlogon Notify: WinCtrl32 - C:\WINDOWS\SYSTEM32\WinCtrl32.dll
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm

--
End of file - 5734 bytes

Reklama

Příspěvekod **fredik** » 27 črc 2008 09:41

Stáhni si ComboFix (by sUBs) a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

zac.je.toho.loket · Příspěvekod **zac.je.toho.loket** » 27 črc 2008 10:43

ComboFix 08-07-26.1 - sphinx 2008-07-27 10:31:17.1 - FAT32x86
Running from: C:\Documents and Settings\sphinx\Plocha\ComboFix.exe
* Created a new restore point
* Resident AV is active

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\sphinx\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Antivirus-2008pro.lnk
C:\Documents and Settings\sphinx\Nabídka Start\Programy\Antivirus 2008 PRO
C:\Documents and Settings\sphinx\Nabídka Start\Programy\Antivirus 2008 PRO\antivirus-2008pro.lnk
C:\WINDOWS\system32\cbXRIcCV.dll
C:\WINDOWS\system32\KnXwaGgh.ini
C:\WINDOWS\system32\KnXwaGgh.ini2
C:\WINDOWS\system32\mlJBQGVO.dll
C:\WINDOWS\system32\mqpeqmnw.ini
C:\WINDOWS\system32\wvUnNdET.dll
C:\WINDOWS\system32\xxyvuvsQ.dll

.
((((((((((((((((((((((((( Files Created from 2008-06-27 to 2008-07-27 )))))))))))))))))))))))))))))))
.

2008-07-27 09:19 . 2008-07-27 09:19 <DIR> d-------- C:\Program Files\CCleaner
2008-07-26 23:23 . 2008-07-26 23:23 <DIR> d-------- C:\Program Files\Trend Micro
2008-07-26 22:45 . 2008-07-26 22:45 <DIR> d-------- C:\Program Files\ESET
2008-07-26 22:09 . 2008-07-26 22:09 <DIR> d-------- C:\WINDOWS\ERUNT
2008-07-26 21:40 . 2008-07-26 21:40 241 --a------ C:\Documents and Settings\Administrator\SR.vbs
2008-07-26 21:39 . 2008-06-27 15:24 <DIR> d--h----- C:\Documents and Settings\Administrator\ćablony
2008-07-26 21:39 . 2008-06-27 15:24 <DIR> d-------- C:\Documents and Settings\Administrator\Plocha
2008-07-26 21:39 . 2008-06-27 15:24 <DIR> d--h----- C:\Documents and Settings\Administrator\Okolnˇ tisk rny
2008-07-26 21:39 . 2008-06-27 15:24 <DIR> d--h----- C:\Documents and Settings\Administrator\Okolnˇ sˇś
2008-07-26 21:39 . 2008-06-27 15:24 <DIR> d-------- C:\Documents and Settings\Administrator\Oblˇben‚ polo§ky
2008-07-26 21:39 . 2008-06-27 15:24 <DIR> dr------- C:\Documents and Settings\Administrator\Nabˇdka Start
2008-07-26 21:39 . 2008-06-27 15:24 <DIR> d-------- C:\Documents and Settings\Administrator\Dokumenty
2008-07-26 21:39 . 2008-06-27 15:24 <DIR> dr-h----- C:\Documents and Settings\Administrator\Data aplikacˇ
2008-07-26 21:39 . 2008-07-26 21:39 <DIR> d-------- C:\Documents and Settings\Administrator
2008-07-26 21:36 . 2008-07-26 22:37 241 --a------ C:\Documents and Settings\sphinx\SR.vbs
2008-07-26 21:35 . 2008-07-26 21:35 95,360 --a------ C:\WINDOWS\system32\wnmqepqm.dll
2008-07-26 21:15 . 2008-07-26 21:15 <DIR> d-------- C:\totalcmd
2008-07-26 21:15 . 2008-04-22 07:03 545 --a------ C:\WINDOWS\UC.PIF
2008-07-26 21:15 . 2008-04-22 07:03 545 --a------ C:\WINDOWS\RAR.PIF
2008-07-26 21:15 . 2008-04-22 07:03 545 --a------ C:\WINDOWS\PKZIP.PIF
2008-07-26 21:15 . 2008-04-22 07:03 545 --a------ C:\WINDOWS\PKUNZIP.PIF
2008-07-26 21:15 . 2008-04-22 07:03 545 --a------ C:\WINDOWS\NOCLOSE.PIF
2008-07-26 21:15 . 2008-04-22 07:03 545 --a------ C:\WINDOWS\LHA.PIF
2008-07-26 21:15 . 2008-04-22 07:03 545 --a------ C:\WINDOWS\ARJ.PIF
2008-07-26 21:15 . 2008-07-27 09:29 394 --a------ C:\WINDOWS\wincmd.ini
2008-07-24 21:06 . 2001-10-24 11:54 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-07-24 21:06 . 2001-10-24 11:54 12,160 --a------ C:\WINDOWS\system32\dllcache\mouhid.sys
2008-07-24 21:05 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008-07-24 21:05 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\dllcache\hidusb.sys
2008-07-19 17:34 . 2004-08-17 15:49 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-07-13 22:08 . 2008-07-13 22:08 165,376 --a------ C:\WINDOWS\system32\drivers\atksgt.sys
2008-07-13 22:08 . 2008-07-13 22:08 18,048 --a------ C:\WINDOWS\system32\drivers\lirsgt.sys
2008-07-13 22:07 . 2005-05-26 15:34 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2008-07-13 22:05 . 2008-07-13 22:05 <DIR> d-------- C:\Program Files\Ligos
2008-07-13 22:05 . 2000-06-23 14:05 136,704 --a------ C:\WINDOWS\system32\iacenc.dll
2008-07-13 22:05 . 2000-06-22 13:09 56,320 --------- C:\WINDOWS\system32\iyvu9_32.dll
2008-07-13 17:42 . 2008-07-13 17:42 <DIR> d-------- C:\z loha
2008-07-13 17:11 . 2008-07-13 17:11 <DIR> d-------- C:\Program Files\Microprose
2008-07-13 12:39 . 2008-07-13 12:39 <DIR> d-------- C:\Program Files\Kingpin
2008-07-13 12:38 . 1998-10-29 16:45 306,688 --a------ C:\WINDOWS\IsUninst.exe
2008-07-13 12:36 . 2008-07-13 12:36 <DIR> d-------- C:\Program Files\DAEMON Tools
2008-07-13 12:33 . 2008-07-13 12:33 611,064 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-07-13 12:33 . 2008-07-13 12:33 96,256 --a------ C:\WINDOWS\system32\drivers\sptddrv1.sys
2008-07-13 11:45 . 2008-07-13 11:45 <DIR> d-------- C:\Kingpin.Life.Of.Crime-GHC
2008-07-11 23:05 . 2008-07-11 23:05 <DIR> d-------- C:\Program Files\Codec Pack - All In 1
2008-07-11 23:05 . 2008-07-11 23:05 737,280 --a------ C:\WINDOWS\iun6002.exe
2008-07-11 21:44 . 2008-07-11 21:44 <DIR> d-------- C:\movies
2008-07-10 14:30 . 2008-07-26 19:43 116 --a------ C:\WINDOWS\NeroDigital.ini
2008-07-07 20:11 . 2004-08-03 23:10 38,016 --a------ C:\WINDOWS\system32\drivers\bthmodem.sys
2008-07-07 20:11 . 2004-08-03 23:10 38,016 --a------ C:\WINDOWS\system32\dllcache\bthmodem.sys
2008-07-07 19:38 . 2008-07-07 19:38 <DIR> d-------- C:\Worms Armageddon
2008-07-05 22:42 . 2008-07-05 22:42 <DIR> d---s---- C:\Documents and Settings\sphinx\UserData
2008-07-05 17:05 . 2003-06-19 01:31 17,920 --a------ C:\WINDOWS\system32\mdimon.dll
2008-07-05 17:05 . 2008-07-05 17:05 390 --a------ C:\WINDOWS\ODBC.INI
2008-07-05 17:03 . 2008-07-05 17:03 <DIR> d-------- C:\Program Files\Microsoft.NET
2008-07-05 17:02 . 2008-07-05 17:02 <DIR> d-------- C:\WINDOWS\SHELLNEW
2008-07-05 16:58 . 2008-07-05 16:58 <DIR> dr-h----- C:\MSOCache
2008-07-04 12:43 . 2008-07-04 12:43 <DIR> d-------- C:\Documents and Settings\sphinx\kbpki
2008-07-04 12:38 . 2008-03-25 02:37 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-07-04 12:37 . 2008-07-04 12:37 <DIR> d-------- C:\Program Files\Java
2008-07-04 12:35 . 2008-07-04 12:35 <DIR> d-------- C:\Program Files\Common Files\Java
2008-06-27 22:09 . 2008-06-27 22:09 <DIR> d-------- C:\Program Files\AdVantage
2008-06-27 22:08 . 2008-06-27 22:08 <DIR> d-------- C:\Program Files\Webteh
2008-06-27 22:00 . 2008-06-27 22:00 <DIR> d-------- C:\Program Files\Winamp
2008-06-27 21:53 . 2008-06-27 21:53 <DIR> d-------- C:\Program Files\QuickTime
2008-06-27 21:51 . 2008-06-27 21:51 <DIR> d-------- C:\Program Files\Apple Software Update
2008-06-27 21:44 . 2008-06-27 21:44 <DIR> d-------- C:\Program Files\Ahead
2008-06-27 20:59 . 2008-06-27 20:59 <DIR> d-------- C:\Program Files\Nero
2008-06-27 20:59 . 2008-06-27 20:59 <DIR> d-------- C:\Program Files\Common Files\Ahead
2008-06-27 18:54 . 2008-06-27 18:54 <DIR> d-------- C:\Program Files\ICQ6
2008-06-27 18:05 . 2008-06-27 18:05 0 --a------ C:\WINDOWS\AccessManager.INI
2008-06-27 17:55 . 2002-09-25 06:09 140,800 -ra------ C:\WINDOWS\system32\drivers\e100b325.sys
2008-06-27 17:55 . 2002-09-25 06:09 140,800 --a------ C:\WINDOWS\system32\dllcache\e100b325.sys
2008-06-27 17:55 . 2002-10-02 12:49 53,248 -ra------ C:\WINDOWS\system32\Prounstl.exe
2008-06-27 17:55 . 2001-07-20 06:40 23,040 -ra------ C:\WINDOWS\system32\IntelNic.dll
2008-06-27 17:55 . 2002-10-07 18:15 16,384 -ra------ C:\WINDOWS\system32\e100bmsg.dll
2008-06-27 17:55 . 2002-06-13 11:32 5,110 -ra------ C:\WINDOWS\system32\e100b325.din
2008-06-27 17:50 . 2003-03-19 14:12 1,047,552 --a------ C:\WINDOWS\system32\MFC71u.dll
2008-06-27 17:50 . 2003-03-19 13:14 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2008-06-27 17:50 . 2003-02-21 21:42 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2008-06-27 17:42 . 2008-06-27 17:42 <DIR> d-------- C:\Program Files\PowerPanel
2008-06-27 17:42 . 2008-06-27 17:42 0 --a------ C:\WINDOWS\PcfEdit.INI
2008-06-27 17:31 . 2008-07-07 20:12 66 --a------ C:\WINDOWS\BlueSpaceNE.INI
2008-06-27 17:28 . 2000-12-05 16:18 3,952 -ra------ C:\WINDOWS\system32\drivers\DMICall.sys
2008-06-27 17:27 . 2002-08-06 17:00 53,248 --a------ C:\WINDOWS\system32\SNSetup.cpl
2008-06-27 17:26 . 2008-06-27 17:26 <DIR> d-------- C:\Program Files\Common Files\Sony Shared
2008-06-27 17:25 . 2002-12-20 15:47 29,696 --a------ C:\WINDOWS\system32\XmlInst.exe
2008-06-27 17:25 . 2002-12-20 15:47 25,088 --a------ C:\WINDOWS\system32\msxml3a.dll
2008-06-27 17:13 . 2008-06-27 17:13 <DIR> d-------- C:\Hotfix
2008-06-27 17:11 . 2008-06-27 17:11 <DIR> d-------- C:\Program Files\Sony
2008-06-27 17:10 . 2008-06-27 17:10 <DIR> d-------- C:\Program Files\CONEXANT
2008-06-27 17:10 . 2003-03-13 13:15 1,106,944 --a------ C:\WINDOWS\system32\drivers\HSF_DP.sys
2008-06-27 17:10 . 2003-03-13 13:17 622,592 --a------ C:\WINDOWS\system32\drivers\HSF_CNXT.sys
2008-06-27 17:10 . 2003-03-14 15:22 256,267 --a------ C:\WINDOWS\system32\drivers\Snyunif.cty
2008-06-27 17:10 . 2003-03-13 13:19 164,736 --a------ C:\WINDOWS\system32\drivers\HSFHWICH.sys
2008-06-27 17:10 . 2002-12-11 08:49 69,632 --a------ C:\WINDOWS\system32\mdmxsdk.dll
2008-06-27 17:10 . 2002-10-29 17:33 27,786 --a------ C:\WINDOWS\system32\HSFCI005.dll
2008-06-27 17:10 . 2002-12-11 10:22 11,044 --a------ C:\WINDOWS\system32\drivers\mdmxsdk.sys
2008-06-27 17:07 . 2008-06-27 17:07 <DIR> d-------- C:\Program Files\Common Files\OII
2008-06-27 17:07 . 2003-03-14 10:12 279,680 --a------ C:\WINDOWS\system32\drivers\oivmvcom.sys
2008-06-27 17:07 . 2003-01-06 17:20 15,616 --a------ C:\WINDOWS\system32\drivers\oivmctrl.sys
2008-06-27 17:05 . 2008-06-27 17:05 <DIR> d-------- C:\Utilities
2008-06-27 17:01 . 2004-08-03 23:15 145,792 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2008-06-27 17:00 . 2008-06-27 17:00 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2008-06-27 17:00 . 2008-06-27 17:00 <DIR> d-------- C:\Program Files\Analog Devices
2008-06-27 17:00 . 2001-09-11 16:20 1,285,632 --a------ C:\WINDOWS\system32\SMMedia.dll
2008-06-27 17:00 . 2001-09-19 13:32 720,896 --a------ C:\WINDOWS\system32\dllcache\a3d.dll
2008-06-27 17:00 . 2001-09-19 13:32 720,896 --a------ C:\WINDOWS\system32\a3d.dll
2008-06-27 17:00 . 2003-03-17 10:46 553,280 --a------ C:\WINDOWS\system32\drivers\smwdm.sys
2008-06-27 17:00 . 2003-03-13 17:34 100,224 --a------ C:\WINDOWS\system32\drivers\aeaudio.sys
2008-06-27 17:00 . 2003-01-08 11:23 49,152 --a------ C:\WINDOWS\system32\DSndUp.exe
2008-06-27 17:00 . 2002-04-17 15:05 45,056 --a------ C:\WINDOWS\system32\CleanUp.exe
2008-06-27 17:00 . 2001-09-11 15:20 30,208 --a------ C:\WINDOWS\system32\wdmioctl.dll
2008-06-27 17:00 . 2002-10-28 11:26 3,744 --a------ C:\WINDOWS\system32\drivers\smsens.sys
2008-06-27 16:59 . 2008-06-27 16:59 <DIR> d--hs---- C:\Recycled
2008-06-27 16:59 . 2008-06-27 16:59 <DIR> d-------- C:\Drivers
2008-06-27 16:54 . 2008-06-27 16:54 <DIR> d-------- C:\Program Files\Apoint
2008-06-27 16:54 . 2003-02-27 21:36 90,852 -ra------ C:\WINDOWS\system32\drivers\Apfiltr.sys
2008-06-27 16:54 . 2002-06-10 22:27 69,150 -ra------ C:\WINDOWS\system32\Vxdif.dll
2008-06-27 16:39 . 2005-06-28 10:21 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-06-27 16:38 . 2008-06-27 16:39 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-06-27 16:34 . 2008-06-27 16:34 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-06-27 16:14 . 2008-06-27 16:14 <DIR> d-------- C:\Program Files\Opera
2008-06-27 16:13 . 2003-03-11 10:24 155,648 --a------ C:\WINDOWS\system32\igfxres.dll
2008-06-27 16:11 . 2008-07-27 10:34 836 --a------ C:\WINDOWS\bthservsdp.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-27 13:51 --------- d-----w C:\Program Files\microsoft frontpage
2008-06-20 17:42 247,296 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 17:42 247,296 ----a-w C:\WINDOWS\system32\dllcache\mswsock.dll
2008-06-20 17:42 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\dllcache\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
2008-06-14 18:00 272,128 ----a-w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-14 18:00 272,128 ----a-w C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-10 16:56 34,312 ----a-w C:\WINDOWS\system32\drivers\epfwtdir.sys
2008-06-10 16:48 53,256 ----a-w C:\WINDOWS\system32\drivers\easdrv.sys
2008-06-10 16:47 39,944 ----a-w C:\WINDOWS\system32\drivers\eamon.sys
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\dllcache\rmcast.sys
2008-05-07 05:16 1,290,240 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-07 05:16 1,290,240 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 13:49 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-04-21 17:03 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2003-03-11 10:24 155648]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [2003-02-27 10:04 114688]
"Switcher.exe"="C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe" [2003-01-15 12:07 217088]
"HKSERV.EXE"="C:\Program Files\Sony\HotKey Utility\HKserv.exe" [2003-04-01 10:00 81920]
"VAIOCameraUtility"="C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe" [2005-12-27 13:58 69632]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 10:50 413696]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-09-14 22:09 157592]
"5402e141"="C:\WINDOWS\system32\wnmqepqm.dll" [2008-07-26 21:35 95360]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-06-10 18:52 1447168]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-17 13:49 110592 C:\WINDOWS\system32\bthprops.cpl]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-17 13:49 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winub04.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\ICQ6\\ICQ.exe"=
"C:\\WINDOWS\\System32\\dplaysvr.exe"=
"C:\\Program Files\\Microprose\\GP500 Demo\\Gp500-demo.exe"=

R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-06-10 18:56]
R3 oibtvcom;Bluetooth Virtual COM Port;C:\WINDOWS\system32\Drivers\oivmvcom.sys [2003-03-14 10:12]
R3 oivmctrl;VCOMM Device Controller;C:\WINDOWS\system32\Drivers\oivmctrl.sys [2003-01-06 17:20]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-03 21:04]
R3 SPI;Programovatelné zařízení Sony pro ovládání V/V ;C:\WINDOWS\system32\DRIVERS\SonyPI.sys [2001-08-17 20:51]
S0 Winub04;Winub04;C:\WINDOWS\system32\Drivers\Winub04.sys []
.
Contents of the 'Scheduled Tasks' folder
2008-06-27 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - s!:C:\Program Files\Apple Software Update\SoftwareUpdate.exe-taskSYSTEM0 []
.
- - - - ORPHANS REMOVED - - - -

Notify-WgaLogon - (no file)
MSConfigStartUp-AdVantage - C:\Program Files\AdVantage\AdVantage.exe

.
------- Supplementary Scan -------
.
R1 -: HKCU-Internet Connection Wizard,ShellNext = hxxp://www.google.cz/
O8 -: E&xportovat do aplikace Microsoft Office Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O17 -: HKLM\CCS\Interface\{3E74A81D-6E8D-4F5F-8D3E-A9D1EFF34AFE}: NameServer = 10.149.192.2

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-27 10:36:35
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\explorer.exe
-> C:\WINDOWS\system32\wnmqepqm.dll
.
------------------------ Other Running Processes ------------------------
.
C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\EKRN.EXE
C:\PROGRAM FILES\ANALOG DEVICES\SOUNDMAX\SMAGENT.EXE
C:\WINDOWS\SYSTEM32\WDFMGR.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\PowerPanel\Program\PcfMgr.exe
C:\Program Files\Sony\BlueSpace\BlueSpaceNE.exe
.
**************************************************************************
.
Completion time: 2008-07-27 10:40:00 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-27 08:39:50

Pre-Run: Volných bajtů: 10,262,675,456
Post-Run: Volněch bajt…: 10,204,528,640

251 --- E O F --- 2008-07-10 07:15:59

zac.je.toho.loket · Příspěvekod **zac.je.toho.loket** » 27 črc 2008 13:32

vyžadovanej log jsem zkopíroval, čekám tedy na odborný posudek, díky :wink:

Příspěvekod **fredik** » 27 črc 2008 13:43

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok)
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

Driver::
Winub04

File::
C:\WINDOWS\system32\wnmqepqm.dll

DirLook::
C:\Documents and Settings\sphinx\kbpki

Folder::
C:\Program Files\AdVantage

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"5402e141"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winub04.sys]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť
Obrázek

- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT.

zac.je.toho.loket · Příspěvekod **zac.je.toho.loket** » 27 črc 2008 14:09

tady je log z ComboFixu:

ComboFix 08-07-26.1 - sphinx 2008-07-27 13:52:02.2 - FAT32x86
Running from: C:\Documents and Settings\sphinx\Plocha\ComboFix.exe
Command switches used :: C:\Documents and Settings\sphinx\Plocha\CFScript.txt
* Created a new restore point
* Resident AV is active

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
C:\WINDOWS\system32\wnmqepqm.dll
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\AdVantage
C:\Program Files\AdVantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\components\IMeMedia_FF.xpt
C:\Program Files\AdVantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\chrome.manifest
C:\Program Files\AdVantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\chrome\content\advantage.png
C:\Program Files\AdVantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\chrome\content\contents.rdf
C:\Program Files\AdVantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\chrome\content\overlay.js
C:\Program Files\AdVantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\chrome\content\overlay.xul
C:\Program Files\AdVantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\chrome\content\vssver2.scc
C:\Program Files\AdVantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\chrome\locale\en-US\overlay.dtd
C:\Program Files\AdVantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\chrome\locale\en-US\vssver2.scc
C:\Program Files\AdVantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\install.js
C:\Program Files\AdVantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\install.rdf
C:\Program Files\AdVantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\vssver2.scc
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\wnmqepqm.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_WINUB04
-------\Service_Winub04

((((((((((((((((((((((((( Files Created from 2008-06-27 to 2008-07-27 )))))))))))))))))))))))))))))))
.

2008-07-27 11:15 . 2008-07-27 11:15 <DIR> d-------- C:\Program Files\Uniblue
2008-07-27 10:37 . 2008-07-27 11:44 474 ---hs---- C:\WINDOWS\system32\mqpeqmnw.ini
2008-07-27 09:19 . 2008-07-27 09:19 <DIR> d-------- C:\Program Files\CCleaner
2008-07-26 23:23 . 2008-07-26 23:23 <DIR> d-------- C:\Program Files\Trend Micro
2008-07-26 22:45 . 2008-07-26 22:45 <DIR> d-------- C:\Program Files\ESET
2008-07-26 22:09 . 2008-07-26 22:09 <DIR> d-------- C:\WINDOWS\ERUNT
2008-07-26 21:40 . 2008-07-26 21:40 241 --a------ C:\Documents and Settings\Administrator\SR.vbs
2008-07-26 21:39 . 2008-06-27 15:24 <DIR> d--h----- C:\Documents and Settings\Administrator\ćablony
2008-07-26 21:39 . 2008-06-27 15:24 <DIR> d-------- C:\Documents and Settings\Administrator\Plocha
2008-07-26 21:39 . 2008-06-27 15:24 <DIR> d--h----- C:\Documents and Settings\Administrator\Okolnˇ tisk rny
2008-07-26 21:39 . 2008-06-27 15:24 <DIR> d--h----- C:\Documents and Settings\Administrator\Okolnˇ sˇś
2008-07-26 21:39 . 2008-06-27 15:24 <DIR> d-------- C:\Documents and Settings\Administrator\Oblˇben‚ polo§ky
2008-07-26 21:39 . 2008-06-27 15:24 <DIR> dr------- C:\Documents and Settings\Administrator\Nabˇdka Start
2008-07-26 21:39 . 2008-06-27 15:24 <DIR> d-------- C:\Documents and Settings\Administrator\Dokumenty
2008-07-26 21:39 . 2008-06-27 15:24 <DIR> dr-h----- C:\Documents and Settings\Administrator\Data aplikacˇ
2008-07-26 21:39 . 2008-07-26 21:39 <DIR> d-------- C:\Documents and Settings\Administrator
2008-07-26 21:36 . 2008-07-26 22:37 241 --a------ C:\Documents and Settings\sphinx\SR.vbs
2008-07-26 21:15 . 2008-07-26 21:15 <DIR> d-------- C:\totalcmd
2008-07-26 21:15 . 2008-04-22 07:03 545 --a------ C:\WINDOWS\UC.PIF
2008-07-26 21:15 . 2008-04-22 07:03 545 --a------ C:\WINDOWS\RAR.PIF
2008-07-26 21:15 . 2008-04-22 07:03 545 --a------ C:\WINDOWS\PKZIP.PIF
2008-07-26 21:15 . 2008-04-22 07:03 545 --a------ C:\WINDOWS\PKUNZIP.PIF
2008-07-26 21:15 . 2008-04-22 07:03 545 --a------ C:\WINDOWS\NOCLOSE.PIF
2008-07-26 21:15 . 2008-04-22 07:03 545 --a------ C:\WINDOWS\LHA.PIF
2008-07-26 21:15 . 2008-04-22 07:03 545 --a------ C:\WINDOWS\ARJ.PIF
2008-07-26 21:15 . 2008-07-27 09:29 394 --a------ C:\WINDOWS\wincmd.ini
2008-07-24 21:06 . 2001-10-24 11:54 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-07-24 21:06 . 2001-10-24 11:54 12,160 --a------ C:\WINDOWS\system32\dllcache\mouhid.sys
2008-07-24 21:05 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008-07-24 21:05 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\dllcache\hidusb.sys
2008-07-19 17:34 . 2004-08-17 15:49 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-07-13 22:08 . 2008-07-13 22:08 165,376 --a------ C:\WINDOWS\system32\drivers\atksgt.sys
2008-07-13 22:08 . 2008-07-13 22:08 18,048 --a------ C:\WINDOWS\system32\drivers\lirsgt.sys
2008-07-13 22:07 . 2005-05-26 15:34 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2008-07-13 22:05 . 2008-07-13 22:05 <DIR> d-------- C:\Program Files\Ligos
2008-07-13 22:05 . 2000-06-23 14:05 136,704 --a------ C:\WINDOWS\system32\iacenc.dll
2008-07-13 22:05 . 2000-06-22 13:09 56,320 --------- C:\WINDOWS\system32\iyvu9_32.dll
2008-07-13 17:42 . 2008-07-13 17:42 <DIR> d-------- C:\z loha
2008-07-13 17:11 . 2008-07-13 17:11 <DIR> d-------- C:\Program Files\Microprose
2008-07-13 12:39 . 2008-07-13 12:39 <DIR> d-------- C:\Program Files\Kingpin
2008-07-13 12:38 . 1998-10-29 16:45 306,688 --a------ C:\WINDOWS\IsUninst.exe
2008-07-13 12:36 . 2008-07-13 12:36 <DIR> d-------- C:\Program Files\DAEMON Tools
2008-07-13 12:33 . 2008-07-13 12:33 611,064 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-07-13 12:33 . 2008-07-13 12:33 96,256 --a------ C:\WINDOWS\system32\drivers\sptddrv1.sys
2008-07-13 11:45 . 2008-07-13 11:45 <DIR> d-------- C:\Kingpin.Life.Of.Crime-GHC
2008-07-11 23:05 . 2008-07-11 23:05 <DIR> d-------- C:\Program Files\Codec Pack - All In 1
2008-07-11 23:05 . 2008-07-27 13:01 737,280 --a------ C:\WINDOWS\iun6002.exe
2008-07-11 21:44 . 2008-07-11 21:44 <DIR> d-------- C:\movies
2008-07-10 14:30 . 2008-07-27 13:46 116 --a------ C:\WINDOWS\NeroDigital.ini
2008-07-07 20:11 . 2004-08-03 23:10 38,016 --a------ C:\WINDOWS\system32\drivers\bthmodem.sys
2008-07-07 20:11 . 2004-08-03 23:10 38,016 --a------ C:\WINDOWS\system32\dllcache\bthmodem.sys
2008-07-07 19:38 . 2008-07-07 19:38 <DIR> d-------- C:\Worms Armageddon
2008-07-05 22:42 . 2008-07-05 22:42 <DIR> d---s---- C:\Documents and Settings\sphinx\UserData
2008-07-05 17:05 . 2003-06-19 01:31 17,920 --a------ C:\WINDOWS\system32\mdimon.dll
2008-07-05 17:05 . 2008-07-05 17:05 390 --a------ C:\WINDOWS\ODBC.INI
2008-07-05 17:03 . 2008-07-05 17:03 <DIR> d-------- C:\Program Files\Microsoft.NET
2008-07-05 17:02 . 2008-07-05 17:02 <DIR> d-------- C:\WINDOWS\SHELLNEW
2008-07-05 16:58 . 2008-07-05 16:58 <DIR> dr-h----- C:\MSOCache
2008-07-04 12:43 . 2008-07-04 12:43 <DIR> d-------- C:\Documents and Settings\sphinx\kbpki
2008-07-04 12:38 . 2008-03-25 02:37 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-07-04 12:37 . 2008-07-04 12:37 <DIR> d-------- C:\Program Files\Java
2008-07-04 12:35 . 2008-07-04 12:35 <DIR> d-------- C:\Program Files\Common Files\Java
2008-06-27 22:08 . 2008-06-27 22:08 <DIR> d-------- C:\Program Files\Webteh
2008-06-27 22:00 . 2008-06-27 22:00 <DIR> d-------- C:\Program Files\Winamp
2008-06-27 21:53 . 2008-06-27 21:53 <DIR> d-------- C:\Program Files\QuickTime
2008-06-27 21:51 . 2008-06-27 21:51 <DIR> d-------- C:\Program Files\Apple Software Update
2008-06-27 21:44 . 2008-06-27 21:44 <DIR> d-------- C:\Program Files\Ahead
2008-06-27 20:59 . 2008-06-27 20:59 <DIR> d-------- C:\Program Files\Nero
2008-06-27 20:59 . 2008-06-27 20:59 <DIR> d-------- C:\Program Files\Common Files\Ahead
2008-06-27 18:54 . 2008-06-27 18:54 <DIR> d-------- C:\Program Files\ICQ6
2008-06-27 18:05 . 2008-06-27 18:05 0 --a------ C:\WINDOWS\AccessManager.INI
2008-06-27 17:55 . 2002-09-25 06:09 140,800 -ra------ C:\WINDOWS\system32\drivers\e100b325.sys
2008-06-27 17:55 . 2002-09-25 06:09 140,800 --a------ C:\WINDOWS\system32\dllcache\e100b325.sys
2008-06-27 17:55 . 2002-10-02 12:49 53,248 -ra------ C:\WINDOWS\system32\Prounstl.exe
2008-06-27 17:55 . 2001-07-20 06:40 23,040 -ra------ C:\WINDOWS\system32\IntelNic.dll
2008-06-27 17:55 . 2002-10-07 18:15 16,384 -ra------ C:\WINDOWS\system32\e100bmsg.dll
2008-06-27 17:55 . 2002-06-13 11:32 5,110 -ra------ C:\WINDOWS\system32\e100b325.din
2008-06-27 17:50 . 2003-03-19 14:12 1,047,552 --a------ C:\WINDOWS\system32\MFC71u.dll
2008-06-27 17:50 . 2003-03-19 13:14 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2008-06-27 17:50 . 2003-02-21 21:42 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2008-06-27 17:42 . 2008-06-27 17:42 <DIR> d-------- C:\Program Files\PowerPanel
2008-06-27 17:42 . 2008-06-27 17:42 0 --a------ C:\WINDOWS\PcfEdit.INI
2008-06-27 17:31 . 2008-07-27 10:50 66 --a------ C:\WINDOWS\BlueSpaceNE.INI
2008-06-27 17:28 . 2000-12-05 16:18 3,952 -ra------ C:\WINDOWS\system32\drivers\DMICall.sys
2008-06-27 17:27 . 2002-08-06 17:00 53,248 --a------ C:\WINDOWS\system32\SNSetup.cpl
2008-06-27 17:26 . 2008-06-27 17:26 <DIR> d-------- C:\Program Files\Common Files\Sony Shared
2008-06-27 17:25 . 2002-12-20 15:47 29,696 --a------ C:\WINDOWS\system32\XmlInst.exe
2008-06-27 17:25 . 2002-12-20 15:47 25,088 --a------ C:\WINDOWS\system32\msxml3a.dll
2008-06-27 17:13 . 2008-06-27 17:13 <DIR> d-------- C:\Hotfix
2008-06-27 17:11 . 2008-06-27 17:11 <DIR> d-------- C:\Program Files\Sony
2008-06-27 17:10 . 2008-06-27 17:10 <DIR> d-------- C:\Program Files\CONEXANT
2008-06-27 17:10 . 2003-03-13 13:15 1,106,944 --a------ C:\WINDOWS\system32\drivers\HSF_DP.sys
2008-06-27 17:10 . 2003-03-13 13:17 622,592 --a------ C:\WINDOWS\system32\drivers\HSF_CNXT.sys
2008-06-27 17:10 . 2003-03-14 15:22 256,267 --a------ C:\WINDOWS\system32\drivers\Snyunif.cty
2008-06-27 17:10 . 2003-03-13 13:19 164,736 --a------ C:\WINDOWS\system32\drivers\HSFHWICH.sys
2008-06-27 17:10 . 2002-12-11 08:49 69,632 --a------ C:\WINDOWS\system32\mdmxsdk.dll
2008-06-27 17:10 . 2002-10-29 17:33 27,786 --a------ C:\WINDOWS\system32\HSFCI005.dll
2008-06-27 17:10 . 2002-12-11 10:22 11,044 --a------ C:\WINDOWS\system32\drivers\mdmxsdk.sys
2008-06-27 17:07 . 2008-06-27 17:07 <DIR> d-------- C:\Program Files\Common Files\OII
2008-06-27 17:07 . 2003-03-14 10:12 279,680 --a------ C:\WINDOWS\system32\drivers\oivmvcom.sys
2008-06-27 17:07 . 2003-01-06 17:20 15,616 --a------ C:\WINDOWS\system32\drivers\oivmctrl.sys
2008-06-27 17:05 . 2008-06-27 17:05 <DIR> d-------- C:\Utilities
2008-06-27 17:01 . 2004-08-03 23:15 145,792 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2008-06-27 17:00 . 2008-06-27 17:00 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2008-06-27 17:00 . 2008-06-27 17:00 <DIR> d-------- C:\Program Files\Analog Devices
2008-06-27 17:00 . 2001-09-11 16:20 1,285,632 --a------ C:\WINDOWS\system32\SMMedia.dll
2008-06-27 17:00 . 2001-09-19 13:32 720,896 --a------ C:\WINDOWS\system32\dllcache\a3d.dll
2008-06-27 17:00 . 2001-09-19 13:32 720,896 --a------ C:\WINDOWS\system32\a3d.dll
2008-06-27 17:00 . 2003-03-17 10:46 553,280 --a------ C:\WINDOWS\system32\drivers\smwdm.sys
2008-06-27 17:00 . 2003-03-13 17:34 100,224 --a------ C:\WINDOWS\system32\drivers\aeaudio.sys
2008-06-27 17:00 . 2003-01-08 11:23 49,152 --a------ C:\WINDOWS\system32\DSndUp.exe
2008-06-27 17:00 . 2002-04-17 15:05 45,056 --a------ C:\WINDOWS\system32\CleanUp.exe
2008-06-27 17:00 . 2001-09-11 15:20 30,208 --a------ C:\WINDOWS\system32\wdmioctl.dll
2008-06-27 17:00 . 2002-10-28 11:26 3,744 --a------ C:\WINDOWS\system32\drivers\smsens.sys
2008-06-27 16:59 . 2008-06-27 16:59 <DIR> d--hs---- C:\Recycled
2008-06-27 16:59 . 2008-06-27 16:59 <DIR> d-------- C:\Drivers
2008-06-27 16:54 . 2008-06-27 16:54 <DIR> d-------- C:\Program Files\Apoint
2008-06-27 16:54 . 2003-02-27 21:36 90,852 -ra------ C:\WINDOWS\system32\drivers\Apfiltr.sys
2008-06-27 16:54 . 2002-06-10 22:27 69,150 -ra------ C:\WINDOWS\system32\Vxdif.dll
2008-06-27 16:39 . 2005-06-28 10:21 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-06-27 16:38 . 2008-06-27 16:39 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-06-27 16:34 . 2008-06-27 16:34 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-06-27 16:14 . 2008-06-27 16:14 <DIR> d-------- C:\Program Files\Opera
2008-06-27 16:13 . 2003-03-11 10:24 155,648 --a------ C:\WINDOWS\system32\igfxres.dll
2008-06-27 16:11 . 2008-07-27 13:55 836 --a------ C:\WINDOWS\bthservsdp.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-27 13:51 --------- d-----w C:\Program Files\microsoft frontpage
2008-06-20 17:42 247,296 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 17:42 247,296 ----a-w C:\WINDOWS\system32\dllcache\mswsock.dll
2008-06-20 17:42 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\dllcache\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
2008-06-14 18:00 272,128 ----a-w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-14 18:00 272,128 ----a-w C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-10 16:56 34,312 ----a-w C:\WINDOWS\system32\drivers\epfwtdir.sys
2008-06-10 16:48 53,256 ----a-w C:\WINDOWS\system32\drivers\easdrv.sys
2008-06-10 16:47 39,944 ----a-w C:\WINDOWS\system32\drivers\eamon.sys
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\dllcache\rmcast.sys
2008-05-07 05:16 1,290,240 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-07 05:16 1,290,240 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

---- Directory of C:\Documents and Settings\sphinx\kbpki ----

2008-07-10 09:54 119 --a------ C:\Documents and Settings\sphinx\kbpki\CertWizard\CertWizard.properties
2008-07-10 09:38 33280 --a------ C:\Documents and Settings\sphinx\kbpki\ConfWiz\ConfWiz.dll
2008-07-10 09:38 114 --a------ C:\Documents and Settings\sphinx\kbpki\CertWizard\PKIApplet.properties
2008-07-04 18:23 195 --a------ C:\Documents and Settings\sphinx\kbpki\MojeBanka\PKIApplet.properties
2008-07-04 12:44 65864 --a------ C:\Documents and Settings\sphinx\kbpki\nativLib\CIMNativeLib.dll

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 13:49 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-04-21 17:03 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2003-03-11 10:24 155648]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [2003-02-27 10:04 114688]
"Switcher.exe"="C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe" [2003-01-15 12:07 217088]
"HKSERV.EXE"="C:\Program Files\Sony\HotKey Utility\HKserv.exe" [2003-04-01 10:00 81920]
"VAIOCameraUtility"="C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe" [2005-12-27 13:58 69632]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 10:50 413696]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-09-14 22:09 157592]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-06-10 18:52 1447168]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-17 13:49 110592 C:\WINDOWS\system32\bthprops.cpl]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-17 13:49 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\ICQ6\\ICQ.exe"=
"C:\\WINDOWS\\System32\\dplaysvr.exe"=
"C:\\Program Files\\Microprose\\GP500 Demo\\Gp500-demo.exe"=

R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-06-10 18:56]
R3 oibtvcom;Bluetooth Virtual COM Port;C:\WINDOWS\system32\Drivers\oivmvcom.sys [2003-03-14 10:12]
R3 oivmctrl;VCOMM Device Controller;C:\WINDOWS\system32\Drivers\oivmctrl.sys [2003-01-06 17:20]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-03 21:04]
R3 SPI;Programovatelné zařízení Sony pro ovládání V/V ;C:\WINDOWS\system32\DRIVERS\SonyPI.sys [2001-08-17 20:51]
.
Contents of the 'Scheduled Tasks' folder
2008-06-27 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - s!:C:\Program Files\Apple Software Update\SoftwareUpdate.exe-taskSYSTEM0 []
2008-07-27 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job - C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe [2008-04-02 09:50]
2008-07-27 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job - s !7C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe-ssphinx0 []
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-27 13:58:53
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\EKRN.EXE
C:\PROGRAM FILES\ANALOG DEVICES\SOUNDMAX\SMAGENT.EXE
C:\WINDOWS\SYSTEM32\WDFMGR.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\PowerPanel\Program\PcfMgr.exe
C:\Program Files\Sony\BlueSpace\BlueSpaceNE.exe
.
**************************************************************************
.
Completion time: 2008-07-27 14:02:00 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-27 12:01:52
ComboFix2.txt 2008-07-27 08:40:04

Pre-Run: Volných bajtů: 11,013,275,648
Post-Run: Volněch bajt…: 11,006,181,376

256 --- E O F --- 2008-07-10 07:15:59

a tady z Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:07, on 27.7.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\PowerPanel\Program\PcfMgr.exe
C:\Program Files\Sony\BlueSpace\BlueSpaceNE.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.cz/
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: BlueSpace NE.lnk = C:\Program Files\Sony\BlueSpace\BlueSpaceNE.exe (User 'Default user')
O4 - Startup: BlueSpace NE.lnk = C:\Program Files\Sony\BlueSpace\BlueSpaceNE.exe
O4 - Global Startup: PowerPanel.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: www.mojebanka.cz
O17 - HKLM\System\CCS\Services\Tcpip\..\{3E74A81D-6E8D-4F5F-8D3E-A9D1EFF34AFE}: NameServer = 10.149.192.2
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 5676 bytes

zac.je.toho.loket · Příspěvekod **zac.je.toho.loket** » 27 črc 2008 15:22

I'm still waiting...

Příspěvekod **fredik** » 27 črc 2008 17:20

Smaž ručně tento soubor:
C:\WINDOWS\system32\mqpeqmnw.ini
- pro jeho nalezení si budeš zapnout zobrazení skrytých souborů a složek. Kdyby se nezdařilo tak dej vědět.

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Spusť znovu HijackThis a zaškrtni v něm okénka před řádky:
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
po zaškrtnutí klikni na tlačítko Fix Checked

Případně můžeš ještě fixnout položky které nejsou potřeba aby se spouštěly při startu Win:
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Doporučil bych ti aktualizovat Javu:
- Stáhni si poslední verzi Java Runtime Environment (JRE) 6 Update 7
- Posuň se dolů kde je napsáno Java Runtime Environment (JRE) 6 Update 7 a klikni na tlačítko Download
- Načte se ti nová stránka
- Pod nadpisem Select Platform and Language for your download:
* u položky Platform: vyber OS který používáš
* zatrhni možnost kde je napsáno: I agree to the Java SE Runtime Environment 6 License Agreement
* klikni na tlačítko Continue >>
- Načte se ti nová stránka
- Klikni na odkaz pro stažení pod položkou: Windows Offline Installation
Obrázek

a ulož si ho na disk

- Ukonči běžící programy které máš spuštěné, hlavě webový prohlížeč
- Jdi přes Start -> Ovládací panely -> Přidat nebo odebrat programy a odinstaluj všechny staré verze Javy
- Podívej se po položkách s názvem Java Runtime Environment (JRE or J2SE)
* příklady starých verzí v Přidat nebo odebrat programy:

- Odinstaluj je přes tlačítko Změnit nebo odebrat nebo Odebrat
- Odinstaluj postupně po sobě případné všechny staré verze Javy
- Po skončení odinstalovaní restartuj Pc.
- Pak už jen spusť instalaci poslední verze ze souboru jre-6u7-windows-i586-p.exe, který sis stáhl na začátku

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Pro lepší zabezpečení bych ti doporučil doinstalovat firewall, můžeš si vybrat některý zde uvedený nebo některý jiný z odkazu: Přehled osobních firewallů
Firewally zdarma:
Kerio - přehledný, větší možnosti nastavení, náročnější na systémové prostředky, v češtině
ZoneAlarm - jednoduchý, kompatibilní, nenáročný na systémové prostředky, málo možností nastavení, v angličtině + návod
Comodo - kvalitní, pokročilý, s mnoha funkcemi, originálně v angličtině (nepoužít jeho malware scaner, nebo přes něj odstranit co najde)

Máš ještě nějaké problémy?

zac.je.toho.loket · Příspěvekod **zac.je.toho.loket** » 27 črc 2008 19:23

Nemusíš mi psát postupy jak pro blbce :wink:

ten soubor (mqpeqmnw.ini) jsem nenašel ani průzkůmníkem.
Sekaj se mi třeba streamovaný videa, když je hodim na full screen a před tím to šlo ok, jinak je vše v pořádku, díky za rady

Příspěvekod **fredik** » 27 črc 2008 20:55

Pokud sis nezapnul zobrazení skrytých souborů tak by si ho nenašel.

Jdi přes Start -> Spustit... a napiš do okna tento příkaz označený modře ComboFix /u a dej Ok.
- mezi ComboFix a /u musí být mezera
- počkej až proběhne, bude tě o tom informovat.

Pročisti Pc pomocí od dočasných souborů pomocí některého programu:
CCleaner případně ATF-Cleaner
Stáhni si ATF-Cleaner (by Atribune) a spusť ho

Main

Select All

Empty Selected

Pokud používáš jako prohlížeč FireFox:

Firefox

Select All

Ano

Ne

Empty Selected

Pokud používáš jako prohlížeč Operu:

Opera

Select All

Ano

Ne

Empty Selected

Pak můžeš program zavřít.

Nemáš za co.

Kontrolu logu pls

Kontrolu logu pls

Re: Kontrolu logu pls

Re: Kontrolu logu pls

Re: Kontrolu logu pls

Re: Kontrolu logu pls

Re: Kontrolu logu pls

Re: Kontrolu logu pls

Re: Kontrolu logu pls

Re: Kontrolu logu pls

Re: Kontrolu logu pls

Kdo je online