Problémy s pc

riada · Příspěvekod **riada** » 27 led 2008 18:03

Prosím o kontrolu hijack logu ... mám problémy s vypínáním pc, nejde uvest do úsporného režimu, někdy nejde ani vypnout,až po restartu ... při zapnutí počítače se mi objeví okno s tím, že nebylo možné uvést pocítač do bodu obnovení k určitému datumu ...už jsem zkoušela restartovat bod obnovy, nepomohlo to, ze se v okně přepsalo datum na den,kdy jsem tento restart udělala ... Děkuji za radu, Kačka.
V logu se stále objevuje položka HD Inspector, BPS a McAfee, které už mám dávno odinstalované, zkoušela jsem je i ručně vymazat z registrů, ale stále se tam objevují, nejdou odstranit ani v různých programech,které čistí registry.

pouLogfile of HijackThis v1.99.1
Scan saved at 17:50:00, on 27.1.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SYSTEM32\GEARSEC.EXE
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Mojelogo\SMS ToolBar\smstbar.exe
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\Program Files\Sound Station\SNXUACP.exe
C:\Documents and Settings\Kačenka\Dokumenty\PROGRAMY A INSTALACE\Internet Download Manager v5.05 Build 3\crack\IDMan.exe
C:\Program Files\Krtecek_2_0\Krtecek.exe
C:\Program Files\PeerGuardian2\pg2.exe
C:\Program Files\uTorrent\utorrent.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\Kačenka\Local Settings\Temp\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Documents and Settings\Kačenka\Dokumenty\PROGRAMY A INSTALACE\Internet Download Manager v5.05 Build 3\crack\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\TRANSLAT\WEBIE.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\WEBIE.DLL
O3 - Toolbar: :-)mojelogo SMS ToolBar - {CFBC2741-0C1F-11D6-9224-004F490BED09} - C:\Program Files\Mojelogo\SMS ToolBar\smsbar.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe -lang 1033
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HDInspector.exe] C:\Program Files\Hard Drive Inspector\HDInspector.exe
O4 - HKLM\..\Run: [SeznamAntidialer] "C:\Program Files\Seznam Bezpecny Internet\SBIAntiDialer.exe"
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\RunOnce: [*Restore] C:\WINDOWS\system32\restore\rstrui.exe -i
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SMSToolBar] C:\Program Files\Mojelogo\SMS ToolBar\smstbar.exe
O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKCU\..\Run: [BPS Spyware Remover] C:\Program Files\BulletProofSoft.com\BPS Spyware Remover\SpyRem.exe /STARTUP
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Sound Station.lnk = C:\Program Files\Sound Station\SNXUACP.exe
O8 - Extra context menu item: Download All Links with IDM - C:\Documents and Settings\Kačenka\Dokumenty\PROGRAMY A INSTALACE\Internet Download Manager v5.05 Build 3\crack\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Documents and Settings\Kačenka\Dokumenty\PROGRAMY A INSTALACE\Internet Download Manager v5.05 Build 3\crack\IEExt.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {3190CE26-0B6E-4133-A7D3-87D29CB92120} (SBIInetInstall Control) - http://www.bezpecnyinternet.cz/SBI.cab
O16 - DPF: {3190CE27-0B6E-4133-A7D3-87D29CB92120} (SBIInetInstall Control) - http://www.bezpecnyinternet.cz/SBIAV.cab
O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) - http://www.webshots.com/samplers/WSDownloader.ocx
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CC5BED32-E879-4253-A9DC-2C60F544B896}: NameServer = 212.158.128.2,212.158.128.3
O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\SYSTEM32\GEARSEC.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe

Reklama

riada · Příspěvekod **riada** » 27 led 2008 18:50

ještě přikládám mwaw:

Sun Jan 27 18:23:11 2008 => ERROR!!! Invalid Entry NeroFilterCheck = C:\WINDOWS\system32\NeroCheck.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.
Sun Jan 27 18:23:11 2008 => ERROR!!! Invalid Entry HDInspector.exe = C:\Program Files\Hard Drive Inspector\HDInspector.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.
Sun Jan 27 18:23:11 2008 => ERROR!!! Invalid Entry SeznamAntidialer = "C:\Program Files\Seznam Bezpecny Internet\SBIAntiDialer.exe" (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.
Sun Jan 27 18:23:11 2008 => ERROR!!! Invalid Entry MCUpdateExe = c:\PROGRA~1\mcafee.com\agent\mcupdate.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.
Sun Jan 27 18:23:12 2008 => ERROR!!! Invalid Entry BPS Spyware Remover = C:\Program Files\BulletProofSoft.com\BPS Spyware Remover\SpyRem.exe /STARTUP (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.

Sun Jan 27 18:28:03 2008 => System found infected with w32/rbot-ank Email-Flooder ({19e28afc-eae3-4ce5-ac83-2407b42f57c9})! Action taken: No Action Taken.
Sun Jan 27 18:28:10 2008 => System found infected with maxsearch Adware ({c4069e3a-68f1-403e-b40e-20066696354b})! Action taken: No Action Taken.
Sun Jan 27 18:28:11 2008 => System found infected with w32/rbot-ank Email-Flooder ({19e28afc-eae3-4ce5-ac83-2407b42f57c9})! Action taken: No Action Taken.
Sun Jan 27 18:28:21 2008 => Offending Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\gator.com !!!
Sun Jan 27 18:28:21 2008 => Object "gain.gator Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sun Jan 27 18:28:21 2008 => Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\p3p\history\gator.com !!!
Sun Jan 27 18:28:21 2008 => Object "gain.gator Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sun Jan 27 18:28:25 2008 => Offending Key found: HKCU\\mead.1 !!!
Sun Jan 27 18:28:25 2008 => Object "mediaadvantage Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sun Jan 27 18:28:25 2008 => Offending value found in HKCU\Software\Microsoft\Windows\CurrentVersion\Run: bps spyware remover !!!
Sun Jan 27 18:28:25 2008 => Object "bpspyware Corrupted Adware/Spyware" found in File System! Action Taken: No Action Taken.

Sun Jan 27 18:28:30 2008 => Offending Folder found: C:\Documents and Settings\Kačenka\Data aplikací\icq\bart\1024
Sun Jan 27 18:28:30 2008 => Object "smitfraud Browser Hijacker" found in File System! Action Taken: No Action Taken.

Sun Jan 27 18:29:00 2008 => Offending file found: C:\Documents and Settings\Kačenka\Local Settings\temporary internet files\content.ie5\kisw0r70\comicbook[1].css
Sun Jan 27 18:29:00 2008 => System found infected with whenu.savenow Spyware/Adware (comicbook[1].css)! Action taken: No Action Taken.

Sun Jan 27 18:29:28 2008 => Offending file found: C:\Documents and Settings\Kačenka\Local Settings\Temporary Internet Files\content.ie5\kisw0r70\comicbook[1].css
Sun Jan 27 18:29:28 2008 => System found infected with whenu.savenow Spyware/Adware (comicbook[1].css)! Action taken: No Action Taken.

Sun Jan 27 18:29:34 2008 => Offending file found: C:\WINDOWS\iun6002.exe
Sun Jan 27 18:29:34 2008 => System found infected with remacc.multiwebsurv Generic Malware (C:\WINDOWS\iun6002.exe)! Action taken: No Action Taken.

Sun Jan 27 18:29:58 2008 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{05BB2EC5-6BEF-4DDC-9E75-BEE7B161157A}". Action Taken: No Action Taken.

Sun Jan 27 18:29:58 2008 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{30BB4D60-81DB-11D5-BB77-00400536ABAC}". Action Taken: No Action Taken.

Sun Jan 27 18:29:58 2008 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}". Action Taken: No Action Taken.

Sun Jan 27 18:29:58 2008 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{90885A82-9673-49EA-AB39-AF776639C67C}". Action Taken: No Action Taken.

Sun Jan 27 18:29:58 2008 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{D40AF8B5-12ED-444D-B54B-0498E4DCBC8E}". Action Taken: No Action Taken.

Sun Jan 27 18:29:58 2008 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{F0A37341-D692-11D4-A984-009027EC0A9C}". Action Taken: No Action Taken.
Sun Jan 27 18:36:44 2008 => ***** Scanning complete. *****

Sun Jan 27 18:36:44 2008 => Total Objects Scanned: 34915
Sun Jan 27 18:36:44 2008 => Total Critical Objects: 12
Sun Jan 27 18:36:44 2008 => Total Disinfected Objects: 0
Sun Jan 27 18:36:44 2008 => Total Objects Renamed: 0
Sun Jan 27 18:36:44 2008 => Total Deleted Objects: 0
Sun Jan 27 18:36:44 2008 => Total Errors: 15
Sun Jan 27 18:36:44 2008 => Time Elapsed: 00:14:49
Sun Jan 27 18:36:44 2008 => Virus Database Date: 1/27/2008
Sun Jan 27 18:36:44 2008 => Virus Database Count: 534685

Sun Jan 27 18:36:44 2008 => Scan Completed.

Problémy s pc

Problémy s pc

Kdo je online