Prosím o kontrolu logu

matyas22 · Příspěvekod **matyas22** » 27 pro 2008 11:44

V task managerovi som nasiel 3 x dent gram.exe a dokopy davaju 100% vyuzitia CPU..

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:30:15, on 27. 12. 2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Cyberlink\Shared Files\brs.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Documents and Settings\All Users\Data aplikací\comp two long internet\Dent gram.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\ALLUSE~1\DATAAP~1\COMPTW~1\DENTGR~1.EXE
C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
E:\Hry\Rockstar Games\Rockstar Games Social Club\1_1_3_0\RGSC.exe
C:\DOCUME~1\ALLUSE~1\DATAAP~1\COMPTW~1\DENTGR~1.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Hry\Need for Speed Undercover\PB\PnkBstrA.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www2.iesearch.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: XTTBPos00 Class - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\PROGRA~1\FlashGet\getflash.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [StatusClient] C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup] C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Long Internet Team Stupid] C:\Documents and Settings\All Users\Data aplikací\comp two long internet\Dent gram.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [bashmanager] C:\DOCUME~1\ADMINI~1\DATAAP~1\DATEKN~1\Online Flaw Corn.exe
O4 - HKCU\..\Run: [SkinClock] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
O4 - HKCU\..\Run: [RGSC] E:\Hry\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:\Hry\Need for Speed Undercover\PB\PnkBstrA.exe
O23 - Service: DiRT Drivers Auto Removal (pr2ah4nc) (pr2ah4nc) - CODEMASTERS - C:\WINDOWS\system32\pr2ah4nc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 10319 bytes

Reklama

Příspěvekod **fredik** » 27 pro 2008 12:02

Vítej na fóru

Vlož sem log z LopFind

matyas22 · Příspěvekod **matyas22** » 27 pro 2008 12:36

LopFind v4 © Čas: 12:32:38,06 Datum: so 27. 12. 2008

******************************************

1) Výpis obsahů Application Data složek pro zjištění podezřelých adresářů:

Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 9460-8235.

Věpis adres ýe C:\Documents and Settings\Administrator\DATAAP~1

19. 12. 2008 20:52 <DIR> Nokia
19. 12. 2008 20:51 <DIR> PC Suite
26. 11. 2008 16:06 691 coreavc.ini
05. 11. 2008 18:28 <DIR> Capcom
30. 10. 2008 11:51 <DIR> Red Alert 3
26. 10. 2008 08:03 <DIR> vghd
23. 10. 2008 17:11 34 pcouffin.log
23. 10. 2008 17:11 87608 inst.exe
23. 10. 2008 17:11 7887 pcouffin.cat
23. 10. 2008 17:11 47360 pcouffin.sys
23. 10. 2008 17:11 1144 pcouffin.inf
23. 10. 2008 17:11 <DIR> Vso
04. 10. 2008 19:43 <DIR> Leadertech
03. 10. 2008 12:43 <DIR> Disney Interactive Studios
23. 09. 2008 14:10 <DIR> Synthesia
12. 09. 2008 12:15 608 alarms.ini
12. 09. 2008 12:15 756 AtomicAlarmClock.ini
28. 08. 2008 15:08 <DIR> Samsung
24. 07. 2008 12:10 <DIR> Date knob iso
24. 06. 2008 18:10 <DIR> Google
22. 05. 2008 00:37 <DIR> CyberLink
01. 05. 2008 13:38 <DIR> Ubisoft
16. 04. 2008 09:58 <DIR> Help
08. 02. 2008 19:24 <DIR> Apple Computer
07. 02. 2008 11:30 <DIR> Opera
06. 02. 2008 19:19 <DIR> f2fIntermediate
05. 02. 2008 17:50 <DIR> Command & Conquer 3 Tiberium Wars
16. 01. 2008 12:52 <DIR> Microsoft Games
14. 01. 2008 10:11 <DIR> BitSpirit
05. 01. 2008 01:32 <DIR> Real
03. 01. 2008 23:09 <DIR> Sun
02. 01. 2008 10:53 <DIR> Hamachi
01. 01. 2008 23:20 <DIR> Media Player Classic
01. 01. 2008 21:30 <DIR> Nero
29. 12. 2007 01:31 <DIR> Xfire
29. 12. 2007 00:42 22328 PnkBstrK.sys
28. 12. 2007 20:49 <DIR> Adobe
28. 12. 2007 18:10 <DIR> ICQ Toolbar
28. 12. 2007 15:07 <DIR> skypePM
28. 12. 2007 14:57 <DIR> Skype
28. 12. 2007 14:51 <DIR> ICQ
28. 12. 2007 14:51 <DIR> InstallShield
27. 12. 2007 23:05 <DIR> SecuROM
27. 12. 2007 22:45 <DIR> Macromedia
27. 12. 2007 19:23 <DIR> Mozilla
27. 12. 2007 17:16 <DIR> Identities
27. 12. 2007 17:16 62 desktop.ini
27. 12. 2007 17:16 <DIR> ..
27. 12. 2007 17:16 <DIR> .
27. 12. 2007 17:16 <DIR> Microsoft
10 soubor…, 168478 bajt…
Adres ý…: 40, Volněch bajt…: 22673502208
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 9460-8235.

Věpis adres ýe C:\Documents and Settings\All Users\DATAAP~1

19. 12. 2008 20:54 <DIR> Nokia
19. 12. 2008 20:52 <DIR> PC Suite
05. 12. 2008 18:27 9391 profile.ini
03. 12. 2008 10:23 <DIR> InstallShield
25. 10. 2008 09:44 <DIR> KONAMI
23. 10. 2008 17:11 1885 wnaspi32.log.log
23. 10. 2008 17:11 <DIR> Configs
23. 10. 2008 17:11 465 DVDBurner.log.log
23. 10. 2008 17:11 11114 MainApp.dll
23. 10. 2008 17:11 1262 DVDDeviceCtrl.log.log
23. 10. 2008 17:11 628 isoConverter.log.log
23. 10. 2008 17:11 624 DVDConverter.log.log
23. 10. 2008 17:11 616 Configure.log.log
23. 10. 2008 17:11 5316 MainApp.log.log
23. 10. 2008 17:11 <DIR> DVDXStudio
28. 08. 2008 15:07 0 LauncherAccess.dt
24. 07. 2008 12:10 <DIR> comp two long internet
24. 06. 2008 18:09 <DIR> Google Updater
18. 06. 2008 11:37 <DIR> Codemasters
22. 05. 2008 00:35 <DIR> CyberLink
14. 04. 2008 13:10 <DIR> Ubisoft
03. 03. 2008 20:12 <DIR> Aspyr
15. 01. 2008 00:21 1751 QTSBandwidthCache
12. 01. 2008 14:44 <DIR> Martau
08. 01. 2008 01:39 <DIR> Apple Computer
08. 01. 2008 01:39 <DIR> Apple
06. 01. 2008 12:32 <DIR> Adobe
01. 01. 2008 21:26 <DIR> Nero
28. 12. 2007 15:07 32 ezsid.dat
28. 12. 2007 14:57 <DIR> Skype
28. 12. 2007 14:53 <DIR> ESET
27. 12. 2007 17:49 62 desktop.ini
27. 12. 2007 17:48 <DIR> ..
27. 12. 2007 17:48 <DIR> .
27. 12. 2007 17:48 <DIR> Microsoft
13 soubor…, 33146 bajt…
Adres ý…: 22, Volněch bajt…: 22673485824
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 9460-8235.

Věpis adres ýe C:\Documents and Settings\Default User\DATAAP~1

07. 08. 2008 20:31 <DIR> Macromedia
27. 12. 2007 17:49 62 desktop.ini
27. 12. 2007 17:48 <DIR> ..
27. 12. 2007 17:48 <DIR> Microsoft
27. 12. 2007 17:48 <DIR> .
1 soubor…, 62 bajt…
Adres ý…: 4, Volněch bajt…: 22673485824
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 9460-8235.

Věpis adres ýe C:\Documents and Settings\LocalService\DATAAP~1

29. 12. 2007 01:44 <DIR> Xfire
27. 12. 2007 17:13 <DIR> Microsoft
27. 12. 2007 17:13 <DIR> ..
27. 12. 2007 17:13 <DIR> .
0 soubor…, 0 bajt…
Adres ý…: 4, Volněch bajt…: 22673485824
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 9460-8235.

Věpis adres ýe C:\Documents and Settings\NetworkService\DATAAP~1

29. 12. 2007 01:35 <DIR> Xfire
27. 12. 2007 17:13 <DIR> Microsoft
27. 12. 2007 17:13 <DIR> ..
27. 12. 2007 17:13 <DIR> .
0 soubor…, 0 bajt…
Adres ý…: 4, Volněch bajt…: 22673485824
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 9460-8235.

Věpis adres ýe C:\Documents and Settings\All Users\Application Data

25. 01. 2008 13:21 <DIR> ..
25. 01. 2008 13:21 <DIR> Microsoft
25. 01. 2008 13:21 <DIR> .
0 soubor…, 0 bajt…
Adres ý…: 3, Volněch bajt…: 22673485824

******************************************

2) Zjišťování přítomnosti ve složce Program Files:

a) Výpis obsahu Program Files složky pro zjištění duplicitních kopií podezřelých adresářů:

Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 9460-8235.

Věpis adres ýe C:\Program Files

27. 12. 2008 11:29 <DIR> .
27. 12. 2008 11:29 <DIR> ..
24. 07. 2008 12:10 <DIR> 3wPlayer
03. 01. 2008 12:02 <DIR> 7-Zip
04. 12. 2008 22:33 <DIR> ABBYY PDF Transformer 2.0
19. 12. 2008 20:52 <DIR> Adobe
07. 12. 2008 09:44 <DIR> AGEIA Technologies
27. 12. 2007 20:04 <DIR> Alcohol Soft
08. 01. 2008 01:39 <DIR> Apple Software Update
07. 02. 2008 22:44 <DIR> ASIO4ALL v2
12. 09. 2008 12:16 <DIR> Atomic Alarm Clock
29. 02. 2008 15:53 <DIR> Audiosurf
14. 01. 2008 10:10 <DIR> BitSpirit
23. 10. 2008 17:11 <DIR> CloneDVD
26. 11. 2008 15:55 <DIR> Combined Community Codec Pack
19. 12. 2008 20:54 <DIR> Common Files
27. 12. 2007 17:07 <DIR> ComPlus Applications
29. 08. 2008 19:27 <DIR> Coolringer
26. 11. 2008 16:02 <DIR> CoreCodec
17. 01. 2008 22:31 <DIR> Creative
22. 05. 2008 00:35 <DIR> CyberLink
03. 10. 2008 12:12 <DIR> DAEMON Tools
03. 10. 2008 12:12 <DIR> DaemonTools_WhenUSaveNow_Installer
26. 12. 2008 21:24 <DIR> Date knob iso
19. 12. 2008 20:51 <DIR> DIFX
11. 09. 2008 19:58 <DIR> DOSBox-0.72
28. 12. 2007 14:53 <DIR> ESET
14. 01. 2008 10:07 <DIR> FlashGet
02. 05. 2008 01:30 <DIR> Foxit Software
07. 08. 2008 20:31 <DIR> Google
07. 02. 2008 17:42 <DIR> Guitar FX BOX 2.6
19. 02. 2008 18:29 <DIR> Guitar Pro 5
26. 11. 2008 16:03 <DIR> Haali
02. 01. 2008 10:53 <DIR> Hamachi
05. 01. 2008 17:08 <DIR> Hewlett-Packard
29. 12. 2007 01:40 <DIR> HLSW
23. 09. 2008 08:38 <DIR> ICQ6
28. 12. 2007 14:50 <DIR> ICQLite
25. 12. 2008 15:01 <DIR> ICQToolbar
07. 02. 2008 19:11 <DIR> IK Multimedia
01. 06. 2008 16:24 <DIR> IMMonitor
09. 12. 2008 09:39 <DIR> InstallShield Installation Information
06. 12. 2008 15:10 <DIR> Internet Explorer
03. 01. 2008 23:09 <DIR> Java
09. 12. 2008 09:18 <DIR> Logitech
06. 12. 2008 15:10 <DIR> Messenger
27. 12. 2007 17:10 <DIR> microsoft frontpage
25. 01. 2008 13:00 <DIR> Microsoft Games
06. 12. 2008 15:36 <DIR> Microsoft Games for Windows - LIVE
04. 01. 2008 17:55 <DIR> Microsoft Office
04. 01. 2008 17:56 <DIR> Microsoft.NET
06. 12. 2008 15:05 <DIR> Movie Maker
27. 12. 2008 11:29 <DIR> Mozilla Firefox
05. 12. 2008 18:31 <DIR> MSBuild
27. 12. 2007 17:07 <DIR> MSN Gaming Zone
25. 01. 2008 13:22 <DIR> MSXML 4.0
27. 12. 2007 18:49 <DIR> My Company Name
12. 05. 2008 08:13 <DIR> Native Instruments
01. 01. 2008 21:27 <DIR> Nero
06. 12. 2008 15:03 <DIR> NetMeeting
19. 12. 2008 20:54 <DIR> Nokia
27. 12. 2007 17:09 <DIR> Online Services
18. 06. 2008 11:27 <DIR> OpenAL
07. 02. 2008 11:30 <DIR> Opera
06. 12. 2008 15:03 <DIR> Outlook Express
19. 12. 2008 20:51 <DIR> PC Connectivity Solution
27. 12. 2007 19:06 <DIR> PC Translator
02. 05. 2008 08:35 <DIR> PDFCreator
02. 05. 2008 08:34 <DIR> PDFCreator Toolbar
22. 01. 2008 10:33 <DIR> QIP
16. 01. 2008 12:22 <DIR> QuickTime
12. 02. 2008 23:03 <DIR> rapget126
05. 01. 2008 01:33 <DIR> Real
27. 12. 2007 19:00 <DIR> Realtek
05. 12. 2008 18:29 <DIR> Reference Assemblies
28. 08. 2008 15:01 <DIR> Samsung
19. 12. 2008 20:54 <DIR> SimpleCenter
08. 06. 2008 22:13 <DIR> Skype
02. 01. 2008 13:34 <DIR> Sunbelt Software
23. 09. 2008 14:09 <DIR> Synthesia
12. 01. 2008 14:43 <DIR> Total Uninstall 4
30. 05. 2008 10:24 <DIR> totalcmd
27. 12. 2008 11:29 <DIR> Trend Micro
27. 12. 2007 17:16 <DIR> Uninstall Information
27. 10. 2008 01:13 <DIR> vghd
04. 05. 2008 12:37 <DIR> Virtual Hottie 2
12. 11. 2008 18:11 <DIR> WAV to MP3 Encoder
27. 12. 2007 19:03 <DIR> Winamp
06. 12. 2008 15:06 <DIR> Windows Media Player
06. 12. 2008 15:03 <DIR> Windows NT
27. 12. 2007 17:09 <DIR> WindowsUpdate
01. 06. 2008 16:25 <DIR> WinPcap
27. 12. 2007 19:06 <DIR> WinRAR
27. 12. 2007 17:10 <DIR> xerox
29. 12. 2007 01:43 <DIR> Xfire
0 soubor…, 0 bajt…
Adres ý…: 95, Volněch bajt…: 22˙673˙481˙728

b) Vyhledávání podvodných sponzorovaných programů ve složce Program Files:

Adresář C:\Program Files\3wPlayer Přítomen !

******************************************

3) Vyhledávání a odstranění podezřelých .job souborů:

a) Soubory přítomné v C:\WINDOWS\tasks\ adresáři:

Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 9460-8235.

Věpis adres ýe C:\WINDOWS\Tasks

26. 12. 2008 21:24 288 A21B9FE9918416F1.job
08. 01. 2008 01:39 284 AppleSoftwareUpdate.job
27. 12. 2007 17:13 6 SA.DAT
27. 12. 2007 17:08 65 desktop.ini
27. 12. 2007 17:08 <DIR> ..
27. 12. 2007 17:08 <DIR> .
4 soubor…, 643 bajt…
Adres ý…: 2, Volněch bajt…: 22˙673˙477˙632

––––––––––––––––––––––––––––––––––––––––––

b) Zjišťování vlastností přítomných .job souborů:

[TRACE] Enumerating jobs and queues
[TRACE] Activating job 'A21B9FE9918416F1.job'
[TRACE] Printing all job properties

ApplicationName: 'c:\docume~1\admini~1\dataap~1\datekn~1\bags locks funk.exe'
Parameters: ''
WorkingDirectory: ''
Comment: ''
Creator: 'Administrator'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 12/27/2008 12:00:00
NextRun: 12/27/2008 13:00:00
StartError: S_OK
ExitCode: 0
Status: SCHED_S_TASK_READY
ScheduledWorkItem Flags:
DeleteWhenDone = 0
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 1
SystemRequired = 0
Hidden = 1
TaskFlags: 0

1 Trigger

Trigger 0:
Type: Daily
DaysInterval: 1
StartDate: 02/02/2001
EndDate: 00/00/0000
StartTime: 00:00
MinutesDuration: 1440
MinutesInterval: 60
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0

[TRACE] Activating job 'AppleSoftwareUpdate.job'
[TRACE] Printing all job properties

ApplicationName: 'C:\Program Files\Apple Software Update\SoftwareUpdate.exe'
Parameters: '-task'
WorkingDirectory: ''
Comment: ''
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 12/10/2008 12:20:00
NextRun: 12/31/2008 12:20:00
StartError: S_OK
ExitCode: 0
Status: SCHED_S_TASK_READY
ScheduledWorkItem Flags:
DeleteWhenDone = 0
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
TaskFlags: 0

1 Trigger

Trigger 0:
Type: Weekly
WeeksInterval: 1
DaysOfTheWeek: ...W...
StartDate: 01/08/2008
EndDate: 00/00/0000
StartTime: 12:20
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0

––––––––––––––––––––––––––––––––––––––––––

c) Nalezené a odstraněné nežádoucí soubory:

A21B9FE9918416F1.job

––––––––––––––––––––––––––––––––––––––––––

d) Soubory přítomné v adresáři po vymazání:

Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 9460-8235.

Věpis adres ýe C:\WINDOWS\Tasks

08. 01. 2008 01:39 284 AppleSoftwareUpdate.job
27. 12. 2007 17:13 6 SA.DAT
27. 12. 2007 17:08 65 desktop.ini
27. 12. 2007 17:08 <DIR> ..
27. 12. 2007 17:08 <DIR> .
3 soubor…, 355 bajt…
Adres ý…: 2, Volněch bajt…: 22˙673˙444˙864

******************************************

4) Zjišťování přítomnosti v registru:

a) Vyhledávání spouštěcích bodů v registru:

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
"bashmanager"="C:\\DOCUME~1\\ADMINI~1\\DATAAP~1\\DATEKN~1\\Online Flaw Corn.exe"

b) Export výjimek IE pop-up blockeru:

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow]

c) Export povolení Windows firewallu:

Upozornění: Adware.Lop modifikoval Hosts soubor.

»»»»»»»»»»»»» Konec výpisu «««««««««««««««

Příspěvekod **fredik** » 27 pro 2008 14:32

Odinstaluj přes Přidat nebo odebrat programy:
3wPlayer

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Stáhni si program OTMoveIt3 (by OldTimer) a ulož si ho na disk C a spusť ho.
- Do levého sloupce (Paste Instructions for Items to be Moved) zkopíruj tyto cesty:
Poznámka: Nepoužij k označení funkci VYBRAT VŠE

Kód: Vybrat vše

:Processes
Explorer.exe
IExplore.exe
Dent gram.exe

:Files
C:\Documents and Settings\All Users\Data aplikací\comp two long internet
C:\Documents and Settings\Administrator\DATAAP~1\Date knob iso
C:\Program Files\Date knob iso
C:\Program Files\3wPlayer
C:\Program Files\DaemonTools_WhenUSaveNow_Installer

:Reg
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Long Internet Team Stupid"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"bashmanager"=-

:Commands
[EmptyTemp]
[Start Explorer]

- Po zkopírování klikni na tlačítko MoveIt! a vlož sem následně celý obsah z pravého sloupce, jinak uložený ve složce C:\_OTMoveIt\MovedFiles\, který bude informovat o výsledcích
- Je možné, že pokud nebudou moci být soubory odstraněny, budeš dotázán na restart počítače, v tom případě restart potvrď

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Jdi přes Start -> Spustit... a napiš do okna tento příkaz označený modře:
cmd /c type "%systemroot%\system32\drivers\etc\hosts" >>hosts.txt&hosts.txt&del hosts.txt
a dej Ok. Za chvíli se ti otevře Poznámkový blok s logem, tak sem zkopíruj celý jeho obsah. Pokud by se sem nevešel, tak ho zabal a vlož ho ke svému příspěvku jako přílohu.

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Vlož sem pak také nový log z HJT.

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Chybí ti tam minimální zabezpeční. Doinstaluj si tam tedy antivir. V logu je vidět také pozůstatek po Keriu, používáš ho ještě nebo s ním máš nějaké problémy?

matyas22 · Příspěvekod **matyas22** » 27 pro 2008 16:05

========== PROCESSES ==========
Process Explorer.exe killed successfully.
Process IExplore.exe killed successfully.
Unable to kill process: Dent gram.exe
========== FILES ==========
Folder move failed. C:\Documents and Settings\All Users\Data aplikací\comp two long internet scheduled to be moved on reboot.
C:\Documents and Settings\Administrator\DATAAP~1\Date knob iso moved successfully.
C:\Program Files\Date knob iso moved successfully.
File/Folder C:\Program Files\3wPlayer not found.
C:\Program Files\DaemonTools_WhenUSaveNow_Installer moved successfully.
========== REGISTRY ==========
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"http://google.com" /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Long Internet Team Stupid deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\bashmanager deleted successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\etilqs_5gcjNhWxFFiWln1mlpi2 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\etilqs_Rbl2fnNdntytN4bxPv1p scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\etilqs_Rbl2fnNdntytN4bxPv1p-journal scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\jar_cache60492.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\JET3331.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\de3ik843.default\OfflineCache\index.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\de3ik843.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\de3ik843.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\de3ik843.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\de3ik843.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\de3ik843.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\de3ik843.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.7.2 log created on 12272008_155339

Files moved on Reboot...
C:\Documents and Settings\All Users\Data aplikací\comp two long internet moved successfully.
File C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\etilqs_5gcjNhWxFFiWln1mlpi2 not found!
File C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\etilqs_Rbl2fnNdntytN4bxPv1p not found!
File C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\etilqs_Rbl2fnNdntytN4bxPv1p-journal not found!
File C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\jar_cache60492.tmp not found!
File C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\JET3331.tmp not found!
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\de3ik843.default\OfflineCache\index.sqlite moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\de3ik843.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\de3ik843.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\de3ik843.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\de3ik843.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\de3ik843.default\urlclassifier3.sqlite moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\de3ik843.default\XUL.mfl moved successfully.

-------------------------------------
po spustení cmd /c type "%systemroot%\system32\drivers\etc\hosts" >>hosts.txt&hosts.txt&del hosts.txt sa mi vyhodí iba " 127.0.0.1 localhost "

-------------------------------------
nový HjTlog

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:00:06, on 27. 12. 2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Hry\Need for Speed Undercover\PB\PnkBstrA.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\notepad.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Cyberlink\Shared Files\brs.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: XTTBPos00 Class - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\PROGRA~1\FlashGet\getflash.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [StatusClient] C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup] C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SkinClock] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
O4 - HKCU\..\Run: [RGSC] E:\Hry\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:\Hry\Need for Speed Undercover\PB\PnkBstrA.exe
O23 - Service: DiRT Drivers Auto Removal (pr2ah4nc) (pr2ah4nc) - CODEMASTERS - C:\WINDOWS\system32\pr2ah4nc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 10196 bytes

-------------------------------------

s keriom nemam ziadne problemy ale obcas ho vypinam

Příspěvekod **fredik** » 27 pro 2008 18:17

Spusť znovu OTMoveIT a klikni na tlačítko CleanUp!. Načte se ti seznam a objeví se ti hláška tak dej Yes. Po proběhnutí se tě zeptá na restart tak ho opět povol přes volbu Yes.

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Můžeš případně fixnout v HJT položky, které se spouští zároveň se startem Win. a nejsou nutné/potřeba:
Spusť znovu HijackThis a zaškrtni v něm čtvereček před řádkem:
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
po zaškrtnutí klikni na tlačítko Fix Checked

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Doporučil bych ti aktualizovat Javu:
- Stáhni si poslední verzi Java SE Runtime Environment (JRE) 6 Update 11
- Vedle nápisu kde je napsáno Java SE Runtime Environment (JRE) 6 Update 11 klikni na tlačítko Download
- Načte se ti nová stránka
- Pod nadpisem Select Platform and Language for your download:
* u položky Platform: vyber OS který používáš
* zatrhni možnost kde je napsáno: I agree to the Java SE Runtime Environment 6 License Agreement
* klikni na tlačítko Continue >>
- Načte se ti nová stránka
- Klikni na odkaz pro stažení pod položkou: Windows Offline Installation a ulož si ho na disk

- Ukonči běžící programy které máš spuštěné, hlavě webový prohlížeč
- Jdi přes Start -> Ovládací panely -> Přidat nebo odebrat programy a odinstaluj všechny staré verze Javy
- Podívej se po položkách s názvem Java Runtime Environment (JRE or J2SE)
* příklady starých verzí v Přidat nebo odebrat programy:

- Odinstaluj je přes tlačítko Změnit nebo odebrat nebo Odebrat
- Odinstaluj postupně po sobě případné všechny staré verze Javy
- Po skončení odinstalovaní restartuj Pc.
- Pak už jen spusť instalaci poslední verze ze souboru jre-6u11-windows-i586-p.exe, který sis stáhl na začátku

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Máš ještě nějaké problémy?

matyas22 · Příspěvekod **matyas22** » 27 pro 2008 19:05

uz mi to nezatazuje pc
spravil som setko aj javu
Díky !

Příspěvekod **fredik** » 27 pro 2008 20:57

Nemáš za co Obrázek

Kdyby byl nějaký problém tak dej vědět.

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Kdo je online