» Poradna » Programy

Zavirovany PC, kontrola Logu

 |   | 

Při sufrování na netu jsem pochytal nějaké viry, některé fixnuty přes NOD32,Spybot, Malwarebytes' Anti-Malware, SuperANTIspyware,RegistryBooster,CCleaner. Děkuji za rady. Jsem nováček, prosím vysvětlit po lopatě :D



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:24:43, on 24.7.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
C:\WINDOWS\system32\hasplms.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = search.qip.ru ...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = search.qip.ru ...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = search.qip.ru ...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = search.qip.ru ...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = start.qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com ...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com ...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com ...
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com ...
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = search.qip.ru ...
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = search.qip.ru ...
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - {59385f95-c52f-4a84-b674-4a4206b17218} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - (no file)
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O3 - Toolbar: FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - (no file)
O3 - Toolbar: &NetWorx Desk Band - {FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - C:\PROGRA~2\NetWorx\deskband.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [GEST] m‘|\ü
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NetWorx] "C:\Program Files2\NetWorx\networx.exe" /auto
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files2\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [EfreeSoft Boss Key] C:\Program Files2\Mgboss\mgboss.exe -min
O4 - HKLM\..\Run: [do_not_delete] C:\WINDOWS\system32\do_not_delete.exe
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [reader_s] C:\WINDOWS\System32\reader_s.exe
O4 - HKLM\..\Run: [servises] C:\WINDOWS\system32\servises.exe
O4 - HKLM\..\RunServicesOnce: [capscanuninstall] "C:\WINDOWS\command.com" /c del "C:\DOCUME~1\Admin\LOCALS~1\Temp\uninstal.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files2\RegistryBooster\RegistryBooster.exe /S
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files2\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKLM\..\Policies\Explorer\Run: [do_not_delete] C:\WINDOWS\system32\do_not_delete.exe
O4 - HKLM\..\Policies\Explorer\Run: [servises] C:\WINDOWS\system32\servises.exe
O4 - HKUS\S-1-5-21-1757981266-602162358-725345543-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Marek')
O4 - HKUS\S-1-5-21-1757981266-602162358-725345543-1003\..\Run: [Rainlendar2] C:\Program Files2\Rainlendar2\Rainlendar2.exe (User 'Marek')
O4 - HKUS\S-1-5-21-1757981266-602162358-725345543-1003\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files2\DAEMON Tools Pro\DTProAgent.exe" (User 'Marek')
O4 - HKUS\S-1-5-21-1757981266-602162358-725345543-1003\..\Run: [$Volumouse$] "c:\Program Files2\Volumouse\volumouse.exe" /nodlg (User 'Marek')
O4 - HKUS\S-1-5-21-1757981266-602162358-725345543-1003\..\Run: [AdobeUpdater] "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" (User 'Marek')
O4 - HKUS\S-1-5-21-1757981266-602162358-725345543-1003\..\Run: [servises] C:\WINDOWS\system32\servises.exe (User 'Marek')
O4 - HKUS\S-1-5-21-1757981266-602162358-725345543-1003\..\Run: [reader_s] C:\Documents and Settings\Marek\reader_s.exe (User 'Marek')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [do_not_delete] C:\WINDOWS\system32\do_not_delete.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [do_not_delete] C:\WINDOWS\system32\do_not_delete.exe (User 'Default user')
O4 - S-1-5-21-1757981266-602162358-725345543-1003 Startup: Multiclicker.lnk = C:\Program Files2\Multiclicker\Multiclicker-win.exe (User 'Marek')
O4 - S-1-5-21-1757981266-602162358-725345543-1003 User Startup: Multiclicker.lnk = C:\Program Files2\Multiclicker\Multiclicker-win.exe (User 'Marek')
O4 - Startup: Reminder-cor40212.lnk = C:\Program Files2\Corel\Graphics9\Register\Remind32.exe
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: FreshDownload - {74F41838-6F1F-4C09-9AD2-845CBA1F9F72} - C:\Program Files2\FreshDownload\fd.exe (file missing)
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files2\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files2\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com ... ... 3137861796
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com ... ... 3068839359
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - www.superadblo.cker.com ... // psano dohromady, adblo ck neni povoleno//
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com ... ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files2\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
O23 - Service: HASP License Manager (hasplms) - Aladdin Knowledge Systems Ltd. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: ICF - Unknown owner - C:\WINDOWS\system32\svchost.exe:exe.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

Odpovědi na otázku

 |   | 

Obrať se sem tady to nikdo neumí-----http://pctforum.tyden.cz/viewtopic.php...

Souhlasím  |  Nesouhlasím  |  Odpovědět
 |   | 

R3 - URLSearchHook: (no name) - {59385f95-c52f-4a84-b674-4a4206b17218} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - (no file)
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [do_not_delete] C:\WINDOWS\system32\do_not_delete.exe (User 'SYSTEM')

máš to stále napadnuté a v registroch,systéme je stále odkaz na znovusťahovanie a regeneráciu toho svinstva,ktoré Ti napadlo pc,takže použiniečo ako mcafee avert stinger,avira desktop cleaner,rising pc doctor,norman malwarecleaner.....

Souhlasím  |  Nesouhlasím  |  Odpovědět
 |   | 

Tohle vsechno odstran, radeji pri odpojenem internetu

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = start.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie...
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.qip.ru/search...
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - {59385f95-c52f-4a84-b674-4a4206b17218} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - (no file)
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [GEST] m‘|\ü
O4 - HKLM\..\Run: [do_not_delete] C:\WINDOWS\system32\do_not_delete.exe
O4 - HKLM\..\Run: [reader_s] C:\WINDOWS\System32\reader_s.exe
O4 - HKLM\..\Run: [servises] C:\WINDOWS\system32\servises.exe
O4 - HKLM\..\RunServicesOnce: [capscanuninstall] "C:\WINDOWS\command.com" /c del "C:\DOCUME~1\Admin\LOCALS~1\Temp\uninstal.exe"
O4 - HKLM\..\Policies\Explorer\Run: [do_not_delete] C:\WINDOWS\system32\do_not_delete.exe
O4 - HKLM\..\Policies\Explorer\Run: [servises] C:\WINDOWS\system32\servises.exe
O4 - HKUS\S-1-5-21-1757981266-602162358-725345543-1003\..\Run: [servises] C:\WINDOWS\system32\servises.exe (User 'Marek')
O4 - HKUS\S-1-5-21-1757981266-602162358-725345543-1003\..\Run: [reader_s] C:\Documents and Settings\Marek\reader_s.exe (User 'Marek')
O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [do_not_delete] C:\WINDOWS\system32\do_not_delete.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [do_not_delete] C:\WINDOWS\system32\do_not_delete.exe (User 'Default user')
O4 - S-1-5-21-1757981266-602162358-725345543-1003 Startup: Multiclicker.lnk = C:\Program Files2\Multiclicker\Multiclicker-win.exe (User 'Marek')
O4 - S-1-5-21-1757981266-602162358-725345543-1003 User Startup: Multiclicker.lnk = C:\Program Files2\Multiclicker\Multiclicker-win.exe (User 'Marek')
O4 - Startup: Reminder-cor40212.lnk = C:\Program Files2\Corel\Graphics9\Register\Remind32.exe
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O9 - Extra button: FreshDownload - {74F41838-6F1F-4C09-9AD2-845CBA1F9F72} - C:\Program Files2\FreshDownload\fd.exe (file missing)
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - www.superadblo.cker.com ... // psano dohromady, adblo ck neni povoleno//
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com ... ... wflash.cab
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: HASP License Manager (hasplms) - Aladdin Knowledge Systems Ltd. - C:\WINDOWS\system32\hasplms.exe

Souhlasím  |  Nesouhlasím  |  Odpovědět
 |   | 

tak nakonec došlo k reinstal ale i přesto díky za rady

Souhlasím  |  Nesouhlasím  |  Odpovědět
 |   | 

Tu netreba nic preinstalovavat tu treba pouzivat kvalitny Antivirus a hlavne hlavu a samozrejme treba mat zalohu systemu.

Souhlasím  |  Nesouhlasím  |  Odpovědět
 |   | 

Mohl bych taky poprosit o kontrolu? Při surfování internetem se mi stále otevírají nějaké stránky o on-line hrách (otevírají se jako nové okno). Spyboot našel nějaké problémy, ale chtěl bych mít jistotu, zda je PC čistý.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:01:45, on 2.8.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files (x86)\PHP Home Edition 2\Apache2\bin\ApacheMonitor.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\PHP Home Edition 2\mysql\bin\winmysqladmin.exe
C:\Program Files (x86)\Mozilla Thunderbird 3.0 Beta 3\thunderbird.exe
C:\Program Files (x86)\Spybot - Search Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\SysWOW64\dvmurl.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ApacheMonitor.exe] "C:\Program Files (x86)\PHP Home Edition 2\Apache2\bin\ApacheMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] "C:\Program Files (x86)\PowerISO\PWRISOVM.EXE"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Thunderbird] C:\Program Files (x86)\Mozilla Thunderbird 3.0 Beta 3\thunderbird.exe -mail
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: WinMySQLadmin.lnk = C:\Program Files (x86)\PHP Home Edition 2\mysql\bin\winmysqladmin.exe
O4 - Global Startup: AVer HID Receiver.lnk = C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
O4 - Global Startup: AVerQuick.lnk = C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MI1933~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MI1933~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: S&end to OneNote - res://C:\PROGRA~2\MI1933~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{821C5965-7C98-45F2-B3DC-87384D84ABC8}: NameServer = 213.46.172.36,213.46.172.37
O20 - AppInit_DLLs:
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apache2 - Apache Software Foundation - C:\Program Files (x86)\PHP Home Edition 2\Apache2\bin\Apache.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVerRemote - AVerMedia - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySql - Unknown owner - C:/PROGRA~2/PHPHOM~1/mysql/bin/mysqld-nt.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9884 bytes


Díky moc

Souhlasím  |  Nesouhlasím  |  Odpovědět
 |   | 

vsak ten log skopiruj na hijackthis.cz a tam dostanes automaticku kontrolu s komentarom...

Souhlasím  |  Nesouhlasím  |  Odpovědět

Související témata: Internet Explorer, Windows, Microsoft, Internet, Program Files, Files, Program, Extra, Explorer, Service, User, Button, Main, Toolbar, Autodesk


Určitě si přečtěte

Nejlepší příslušenství k počítači. Tipy na osvědčené klávesnice, tiskárny, routery…

Nejlepší příslušenství k počítači. Tipy na osvědčené klávesnice, tiskárny, routery…

** Tipy na klávesnice, myši, routery, tiskárny, sluchátka a další věci k počítačům ** Poradíme, s jakými produkty neuděláte chybu ** Vybíráme jak příslušenství na běžnou práci, tak na hraní her

David Polesný | 22

Biblická potopa Česka: Jak bychom dopadli, kdyby nás zatopil oceán

Biblická potopa Česka: Jak bychom dopadli, kdyby nás zatopil oceán

** Představte si biblickou potopu ** Nejprve zaniknou Děčín a Břeclav, pak i Brno a Praha ** Hlavním městem se stane Jihlava a zbytky Čechů přežijí na Kvildě

Jakub Čížek | 93

Vybrali jsme 21 programovatelných hraček a stavebnic pro děti i jejich rodiče

Vybrali jsme 21 programovatelných hraček a stavebnic pro děti i jejich rodiče

** Získejte děti pro matematiku a základy techniky ** Kupte jim hračku nebo stavebnici, které vdechnou vlastní život ** Vybrali jsme 21 stavebnic pro malé caparty i budoucí experty na A.I.

Jakub Čížek | 11



Aktuální číslo časopisu Computer

Test 9 bezdrátových reproduktorů

Jak ovládnout Instagram

Test levných 27" herních monitorů

Jak se zbavit nepotřebných věcí na internetu