Prosim o kontrolu logu

[kreso]

Vcera vecer mi z nicoho nic padol pc, modra obrazovka a nasledny reset...ale ked vsetko nabehlo islo to 5 min a znova modra smrt a stale dookola...tak som to vypol a dnes rano zase zapol comp a uz ide vsetko asi normal....pre istotu mi to pls checknite DIKES

Logfile of HijackThis v1.99.1
Scan saved at 15:26:49, on 25. 2. 2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\Programy\AlienGUIse\wbload.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
D:\Programy\Kerio Personal\Personal Firewall 4\kpf4ss.exe
D:\Programy\NOD 32\nod32kui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\Programy\Kerio Personal\Personal Firewall 4\kpf4gui.exe
D:\Programy\NOD 32\nod32krn.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
D:\Programy\Kerio Personal\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\taskmgr.exe
D:\Programy\ICQLite\ICQLite.exe
D:\Programy\Mozilla Firefox\firefox.exe
C:\Documents and Settings\PC\Plocha\Netofky\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programy\Adobe Reader 7.02\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programy\Java\bin\ssv.dll
O4 - HKLM\..\Run: [nod32upd] rundll32 "D:\Programy\NOD 32\fc_upd.dll",NOD32Ioctl
O4 - HKLM\..\Run: [nod32kui] "D:\Programy\NOD 32\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Atomic.exe] D:\Programy\Atomic Clock Sync\Atomic.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\RunOnce: [ICQ Lite] D:\Programy\ICQLite\ICQLite.exe -trayboot
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Stiahnuť pomocou Download &Express - D:\Programy\Download Express\Add_Url.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programy\Java\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programy\Java\bin\ssv.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programy\OFFICE~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programy\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programy\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{CA371BE2-72C8-4B53-83C6-7B360FFBE366}: NameServer = 10.4.4.1
O20 - Winlogon Notify: WB - D:\Programy\AlienGUIse\fastload.dll
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - D:\Programy\Kerio Personal\Personal Firewall 4\kpf4ss.exe
O23 - Service: NBService - Nero AG - D:\Programy\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - D:\Programy\NOD 32\nod32krn.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

[Mayhem(cz)]

Log je v pořádku. otestuj pc např. v prime 95. chlape co ten NOD 32

[likc]

Tady je nejaky problem s outlookem expres. Ten chodi bez problemu??

fixnul bych R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"

preinstaluj noda na C:

[Vector]

moje rada zni skusit Stahnout program MWAV Udelalt upate a ten najde skoro vsechno co je v pocitaci nepotrebne ale upozorneni je to velmi velmi pomale. Pozorne si prectete tento clanek a udelejte co je tam napsano a pokud to neco najde tak poslete sem vysledky a

http://viry.cz/forum/viewtopic.php?t=4097/

[phz^]

Log je v pořádku. otestuj pc např. v prime 95. chlape co ten NOD 32

co se ti nezda na nodu? tj imho nejlepsi AV podle me

[Mayhem(cz)]

moje rada zni skusit Stahnout program MWAV Udelalt upate a ten najde skoro vsechno co je v pocitaci nepotrebne ale upozorneni je to velmi velmi pomale. Pozorne si prectete tento clanek a udelejte co je tam napsano a pokud to neco najde tak poslete sem vysledky a

http://viry.cz/forum/viewtopic.php?t=4097/

Jo ten je opravdu dobrý!,ale strašně pomallí

[Mayhem(cz)]

Log je v pořádku. otestuj pc např. v prime 95. chlape co ten NOD 32

co se ti nezda na nodu? tj imho nejlepsi AV podle me

Nod 32 je dobrý(sám ho vlastním),ale já myslel něco jiného,však se podívej pozorně na jeho log

[kreso]

co je s tym nodom? nefunguje spravne? a s outlookem express nemam problemy preco?a preco by som mal davat noda na C?neni to jedno?

[likc]

Mas jeste problem s compem nebo ne? Ten nod bych az tak moc neresil. Asi frci. Akorat tim, ze je nainstalovany v nezvyklem adresari, tak ho to trochu zmatlo.
Na ten outlook se ptam proto, protoze ta sluzba, co jsem ji vypsal R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
by podle meho nemela bezet - a je to soucast outlooku. Mohlo by to delat veci jako zapominani prihlasovacich jmen a hesel a podobne.
No navrhnul bych Ti stahnout mwav a projet comp. At nedelame nejaky harakiry.

[kreso]

no comp vyzera ze uz asi frci v poriadku..dufam...ale mne ten nod funguje normal aj vyrusi detekuje aj setko....a ten outlook mi nerobi ziadne problemy teda aspon zatial akuRAT SA MI FIREFOX posral sa mi vymazali zalozky a setko...vkastne cely profil....

[likc]

Jo, nod nebude podle me problem, ale jelikoz v logu nevidim zadny antispy, tak proscanovani mwavem rozhodne nic neskazis. Aspon mas jistotu. Je to ale na tobe.

[kreso]

ja mam ad - aware se professional a robim kontrolu tak kazdy druhy den to nestaci?

[likc]

S Tebou je to tezky. Mas problem, ptas se, ale nic nedelas. Ad - aware v pohode, scanujes ob den, ale furt mas problem s compem, tak asi bude chtit udelat neco jineho. Kdyby byl ad - aware na vsechno nej, tak by asi nebylo dalsich 20 a vice programku se stejnym zamerenim, ale byl by jen 1.

[kreso]

no hej ja pouzivam este sby boot ale uz nic ine...co by si mi poradil? a ked mi padne win tak mi na tej modrej obrazovke pise DRIVER_IRQ_LESS_OR_NOT_EQUAL - newes co to znamena?

[likc]

No jak jsme rikali, zkus ten mwav.
DRIVER_IRQ_LESS_OR_NOT_EQUAL jsem tu nedavno s nekym resil, ale ted nemuzu to tema najit. Jeste se podivam. Je to problem s ovladaci. Menil jsi posledni dobou nejaky díly v PC nebo jsi instaloval nejake nove ovladace?

[zombux]

a preco by som mal davat noda na C?neni to jedno?

je to jedno

[kreso]

No jak jsme rikali, zkus ten mwav.
DRIVER_IRQ_LESS_OR_NOT_EQUAL jsem tu nedavno s nekym resil, ale ted nemuzu to tema najit. Jeste se podivam. Je to problem s ovladaci. Menil jsi posledni dobou nejaky díly v PC nebo jsi instaloval nejake nove ovladace?

j menil som MB a hdd ale MB board mam niaku sitnu Matsonic

[likc]

Tak to jsme doma. Při takovych zmenach se to stava pomerne casto. Pricinou jsou nekompatibility ovladacu a nekdy i hardwaru. Pročti si tohle http://forum.pctuning.cz/viewtopic.php? ... hlight=irq a tohle http://forum.pctuning.cz/viewtopic.php? ... ight=equal
Zaměřil bych se na teplotu procesoru, test pameti, pak preinstalovat ovladace zvukovka, grafika..

[Holda]

poprosim nekoho, kdo to vycte lip jak ja, plno hodnot nevim, jestli muzu smaznout, prijde mi, ze je tam hroznej bordel...a hlavne jsem asi po 3 dnech zjistil, ze nemam FW ani antivira, nevim proc, ale proste nebylo ani jedno
Bylo to asi jako 3 dny strkat lvovi nadobicko do pusy a trit mu rozkrok mokrou zinkou

Logfile of HijackThis v1.99.1
Scan saved at 20:40:15, on 1.3.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\RevoTask.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\ITE\Smart Guardian\ITESmart.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\FlashGet\FlashGet.exe
C:\Program Files\Razer\Diamondback\razerhid.exe
C:\Program Files\AOL\Active Virus Shield\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\RMClock\RMClock.exe
C:\Program Files\AOL\Active Virus Shield\avp.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Program Files\Razer\Diamondback\razertra.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NetLimiter 2 Pro\NLClient.exe
C:\Program Files\Razer\Diamondback\razerofa.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
c:\Program Files\QIP\qip.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUME~1\Holda\LOCALS~1\Temp\_tc\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
F2 - REG:system.ini: Shell=
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RevoTaskbarApp] C:\WINDOWS\system32\RevoTask.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [Comodo Firewall] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [SmartGuardian] C:\Program Files\ITE\Smart Guardian\ITESmart.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.0 Final Release\RivaTuner.exe" /S
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [FlashGet] C:\Program Files\FlashGet\FlashGet.exe /min
O4 - HKLM\..\Run: [Dimondback] C:\Program Files\Razer\Diamondback\razerhid.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [aol] "C:\Program Files\AOL\Active Virus Shield\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RMClock] "C:\Program Files\RMClock\RMClock.exe"
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O8 - Extra context menu item: &Stáhnout FlashGetem - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Stáhnout všechno FlashGetem - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{266DAEB3-F1B6-4DF4-A53C-EAD35EE675C9}: Domain = klfree.net
O17 - HKLM\System\CCS\Services\Tcpip\..\{266DAEB3-F1B6-4DF4-A53C-EAD35EE675C9}: NameServer = 10.102.0.252,10.102.0.253
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Active Virus Shield (AVP) - Unknown owner - C:\Program Files\AOL\Active Virus Shield\avp.exe" -r (file missing)
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\RpcSandraSrv.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)

[likc]

Zakládejte si prosím nová témata pro kontrolu nových logů

stahni si tuhle utilitku: http://www.viry.cz/spyware.cz/download/lspfix.exe
as ji spustis, tak v levem okne budes mit seznam dll knihoven. vyber nasledujici: nvappfilter.dll, dej remove.

Dal bych doporucil odinstalaci programu falsh get (a pak fixnuti toho, co po nem zbyde - dll knihovny), ktery je minimalne v neregistrovane verzi puvodcem problemu. Spyware atd. Mela by tu byt jedna jistejsi varianta a to program http://www.leechget.net/en/ nicmene ho nepouzivam.

fixnout O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)

Neni dobre pouzivat 2 antiviraky. Nechal bych ten kaspersky.
Jinac tam bezi spousta kravinek ke grafice, zvukovce, vnc, mysi a tak, ale to je na kazdem, jak moc se vsechno vyuziva.

Restartuj a posli novy log.