PCTuning fórum

Malej moment, pak to všecko udělam. Teď stahuju ten program, asi to chvíli potrvá tak pls chvilinku vydržte...

OK. Dik ze ho testnes. Pomuzes tim dalsim.
Jinač to nejdriv projed tim programem, nez to fixnes a posli log, at vidime, jestli to zmaklo.

Už sem uďál to co řikal B.P. a tady je log

Logfile of HijackThis v1.99.1
Scan saved at 13:43:38, on 14.4.2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\MSI\Live Update 3\LMonitor.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
K:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
K:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
K:\Program Files\PowerISO\PWRISOVM.EXE
K:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
K:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
K:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
K:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
K:\Program Files\Comodo\Firewall\CPF.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Skype\Phone\Skype.exe
K:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe
K:\Program Files\Adobe\Acrobat 7.0\Acrobat\acrobat_sl.exe
K:\Program Files\MSI\Core Center\CoreCenter.exe
C:\Program Files\MSI\DigiCell\DigiCell.exe
K:\Program Files\Media Key\MagicKey.exe
K:\Program Files\WinZip\WZQKPICK.EXE
K:\Program Files\Media Key\OSD.EXE
K:\Program Files\Bitcomet Ultra Accelerator\BitComet Ultra Accelerator.exe
K:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\ATKKBService.exe
K:\Program Files\Alwil Software\Avast4\ashServ.exe
K:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
K:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\System32\nvsvc32.exe
K:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\iPod\bin\iPodService.exe
K:\Program Files\Alwil Software\Avast4\ashWebSv.exe
K:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
K:\PROGRA~1\MOZILLA.ORG\SEAMON~1\SEAMON~1.EXE
C:\WINDOWS\System32\wuauclt.exe
K:\Program Files\totalcmd\TOTALCMD.EXE
K:\Program Files\JetAudio\JetAudio.exe
N:\Soubory\Hijack\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - K:\Program Files\ICQToolbar\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - K:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - K:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - K:\Program Files\ICQToolbar\toolbaru.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - K:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
O4 - HKLM\..\Run: [NVIDIA nTune] "K:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [GameFace Messenger] C:\Program Files\GameFace Messenger\GameFace.exe
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [RemoteControl] "K:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "K:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] K:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "K:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] K:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "K:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SpySweeper] "K:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\Run: [COMODO Firewall Pro] "K:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe /start
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [PowerBar] "K:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" /AtBootTime
O4 - Startup: Bitcomet Ultra Accelerator.lnk = K:\Program Files\Bitcomet Ultra Accelerator\BitComet Ultra Accelerator.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O4 - Global Startup: CoreCenter.lnk = K:\Program Files\MSI\Core Center\CoreCenter.exe
O4 - Global Startup: DigiCell.lnk = C:\Program Files\MSI\DigiCell\DigiCell.exe
O4 - Global Startup: Media Key.lnk = K:\Program Files\Media Key\MagicKey.exe
O4 - Global Startup: Spy Sweeper Fix.lnk = K:\Program Files\Webroot\Spy Sweeper\SpySweeperFix.bat
O4 - Global Startup: WinZip Quick Pick.lnk = K:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://K:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://K:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://K:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - res://K:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést do Adobe PDF - res://K:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést do existujícího PDF - res://K:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - res://K:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - res://K:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Převést výběr do Adobe PDF - res://K:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést výběr do existujícího PDF - res://K:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - K:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - K:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - Unknown owner - K:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - K:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - K:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - K:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - K:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - K:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

Skoda. Tak musim pockat na dalsiho maroda.

Log je OK. Placni ten druhy service packa na IE a budes v pohode.

caute lidi diky za help skusil sem to podle rary ,doufam ze dobre tady jsou ty logy

Logfile of HijackThis v1.99.1
Scan saved at 1:49:08 PM, on 4/14/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
D:\program files\alwast\aswUpdSv.exe
D:\program files\alwast\ashServ.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
D:\program files\alwast\ashMaiSv.exe
D:\program files\alwast\ashWebSv.exe
C:\WINDOWS\system32\notepad.exe
D:\PROGRA~1\alwast\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
D:\program files\winamp51\Winamp\winampa.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WLAN\WLAN\wlanutil.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
D:\dvers a instalacky\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\program files\ICQ\ICQToolbar\toolbaru.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\program files\reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\program files\ICQ\ICQToolbar\toolbaru.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\alwast\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Onet.pl AutoUpdate] "C:\Program Files\Common Files\Onet.pl\NewAutoUpdate.exe" /updateexetsr
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinampAgent] D:\program files\winamp51\Winamp\winampa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
O4 - HKCU\..\Run: [FreeCall] "C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe" -nosplash -minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: VoipBuster.lnk = C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\program files\reader\Reader\reader_sl.exe
O4 - Global Startup: Wireless LAN Utility.lnk = C:\Program Files\WLAN\WLAN\wlanutil.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar3.dll/cmsearch.html
O8 - Extra context menu item: &ICQ Toolbar Search - res://D:\program files\ICQ\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar3.dll/cmwordtrans.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar3.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar3.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar3.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar3.dll/cmtrans.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://arcade.icq.com/carlo/zuma/popcaploader_v5.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0B26C243-C7BE-47E1-B842-E62F68394EFF}: NameServer = 85.255.115.70,85.255.112.138
O17 - HKLM\System\CCS\Services\Tcpip\..\{1FD53C0A-659E-4B3F-874E-BA7AF7AC322B}: NameServer = 85.255.115.70,85.255.112.138
O17 - HKLM\System\CCS\Services\Tcpip\..\{1FF9CCCB-1AA3-4537-8EB7-135B975E40E2}: NameServer = 85.255.115.70,85.255.112.138
O17 - HKLM\System\CCS\Services\Tcpip\..\{3FBD31C9-182A-435A-AA54-ABB83F8D2EBC}: NameServer = 85.255.115.70,85.255.112.138
O17 - HKLM\System\CCS\Services\Tcpip\..\{4E8774EC-D18D-49F7-8690-884109F7DCDE}: NameServer = 85.255.115.70,85.255.112.138
O17 - HKLM\System\CCS\Services\Tcpip\..\{F9E7744A-E0DC-4BA2-873D-82F093AA3B1E}: NameServer = 85.255.115.70,85.255.112.138
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.70 85.255.112.138
O17 - HKLM\System\CS1\Services\Tcpip\..\{0B26C243-C7BE-47E1-B842-E62F68394EFF}: NameServer = 85.255.115.70,85.255.112.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.70 85.255.112.138
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\program files\alwast\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - D:\program files\alwast\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - D:\program files\alwast\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - D:\program files\alwast\ashWebSv.exe" /service (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

a ted ten druhy----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------







Fixwareout Last edited 4/5/2007
Post this report in the forums please
...
»»»»»Prerun check

»»»»» System restarted

»»»»» Postrun check
HKLM\SOFTWARE\~\Winlogon\ "System"=""
....
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ruins "}4D2462D5F1B0-01BA-A1D4-3490-18220FE7{" Deleted
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls "etadpu" Deleted
....
»»»»» Misc files.
....
»»»»» Checking for older varients.
....

Search five digit cs, dm, kd, jb, other, files.
The following files NEED TO BE SUBMITTED to one of the following URL'S for further inspection.



Click browse, find the file then click submit.
http://www.virustotal.com/flash/index_en.html
Or http://virusscan.jotti.org/

»»»»» Other



»»»»» Current runs
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="D:\\PROGRA~1\\alwast\\ashDisp.exe"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"Onet.pl AutoUpdate"="\"C:\\Program Files\\Common Files\\Onet.pl\\NewAutoUpdate.exe\" /updateexetsr"
"UserFaultCheck"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,\
6d,33,32,5c,64,75,6d,70,72,65,70,20,30,20,2d,75,00
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"WinampAgent"="D:\\program files\\winamp51\\Winamp\\winampa.exe"
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
@=""
"Sony Ericsson PC Suite"="\"C:\\Program Files\\Sony Ericsson\\Mobile2\\Application Launcher\\Application Launcher.exe\" /startoptions"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"Skype"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"
"Window Washer"="C:\\Program Files\\Webroot\\Washer\\wwDisp.exe"
"FreeCall"="\"C:\\Program Files\\FreeCall.com\\FreeCall\\FreeCall.exe\" -nosplash -minimized"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
....
Hosts file was reset, If you use a custom hosts file please replace it
»»»»» End report »»»»»



este me napadlo ze bych preinstaloval cele windows nebude to nelepsi cesta?? jinak diky za pomoc...........

Tagže už by tam bejt neměl?

No já IE nepoužívam, mam Mozzila suite - SeaMonkey nebo eště čistou lišku. A z XP pomalu přecházim na Mandrivu 2007, takže by mě zajímalo, jestli sou ty SP nutný...

Smejda uz jsi se zbavil. Aspon v logu nic neni. Tak ze pokud Te nic netrapi a comp slape, tak fajn.
Jo tak, no kdyz IE nepouzivas, tak to asi neni nutny.
Ale zaplaty na win. urcite jo, jestli Ti nejaky chybi.

i přesto,že se likc snažil ze všech sil,mojí snahu o vyřešení tvého problému sabotovat,je to ok.
SP2 je v podstatě imunita systému,takže pokud ho budeš používat,měl by si ho mít.

Tak rekl bych ze nainstalovani SP2 nic nezkazis.. + Windows update - stahni a nainastlauj vse co ti to nabidne.. Ty zaplaty ktere Microsoft vydava nejsou jen tak pro srandu..

//edit byl jsem o neco pomalejsi

Ehm, no sou i lidi, kerý nemaj Win koupenej legálně - NE ŽE BYCH TO BYL JAKO ZROVNA JÁ, ale dávam jen takovej příklad - tim pádem si TAKOVÝ LIDI nemůžou stahovat aktualizace, páč by na to mrkvosoft kápnul žejo. Takže bych si asi pro začátek sehnal ten SP2 tak - nevíte kde ho stáhnout?

Jináč všem děkuju za rady a za to že se taj se mnou plácali - DIKES

teď možná kecam,ale nejsou bezpečnostní balíky a záplaty dostupný všem uživatelům?(to neni samo otázka pro tebe ale do pranice )
tak mi dejte

No nevim, jestli se s rarym shodnu, mame na tuhle lecbu asi trochu jiny nazor.
Velka vetsina je pryc.
Znas tenhle program? C:\Program Files\Common Files\Onet.pl\NewAutoUpdate.exe
kdyztak ho otestuj na www.virustotal.com
Zbylo tam ale pripojeni pres ty ukrajinsky servery. Nevim, jak se pripojujes na net. Jestli mas pevnou IP nebo dymamickou.

V podstate by jsi ted mel fixnout vsechny radky zacinajici na O17, cimz si nejspis kilnes pripojeni k netu, tak ze bude potreba ruco nastavit znovu. Nevidim tam totiz puvodce toho, c Ti to zmenil, tak ze to je nejspis pozustatek nakazy.

Dal fixni
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

nevim,jestli by rary nevytáhnul nějakýho králíka s klobouku

já bych postupoval podle toho dodatku co je v návodu na Wareout
fixnul bych ty O17 a nastavil připojení podle údajů od provajdra.

nebo můžeš zkusit ty dva nástroje tam zmiňovaný

(a teď nás rary sprcá voba)

Taky myslim i kdyz ona jedna zaplata je takova "specialni" ktera vubec nic nezaplatuje, ale "upozornuje" uzivatele. Tak tu akorat nestahovat. Ale lidi, kteri to potrebuju chodi na jina fora nez tohle.... Pokud si vzpominam, tak SP2 na IE6 autorizaci nechtel. Ale uz je to nejaky patek.

no internet mam pres O2 ale mam tam este router tak nevim jestli si ti killnu tak ale to skusim postupne a uvidim co mi to shodi kdyz tak to pak odfixnu jestli to tak jde jinak ten program znam to je na chat jinak by me zajimalo jak sem se mi tam dostaly ty ukrajinske cipiny a co vlastne to zpusobuje??...........

S routerem by Ti to nemelo nic udelat. Na smlouve od O2 budes mit nejaky instrukce, jak nastavit TCP/IP protokol. Na ty ukrajinsky servery Te nasmeroval ten vir. To je jeden z jeho priznaku.

to Baron Prášil no nechame se prekvapit

v tom odkazu to je popsaný

tak jo tak se to pofixoval co ste mi radili a net mi jede porad bez preruseni tak vam chlapsi moc dekuju a za par dnu se tu zastavim mozna jeste jednou bo tchyne ma taky ten comp pekne zaneradeny .......tak zatim dik a mejte se fajn.....

No uz se na ten log tesime. Pokud bude tak lahudkovy jako byl ten Tvuj. Jinac neni zac.