Prosím o kontrolu logu z combofix.
ComboFix 07-07-28 - "User" 2008-10-20 16:48:07.5 [GMT 2:00] - NTFS
Syst‚m Microsoft Windows XP Professional 5.1.2600.2.1250.1.1029.18.True
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\regedit.com
C:\WINDOWS\system32\taskmgr.com
((((((((((((((((((((((((( Files Created from 2008-09-20 to 2008-10-20 )))))))))))))))))))))))))))))))
2008-10-13 19:48 969,216 --a------ C:\WINDOWS\system32\qd3d.dll
2008-10-13 19:48 596,992 --a------ C:\WINDOWS\system32\rave.dll
2008-10-13 19:48 27,136 --a------ C:\WINDOWS\system32\QTUninst.dll
2008-10-13 19:48 126,976 --a------ C:\WINDOWS\system32\3DViewer.dll
2008-10-13 19:45 6,988,075 --a------ C:\WINDOWS\system\QT30.EXE
2008-10-13 19:45 2,058,752 --a------ C:\WINDOWS\system\QT32INST.EXE
2008-10-13 19:45 <DIR> d-------- C:\ZAK
2008-10-13 19:44 246,784 --a------ C:\WINDOWS\UNINST16.EXE
2008-09-24 16:45 <DIR> d-------- C:\Program Files\MSXML 4.0
2008-09-24 16:44 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-09-23 17:03 <DIR> d-------- C:\WINDOWS\system32\CatRoot_bak
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2008-10-13 19:48 --------- d-------- C:\Program Files\QuickTime
2008-09-24 16:55 --------- d-------- C:\Program Files\Messenger
2008-09-23 16:21 --------- d-------- C:\Program Files\ICQ6
2008-09-17 17:53 --------- d-------- C:\Program Files\TO2SSM
2008-09-17 17:53 --------- d-------- C:\DOCUME~1\User\DATAAP~1\Motive
2008-09-17 17:49 --------- d-------- C:\Program Files\Common Files\Motive
2008-09-17 17:46 --------- d-------- C:\Program Files\TO2SAM
2008-09-15 17:40 1846016 --a------ C:\WINDOWS\system32\win32k.sys
2008-09-02 12:36 344064 --a------ C:\WINDOWS\system32\fgkey10.exe
2008-09-02 12:33 --------- d-------- C:\Program Files\Fiendish Entertainment
2008-09-01 11:12 24576 --------- C:\WINDOWS\UniFISH.exe
2008-08-28 12:04 333056 --a------ C:\WINDOWS\system32\drivers\srv.sys
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"C-Media Mixer"="Mixer.exe" [2002-07-12 17:33 C:\WINDOWS\mixer.exe]
"AtiPTA"="atiptaxx.exe" [2001-09-27 02:39 C:\WINDOWS\system32\atiptaxx.exe]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-02-21 19:40]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2005-07-25 12:01]
"avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-19 05:12]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16]
"TO2SSM_McciTrayApp"="C:\Program Files\TO2SSM\McciTrayApp.exe" [2008-08-15 18:33]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OM_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe" []
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 16:49]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 12:16]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
R1 avgio;avgio;\??\C:\Program Files\AntiVir PersonalEdition Classic\avgio.sys
R1 avipbb;avipbb;C:\WINDOWS\system32\DRIVERS\avipbb.sys
R1 cdrbsdrv;cdrbsdrv;C:\WINDOWS\system32\drivers\cdrbsdrv.sys
R1 ssmdrv;ssmdrv;C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
R2 AntiVirScheduler;AntiVir PersonalEdition Classic Scheduler;C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
R2 ARCGIS License Manager;ARCGIS License Manager;C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe
R2 McciCMService;McciCMService;"C:\Program Files\Common Files\Motive\McciCMService.exe"
R2 Sentinel;Sentinel;C:\WINDOWS\system32\Drivers\SENTINEL.SYS
R3 ati2mtaa;ati2mtaa;C:\WINDOWS\system32\DRIVERS\ati2mtaa.sys
R3 avgntflt;avgntflt;\??\C:\Program Files\AntiVir PersonalEdition Classic\avgntflt.sys
R3 cmpci;C-Media PCI Audio Driver (WDM);C:\WINDOWS\system32\drivers\cmaudio.sys
R3 PSched;Pl novaź paket… technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys
S2 InCDsrvR;InCD Helper (read only);C:\Program Files\Ahead\InCD\InCDsrv.exe -r
S2 Sntnlusb;Sntnlusb;C:\WINDOWS\system32\Drivers\SNTNLUSB.SYS
S3 E100B;Intel(R) PRO Adapter Driver;C:\WINDOWS\system32\DRIVERS\e100b325.sys
S3 MREMP50;MREMP50 NDIS Protocol Driver;\??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver;\??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS
S3 MREMPR5;MREMPR5 NDIS Protocol Driver;\??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver;\??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS
S3 MRESP50;MRESP50 NDIS Protocol Driver;\??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver;\??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Schedule
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-20 16:52:30
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\`\1i]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00,00,..
"Changed"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Cursors\Schemes]
"\f\1e?r?n?\xe9? ?u?k?a?z?a?t?e?l?e? ?"="C:\WINDOWS\cursors\arrow_r.cur,C:\WINDOWS\cursors\help_r.cur,C:\WINDOWS\cursors\wait_r.cur,C:\WINDOWS\cursors\busy_r.cur,C:\WINDOWS\cursors\cross_r.cur,C:\WINDOWS\cursors\beam_r.cur,C:\WINDOWS\cursors\pen_r.cur,C:\WINDOWS\cursors\no_r.cur,C:\WINDOWS\cursors\size4_r.cur,C:\WINDOWS\cursors\size3_r.cur,C:\WINDOWS\cursors\size2_r.cur,C:\WINDOWS\cursors\size1_r.cur,C:\WINDOWS\cursors\move_r.cur,C:\WINDOWS\cursors\up_r.cur"
"\f\1e?r?n?\xe9? ?u?k?a?z?a?t?e?l?e? ?(?v?e?l?k?\xe9?)?"="C:\WINDOWS\cursors\arrow_rm.cur,C:\WINDOWS\cursors\help_rm.cur,C:\WINDOWS\cursors\wait_rm.cur,C:\WINDOWS\cursors\busy_rm.cur,C:\WINDOWS\cursors\cross_rm.cur,C:\WINDOWS\cursors\beam_rm.cur,C:\WINDOWS\cursors\pen_rm.cur,C:\WINDOWS\cursors\no_rm.cur,C:\WINDOWS\cursors\size4_rm.cur,C:\WINDOWS\cursors\size3_rm.cur,C:\WINDOWS\cursors\size2_rm.cur,C:\WINDOWS\cursors\size1_rm.cur,C:\WINDOWS\cursors\move_rm.cur,C:\WINDOWS\cursors\up_rm.cur"
"\f\1e?r?n?\xe9? ?u?k?a?z?a?t?e?l?e? ?(?n?e?j?v?\e\1t?a\1\xed?)?"="C:\WINDOWS\cursors\arrow_rl.cur,C:\WINDOWS\cursors\help_rl.cur,C:\WINDOWS\cursors\wait_rl.cur,C:\WINDOWS\cursors\busy_rl.cur,C:\WINDOWS\cursors\cross_rl.cur,C:\WINDOWS\cursors\beam_rl.cur,C:\WINDOWS\cursors\pen_rl.cur,C:\WINDOWS\cursors\no_rl.cur,C:\WINDOWS\cursors\size4_rl.cur,C:\WINDOWS\cursors\size3_rl.cur,C:\WINDOWS\cursors\size2_rl.cur,C:\WINDOWS\cursors\size1_rl.cur,C:\WINDOWS\cursors\move_rl.cur,C:\WINDOWS\cursors\up_rl.cur"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\`\1i]
"Inno Setup: Setup Version"="My Inno Setup Extensions 3.0.6.2"
"Inno Setup: App Path"="C:\Program Files\Sifrovani"
"Inno Setup: Icon Group"="\x160ifrov\xe1n\xed"
"Inno Setup: User"="User"
"Inno Setup: Setup Type"="useable"
"Inno Setup: Selected Components"="doc,doc\html"
"Inno Setup: Deselected Components"="doc\hlp,pipe,src,misc,misc\devel,misc\ttf2sff,misc\stat"
"Inno Setup: Selected Tasks"=""
"Inno Setup: Deselected Tasks"="desktopicon"
"DisplayName"="\x160ifrov\xe1n\xed 0.4"
"DisplayIcon"="C:\Program Files\Sifrovani\bin\sifrovani.exe"
"UninstallString"=""C:\Program Files\Sifrovani\unins000.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:0000016f
"TracesSuccessful"=dword:0000006f
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"AppData"="C:\Documents and Settings\Default User\Data aplikac\xed"
"Cookies"="C:\Documents and Settings\Default User\Cookies"
"Desktop"="C:\Documents and Settings\Default User\Plocha"
"Favorites"="C:\Documents and Settings\Default User\Obl\x00edben\xe9 polo\x17eky"
"NetHood"="C:\Documents and Settings\Default User\Okoln\xed s\xed\x165"
"Personal"="C:\Documents and Settings\Default User\Dokumenty"
"PrintHood"="C:\Documents and Settings\Default User\Okoln\xed tisk\xe1rny"
"Recent"="C:\Documents and Settings\Default User\Recent"
"SendTo"="C:\Documents and Settings\Default User\SendTo"
"Start Menu"="C:\Documents and Settings\Default User\Nab\x00eddka Start"
"Templates"="C:\Documents and Settings\Default User\\x0160ablony"
"Programs"="C:\Documents and Settings\Default User\Nab\x00eddka Start\Programy"
"Startup"="C:\Documents and Settings\Default User\Nab\x00eddka Start\Programy\Po spu\x161t\x11bn\xed"
"Local Settings"="C:\Documents and Settings\Default User\Local Settings"
"Local AppData"="C:\Documents and Settings\Default User\Local Settings\Data aplikac\xed"
"Cache"="C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files"
"History"="C:\Documents and Settings\Default User\Local Settings\History"
"My Pictures"=""
"My Music"=""
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SmallIcons]
"SmallIcons"=dword:00000000
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders]
"Personal"=str(2):"USERPROFILE\Dokumenty"
"My Pictures"=str(2):"USERPROFILE\Dokumenty\Obr\xe1zky"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"MigrateProxy"=dword:00000000
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0]
"1004"=dword:00000000
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1]
"CurrentLevel"=dword:00010500
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2]
"CurrentLevel"=dword:00010000
"1004"=dword:00000001
"1201"=dword:00000001
"1605"=dword:00000000
"1A02"=dword:00000000
"1A03"=dword:00000000
"1A06"=dword:00000000
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3]
"CurrentLevel"=dword:00011000
"1601"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4]
"CurrentLevel"=dword:00012000
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ThemeManager]
"LoadedBefore"="0"
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"load"=""
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AntiVirScheduler]
"ImagePath"="C:\Program Files\AntiVir PersonalEdition Classic\sched.exe"
Completion time: 2008-10-20 16:55:58
C:\ComboFix-quarantined-files.txt ... 2008-10-20 16:53
C:\ComboFix2.txt ... 2008-01-18 19:50
C:\ComboFix3.txt ... 2007-10-13 19:07
--- E O F ---
já umim číst pouze log z hijack thisu, tady se eště strácim..
Tak tady je log z HJ.
Logfile of HijackThis v1.99.1
Scan saved at 16:07:29, on 20.10.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Mixer.exe
C:\WINDOWS\system32\atiptaxx.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\TO2SSM\McciTrayApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\PROGRA~1\ESRI\License\arcgis9x\ARCGIS.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
d:\Dokumenty\Jíťa\Viry\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\Office\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Save with Download Manager... - file://C:\Program Files\J River\Media Center 11\DMDownload.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Office\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CW App KB R9 - https://www.mojebanka.cz/jars/cwapp.cab
O16 - DPF: IB App KB R9 - https://www.mojebanka.cz/jars/ibapp.cab
O16 - DPF: KTPro SP KB R9 - https://www.mojebanka.cz/jars/ktpsp.cab
O16 - DPF: SH App KB R9 - https://www.mojebanka.cz/jars/shapp.cab
O16 - DPF: {5F509E42-537E-482B-B66C-145BC170054C} - http://sberna.fotostar.cz/snadno-vlozit-fotografie/fs/FotoStarPhotoUploa...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540001} - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: application/xhtml+xml - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: application/xhtml+xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: application/xhtml+xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ARCGIS License Manager - Unknown owner - C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
Nekolikrat spusteny ICQ a ten Math Player nevim co je. Taky je tam hodněkrát. Taky bych nespouštěl QuickTime pokud ho nepotřebujete nutně - dost brzdí.
A jak vypnu quick time? Math type je doplněk ve wordu pro psaní matematických symbolů a čtení jich na internetu.
Programy po spuštění a tam smazat QuickTime.
vymazat :
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540001} - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
zvážil bych ponechání google toolbaru - pokud jej nevyužíváte pryč s ním.
stejně tak QuickTime. Je to přece jen možná vstupní brána pro nechtěný útok.
Všechno jsem smazala. Ale quick time nemůžu najít. V nabídce start, po spuštění nic není.
msconfig a založka "po spuštění"
Upřesněte prosím cestu... nejsem takový znalec pc. Děkuji
start -- spustit, napsat msconfig odentrovat, najet na kartu po spuštění, odkliknout, zavřít, ukončit bez restartování, po restartu odklepnout u okna "nezobrazovat a spouštět..." a ok..
Děkuji.
Díky Tobe :wink: