[ Príspevkov: 18 ] 
AutorSpráva
Offline

Zmazaný užívateľ
Zmazaný užívateľ
Obrázok užívateľa
NapísalOffline : 31.12.2007 13:22 | Ddayy.dll

Mam problem z tymto suborom...mal som avast a ten nic nehlasil no presil som na Aviru a ona hlasi ze je to trojan...skusal som ho zmazat ale on sa furt objavuje...prikladam log z Hijackthis
+ mi tam vyskakuju aj nejake ine dllcka...
log je nejaky nezvicajne dlhy...asi sa tam daco posahalo

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:21:44, on 31.12.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\svchost.exe
C:\Programy\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Programy\AlienGUIse\wbload.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programy\iolo\System Mechanic Professional 7\SMSystemAnalyzer.exe
C:\Programy\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programy\DAEMON Tools\daemon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
C:\Programy\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
C:\Programy\Yahoo!\Widgets\YahooWidgets.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\Programy\Yahoo!\Widgets\YahooWidgets.exe
C:\Programy\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avcenter.exe
c:\program files\avira\antivir personaledition classic\avscan.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {0012BC60-BBAB-45B7-BF26-D5C6E63C6848} - (no file)
O2 - BHO: (no name) - {011C82A2-86F8-4B5D-ABAF-3E783A5D3EE2} - (no file)
O2 - BHO: (no name) - {0CA62AB0-CDD3-4A50-AD6B-A5184229FF54} - (no file)
O2 - BHO: (no name) - {12FD34D7-D969-4C81-AA06-5BBBC1CFCBEE} - (no file)
O2 - BHO: (no name) - {14A0DD04-858C-48CA-B68A-170E52578029} - (no file)
O2 - BHO: (no name) - {1A110388-4AD5-4703-B1D2-D950F4061E14} - (no file)
O2 - BHO: (no name) - {1FAE3A84-0723-4D3C-A521-492B0D3D2008} - (no file)
O2 - BHO: (no name) - {224DBEBF-2876-4438-965D-5BEE47EFC3BA} - (no file)
O2 - BHO: (no name) - {312CC312-9E3D-4F5E-9EE4-6AA3C0D91BF9} - (no file)
O2 - BHO: (no name) - {368AB513-033F-453F-A434-1A7AA5536A26} - (no file)
O2 - BHO: (no name) - {38492103-8EB2-4492-9076-6B414BC6B2FA} - (no file)
O2 - BHO: (no name) - {3899A61F-0B1A-4A57-BC60-98F44D291F87} - (no file)
O2 - BHO: (no name) - {4CEFC3B3-CEFA-4E95-9F26-AA6A52920F5D} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programy\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5B3E0442-5179-4DC3-A839-5DD4EC1906C8} - (no file)
O2 - BHO: (no name) - {63A547F0-5E83-45B9-A96A-7783F1FE35B6} - C:\WINDOWS\system32\ddayy.dll
O2 - BHO: (no name) - {64CFA7A4-582A-443D-A799-9943CBDFF37F} - (no file)
O2 - BHO: (no name) - {68C0D766-E88C-437B-9B6A-3D640331FE1D} - (no file)
O2 - BHO: (no name) - {6A5899BA-453A-4CC6-A33A-018A183DA70A} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programy\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: (no name) - {729F6A59-C71A-4AD0-BADC-6EB4D089B131} - (no file)
O2 - BHO: (no name) - {740267D5-4FD0-4E34-AEA6-740E4C68D2AA} - C:\WINDOWS\system32\ljjklii.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {788FFC7F-8F50-4CF9-A27D-81E516A02716} - (no file)
O2 - BHO: (no name) - {7e1c377c-fef2-48f0-a926-597139d707aa} - (no file)
O2 - BHO: (no name) - {7FF02CED-78D1-4FD8-991E-38FEC618F41E} - (no file)
O2 - BHO: (no name) - {8171FEC6-2512-45DF-AEB4-6887E7EB0A60} - (no file)
O2 - BHO: (no name) - {87169E4D-F931-4A8C-80E9-FFDA5ECD6211} - (no file)
O2 - BHO: (no name) - {959C0CFF-9002-49F7-B9F5-C8BCB6B2A365} - (no file)
O2 - BHO: (no name) - {964cf574-b095-47b0-84af-f751078ead4b} - (no file)
O2 - BHO: (no name) - {A38D61F2-5799-457C-B839-8FF6D73939D9} - (no file)
O2 - BHO: (no name) - {A44AE059-6E43-4F9C-B1B5-2BBB29FBC3E1} - (no file)
O2 - BHO: (no name) - {AC51D08C-0A94-444B-A9E2-F7068DFE55A8} - (no file)
O2 - BHO: (no name) - {AF7E9618-5077-4C04-9829-D7B776E6C168} - (no file)
O2 - BHO: (no name) - {B5B4DBA8-EDC1-43EC-A96D-00E8F4A50A2B} - (no file)
O2 - BHO: (no name) - {B5F448FC-E836-4B9B-A519-994FE9E7DFDF} - (no file)
O2 - BHO: (no name) - {B84A0A64-9AC6-4F99-8BD3-06F2AE99881C} - (no file)
O2 - BHO: (no name) - {bdf8c3c6-5712-463d-bd42-f449474258e1} - (no file)
O2 - BHO: (no name) - {BEA242AB-5F8A-4E7C-90EE-D955D91AAC86} - (no file)
O2 - BHO: {94666270-d937-47c8-d784-630cb136a11c} - {c11a631b-c036-487d-8c74-739d07266649} - C:\WINDOWS\system32\kekumacw.dll
O2 - BHO: (no name) - {C1EA7BCF-0415-4BF5-8EF9-3209982B60C9} - (no file)
O2 - BHO: (no name) - {ce8cf0b8-0a34-4f2c-9f9d-c5ab40e30f02} - (no file)
O2 - BHO: (no name) - {CF27189B-E556-47E3-B828-EACDAD179C56} - (no file)
O2 - BHO: (no name) - {D12B4C76-F92B-48E8-BF55-889E554A56A0} - (no file)
O2 - BHO: (no name) - {E5A258D1-85D3-4F99-9908-8F688C125462} - (no file)
O2 - BHO: (no name) - {EA368695-29FB-4B61-8B3E-BBAC7F760973} - (no file)
O2 - BHO: (no name) - {EB8BCA79-9B0A-4C4F-B911-F4AE3C9927CC} - (no file)
O2 - BHO: (no name) - {ec71912c-a19c-4f50-a422-f4244bcc8e49} - (no file)
O2 - BHO: e404 helper - {F10587E9-0E47-4CBE-84AE-7DD20B8684BB} - C:\Program Files\Helper\superfinderusa.dll
O2 - BHO: (no name) - {F7A65B75-E08E-4339-86A4-ACD07974F227} - (no file)
O4 - HKLM\..\Run: [SMSystemAnalyzer] "C:\Programy\iolo\System Mechanic Professional 7\SMSystemAnalyzer.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programy\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [CBitSpirit] "C:\Programy\BitSpirit\BitSpirit.exe" /start /nosplash
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [8433e67e] rundll32.exe "C:\WINDOWS\system32\barekqmt.dll",b
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Programy\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Programy\TuneUp Utilities 2007\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programy\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Programy\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Yahoo! Widgets.lnk = C:\Programy\Yahoo!\Widgets\YahooWidgets.exe
O8 - Extra context menu item: Download Using &BitSpirit - C:\Programy\BitSpirit\bsurl.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Programy\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programy\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programy\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programy\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programy\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programy\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programy\MICROS~1\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: ljjklii - C:\WINDOWS\SYSTEM32\ljjklii.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Programy\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\jktblhha.exe (file missing)
O23 - Service: HTTP SSL HTTPFilter Web Scanner (HTTPFilter Web Scanner) - Unknown owner - C:\WINDOWS\system32\accesst.exe (file missing)
O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe

--
End of file - 11507 bytes


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 24.03.07
Prihlásený: 28.07.16
Príspevky: 4153
Témy: 251 | 251
Bydlisko: Michalovce
NapísalOffline : 31.12.2007 13:37 | Ddayy.dll

Omg

Fix:

O2 - BHO: (no name) - {0012BC60-BBAB-45B7-BF26-D5C6E63C6848} - (no file)
O2 - BHO: (no name) - {011C82A2-86F8-4B5D-ABAF-3E783A5D3EE2} - (no file)
O2 - BHO: (no name) - {0CA62AB0-CDD3-4A50-AD6B-A5184229FF54} - (no file)
O2 - BHO: (no name) - {12FD34D7-D969-4C81-AA06-5BBBC1CFCBEE} - (no file)
O2 - BHO: (no name) - {14A0DD04-858C-48CA-B68A-170E52578029} - (no file)
O2 - BHO: (no name) - {1A110388-4AD5-4703-B1D2-D950F4061E14} - (no file)
O2 - BHO: (no name) - {1FAE3A84-0723-4D3C-A521-492B0D3D2008} - (no file)
O2 - BHO: (no name) - {224DBEBF-2876-4438-965D-5BEE47EFC3BA} - (no file)
O2 - BHO: (no name) - {312CC312-9E3D-4F5E-9EE4-6AA3C0D91BF9} - (no file)
O2 - BHO: (no name) - {368AB513-033F-453F-A434-1A7AA5536A26} - (no file)
O2 - BHO: (no name) - {38492103-8EB2-4492-9076-6B414BC6B2FA} - (no file)
O2 - BHO: (no name) - {3899A61F-0B1A-4A57-BC60-98F44D291F87} - (no file)
O2 - BHO: (no name) - {4CEFC3B3-CEFA-4E95-9F26-AA6A52920F5D} - (no file)
O2 - BHO: (no name) - {5B3E0442-5179-4DC3-A839-5DD4EC1906C8} - (no file)
O2 - BHO: (no name) - {63A547F0-5E83-45B9-A96A-7783F1FE35B6} - C:\WINDOWS\system32\ddayy.dll
O2 - BHO: (no name) - {64CFA7A4-582A-443D-A799-9943CBDFF37F} - (no file)
O2 - BHO: (no name) - {68C0D766-E88C-437B-9B6A-3D640331FE1D} - (no file)
O2 - BHO: (no name) - {6A5899BA-453A-4CC6-A33A-018A183DA70A} - (no file)
O2 - BHO: (no name) - {729F6A59-C71A-4AD0-BADC-6EB4D089B131} - (no file)
O2 - BHO: (no name) - {740267D5-4FD0-4E34-AEA6-740E4C68D2AA} - C:\WINDOWS\system32\ljjklii.dll
O2 - BHO: (no name) - {788FFC7F-8F50-4CF9-A27D-81E516A02716} - (no file)
O2 - BHO: (no name) - {7e1c377c-fef2-48f0-a926-597139d707aa} - (no file)
O2 - BHO: (no name) - {7FF02CED-78D1-4FD8-991E-38FEC618F41E} - (no file)
O2 - BHO: (no name) - {8171FEC6-2512-45DF-AEB4-6887E7EB0A60} - (no file)
O2 - BHO: (no name) - {87169E4D-F931-4A8C-80E9-FFDA5ECD6211} - (no file)
O2 - BHO: (no name) - {959C0CFF-9002-49F7-B9F5-C8BCB6B2A365} - (no file)
O2 - BHO: (no name) - {964cf574-b095-47b0-84af-f751078ead4b} - (no file)
O2 - BHO: (no name) - {A38D61F2-5799-457C-B839-8FF6D73939D9} - (no file)
O2 - BHO: (no name) - {A44AE059-6E43-4F9C-B1B5-2BBB29FBC3E1} - (no file)
O2 - BHO: (no name) - {AC51D08C-0A94-444B-A9E2-F7068DFE55A8} - (no file)
O2 - BHO: (no name) - {AF7E9618-5077-4C04-9829-D7B776E6C168} - (no file)
O2 - BHO: (no name) - {B5B4DBA8-EDC1-43EC-A96D-00E8F4A50A2B} - (no file)
O2 - BHO: (no name) - {B5F448FC-E836-4B9B-A519-994FE9E7DFDF} - (no file)
O2 - BHO: (no name) - {B84A0A64-9AC6-4F99-8BD3-06F2AE99881C} - (no file)
O2 - BHO: (no name) - {bdf8c3c6-5712-463d-bd42-f449474258e1} - (no file)
O2 - BHO: (no name) - {BEA242AB-5F8A-4E7C-90EE-D955D91AAC86} - (no file)
O2 - BHO: {94666270-d937-47c8-d784-630cb136a11c} - {c11a631b-c036-487d-8c74-739d07266649} - C:\WINDOWS\system32\kekumacw.dll
O2 - BHO: (no name) - {C1EA7BCF-0415-4BF5-8EF9-3209982B60C9} - (no file)
O2 - BHO: (no name) - {ce8cf0b8-0a34-4f2c-9f9d-c5ab40e30f02} - (no file)
O2 - BHO: (no name) - {CF27189B-E556-47E3-B828-EACDAD179C56} - (no file)
O2 - BHO: (no name) - {D12B4C76-F92B-48E8-BF55-889E554A56A0} - (no file)
O2 - BHO: (no name) - {E5A258D1-85D3-4F99-9908-8F688C125462} - (no file)
O2 - BHO: (no name) - {EA368695-29FB-4B61-8B3E-BBAC7F760973} - (no file)
O2 - BHO: (no name) - {EB8BCA79-9B0A-4C4F-B911-F4AE3C9927CC} - (no file)
O2 - BHO: (no name) - {ec71912c-a19c-4f50-a422-f4244bcc8e49} - (no file)
O2 - BHO: (no name) - {F7A65B75-E08E-4339-86A4-ACD07974F227} - (no file)
O20 - Winlogon Notify: ljjklii - C:\WINDOWS\SYSTEM32\ljjklii.dll

//Proste fixni všetky no file a + tie čo su medzi nimi (tie 4 dll súbory)
+ C:\WINDOWS\system32\kekumacw.dll otestuj na www.virustotal.com


_________________
PC1: Intel Core i5 4690k / MSI Z97 Gaming 3 / Kingston HyperX Fury 8GB DDR3 / MSI R9 380 Gaming 2GB / Crucial MX100 256GB SSD / Samsung EcoGreen F3 HD105SI 1TB SATA / CoolerMaster G450M / LG IPS235P

PC2: AMD Phenom II X4 955 / ASUS M5A97 PRO / Kingston 8GB Kit DDR3 / grafika RIP :( /

NTB: Lenovo IdeaPad Y580 - Intel Core i5 3210 / 15.6" 1080p / 8GB DDR3 / NVIDIA GeForce GTX660M 2GB / SSD 90GB Intel 525 mSATA / HDD 1TB 5400 RPM
Offline

Užívateľ
Užívateľ
Ddayy.dll

Registrovaný: 10.02.07
Prihlásený: 14.08.11
Príspevky: 1657
Témy: 22 | 22
Bydlisko: Ziar nad Hr...
NapísalOffline : 31.12.2007 13:41 | Ddayy.dll

fixni

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
vsetko podobne ako toto O2 - BHO: (no name) - {729F6A59-C71A-4AD0-BADC-6EB4D089B131} - (no file)
dalej tieto
O2 - BHO: e404 helper - {F10587E9-0E47-4CBE-84AE-7DD20B8684BB} - C:\Program Files\Helper\superfinderusa.dll
O2 - BHO: (no name) - {63A547F0-5E83-45B9-A96A-7783F1FE35B6} - C:\WINDOWS\system32\ddayy.dll
O2 - BHO: (no name) - {740267D5-4FD0-4E34-AEA6-740E4C68D2AA} - C:\WINDOWS\system32\ljjklii.dll
O4 - HKLM\..\Run: [8433e67e] rundll32.exe "C:\WINDOWS\system32\barekqmt.dll",b
O20 - Winlogon Notify: ljjklii - C:\WINDOWS\SYSTEM32\ljjklii.dll
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\jktblhha.exe (file missing)
O23 - Service: HTTP SSL HTTPFilter Web Scanner (HTTPFilter Web Scanner) - Unknown owner - C:\WINDOWS\system32\accesst.exe (file missing)


:shock: :shock: :shock: :shock:

// potom sem hod dalsi log


_________________
Myslenie nemohlo vzniknúť bez reči, no reč bez myslenia sa vyskytuje často. Brie Andre
My OS: Primary - Kubuntu 10.10 Maverick Meerkat , Secondary - Windows 7
Problemy sa riesia tu na fore nie cez ICQ a Skype. Dakujem
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 28.07.07
Príspevky: 3210
Témy: 41 | 41
Bydlisko: Brno
NapísalOffline : 31.12.2007 13:43 | Ddayy.dll

bordel riadny :)
fixni:
O2 - BHO: (no name) - {0012BC60-BBAB-45B7-BF26-D5C6E63C6848} - (no file)
O2 - BHO: (no name) - {011C82A2-86F8-4B5D-ABAF-3E783A5D3EE2} - (no file)
O2 - BHO: (no name) - {0CA62AB0-CDD3-4A50-AD6B-A5184229FF54} - (no file)
O2 - BHO: (no name) - {12FD34D7-D969-4C81-AA06-5BBBC1CFCBEE} - (no file)
O2 - BHO: (no name) - {14A0DD04-858C-48CA-B68A-170E52578029} - (no file)
O2 - BHO: (no name) - {1A110388-4AD5-4703-B1D2-D950F4061E14} - (no file)
O2 - BHO: (no name) - {1FAE3A84-0723-4D3C-A521-492B0D3D2008} - (no file)
O2 - BHO: (no name) - {224DBEBF-2876-4438-965D-5BEE47EFC3BA} - (no file)
O2 - BHO: (no name) - {312CC312-9E3D-4F5E-9EE4-6AA3C0D91BF9} - (no file)
O2 - BHO: (no name) - {368AB513-033F-453F-A434-1A7AA5536A26} - (no file)
O2 - BHO: (no name) - {38492103-8EB2-4492-9076-6B414BC6B2FA} - (no file)
O2 - BHO: (no name) - {3899A61F-0B1A-4A57-BC60-98F44D291F87} - (no file)
O2 - BHO: (no name) - {4CEFC3B3-CEFA-4E95-9F26-AA6A52920F5D} - (no file)
O2 - BHO: (no name) - {5B3E0442-5179-4DC3-A839-5DD4EC1906C8} - (no file)
O2 - BHO: (no name) - {63A547F0-5E83-45B9-A96A-7783F1FE35B6} - C:\WINDOWS\system32\ddayy.dll
O2 - BHO: (no name) - {64CFA7A4-582A-443D-A799-9943CBDFF37F} - (no file)
O2 - BHO: (no name) - {68C0D766-E88C-437B-9B6A-3D640331FE1D} - (no file)
O2 - BHO: (no name) - {6A5899BA-453A-4CC6-A33A-018A183DA70A} - (no file)
O2 - BHO: (no name) - {729F6A59-C71A-4AD0-BADC-6EB4D089B131} - (no file)
O2 - BHO: (no name) - {740267D5-4FD0-4E34-AEA6-740E4C68D2AA} - C:\WINDOWS\system32\ljjklii.dll
O2 - BHO: (no name) - {788FFC7F-8F50-4CF9-A27D-81E516A02716} - (no file)
O2 - BHO: (no name) - {7e1c377c-fef2-48f0-a926-597139d707aa} - (no file)
O2 - BHO: (no name) - {7FF02CED-78D1-4FD8-991E-38FEC618F41E} - (no file)
O2 - BHO: (no name) - {8171FEC6-2512-45DF-AEB4-6887E7EB0A60} - (no file)
O2 - BHO: (no name) - {87169E4D-F931-4A8C-80E9-FFDA5ECD6211} - (no file)
O2 - BHO: (no name) - {959C0CFF-9002-49F7-B9F5-C8BCB6B2A365} - (no file)
O2 - BHO: (no name) - {964cf574-b095-47b0-84af-f751078ead4b} - (no file)
O2 - BHO: (no name) - {A38D61F2-5799-457C-B839-8FF6D73939D9} - (no file)
O2 - BHO: (no name) - {A44AE059-6E43-4F9C-B1B5-2BBB29FBC3E1} - (no file)
O2 - BHO: (no name) - {AC51D08C-0A94-444B-A9E2-F7068DFE55A8} - (no file)
O2 - BHO: (no name) - {AF7E9618-5077-4C04-9829-D7B776E6C168} - (no file)
O2 - BHO: (no name) - {B5B4DBA8-EDC1-43EC-A96D-00E8F4A50A2B} - (no file)
O2 - BHO: (no name) - {B5F448FC-E836-4B9B-A519-994FE9E7DFDF} - (no file)
O2 - BHO: (no name) - {B84A0A64-9AC6-4F99-8BD3-06F2AE99881C} - (no file)
O2 - BHO: (no name) - {bdf8c3c6-5712-463d-bd42-f449474258e1} - (no file)
O2 - BHO: (no name) - {BEA242AB-5F8A-4E7C-90EE-D955D91AAC86} - (no file)
O2 - BHO: {94666270-d937-47c8-d784-630cb136a11c} - {c11a631b-c036-487d-8c74-739d07266649} - C:\WINDOWS\system32\kekumacw.dll
O2 - BHO: (no name) - {C1EA7BCF-0415-4BF5-8EF9-3209982B60C9} - (no file)
O2 - BHO: (no name) - {ce8cf0b8-0a34-4f2c-9f9d-c5ab40e30f02} - (no file)
O2 - BHO: (no name) - {CF27189B-E556-47E3-B828-EACDAD179C56} - (no file)
O2 - BHO: (no name) - {D12B4C76-F92B-48E8-BF55-889E554A56A0} - (no file)
O2 - BHO: (no name) - {E5A258D1-85D3-4F99-9908-8F688C125462} - (no file)
O2 - BHO: (no name) - {EA368695-29FB-4B61-8B3E-BBAC7F760973} - (no file)
O2 - BHO: (no name) - {EB8BCA79-9B0A-4C4F-B911-F4AE3C9927CC} - (no file)
O2 - BHO: (no name) - {ec71912c-a19c-4f50-a422-f4244bcc8e49} - (no file)
O2 - BHO: e404 helper - {F10587E9-0E47-4CBE-84AE-7DD20B8684BB} - C:\Program Files\Helper\superfinderusa.dll
O2 - BHO: (no name) - {F7A65B75-E08E-4339-86A4-ACD07974F227} - (no file)
O4 - HKLM\..\Run: [8433e67e] rundll32.exe "C:\WINDOWS\system32\barekqmt.dll",b
O20 - Winlogon Notify: ljjklii - C:\WINDOWS\SYSTEM32\ljjklii.dll
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\jktblhha.exe (file missing)
O23 - Service: HTTP SSL HTTPFilter Web Scanner (HTTPFilter Web Scanner) - Unknown owner - C:\WINDOWS\system32\accesst.exe (file missing)

potom si stiahni Combofix a znova sli log z combofixu + Hijackthis :)

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem klávesy 1
- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna
- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah do svého threadu na forum

edit: vsade radia to iste, u mna je komplet vypis...


_________________
PC: CPU: Intel i7 5820k @ 4.2 Ghz Cooler: NZXT Kraken x41 MB: ASUS X99-A GPU: ASUS Stryx 970 GTX 4GB RAM: 32 GB Kingston 2133 DDR4 SSD: Kingston Hyperx 240 GB HDD1: Seagate Barracuda 7200.14 3TB HDD2: Seagate Barracuda 7200 1TB PSU: Corsair RM 850 Case: NZXT Phantom 410 white LCD: DELL P2416D @ 75Hz AUDIO: Yamaha RN500 Repro: DALI Zensor 5 Phone: Galaxy S8+
NB: Lenovo Y500
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 28.12.07
Prihlásený: 26.02.08
Príspevky: 9
Témy: 0 | 0
NapísalOffline : 31.12.2007 14:30 | Ddayy.dll

To preco "radite" desat krat to iste. :roll:


Offline

Zmazaný užívateľ
Zmazaný užívateľ
Obrázok užívateľa
Napísal autor témyOffline : 31.12.2007 15:47 | Ddayy.dll

no dal som spreavit scan a tie (no file) tam uz neboli...idem fixnut tie ostatne...
BTW: moze sa daco stat ked fixujem a zaroven bezi test v Avire?
EDIT: vlastne pozeram ze tam su uz iba posledne dva :roll:


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 28.07.07
Príspevky: 3210
Témy: 41 | 41
Bydlisko: Brno
NapísalOffline : 31.12.2007 16:45 | Ddayy.dll

vloz radsej novy log


_________________
PC: CPU: Intel i7 5820k @ 4.2 Ghz Cooler: NZXT Kraken x41 MB: ASUS X99-A GPU: ASUS Stryx 970 GTX 4GB RAM: 32 GB Kingston 2133 DDR4 SSD: Kingston Hyperx 240 GB HDD1: Seagate Barracuda 7200.14 3TB HDD2: Seagate Barracuda 7200 1TB PSU: Corsair RM 850 Case: NZXT Phantom 410 white LCD: DELL P2416D @ 75Hz AUDIO: Yamaha RN500 Repro: DALI Zensor 5 Phone: Galaxy S8+
NB: Lenovo Y500
Offline

Zmazaný užívateľ
Zmazaný užívateľ
Obrázok užívateľa
Napísal autor témyOffline : 31.12.2007 17:03 | Ddayy.dll

boha mna asi j...e...
spravil som novy log a ulozil ho do schranky...pustil som comboFix, vsetko islo v pohode ale naraz...modra obrazovka...
a v Hijackthis mam zasa tie noname...idem fixnut a dam log...

tu je ten log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:02, on 2007-12-31
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programy\AlienGUIse\wbload.exe
C:\Programy\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Programy\iolo\System Mechanic Professional 7\SMSystemAnalyzer.exe
C:\Programy\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Programy\DAEMON Tools\daemon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Programy\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
C:\Programy\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Programy\Yahoo!\Widgets\YahooWidgets.exe
C:\Programy\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programy\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programy\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O4 - HKLM\..\Run: [SMSystemAnalyzer] "C:\Programy\iolo\System Mechanic Professional 7\SMSystemAnalyzer.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programy\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [CBitSpirit] "C:\Programy\BitSpirit\BitSpirit.exe" /start /nosplash
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Programy\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Programy\TuneUp Utilities 2007\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programy\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Programy\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Yahoo! Widgets.lnk = C:\Programy\Yahoo!\Widgets\YahooWidgets.exe
O8 - Extra context menu item: Download Using &BitSpirit - C:\Programy\BitSpirit\bsurl.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Programy\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programy\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programy\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programy\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programy\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programy\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programy\MICROS~1\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Programy\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: HTTP SSL HTTPFilter Web Scanner (HTTPFilter Web Scanner) - Unknown owner - C:\WINDOWS\system32\accesst.exe (file missing)
O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe

--
End of file - 7637 bytes


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 28.07.07
Príspevky: 3210
Témy: 41 | 41
Bydlisko: Brno
NapísalOffline : 31.12.2007 17:07 | Ddayy.dll

fix:
O23 - Service: HTTP SSL HTTPFilter Web Scanner (HTTPFilter Web Scanner) - Unknown owner - C:\WINDOWS\system32\accesst.exe (file missing)

a malo by to byt ok...este by log z combofixu bodol :)

edit: skus este restart PC a novy log


_________________
PC: CPU: Intel i7 5820k @ 4.2 Ghz Cooler: NZXT Kraken x41 MB: ASUS X99-A GPU: ASUS Stryx 970 GTX 4GB RAM: 32 GB Kingston 2133 DDR4 SSD: Kingston Hyperx 240 GB HDD1: Seagate Barracuda 7200.14 3TB HDD2: Seagate Barracuda 7200 1TB PSU: Corsair RM 850 Case: NZXT Phantom 410 white LCD: DELL P2416D @ 75Hz AUDIO: Yamaha RN500 Repro: DALI Zensor 5 Phone: Galaxy S8+
NB: Lenovo Y500
Offline

Zmazaný užívateľ
Zmazaný užívateľ
Obrázok užívateľa
Napísal autor témyOffline : 31.12.2007 17:20 | Ddayy.dll

yaJohny píše:
fix:
O23 - Service: HTTP SSL HTTPFilter Web Scanner (HTTPFilter Web Scanner) - Unknown owner - C:\WINDOWS\system32\accesst.exe (file missing)

a malo by to byt ok...este by log z combofixu bodol :)

edit: skus este restart PC a novy log

uz je to dobre uz nic neukazuje...combofix nejde (modra obrazovka)...ten O23 nejde fixnut, furt sa tam bojavy... :sick:


Offline

Čestný člen
Čestný člen
Ddayy.dll

Registrovaný: 07.04.07
Prihlásený: 09.12.17
Príspevky: 4438
Témy: 82 | 82
Bydlisko: Rožňava
NapísalOffline : 31.12.2007 17:46 | Ddayy.dll

Dzimbo..hod sem najnovši log...ešte sa mi to nezda čiste ;)


_________________
PC1: l CPU: AMD Phenom II X4 955BE C3 l MB: MSI 870A-G54 l RAM: 2x4GB A-DATA Gamers Series 1600 CL9 l VGA: SAPPHIRE R9 280X VAPOR-X l
HDD: SAMSUNG F3 1TB l DVD-RW: LG H22N l PSU: CORSAIR VX450W l MONITOR: LG LCD W2284F-PF l OS: WINDOWS7 HOME PREMIUM l
PC2: l CPU: AMD AthlonXP 2100+ 1733MHz (jadro Thoroughbred - B) socket A l MB: ASRock K7VT4A Pro l RAM: Apacer 1280MB 333MHz CL2.5 l
VGA: ASUS Nvidia N7600GS SILENT l HDD: Seagate 120GB ATA l CD-RW/DVD: LG H12 l PSU: Trust 370W l MONITOR: LG FLATRON L1919S l OS: XP SP3 SK l
NOTEBOOK: ASUS U36SG
Offline

Zmazaný užívateľ
Zmazaný užívateľ
Obrázok užívateľa
Napísal autor témyOffline : 31.12.2007 17:55 | Ddayy.dll

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:55, on 2007-12-31
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programy\AlienGUIse\wbload.exe
C:\Programy\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Programy\iolo\System Mechanic Professional 7\SMSystemAnalyzer.exe
C:\Programy\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programy\DAEMON Tools\daemon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Programy\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
C:\Programy\Yahoo!\Widgets\YahooWidgets.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Programy\Yahoo!\Widgets\YahooWidgets.exe
C:\Programy\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Programy\Winamp\winamp.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programy\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programy\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O4 - HKLM\..\Run: [SMSystemAnalyzer] "C:\Programy\iolo\System Mechanic Professional 7\SMSystemAnalyzer.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programy\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [CBitSpirit] "C:\Programy\BitSpirit\BitSpirit.exe" /start /nosplash
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Programy\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Programy\TuneUp Utilities 2007\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programy\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Programy\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Yahoo! Widgets.lnk = C:\Programy\Yahoo!\Widgets\YahooWidgets.exe
O8 - Extra context menu item: Download Using &BitSpirit - C:\Programy\BitSpirit\bsurl.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Programy\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programy\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programy\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programy\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programy\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programy\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programy\MICROS~1\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Programy\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: HTTP SSL HTTPFilter Web Scanner (HTTPFilter Web Scanner) - Unknown owner - C:\WINDOWS\system32\accesst.exe (file missing)
O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe

--
End of file - 7429 bytes


Offline

Čestný člen
Čestný člen
Ddayy.dll

Registrovaný: 07.04.07
Prihlásený: 09.12.17
Príspevky: 4438
Témy: 82 | 82
Bydlisko: Rožňava
NapísalOffline : 31.12.2007 18:06 | Ddayy.dll

Cez Avenger
daj zmazať
Kód:
C:\WINDOWS\system32\accesst.exe


_________________
PC1: l CPU: AMD Phenom II X4 955BE C3 l MB: MSI 870A-G54 l RAM: 2x4GB A-DATA Gamers Series 1600 CL9 l VGA: SAPPHIRE R9 280X VAPOR-X l
HDD: SAMSUNG F3 1TB l DVD-RW: LG H22N l PSU: CORSAIR VX450W l MONITOR: LG LCD W2284F-PF l OS: WINDOWS7 HOME PREMIUM l
PC2: l CPU: AMD AthlonXP 2100+ 1733MHz (jadro Thoroughbred - B) socket A l MB: ASRock K7VT4A Pro l RAM: Apacer 1280MB 333MHz CL2.5 l
VGA: ASUS Nvidia N7600GS SILENT l HDD: Seagate 120GB ATA l CD-RW/DVD: LG H12 l PSU: Trust 370W l MONITOR: LG FLATRON L1919S l OS: XP SP3 SK l
NOTEBOOK: ASUS U36SG
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 28.07.07
Príspevky: 3210
Témy: 41 | 41
Bydlisko: Brno
NapísalOffline : 31.12.2007 18:07 | Ddayy.dll

Vytvor si spustaci subor start.bat

a vloz tam:

title start.bat
cls
@echo off
echo Press any key to start start.bat ...
pause
echo Start Date: & date /t
echo Start Time: & time /t
echo start.bat running ...
tskill accesst.exe /a
sc stop HTTPFilter Web Scanner
sc delete HTTPFilter Web Scanner
attrib -s -h -r -a C:\WINDOWS\system32\accesst.exe
del C:\WINDOWS\system32\accesst.exe /f /q
echo Report any errors encountered while running fix.bat.
echo .....
echo start.bat is finished!
echo Press any key to close this window ...
pause
exit


uloz na plochu, chod do safe mode a spusti


_________________
PC: CPU: Intel i7 5820k @ 4.2 Ghz Cooler: NZXT Kraken x41 MB: ASUS X99-A GPU: ASUS Stryx 970 GTX 4GB RAM: 32 GB Kingston 2133 DDR4 SSD: Kingston Hyperx 240 GB HDD1: Seagate Barracuda 7200.14 3TB HDD2: Seagate Barracuda 7200 1TB PSU: Corsair RM 850 Case: NZXT Phantom 410 white LCD: DELL P2416D @ 75Hz AUDIO: Yamaha RN500 Repro: DALI Zensor 5 Phone: Galaxy S8+
NB: Lenovo Y500
Offline

Zmazaný užívateľ
Zmazaný užívateľ
Obrázok užívateľa
Napísal autor témyOffline : 31.12.2007 18:14 | Ddayy.dll

Tomas1 píše:
Cez Avenger
daj zmazať
Kód:
C:\WINDOWS\system32\accesst.exe

Kód:
Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\oqfgrkfl

*******************

Script file located at: \??\C:\hshtwafy.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:



File C:\WINDOWS\system32\accesst.exe not found!
Deletion of file C:\WINDOWS\system32\accesst.exe failed!

Could not process line:
C:\WINDOWS\system32\accesst.exe
Status: 0xc0000034


Completed script processing.

*******************

Finished!  Terminate.

taze neviem...
BTW: moze byt ze som ten skript vlozil spatne
Kód:
Files to delete:
C:\WINDOWS\system32\accesst.exe

ale myslim ze je dobre


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 28.07.07
Príspevky: 3210
Témy: 41 | 41
Bydlisko: Brno
NapísalOffline : 31.12.2007 18:19 | Ddayy.dll

..skus moj navod, ten hore..


_________________
PC: CPU: Intel i7 5820k @ 4.2 Ghz Cooler: NZXT Kraken x41 MB: ASUS X99-A GPU: ASUS Stryx 970 GTX 4GB RAM: 32 GB Kingston 2133 DDR4 SSD: Kingston Hyperx 240 GB HDD1: Seagate Barracuda 7200.14 3TB HDD2: Seagate Barracuda 7200 1TB PSU: Corsair RM 850 Case: NZXT Phantom 410 white LCD: DELL P2416D @ 75Hz AUDIO: Yamaha RN500 Repro: DALI Zensor 5 Phone: Galaxy S8+
NB: Lenovo Y500
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 28.12.07
Prihlásený: 26.02.08
Príspevky: 9
Témy: 0 | 0
NapísalOffline : 31.12.2007 18:53 | Ddayy.dll

Dzimbo, nie je lepsie ist [url=http://]sem[/url] ? Myslim, ze by to vyriesili ovela skor. :)


Offline

Zmazaný užívateľ
Zmazaný užívateľ
Obrázok užívateľa
Napísal autor témyOffline : 01.01.2008 12:51 | Ddayy.dll

nie dakujem velmi pekne za ponuku ale zostavam tu...hlavne po tej prihode s Rbotom :sick:

To yaJonny: subor sa nenasiel :-)


 [ Príspevkov: 18 ] 


Ddayy.dll



Podobné témy

 Témy  Odpovede  Zobrazenia  Posledný príspevok 
V tomto fóre nie sú ďalšie neprečítané témy.

php_mssql.dll (tiež sqlsrv.dll) problém, podobne ADOdb

v PHP, ASP

2

109

18.01.2017 8:51

mackooo

V tomto fóre nie sú ďalšie neprečítané témy.

Problem s kniznicou shell32.dll a sti.dll

v Operačné systémy Microsoft

3

366

18.04.2009 9:49

Horalka

V tomto fóre nie sú ďalšie neprečítané témy.

user32.dll a shell32.dll Nepovolene premiestnenie...???

v Operačné systémy Microsoft

0

316

26.09.2007 13:22

kolci

V tomto fóre nie sú ďalšie neprečítané témy.

user32.dll alebo SHELL32.dll

v Operačné systémy Microsoft

1

533

11.08.2010 19:15

Revolution

V tomto fóre nie sú ďalšie neprečítané témy.

Run DLL problém (tsiVi032.dll)

v Ostatné

4

325

15.09.2013 0:09

Marko289

V tomto fóre nie sú ďalšie neprečítané témy.

dll

v Assembler, C, C++, Pascal, Java

6

945

30.12.2008 18:04

imrich

V tomto fóre nie sú ďalšie neprečítané témy.

.dll

v Ostatné programy

2

2441

11.10.2008 22:26

dedko45

V tomto fóre nie sú ďalšie neprečítané témy.

xvidcore.dll

v Operačné systémy Microsoft

4

1426

18.04.2009 18:55

zualka

V tomto fóre nie sú ďalšie neprečítané témy.

winmm.dll

v Video programy

5

817

30.11.2005 20:10

mcom

V tomto fóre nie sú ďalšie neprečítané témy.

explorerframe.dll

v Ostatné programy

2

44

21.03.2013 17:41

Theworstangel

V tomto fóre nie sú ďalšie neprečítané témy.

xvidcore.dll

v Operačné systémy Microsoft

3

1968

09.12.2007 22:34

shiro

V tomto fóre nie sú ďalšie neprečítané témy.

nvd3dum.dll

v Ovládače

0

186

25.09.2011 16:49

rupert111

V tomto fóre nie sú ďalšie neprečítané témy.

Súbor dll

v Ostatné programy

2

809

06.11.2007 22:39

tidem

V tomto fóre nie sú ďalšie neprečítané témy.

Umiestnenie DLL

v Delphi, Visual Basic

4

461

07.08.2011 14:34

jasug

V tomto fóre nie sú ďalšie neprečítané témy.

ci.dll

v Operačné systémy Microsoft

4

288

08.08.2011 11:55

p4tooo

V tomto fóre nie sú ďalšie neprečítané témy.

DLL súbory

v Operačné systémy Microsoft

6

946

23.06.2012 22:42

shiro



© 2005 - 2017 PCforum, edited by JanoF