Obsah fóra » Softvér » Bezpečnosť » Antivírusy a ochrana » Ddayy.dll





 Stránka: 1 z 1
 [ Príspevkov: 18 ] 
AutorSpráva
Offline Dzimbo

Zmazaný užívateľ
Zmazaný užívateľ
Obrázok užívateľa
NapísalOffline Dzimbo: 31.12.2007 13:22 | Ddayy.dll

Mam problem z tymto suborom...mal som avast a ten nic nehlasil no presil som na Aviru a ona hlasi ze je to trojan...skusal som ho zmazat ale on sa furt objavuje...prikladam log z Hijackthis
+ mi tam vyskakuju aj nejake ine dllcka...
log je nejaky nezvicajne dlhy...asi sa tam daco posahalo

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:21:44, on 31.12.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\svchost.exe
C:\Programy\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Programy\AlienGUIse\wbload.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programy\iolo\System Mechanic Professional 7\SMSystemAnalyzer.exe
C:\Programy\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programy\DAEMON Tools\daemon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
C:\Programy\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
C:\Programy\Yahoo!\Widgets\YahooWidgets.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\Programy\Yahoo!\Widgets\YahooWidgets.exe
C:\Programy\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avcenter.exe
c:\program files\avira\antivir personaledition classic\avscan.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {0012BC60-BBAB-45B7-BF26-D5C6E63C6848} - (no file)
O2 - BHO: (no name) - {011C82A2-86F8-4B5D-ABAF-3E783A5D3EE2} - (no file)
O2 - BHO: (no name) - {0CA62AB0-CDD3-4A50-AD6B-A5184229FF54} - (no file)
O2 - BHO: (no name) - {12FD34D7-D969-4C81-AA06-5BBBC1CFCBEE} - (no file)
O2 - BHO: (no name) - {14A0DD04-858C-48CA-B68A-170E52578029} - (no file)
O2 - BHO: (no name) - {1A110388-4AD5-4703-B1D2-D950F4061E14} - (no file)
O2 - BHO: (no name) - {1FAE3A84-0723-4D3C-A521-492B0D3D2008} - (no file)
O2 - BHO: (no name) - {224DBEBF-2876-4438-965D-5BEE47EFC3BA} - (no file)
O2 - BHO: (no name) - {312CC312-9E3D-4F5E-9EE4-6AA3C0D91BF9} - (no file)
O2 - BHO: (no name) - {368AB513-033F-453F-A434-1A7AA5536A26} - (no file)
O2 - BHO: (no name) - {38492103-8EB2-4492-9076-6B414BC6B2FA} - (no file)
O2 - BHO: (no name) - {3899A61F-0B1A-4A57-BC60-98F44D291F87} - (no file)
O2 - BHO: (no name) - {4CEFC3B3-CEFA-4E95-9F26-AA6A52920F5D} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programy\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5B3E0442-5179-4DC3-A839-5DD4EC1906C8} - (no file)
O2 - BHO: (no name) - {63A547F0-5E83-45B9-A96A-7783F1FE35B6} - C:\WINDOWS\system32\ddayy.dll
O2 - BHO: (no name) - {64CFA7A4-582A-443D-A799-9943CBDFF37F} - (no file)
O2 - BHO: (no name) - {68C0D766-E88C-437B-9B6A-3D640331FE1D} - (no file)
O2 - BHO: (no name) - {6A5899BA-453A-4CC6-A33A-018A183DA70A} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programy\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: (no name) - {729F6A59-C71A-4AD0-BADC-6EB4D089B131} - (no file)
O2 - BHO: (no name) - {740267D5-4FD0-4E34-AEA6-740E4C68D2AA} - C:\WINDOWS\system32\ljjklii.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {788FFC7F-8F50-4CF9-A27D-81E516A02716} - (no file)
O2 - BHO: (no name) - {7e1c377c-fef2-48f0-a926-597139d707aa} - (no file)
O2 - BHO: (no name) - {7FF02CED-78D1-4FD8-991E-38FEC618F41E} - (no file)
O2 - BHO: (no name) - {8171FEC6-2512-45DF-AEB4-6887E7EB0A60} - (no file)
O2 - BHO: (no name) - {87169E4D-F931-4A8C-80E9-FFDA5ECD6211} - (no file)
O2 - BHO: (no name) - {959C0CFF-9002-49F7-B9F5-C8BCB6B2A365} - (no file)
O2 - BHO: (no name) - {964cf574-b095-47b0-84af-f751078ead4b} - (no file)
O2 - BHO: (no name) - {A38D61F2-5799-457C-B839-8FF6D73939D9} - (no file)
O2 - BHO: (no name) - {A44AE059-6E43-4F9C-B1B5-2BBB29FBC3E1} - (no file)
O2 - BHO: (no name) - {AC51D08C-0A94-444B-A9E2-F7068DFE55A8} - (no file)
O2 - BHO: (no name) - {AF7E9618-5077-4C04-9829-D7B776E6C168} - (no file)
O2 - BHO: (no name) - {B5B4DBA8-EDC1-43EC-A96D-00E8F4A50A2B} - (no file)
O2 - BHO: (no name) - {B5F448FC-E836-4B9B-A519-994FE9E7DFDF} - (no file)
O2 - BHO: (no name) - {B84A0A64-9AC6-4F99-8BD3-06F2AE99881C} - (no file)
O2 - BHO: (no name) - {bdf8c3c6-5712-463d-bd42-f449474258e1} - (no file)
O2 - BHO: (no name) - {BEA242AB-5F8A-4E7C-90EE-D955D91AAC86} - (no file)
O2 - BHO: {94666270-d937-47c8-d784-630cb136a11c} - {c11a631b-c036-487d-8c74-739d07266649} - C:\WINDOWS\system32\kekumacw.dll
O2 - BHO: (no name) - {C1EA7BCF-0415-4BF5-8EF9-3209982B60C9} - (no file)
O2 - BHO: (no name) - {ce8cf0b8-0a34-4f2c-9f9d-c5ab40e30f02} - (no file)
O2 - BHO: (no name) - {CF27189B-E556-47E3-B828-EACDAD179C56} - (no file)
O2 - BHO: (no name) - {D12B4C76-F92B-48E8-BF55-889E554A56A0} - (no file)
O2 - BHO: (no name) - {E5A258D1-85D3-4F99-9908-8F688C125462} - (no file)
O2 - BHO: (no name) - {EA368695-29FB-4B61-8B3E-BBAC7F760973} - (no file)
O2 - BHO: (no name) - {EB8BCA79-9B0A-4C4F-B911-F4AE3C9927CC} - (no file)
O2 - BHO: (no name) - {ec71912c-a19c-4f50-a422-f4244bcc8e49} - (no file)
O2 - BHO: e404 helper - {F10587E9-0E47-4CBE-84AE-7DD20B8684BB} - C:\Program Files\Helper\superfinderusa.dll
O2 - BHO: (no name) - {F7A65B75-E08E-4339-86A4-ACD07974F227} - (no file)
O4 - HKLM\..\Run: [SMSystemAnalyzer] "C:\Programy\iolo\System Mechanic Professional 7\SMSystemAnalyzer.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programy\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [CBitSpirit] "C:\Programy\BitSpirit\BitSpirit.exe" /start /nosplash
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [8433e67e] rundll32.exe "C:\WINDOWS\system32\barekqmt.dll",b
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Programy\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Programy\TuneUp Utilities 2007\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programy\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Programy\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Yahoo! Widgets.lnk = C:\Programy\Yahoo!\Widgets\YahooWidgets.exe
O8 - Extra context menu item: Download Using &BitSpirit - C:\Programy\BitSpirit\bsurl.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Programy\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programy\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programy\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programy\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programy\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programy\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programy\MICROS~1\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: ljjklii - C:\WINDOWS\SYSTEM32\ljjklii.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Programy\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\jktblhha.exe (file missing)
O23 - Service: HTTP SSL HTTPFilter Web Scanner (HTTPFilter Web Scanner) - Unknown owner - C:\WINDOWS\system32\accesst.exe (file missing)
O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe

--
End of file - 11507 bytes


Offline Horalka

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 24.03.07
Prihlásený: 28.07.16
Príspevky: 4149
Témy: 251 | 251
Bydlisko: Michalovce
NapísalOffline Horalka: 31.12.2007 13:37 | Ddayy.dll

Omg

Fix:

O2 - BHO: (no name) - {0012BC60-BBAB-45B7-BF26-D5C6E63C6848} - (no file)
O2 - BHO: (no name) - {011C82A2-86F8-4B5D-ABAF-3E783A5D3EE2} - (no file)
O2 - BHO: (no name) - {0CA62AB0-CDD3-4A50-AD6B-A5184229FF54} - (no file)
O2 - BHO: (no name) - {12FD34D7-D969-4C81-AA06-5BBBC1CFCBEE} - (no file)
O2 - BHO: (no name) - {14A0DD04-858C-48CA-B68A-170E52578029} - (no file)
O2 - BHO: (no name) - {1A110388-4AD5-4703-B1D2-D950F4061E14} - (no file)
O2 - BHO: (no name) - {1FAE3A84-0723-4D3C-A521-492B0D3D2008} - (no file)
O2 - BHO: (no name) - {224DBEBF-2876-4438-965D-5BEE47EFC3BA} - (no file)
O2 - BHO: (no name) - {312CC312-9E3D-4F5E-9EE4-6AA3C0D91BF9} - (no file)
O2 - BHO: (no name) - {368AB513-033F-453F-A434-1A7AA5536A26} - (no file)
O2 - BHO: (no name) - {38492103-8EB2-4492-9076-6B414BC6B2FA} - (no file)
O2 - BHO: (no name) - {3899A61F-0B1A-4A57-BC60-98F44D291F87} - (no file)
O2 - BHO: (no name) - {4CEFC3B3-CEFA-4E95-9F26-AA6A52920F5D} - (no file)
O2 - BHO: (no name) - {5B3E0442-5179-4DC3-A839-5DD4EC1906C8} - (no file)
O2 - BHO: (no name) - {63A547F0-5E83-45B9-A96A-7783F1FE35B6} - C:\WINDOWS\system32\ddayy.dll
O2 - BHO: (no name) - {64CFA7A4-582A-443D-A799-9943CBDFF37F} - (no file)
O2 - BHO: (no name) - {68C0D766-E88C-437B-9B6A-3D640331FE1D} - (no file)
O2 - BHO: (no name) - {6A5899BA-453A-4CC6-A33A-018A183DA70A} - (no file)
O2 - BHO: (no name) - {729F6A59-C71A-4AD0-BADC-6EB4D089B131} - (no file)
O2 - BHO: (no name) - {740267D5-4FD0-4E34-AEA6-740E4C68D2AA} - C:\WINDOWS\system32\ljjklii.dll
O2 - BHO: (no name) - {788FFC7F-8F50-4CF9-A27D-81E516A02716} - (no file)
O2 - BHO: (no name) - {7e1c377c-fef2-48f0-a926-597139d707aa} - (no file)
O2 - BHO: (no name) - {7FF02CED-78D1-4FD8-991E-38FEC618F41E} - (no file)
O2 - BHO: (no name) - {8171FEC6-2512-45DF-AEB4-6887E7EB0A60} - (no file)
O2 - BHO: (no name) - {87169E4D-F931-4A8C-80E9-FFDA5ECD6211} - (no file)
O2 - BHO: (no name) - {959C0CFF-9002-49F7-B9F5-C8BCB6B2A365} - (no file)
O2 - BHO: (no name) - {964cf574-b095-47b0-84af-f751078ead4b} - (no file)
O2 - BHO: (no name) - {A38D61F2-5799-457C-B839-8FF6D73939D9} - (no file)
O2 - BHO: (no name) - {A44AE059-6E43-4F9C-B1B5-2BBB29FBC3E1} - (no file)
O2 - BHO: (no name) - {AC51D08C-0A94-444B-A9E2-F7068DFE55A8} - (no file)
O2 - BHO: (no name) - {AF7E9618-5077-4C04-9829-D7B776E6C168} - (no file)
O2 - BHO: (no name) - {B5B4DBA8-EDC1-43EC-A96D-00E8F4A50A2B} - (no file)
O2 - BHO: (no name) - {B5F448FC-E836-4B9B-A519-994FE9E7DFDF} - (no file)
O2 - BHO: (no name) - {B84A0A64-9AC6-4F99-8BD3-06F2AE99881C} - (no file)
O2 - BHO: (no name) - {bdf8c3c6-5712-463d-bd42-f449474258e1} - (no file)
O2 - BHO: (no name) - {BEA242AB-5F8A-4E7C-90EE-D955D91AAC86} - (no file)
O2 - BHO: {94666270-d937-47c8-d784-630cb136a11c} - {c11a631b-c036-487d-8c74-739d07266649} - C:\WINDOWS\system32\kekumacw.dll
O2 - BHO: (no name) - {C1EA7BCF-0415-4BF5-8EF9-3209982B60C9} - (no file)
O2 - BHO: (no name) - {ce8cf0b8-0a34-4f2c-9f9d-c5ab40e30f02} - (no file)
O2 - BHO: (no name) - {CF27189B-E556-47E3-B828-EACDAD179C56} - (no file)
O2 - BHO: (no name) - {D12B4C76-F92B-48E8-BF55-889E554A56A0} - (no file)
O2 - BHO: (no name) - {E5A258D1-85D3-4F99-9908-8F688C125462} - (no file)
O2 - BHO: (no name) - {EA368695-29FB-4B61-8B3E-BBAC7F760973} - (no file)
O2 - BHO: (no name) - {EB8BCA79-9B0A-4C4F-B911-F4AE3C9927CC} - (no file)
O2 - BHO: (no name) - {ec71912c-a19c-4f50-a422-f4244bcc8e49} - (no file)
O2 - BHO: (no name) - {F7A65B75-E08E-4339-86A4-ACD07974F227} - (no file)
O20 - Winlogon Notify: ljjklii - C:\WINDOWS\SYSTEM32\ljjklii.dll

//Proste fixni všetky no file a + tie čo su medzi nimi (tie 4 dll súbory)
+ C:\WINDOWS\system32\kekumacw.dll otestuj na www.virustotal.com


_________________
PC1: Intel Core i5 4690k / MSI Z97 Gaming 3 / Kingston HyperX Fury 8GB DDR3 / MSI R9 380 Gaming 2GB / Crucial MX100 256GB SSD / Samsung EcoGreen F3 HD105SI 1TB SATA / CoolerMaster G450M / LG IPS235P

PC2: AMD Phenom II X4 955 / ASUS M5A97 PRO / Kingston 8GB Kit DDR3 / grafika RIP :( /

NTB: Lenovo IdeaPad Y580 - Intel Core i5 3210 / 15.6" 1080p / 8GB DDR3 / NVIDIA GeForce GTX660M 2GB / SSD 90GB Intel 525 mSATA / HDD 1TB 5400 RPM
Offline Devil_SK

Užívateľ
Užívateľ
Ddayy.dll

Registrovaný: 10.02.07
Prihlásený: 14.08.11
Príspevky: 1626
Témy: 22 | 22
Bydlisko: Ziar nad Hr...
NapísalOffline Devil_SK: 31.12.2007 13:41 | Ddayy.dll

fixni

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
vsetko podobne ako toto O2 - BHO: (no name) - {729F6A59-C71A-4AD0-BADC-6EB4D089B131} - (no file)
dalej tieto
O2 - BHO: e404 helper - {F10587E9-0E47-4CBE-84AE-7DD20B8684BB} - C:\Program Files\Helper\superfinderusa.dll
O2 - BHO: (no name) - {63A547F0-5E83-45B9-A96A-7783F1FE35B6} - C:\WINDOWS\system32\ddayy.dll
O2 - BHO: (no name) - {740267D5-4FD0-4E34-AEA6-740E4C68D2AA} - C:\WINDOWS\system32\ljjklii.dll
O4 - HKLM\..\Run: [8433e67e] rundll32.exe "C:\WINDOWS\system32\barekqmt.dll",b
O20 - Winlogon Notify: ljjklii - C:\WINDOWS\SYSTEM32\ljjklii.dll
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\jktblhha.exe (file missing)
O23 - Service: HTTP SSL HTTPFilter Web Scanner (HTTPFilter Web Scanner) - Unknown owner - C:\WINDOWS\system32\accesst.exe (file missing)


:shock: :shock: :shock: :shock:

// potom sem hod dalsi log


_________________
Myslenie nemohlo vzniknúť bez reči, no reč bez myslenia sa vyskytuje často. Brie Andre
My OS: Primary - Kubuntu 10.10 Maverick Meerkat , Secondary - Windows 7
Problemy sa riesia tu na fore nie cez ICQ a Skype. Dakujem
Offline yaJohny

Zmazaný užívateľ
Zmazaný užívateľ
Obrázok užívateľa
Napísal autor témyOffline yaJohny: 31.12.2007 13:43 | Ddayy.dll

bordel riadny :)
fixni:
O2 - BHO: (no name) - {0012BC60-BBAB-45B7-BF26-D5C6E63C6848} - (no file)
O2 - BHO: (no name) - {011C82A2-86F8-4B5D-ABAF-3E783A5D3EE2} - (no file)
O2 - BHO: (no name) - {0CA62AB0-CDD3-4A50-AD6B-A5184229FF54} - (no file)
O2 - BHO: (no name) - {12FD34D7-D969-4C81-AA06-5BBBC1CFCBEE} - (no file)
O2 - BHO: (no name) - {14A0DD04-858C-48CA-B68A-170E52578029} - (no file)
O2 - BHO: (no name) - {1A110388-4AD5-4703-B1D2-D950F4061E14} - (no file)
O2 - BHO: (no name) - {1FAE3A84-0723-4D3C-A521-492B0D3D2008} - (no file)
O2 - BHO: (no name) - {224DBEBF-2876-4438-965D-5BEE47EFC3BA} - (no file)
O2 - BHO: (no name) - {312CC312-9E3D-4F5E-9EE4-6AA3C0D91BF9} - (no file)
O2 - BHO: (no name) - {368AB513-033F-453F-A434-1A7AA5536A26} - (no file)
O2 - BHO: (no name) - {38492103-8EB2-4492-9076-6B414BC6B2FA} - (no file)
O2 - BHO: (no name) - {3899A61F-0B1A-4A57-BC60-98F44D291F87} - (no file)
O2 - BHO: (no name) - {4CEFC3B3-CEFA-4E95-9F26-AA6A52920F5D} - (no file)
O2 - BHO: (no name) - {5B3E0442-5179-4DC3-A839-5DD4EC1906C8} - (no file)
O2 - BHO: (no name) - {63A547F0-5E83-45B9-A96A-7783F1FE35B6} - C:\WINDOWS\system32\ddayy.dll
O2 - BHO: (no name) - {64CFA7A4-582A-443D-A799-9943CBDFF37F} - (no file)
O2 - BHO: (no name) - {68C0D766-E88C-437B-9B6A-3D640331FE1D} - (no file)
O2 - BHO: (no name) - {6A5899BA-453A-4CC6-A33A-018A183DA70A} - (no file)
O2 - BHO: (no name) - {729F6A59-C71A-4AD0-BADC-6EB4D089B131} - (no file)
O2 - BHO: (no name) - {740267D5-4FD0-4E34-AEA6-740E4C68D2AA} - C:\WINDOWS\system32\ljjklii.dll
O2 - BHO: (no name) - {788FFC7F-8F50-4CF9-A27D-81E516A02716} - (no file)
O2 - BHO: (no name) - {7e1c377c-fef2-48f0-a926-597139d707aa} - (no file)
O2 - BHO: (no name) - {7FF02CED-78D1-4FD8-991E-38FEC618F41E} - (no file)
O2 - BHO: (no name) - {8171FEC6-2512-45DF-AEB4-6887E7EB0A60} - (no file)
O2 - BHO: (no name) - {87169E4D-F931-4A8C-80E9-FFDA5ECD6211} - (no file)
O2 - BHO: (no name) - {959C0CFF-9002-49F7-B9F5-C8BCB6B2A365} - (no file)
O2 - BHO: (no name) - {964cf574-b095-47b0-84af-f751078ead4b} - (no file)
O2 - BHO: (no name) - {A38D61F2-5799-457C-B839-8FF6D73939D9} - (no file)
O2 - BHO: (no name) - {A44AE059-6E43-4F9C-B1B5-2BBB29FBC3E1} - (no file)
O2 - BHO: (no name) - {AC51D08C-0A94-444B-A9E2-F7068DFE55A8} - (no file)
O2 - BHO: (no name) - {AF7E9618-5077-4C04-9829-D7B776E6C168} - (no file)
O2 - BHO: (no name) - {B5B4DBA8-EDC1-43EC-A96D-00E8F4A50A2B} - (no file)
O2 - BHO: (no name) - {B5F448FC-E836-4B9B-A519-994FE9E7DFDF} - (no file)
O2 - BHO: (no name) - {B84A0A64-9AC6-4F99-8BD3-06F2AE99881C} - (no file)
O2 - BHO: (no name) - {bdf8c3c6-5712-463d-bd42-f449474258e1} - (no file)
O2 - BHO: (no name) - {BEA242AB-5F8A-4E7C-90EE-D955D91AAC86} - (no file)
O2 - BHO: {94666270-d937-47c8-d784-630cb136a11c} - {c11a631b-c036-487d-8c74-739d07266649} - C:\WINDOWS\system32\kekumacw.dll
O2 - BHO: (no name) - {C1EA7BCF-0415-4BF5-8EF9-3209982B60C9} - (no file)
O2 - BHO: (no name) - {ce8cf0b8-0a34-4f2c-9f9d-c5ab40e30f02} - (no file)
O2 - BHO: (no name) - {CF27189B-E556-47E3-B828-EACDAD179C56} - (no file)
O2 - BHO: (no name) - {D12B4C76-F92B-48E8-BF55-889E554A56A0} - (no file)
O2 - BHO: (no name) - {E5A258D1-85D3-4F99-9908-8F688C125462} - (no file)
O2 - BHO: (no name) - {EA368695-29FB-4B61-8B3E-BBAC7F760973} - (no file)
O2 - BHO: (no name) - {EB8BCA79-9B0A-4C4F-B911-F4AE3C9927CC} - (no file)
O2 - BHO: (no name) - {ec71912c-a19c-4f50-a422-f4244bcc8e49} - (no file)
O2 - BHO: e404 helper - {F10587E9-0E47-4CBE-84AE-7DD20B8684BB} - C:\Program Files\Helper\superfinderusa.dll
O2 - BHO: (no name) - {F7A65B75-E08E-4339-86A4-ACD07974F227} - (no file)
O4 - HKLM\..\Run: [8433e67e] rundll32.exe "C:\WINDOWS\system32\barekqmt.dll",b
O20 - Winlogon Notify: ljjklii - C:\WINDOWS\SYSTEM32\ljjklii.dll
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\jktblhha.exe (file missing)
O23 - Service: HTTP SSL HTTPFilter Web Scanner (HTTPFilter Web Scanner) - Unknown owner - C:\WINDOWS\system32\accesst.exe (file missing)

potom si stiahni Combofix a znova sli log z combofixu + Hijackthis :)

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem klávesy 1
- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna
- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah do svého threadu na forum

edit: vsade radia to iste, u mna je komplet vypis...


Offline pichaliska

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 28.12.07
Prihlásený: 26.02.08
Príspevky: 9
Témy: 0 | 0
NapísalOffline pichaliska: 31.12.2007 14:30 | Ddayy.dll

To preco "radite" desat krat to iste. :roll:


Offline Dzimbo

Zmazaný užívateľ
Zmazaný užívateľ
Obrázok užívateľa
Napísal autor témyOffline Dzimbo: 31.12.2007 15:47 | Ddayy.dll

no dal som spreavit scan a tie (no file) tam uz neboli...idem fixnut tie ostatne...
BTW: moze sa daco stat ked fixujem a zaroven bezi test v Avire?
EDIT: vlastne pozeram ze tam su uz iba posledne dva :roll:


Offline yaJohny

Zmazaný užívateľ
Zmazaný užívateľ
Obrázok užívateľa
Napísal autor témyOffline yaJohny: 31.12.2007 16:45 | Ddayy.dll

vloz radsej novy log


Offline Dzimbo

Zmazaný užívateľ
Zmazaný užívateľ
Obrázok užívateľa
Napísal autor témyOffline Dzimbo: 31.12.2007 17:03 | Ddayy.dll

boha mna asi j...e...
spravil som novy log a ulozil ho do schranky...pustil som comboFix, vsetko islo v pohode ale naraz...modra obrazovka...
a v Hijackthis mam zasa tie noname...idem fixnut a dam log...

tu je ten log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:02, on 2007-12-31
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programy\AlienGUIse\wbload.exe
C:\Programy\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Programy\iolo\System Mechanic Professional 7\SMSystemAnalyzer.exe
C:\Programy\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Programy\DAEMON Tools\daemon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Programy\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
C:\Programy\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Programy\Yahoo!\Widgets\YahooWidgets.exe
C:\Programy\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programy\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programy\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O4 - HKLM\..\Run: [SMSystemAnalyzer] "C:\Programy\iolo\System Mechanic Professional 7\SMSystemAnalyzer.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programy\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [CBitSpirit] "C:\Programy\BitSpirit\BitSpirit.exe" /start /nosplash
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Programy\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Programy\TuneUp Utilities 2007\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programy\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Programy\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Yahoo! Widgets.lnk = C:\Programy\Yahoo!\Widgets\YahooWidgets.exe
O8 - Extra context menu item: Download Using &BitSpirit - C:\Programy\BitSpirit\bsurl.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Programy\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programy\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programy\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programy\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programy\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programy\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programy\MICROS~1\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Programy\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: HTTP SSL HTTPFilter Web Scanner (HTTPFilter Web Scanner) - Unknown owner - C:\WINDOWS\system32\accesst.exe (file missing)
O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe

--
End of file - 7637 bytes


Offline yaJohny

Zmazaný užívateľ
Zmazaný užívateľ
Obrázok užívateľa
Napísal autor témyOffline yaJohny: 31.12.2007 17:07 | Ddayy.dll

fix:
O23 - Service: HTTP SSL HTTPFilter Web Scanner (HTTPFilter Web Scanner) - Unknown owner - C:\WINDOWS\system32\accesst.exe (file missing)

a malo by to byt ok...este by log z combofixu bodol :)

edit: skus este restart PC a novy log


Offline Dzimbo

Zmazaný užívateľ
Zmazaný užívateľ
Obrázok užívateľa
Napísal autor témyOffline Dzimbo: 31.12.2007 17:20 | Ddayy.dll

yaJohny píše:
fix:
O23 - Service: HTTP SSL HTTPFilter Web Scanner (HTTPFilter Web Scanner) - Unknown owner - C:\WINDOWS\system32\accesst.exe (file missing)

a malo by to byt ok...este by log z combofixu bodol :)

edit: skus este restart PC a novy log

uz je to dobre uz nic neukazuje...combofix nejde (modra obrazovka)...ten O23 nejde fixnut, furt sa tam bojavy... :sick:


Offline Tomas1

Čestný člen
Čestný člen
Ddayy.dll

Registrovaný: 07.04.07
Prihlásený: 18.07.24
Príspevky: 4435
Témy: 85 | 85
Bydlisko: Rožňava
NapísalOffline Tomas1: 31.12.2007 17:46 | Ddayy.dll

Dzimbo..hod sem najnovši log...ešte sa mi to nezda čiste ;)


_________________
PC1: l CPU: AMD Phenom II X4 955BE C3 l MB: MSI 870A-G54 l RAM: 2x4GB A-DATA Gamers Series 1600 CL9 l VGA: SAPPHIRE R9 280X VAPOR-X l
HDD: SAMSUNG F3 1TB l DVD-RW: LG H22N l PSU: CORSAIR VX450W l MONITOR: LG LCD W2284F-PF l OS: WINDOWS7 HOME PREMIUM l
PC2: l CPU: AMD AthlonXP 2100+ 1733MHz (jadro Thoroughbred - B) socket A l MB: ASRock K7VT4A Pro l RAM: Apacer 1280MB 333MHz CL2.5 l
VGA: ASUS Nvidia N7600GS SILENT l HDD: Seagate 120GB ATA l CD-RW/DVD: LG H12 l PSU: Trust 370W l MONITOR: LG FLATRON L1919S l OS: XP SP3 SK l
NOTEBOOK: ASUS U36SG
Offline Dzimbo

Zmazaný užívateľ
Zmazaný užívateľ
Obrázok užívateľa
Napísal autor témyOffline Dzimbo: 31.12.2007 17:55 | Ddayy.dll

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:55, on 2007-12-31
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programy\AlienGUIse\wbload.exe
C:\Programy\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Programy\iolo\System Mechanic Professional 7\SMSystemAnalyzer.exe
C:\Programy\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programy\DAEMON Tools\daemon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Programy\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
C:\Programy\Yahoo!\Widgets\YahooWidgets.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Programy\Yahoo!\Widgets\YahooWidgets.exe
C:\Programy\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Programy\Winamp\winamp.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programy\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programy\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O4 - HKLM\..\Run: [SMSystemAnalyzer] "C:\Programy\iolo\System Mechanic Professional 7\SMSystemAnalyzer.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programy\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [CBitSpirit] "C:\Programy\BitSpirit\BitSpirit.exe" /start /nosplash
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Programy\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Programy\TuneUp Utilities 2007\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programy\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Programy\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Yahoo! Widgets.lnk = C:\Programy\Yahoo!\Widgets\YahooWidgets.exe
O8 - Extra context menu item: Download Using &BitSpirit - C:\Programy\BitSpirit\bsurl.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Programy\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programy\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programy\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programy\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programy\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programy\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programy\MICROS~1\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Programy\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: HTTP SSL HTTPFilter Web Scanner (HTTPFilter Web Scanner) - Unknown owner - C:\WINDOWS\system32\accesst.exe (file missing)
O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe

--
End of file - 7429 bytes


Offline Tomas1

Čestný člen
Čestný člen
Ddayy.dll

Registrovaný: 07.04.07
Prihlásený: 18.07.24
Príspevky: 4435
Témy: 85 | 85
Bydlisko: Rožňava
NapísalOffline Tomas1: 31.12.2007 18:06 | Ddayy.dll

Cez Avenger
daj zmazať
Kód:
C:\WINDOWS\system32\accesst.exe


_________________
PC1: l CPU: AMD Phenom II X4 955BE C3 l MB: MSI 870A-G54 l RAM: 2x4GB A-DATA Gamers Series 1600 CL9 l VGA: SAPPHIRE R9 280X VAPOR-X l
HDD: SAMSUNG F3 1TB l DVD-RW: LG H22N l PSU: CORSAIR VX450W l MONITOR: LG LCD W2284F-PF l OS: WINDOWS7 HOME PREMIUM l
PC2: l CPU: AMD AthlonXP 2100+ 1733MHz (jadro Thoroughbred - B) socket A l MB: ASRock K7VT4A Pro l RAM: Apacer 1280MB 333MHz CL2.5 l
VGA: ASUS Nvidia N7600GS SILENT l HDD: Seagate 120GB ATA l CD-RW/DVD: LG H12 l PSU: Trust 370W l MONITOR: LG FLATRON L1919S l OS: XP SP3 SK l
NOTEBOOK: ASUS U36SG
Offline yaJohny

Zmazaný užívateľ
Zmazaný užívateľ
Obrázok užívateľa
Napísal autor témyOffline yaJohny: 31.12.2007 18:07 | Ddayy.dll

Vytvor si spustaci subor start.bat

a vloz tam:

title start.bat
cls
@echo off
echo Press any key to start start.bat ...
pause
echo Start Date: & date /t
echo Start Time: & time /t
echo start.bat running ...
tskill accesst.exe /a
sc stop HTTPFilter Web Scanner
sc delete HTTPFilter Web Scanner
attrib -s -h -r -a C:\WINDOWS\system32\accesst.exe
del C:\WINDOWS\system32\accesst.exe /f /q
echo Report any errors encountered while running fix.bat.
echo .....
echo start.bat is finished!
echo Press any key to close this window ...
pause
exit


uloz na plochu, chod do safe mode a spusti


Offline Dzimbo

Zmazaný užívateľ
Zmazaný užívateľ
Obrázok užívateľa
Napísal autor témyOffline Dzimbo: 31.12.2007 18:14 | Ddayy.dll

Tomas1 píše:
Cez Avenger
daj zmazať
Kód:
C:\WINDOWS\system32\accesst.exe

Kód:
Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\oqfgrkfl

*******************

Script file located at: \??\C:\hshtwafy.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:



File C:\WINDOWS\system32\accesst.exe not found!
Deletion of file C:\WINDOWS\system32\accesst.exe failed!

Could not process line:
C:\WINDOWS\system32\accesst.exe
Status: 0xc0000034


Completed script processing.

*******************

Finished!  Terminate.

taze neviem...
BTW: moze byt ze som ten skript vlozil spatne
Kód:
Files to delete:
C:\WINDOWS\system32\accesst.exe

ale myslim ze je dobre


Offline yaJohny

Zmazaný užívateľ
Zmazaný užívateľ
Obrázok užívateľa
Napísal autor témyOffline yaJohny: 31.12.2007 18:19 | Ddayy.dll

..skus moj navod, ten hore..


Offline pichaliska

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 28.12.07
Prihlásený: 26.02.08
Príspevky: 9
Témy: 0 | 0
NapísalOffline pichaliska: 31.12.2007 18:53 | Ddayy.dll

Dzimbo, nie je lepsie ist [url=http://]sem[/url] ? Myslim, ze by to vyriesili ovela skor. :)


Offline Dzimbo

Zmazaný užívateľ
Zmazaný užívateľ
Obrázok užívateľa
Napísal autor témyOffline Dzimbo: 01.01.2008 12:51 | Ddayy.dll

nie dakujem velmi pekne za ponuku ale zostavam tu...hlavne po tej prihode s Rbotom :sick:

To yaJonny: subor sa nenasiel :-)


 Stránka: 1 z 1
 [ Príspevkov: 18 ] 


Ddayy.dll


Obsah fóra » Softvér » Bezpečnosť » Antivírusy a ochrana » Ddayy.dll


Podobné témy

 Témy  Odpovede  Zobrazenia  Posledný príspevok 
V tomto fóre nie sú ďalšie neprečítané témy.

php_mssql.dll (tiež sqlsrv.dll) problém, podobne ADOdb

v Backend

2

532

18.01.2017 8:51

mackooo

V tomto fóre nie sú ďalšie neprečítané témy.

Problem s kniznicou shell32.dll a sti.dll

v Windows

3

632

18.04.2009 9:49

Horalka

V tomto fóre nie sú ďalšie neprečítané témy.

user32.dll a shell32.dll Nepovolene premiestnenie...???

v Windows

0

685

26.09.2007 13:22

kolci

V tomto fóre nie sú ďalšie neprečítané témy.

user32.dll alebo SHELL32.dll

v Windows

1

906

11.08.2010 19:15

Revolution

V tomto fóre nie sú ďalšie neprečítané témy.

Run DLL problém (tsiVi032.dll)

v Ostatné

4

673

15.09.2013 0:09

Marko289

V tomto fóre nie sú ďalšie neprečítané témy.

.dll

v Ostatné programy

2

2850

11.10.2008 22:26

dedko45

V tomto fóre nie sú ďalšie neprečítané témy.

dll

v Backend

6

1282

30.12.2008 18:04

marian_sk

V tomto fóre nie sú ďalšie neprečítané témy.

ceuttil.dll

v Windows

2

375

13.12.2009 15:26

Luigy88

V tomto fóre nie sú ďalšie neprečítané témy.

UXtheme.dll

v Windows

1

484

20.03.2007 15:52

itsgoingd

V tomto fóre nie sú ďalšie neprečítané témy.

( onex.dll )

v Pevné disky a radiče

1

1122

11.10.2009 14:24

majky358

V tomto fóre nie sú ďalšie neprečítané témy.

xvidcore.dll

v Windows

4

1742

18.04.2009 18:55

zualka

V tomto fóre nie sú ďalšie neprečítané témy.

winmm.dll

v Video programy

5

1038

30.11.2005 20:10

mcom

V tomto fóre nie sú ďalšie neprečítané témy.

xvidcore.dll

v Windows

3

2189

09.12.2007 22:34

shiro

V tomto fóre nie sú ďalšie neprečítané témy.

explorerframe.dll

v Ostatné programy

2

259

21.03.2013 17:41

Theworstangel

V tomto fóre nie sú ďalšie neprečítané témy.

nvd3dum.dll

v Ovládače

0

429

25.09.2011 16:49

rupert111

V tomto fóre nie sú ďalšie neprečítané témy.

Súbor dll

v Ostatné programy

2

1168

06.11.2007 22:39

tidem



© 2005 - 2026 PCforum, edited by JanoF