Obsah fóra
PravidláRegistrovaťPrihlásenie




Odpovedať na tému [ Príspevkov: 16 ] 
AutorSpráva
Offline

Čestný člen
Čestný člen
HJT

Registrovaný: 13.01.07
Prihlásený: 28.05.17
Príspevky: 10032
Témy: 60
Bydlisko: Dorú Araeba...
Príspevok NapísalOffline : 07.01.2008 1:17

mam nejake blbe xp, tak sa na to niekto pozrite.
na diskoch mam autorun.inf, a ked ich odstranim, tak po resete su tam zase. eset smart nic nenasiel. akurat odstranil winword.exe a dal do karanteny.
tak skuste dat moje xp dokopy. nechce sa mi znova preinstalovavat.



Kód:
Logfile of HijackThis v1.99.1
Scan saved at 1:13:31, on 7. 1. 2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20696)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Analog Devices\SoundMAX\Smax4.exe
D:\Program Files\Analog Devices\Core\smax4pnp.exe
D:\Program Files\ESET\ESET Smart Security\egui.exe
D:\Program Files\Blbosti\WinFast\WFDTV\DTVSchdl.exe
D:\Program Files\Blbosti\WinFast\WFDTV\WFWIZ.exe
D:\WINDOWS\PixArt\PAC7311\Monitor.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
D:\Program Files\Messenger\msmsgs.exe
D:\FRAPS\FRAPS.EXE
D:\WINDOWS\system32\taskmgr.exe
D:\Program Files\ESET\ESET Smart Security\ekrn.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\Explorer.exe
D:\Program Files\Skype\Phone\Skype.exe
D:\Program Files\Skype\Plugin Manager\skypePM.exe
D:\Program Files\Blbosti\QIP\qip.exe
D:\Program Files\Blbosti\WinFast\WFDTV\DVBTAP.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Documents and Settings\OmeGa\Plocha\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=9996
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
F2 - REG:system.ini: UserInit=userinit.exe,D:\WINDOWS\WINWORD.EXE
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Program Files\Blbosti\Orbitdownloader\orbitcth.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMAX] "D:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [SoundMAXPnP] D:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [egui] "D:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [WinFastDTV] D:\Program Files\Blbosti\WinFast\WFDTV\DTVSchdl.exe
O4 - HKLM\..\Run: [WinFast Schedule] D:\Program Files\Blbosti\WinFast\WFDTV\WFWIZ.exe
O4 - HKLM\..\Run: [Monitor] D:\WINDOWS\PixArt\PAC7311\Monitor.exe
O4 - HKLM\..\Run: [Microsoft Word] D:\Program Files\WINWORD.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Blbosti\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Fraps] D:\FRAPS\FRAPS.EXE
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Spravca uloh.lnk = D:\WINDOWS\system32\taskmgr.exe
O8 - Extra context menu item: &Download by Orbit - res://D:\Program Files\Blbosti\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://D:\Program Files\Blbosti\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://D:\Program Files\Blbosti\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://D:\Program Files\Blbosti\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\Blbosti\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\Blbosti\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O11 - Options group: [TABS] Tabbed Browsing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - D:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - D:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - D:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe








_________________
PC: ASUS P5B deluxe, Q9400 @ 3.2GHz @ 1.25V, ATi 4670, WD 640GB Samsung 2TB, SB Audigy 2 @ kX drivers, Leadtek DTV 2000H; NB: Fujitsu Siemens Amilo Pi 2530; Foto: Canon EOS 550D @ Tamron VC 17-50mm F/2.8 & Tamron 55-200 F/4-5.6
Neposkytujem poradenstvo cez ICQ
"You have not lived, until you found something worth dying for"

Ak nieco potrebujete a dlhsie sa neozyvam, skuste IRC
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 24.03.07
Prihlásený: 28.07.16
Príspevky: 4149
Témy: 251
Bydlisko: Michalovce
Príspevok NapísalOffline : 07.01.2008 7:54

Fix:

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
F2 - REG:system.ini: UserInit=userinit.exe,D:\WINDOWS\WINWORD.EXE

+ Prejdi PC CCleanerom

+ otestuj na www.virustotal.com toto
D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE
Patri to sice Winu, ale moze to byt aj nakazene...







_________________
PC1: Intel Core i5 4690k / MSI Z97 Gaming 3 / Kingston HyperX Fury 8GB DDR3 / MSI R9 380 Gaming 2GB / Crucial MX100 256GB SSD / Samsung EcoGreen F3 HD105SI 1TB SATA / CoolerMaster G450M / LG IPS235P

PC2: AMD Phenom II X4 955 / ASUS M5A97 PRO / Kingston 8GB Kit DDR3 / grafika RIP :( /

NTB: Lenovo IdeaPad Y580 - Intel Core i5 3210 / 15.6" 1080p / 8GB DDR3 / NVIDIA GeForce GTX660M 2GB / SSD 90GB Intel 525 mSATA / HDD 1TB 5400 RPM
Offline

Užívateľ
Užívateľ
HJT

Registrovaný: 10.02.07
Prihlásený: 14.08.11
Príspevky: 1626
Témy: 22
Bydlisko: Ziar nad Hr...
Príspevok NapísalOffline : 07.01.2008 9:04

este sa mi tam par veci nepaci, hod sem prosim ta aj obsah toho autorun.inf







_________________
Myslenie nemohlo vzniknúť bez reči, no reč bez myslenia sa vyskytuje často. Brie Andre
My OS: Primary - Kubuntu 10.10 Maverick Meerkat , Secondary - Windows 7
Problemy sa riesia tu na fore nie cez ICQ a Skype. Dakujem
Offline

Čestný člen
Čestný člen
HJT

Registrovaný: 13.01.07
Prihlásený: 28.05.17
Príspevky: 10032
Témy: 60
Bydlisko: Dorú Araeba...
Príspevok Napísal autor témyOffline : 07.01.2008 11:57

autorun.ini
Kód:
[autorun]
OPEN=WINWORD.EXE
shell\open=´ňżŞ(&O)
shell\open\Command=WINWORD.EXE
shell\open\Default=1
shell\explorer=×ĘÔ´ąÜŔíĆ÷(&X)
shell\explorer\Command=WINWORD.EXE


winword.exe ESS stale maze, takze nic nestihne robit.


novy log


Kód:
Logfile of HijackThis v1.99.1
Scan saved at 11:55:23, on 7. 1. 2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20696)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Analog Devices\SoundMAX\Smax4.exe
D:\Program Files\Analog Devices\Core\smax4pnp.exe
D:\Program Files\ESET\ESET Smart Security\egui.exe
D:\Program Files\Blbosti\WinFast\WFDTV\DTVSchdl.exe
D:\Program Files\Blbosti\WinFast\WFDTV\WFWIZ.exe
D:\WINDOWS\PixArt\PAC7311\Monitor.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
D:\Program Files\Messenger\msmsgs.exe
D:\FRAPS\FRAPS.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\system32\taskmgr.exe
D:\Program Files\ESET\ESET Smart Security\ekrn.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
E:\Dokumenty\Orthos 64\ORTHOS.exe
E:\Dokumenty\Projekty\Inštalačky\Programy\Everest\EVEREST Ultimate Edition\everest.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Documents and Settings\OmeGa\Plocha\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=9996
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Program Files\Blbosti\Orbitdownloader\orbitcth.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMAX] "D:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [SoundMAXPnP] D:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [egui] "D:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [WinFastDTV] D:\Program Files\Blbosti\WinFast\WFDTV\DTVSchdl.exe
O4 - HKLM\..\Run: [WinFast Schedule] D:\Program Files\Blbosti\WinFast\WFDTV\WFWIZ.exe
O4 - HKLM\..\Run: [Monitor] D:\WINDOWS\PixArt\PAC7311\Monitor.exe
O4 - HKLM\..\Run: [Microsoft Word] D:\Program Files\WINWORD.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Blbosti\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Fraps] D:\FRAPS\FRAPS.EXE
O4 - Startup: Spravca uloh.lnk = D:\WINDOWS\system32\taskmgr.exe
O8 - Extra context menu item: &Download by Orbit - res://D:\Program Files\Blbosti\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://D:\Program Files\Blbosti\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://D:\Program Files\Blbosti\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://D:\Program Files\Blbosti\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\Blbosti\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\Blbosti\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O11 - Options group: [TABS] Tabbed Browsing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - D:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - D:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - D:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe




virustotal s D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE nemal ziadne vysledky (cisty- 0/32)


daj link na ten ccleaner.







_________________
PC: ASUS P5B deluxe, Q9400 @ 3.2GHz @ 1.25V, ATi 4670, WD 640GB Samsung 2TB, SB Audigy 2 @ kX drivers, Leadtek DTV 2000H; NB: Fujitsu Siemens Amilo Pi 2530; Foto: Canon EOS 550D @ Tamron VC 17-50mm F/2.8 & Tamron 55-200 F/4-5.6
Neposkytujem poradenstvo cez ICQ
"You have not lived, until you found something worth dying for"

Ak nieco potrebujete a dlhsie sa neozyvam, skuste IRC
Offline

Užívateľ
Užívateľ
HJT

Registrovaný: 10.02.07
Prihlásený: 14.08.11
Príspevky: 1626
Témy: 22
Bydlisko: Ziar nad Hr...
Príspevok NapísalOffline : 07.01.2008 12:05

CCleaner

http://www.ccleaner.com/







_________________
Myslenie nemohlo vzniknúť bez reči, no reč bez myslenia sa vyskytuje často. Brie Andre
My OS: Primary - Kubuntu 10.10 Maverick Meerkat , Secondary - Windows 7
Problemy sa riesia tu na fore nie cez ICQ a Skype. Dakujem
Offline

Čestný člen
Čestný člen
HJT

Registrovaný: 13.01.07
Prihlásený: 28.05.17
Príspevky: 10032
Témy: 60
Bydlisko: Dorú Araeba...
Príspevok Napísal autor témyOffline : 07.01.2008 12:29

D:\WINDOWS\system32\wbem\Logs\FrameWork.log 36,11KB
D:\WINDOWS\system32\wbem\Logs\mofcomp.log 13,35KB
D:\WINDOWS\system32\wbem\Logs\replog.log 400 bytes
D:\WINDOWS\system32\wbem\Logs\setup.log 4,84KB
D:\WINDOWS\system32\wbem\Logs\wbemcore.log 142 bytes
D:\WINDOWS\system32\wbem\Logs\wbemess.log 6,28KB
D:\WINDOWS\system32\wbem\Logs\wbemprox.log 349 bytes
D:\WINDOWS\system32\wbem\Logs\wmiadap.log 1,24KB
D:\WINDOWS\system32\wbem\Logs\wmiprov.log 2,68KB
D:\WINDOWS\system32\wbem\Logs\wbemess.lo_ 64,11KB
D:\WINDOWS\0.log 0 bytes
D:\WINDOWS\cmsetacl.log 200 bytes
D:\WINDOWS\COM+.log 2,71KB
D:\WINDOWS\comsetup.log 83,56KB
D:\WINDOWS\DirectX.log 0,25MB
D:\WINDOWS\DtcInstall.log 133 bytes
D:\WINDOWS\FaxSetup.log 0,21MB
D:\WINDOWS\iis6.log 0,26MB
D:\WINDOWS\imsins.log 1,36KB
D:\WINDOWS\KB888111.log 12,49KB
D:\WINDOWS\KB891122.log 8,92KB
D:\WINDOWS\KB892130.log 8,59KB
D:\WINDOWS\KB921503.log 31,16KB
D:\WINDOWS\KB923689.log 92,23KB
D:\WINDOWS\KB925720.log 12,71KB
D:\WINDOWS\KB926239.log 13,30KB
D:\WINDOWS\KB927891.log 26,02KB
D:\WINDOWS\KB929123.log 35,41KB
D:\WINDOWS\KB929399.log 6,27KB
D:\WINDOWS\KB931836.log 18,15KB
D:\WINDOWS\KB932168.log 44,65KB
D:\WINDOWS\KB933360.log 34,83KB
D:\WINDOWS\KB933729.log 26,64KB
D:\WINDOWS\KB935839.log 25,66KB
D:\WINDOWS\KB935840.log 23,84KB
D:\WINDOWS\KB936021.log 35,08KB
D:\WINDOWS\KB936357.log 34,04KB
D:\WINDOWS\KB936782.log 6,24KB
D:\WINDOWS\KB937894.log 21,57KB
D:\WINDOWS\KB938127-IE7.log 24,30KB
D:\WINDOWS\KB938828.log 31,58KB
D:\WINDOWS\KB938829.log 33,42KB
D:\WINDOWS\KB939653-IE7.log 51,30KB
D:\WINDOWS\KB939683.log 6,01KB
D:\WINDOWS\KB941202.log 26,03KB
D:\WINDOWS\KB941568.log 15,63KB
D:\WINDOWS\KB941569.log 8,81KB
D:\WINDOWS\KB942615-IE7.log 44,93KB
D:\WINDOWS\KB942763.log 23,60KB
D:\WINDOWS\KB943460.log 28,94KB
D:\WINDOWS\KB944653.log 19,99KB
D:\WINDOWS\MedCtrOC.log 15,56KB
D:\WINDOWS\MSCompPackV1.log 10,34KB
D:\WINDOWS\msgsocm.log 11,11KB
D:\WINDOWS\msmqinst.log 74,95KB
D:\WINDOWS\msxml4-KB936181-enu.LOG 0,27MB
D:\WINDOWS\msxml6-KB933579-enu-x86.LOG 0,49MB
D:\WINDOWS\netfxocm.log 38,68KB
D:\WINDOWS\ntdtcsetup.log 49,01KB
D:\WINDOWS\ocgen.log 0,12MB
D:\WINDOWS\ocmsn.log 13,68KB
D:\WINDOWS\oobeact.log 52 bytes
D:\WINDOWS\regopt.log 3,27KB
D:\WINDOWS\sessmgr.setup.log 1 022 bytes
D:\WINDOWS\setupact.log 0,22MB
D:\WINDOWS\setupapi.log 1,00MB
D:\WINDOWS\setuperr.log 0 bytes
D:\WINDOWS\SMinstall.log 25,47KB
D:\WINDOWS\spupdsvc.log 922 bytes
D:\WINDOWS\tabletoc.log 11,55KB
D:\WINDOWS\tsoc.log 0,10MB
D:\WINDOWS\updspapi.log 15,23KB
D:\WINDOWS\WgaNotify.log 6,53KB
D:\WINDOWS\WIC.log 13,60KB
D:\WINDOWS\WMFDist11.log 32,83KB
D:\WINDOWS\wmp11.log 22,54KB
D:\WINDOWS\wmsetup.log 33,33KB
D:\WINDOWS\wmsetup10.log 2,05KB
D:\WINDOWS\Wudf01000Inst.log 12,91KB
D:\WINDOWS\XpsEPSC.log 19,28KB
D:\WINDOWS\XPSEPSCLP.log 9,10KB
D:\WINDOWS\imsins.BAK 1,36KB
D:\WINDOWS\OEWABLog.txt 833 bytes
D:\WINDOWS\setuplog.txt 0,85MB
D:\Documents and Settings\All Users\Data aplikací\Microsoft\Dr Watson\drwtsn32.log 1,51MB
D:\Documents and Settings\All Users\Data aplikací\Microsoft\Dr Watson\user.dmp 16,41KB
D:\WINDOWS\Debug\blastcln.log 286 bytes
D:\WINDOWS\Debug\mrt.log 1,71KB
D:\WINDOWS\Debug\mrteng.log 1,14KB
D:\WINDOWS\Debug\NetSetup.LOG 4,12KB
D:\WINDOWS\Debug\UserMode\userenv.log 83,88KB
D:\WINDOWS\security\logs\backup.log 3,29KB
D:\WINDOWS\security\logs\SceRoot.log 570 bytes
D:\WINDOWS\security\logs\scesetup.log 0,47MB
D:\WINDOWS\security\logs\scecomp.old 326 bytes

to som pomazal (+ koooopec cookies a prazdnych tempov, kt. nepovazujem za dolezite (stranka by mala 2 kilometre ;) )







_________________
PC: ASUS P5B deluxe, Q9400 @ 3.2GHz @ 1.25V, ATi 4670, WD 640GB Samsung 2TB, SB Audigy 2 @ kX drivers, Leadtek DTV 2000H; NB: Fujitsu Siemens Amilo Pi 2530; Foto: Canon EOS 550D @ Tamron VC 17-50mm F/2.8 & Tamron 55-200 F/4-5.6
Neposkytujem poradenstvo cez ICQ
"You have not lived, until you found something worth dying for"

Ak nieco potrebujete a dlhsie sa neozyvam, skuste IRC
Offline

Zmazaný užívateľ
Zmazaný užívateľ
Obrázok užívateľa
Príspevok NapísalOffline : 07.01.2008 16:27

log je v poriadku


Offline

Čestný člen
Čestný člen
HJT

Registrovaný: 13.01.07
Prihlásený: 28.05.17
Príspevky: 10032
Témy: 60
Bydlisko: Dorú Araeba...
Príspevok Napísal autor témyOffline : 10.01.2008 0:06

furt mi to vytvara autorun.ini a teraz zacina blbnut aj FF (stale mrzne) zajtra dam novy log, ale radsej to asi cele preinstalujem.







_________________
PC: ASUS P5B deluxe, Q9400 @ 3.2GHz @ 1.25V, ATi 4670, WD 640GB Samsung 2TB, SB Audigy 2 @ kX drivers, Leadtek DTV 2000H; NB: Fujitsu Siemens Amilo Pi 2530; Foto: Canon EOS 550D @ Tamron VC 17-50mm F/2.8 & Tamron 55-200 F/4-5.6
Neposkytujem poradenstvo cez ICQ
"You have not lived, until you found something worth dying for"

Ak nieco potrebujete a dlhsie sa neozyvam, skuste IRC
Offline

Čestný člen
Čestný člen
HJT

Registrovaný: 13.01.07
Prihlásený: 28.05.17
Príspevky: 10032
Témy: 60
Bydlisko: Dorú Araeba...
Príspevok Napísal autor témyOffline : 10.01.2008 14:44

takze mate tu HJT. pls este raz pozrite, ak tam nic neni, tak budem musiet preinstalovat ( :cry: konecne mi isiel dualboot)


Kód:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:32:11, on 10. 1. 2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20696)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Analog Devices\SoundMAX\Smax4.exe
D:\Program Files\Analog Devices\Core\smax4pnp.exe
D:\Program Files\ESET\ESET Smart Security\egui.exe
D:\Program Files\Blbosti\WinFast\WFDTV\DTVSchdl.exe
D:\Program Files\Blbosti\WinFast\WFDTV\WFWIZ.exe
D:\WINDOWS\PixArt\PAC7311\Monitor.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
D:\Program Files\Blbosti\PowerDVD\PDVDServ.exe
D:\Program Files\Messenger\msmsgs.exe
D:\WINDOWS\system32\ctfmon.exe
D:\FRAPS\FRAPS.EXE
D:\WINDOWS\system32\taskmgr.exe
D:\Program Files\ESET\ESET Smart Security\ekrn.exe
D:\Program Files\Cyberlink\Shared files\RichVideo.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\Program Files\Blbosti\Spyware Terminator\SpywareTerminatorShield.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=9996
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
F2 - REG:system.ini: UserInit=userinit.exe,D:\WINDOWS\WINWORD.EXE
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Program Files\Blbosti\Orbitdownloader\orbitcth.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMAX] "D:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [SoundMAXPnP] D:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [egui] "D:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [WinFastDTV] D:\Program Files\Blbosti\WinFast\WFDTV\DTVSchdl.exe
O4 - HKLM\..\Run: [WinFast Schedule] D:\Program Files\Blbosti\WinFast\WFDTV\WFWIZ.exe
O4 - HKLM\..\Run: [Monitor] D:\WINDOWS\PixArt\PAC7311\Monitor.exe
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Blbosti\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RemoteControl] "D:\Program Files\Blbosti\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "D:\Program Files\Blbosti\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "D:\Program Files\Blbosti\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Fraps] D:\FRAPS\FRAPS.EXE
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'Default user')
O4 - Startup: Spravca uloh.lnk = D:\WINDOWS\system32\taskmgr.exe
O8 - Extra context menu item: &Download by Orbit - res://D:\Program Files\Blbosti\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://D:\Program Files\Blbosti\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://D:\Program Files\Blbosti\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://D:\Program Files\Blbosti\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\Blbosti\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\Blbosti\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - D:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - D:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - D:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 7400 bytes







_________________
PC: ASUS P5B deluxe, Q9400 @ 3.2GHz @ 1.25V, ATi 4670, WD 640GB Samsung 2TB, SB Audigy 2 @ kX drivers, Leadtek DTV 2000H; NB: Fujitsu Siemens Amilo Pi 2530; Foto: Canon EOS 550D @ Tamron VC 17-50mm F/2.8 & Tamron 55-200 F/4-5.6
Neposkytujem poradenstvo cez ICQ
"You have not lived, until you found something worth dying for"

Ak nieco potrebujete a dlhsie sa neozyvam, skuste IRC
Offline

Skúsený užívateľ
Skúsený užívateľ
HJT

Registrovaný: 22.03.07
Prihlásený: 23.06.23
Príspevky: 2096
Témy: 15
Bydlisko: Bratislava V
Príspevok NapísalOffline : 10.01.2008 15:38

do avengeru:
Kód:
files to delete:
D:\WINDOWS\WINWORD.EXE
D:\Program Files\WINWORD.EXE

a log z combofix.


Offline

Čestný člen
Čestný člen
HJT

Registrovaný: 13.01.07
Prihlásený: 28.05.17
Príspevky: 10032
Témy: 60
Bydlisko: Dorú Araeba...
Príspevok Napísal autor témyOffline : 10.01.2008 16:24

winword.exe tam nebol, ani totalcmd ho nenasiel (nod ho vyhodil do karanteny)

Kód:
ComboFix 08-01-10.2 - OmeGa 2008-01-10 16:19:52.1 - NTFSx86
Systém Microsoft Windows XP Professional  5.1.2600.2.1250.420.1029.18.2348 [GMT 1:00]
Running from: D:\Documents and Settings\OmeGa\Plocha\ComboFix.exe
 * Created a new restore point
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Autorun.inf
D:\Autorun.inf
D:\WINDOWS\system32\Dvbpws.dll
E:\Autorun.inf
G:\Autorun.inf

.
(((((((((((((((((((((((((   Files Created from 2007-12-10 to 2008-01-10  )))))))))))))))))))))))))))))))
.

2008-01-10 16:17 . 2000-08-31 08:00   51,200   --a------   D:\WINDOWS\NirCmd.exe
2008-01-10 14:32 . 2008-01-10 14:32   <DIR>   d--------   D:\Program Files\Trend Micro
2008-01-10 13:46 . 2008-01-10 13:46   <DIR>   d--------   D:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2008-01-09 14:21 . 2008-01-09 14:21   1,355   --a------   D:\WINDOWS\imsins.BAK
2008-01-08 15:34 . 2008-01-08 15:34   <DIR>   d--------   D:\Program Files\Cyberlink
2008-01-08 15:34 . 2008-01-08 15:34   <DIR>   d--------   D:\Documents and Settings\All Users\Data aplikací\CyberLink
2008-01-08 14:41 . 2008-01-08 14:41   <DIR>   d--------   D:\Program Files\Microsoft Silverlight
2008-01-07 21:54 . 2008-01-07 21:54   21   --a------   D:\sn8
2008-01-05 21:05 . 2008-01-05 21:05   <DIR>   d--------   D:\Program Files\Common Files\Adobe
2008-01-05 17:48 . 2008-01-05 17:48   <DIR>   d--------   D:\Fraps
2008-01-05 17:48 . 2008-01-10 13:38   <DIR>   d-a------   D:\Documents and Settings\All Users\Data aplikací\TEMP
2008-01-05 17:22 . 2008-01-05 17:22   <DIR>   d--------   D:\Documents and Settings\OmeGa\Data aplikací\IrfanView
2008-01-05 16:45 . 2008-01-05 16:45   271,360   --a------   D:\WINDOWS\system32\drivers\atksgt.sys
2008-01-05 16:45 . 2008-01-05 16:45   18,048   --a------   D:\WINDOWS\system32\drivers\lirsgt.sys
2008-01-05 16:40 . 2008-01-05 16:48   <DIR>   d--------   D:\Program Files\Gothic III
2008-01-05 01:10 . 2003-06-25 16:05   266,360   --a------   D:\WINDOWS\system32\TweakUI.exe
2008-01-05 01:10 . 2002-06-21 15:09   160,217   --a------   D:\WINDOWS\system32\PowerToysLicense.rtf
2008-01-04 18:25 . 2008-01-10 16:09   69   --a------   D:\WINDOWS\NeroDigital.ini
2008-01-03 23:03 . 2008-01-05 16:51   <DIR>   d--------   D:\Downloads
2008-01-03 23:03 . 2008-01-05 17:11   <DIR>   d--------   D:\Documents and Settings\OmeGa\Data aplikací\Orbit
2008-01-03 21:33 . 2008-01-03 21:33   <DIR>   d--------   D:\Documents and Settings\OmeGa\Data aplikací\ATI
2008-01-03 21:33 . 2008-01-03 21:33   <DIR>   d--------   D:\Documents and Settings\All Users\Data aplikací\ATI
2008-01-03 21:20 . 2008-01-03 21:20   <DIR>   d--------   D:\Program Files\NeoSmart Technologies
2008-01-03 21:04 . 2008-01-03 21:05   <DIR>   d--------   D:\Program Files\ATI Technologies
2008-01-03 21:04 . 2007-12-05 14:17   593,920   ---------   D:\WINDOWS\system32\ati2sgag.exe
2008-01-03 20:41 . 2008-01-03 20:41   <DIR>   d--------   D:\Program Files\Common Files\Ahead
2008-01-03 20:41 . 2004-07-26 17:16   1,568,768   ---------   D:\WINDOWS\system32\ImagX7.dll
2008-01-03 20:41 . 2004-07-26 17:16   476,320   ---------   D:\WINDOWS\system32\ImagXpr7.dll
2008-01-03 20:41 . 2004-07-26 17:16   471,040   ---------   D:\WINDOWS\system32\ImagXRA7.dll
2008-01-03 20:41 . 2004-07-26 17:16   262,144   ---------   D:\WINDOWS\system32\ImagXR7.dll
2008-01-03 20:41 . 2001-07-09 11:50   155,648   --a------   D:\WINDOWS\system32\NeroCheck.exe
2008-01-03 20:41 . 2004-03-02 17:37   125,184   ---------   D:\WINDOWS\system32\drivers\imagesrv.sys
2008-01-03 20:41 . 2000-06-26 11:45   106,496   --a------   D:\WINDOWS\system32\TwnLib20.dll
2008-01-03 20:41 . 2004-03-02 17:37   5,504   ---------   D:\WINDOWS\system32\drivers\imagedrv.sys
2008-01-03 20:38 . 2008-01-03 20:41   <DIR>   d--------   D:\Program Files\Ahead
2008-01-03 20:02 . 2006-11-06 14:00   297,072   -ra------   D:\ntldr
2007-12-21 09:08 . 2007-12-21 09:08   <DIR>   d--------   D:\totalcmd
2007-12-21 09:08 . 2008-01-10 16:19   607   --a------   D:\WINDOWS\wincmd.ini
2007-12-21 09:08 . 2004-04-16 06:03   545   --a------   D:\WINDOWS\UC.PIF
2007-12-21 09:08 . 2004-04-16 06:03   545   --a------   D:\WINDOWS\RAR.PIF
2007-12-21 09:08 . 2004-04-16 06:03   545   --a------   D:\WINDOWS\PKZIP.PIF
2007-12-21 09:08 . 2004-04-16 06:03   545   --a------   D:\WINDOWS\PKUNZIP.PIF
2007-12-21 09:08 . 2004-04-16 06:03   545   --a------   D:\WINDOWS\NOCLOSE.PIF
2007-12-21 09:08 . 2004-04-16 06:03   545   --a------   D:\WINDOWS\LHA.PIF
2007-12-21 09:08 . 2004-04-16 06:03   545   --a------   D:\WINDOWS\ARJ.PIF
2007-12-20 10:59 . 2007-12-20 10:59   <DIR>   d--------   D:\Program Files\Winamp
2007-12-19 14:38 . 2008-01-06 11:17   <DIR>   d--------   D:\Documents and Settings\OmeGa\Data aplikací\skypePM
2007-12-19 14:38 . 2007-12-19 14:38   32   --a------   D:\Documents and Settings\All Users\Data aplikací\ezsid.dat
2007-12-19 14:33 . 2007-12-19 14:33   <DIR>   d--------   D:\Program Files\Skype
2007-12-19 14:33 . 2007-12-19 14:33   <DIR>   d--------   D:\Program Files\Common Files\Skype
2007-12-19 14:33 . 2008-01-07 01:53   <DIR>   d--------   D:\Documents and Settings\OmeGa\Data aplikací\Skype
2007-12-19 14:33 . 2007-12-19 14:33   <DIR>   d--------   D:\Documents and Settings\All Users\Data aplikací\Skype
2007-12-19 14:25 . 2007-12-19 14:26   <DIR>   d--------   D:\Documents and Settings\OmeGa\Data aplikací\ICQ
2007-12-19 14:23 . 2007-12-19 14:23   <DIR>   d--------   D:\Documents and Settings\OmeGa\Data aplikací\InstallShield
2007-12-19 14:03 . 2007-12-19 14:14   23   --a------   D:\WINDOWS\VI20.set
2007-12-19 13:37 . 2007-12-19 13:37   <DIR>   d--------   D:\Program Files\Common Files\ArcSoft
2007-12-19 13:37 . 2007-12-19 13:37   <DIR>   d--------   D:\Documents and Settings\OmeGa\Data aplikací\ArcSoft
2007-12-19 13:37 . 2003-03-18 22:14   499,712   -ra------   D:\WINDOWS\system32\msvcp71.dll
2007-12-19 13:37 . 2004-12-07 10:11   258,352   --a------   D:\WINDOWS\system32\unicows.dll
2007-12-19 13:37 . 2005-02-23 14:58   11,776   --a------   D:\WINDOWS\system32\drivers\afc.sys
2007-12-19 13:36 . 1995-08-01 04:44   212,480   --a------   D:\WINDOWS\PCDLIB32.DLL
2007-12-19 13:35 . 2004-08-13 09:56   5,810   -ra------   D:\WINDOWS\system32\drivers\ASACPI.sys
2007-12-19 13:33 . 2007-12-19 13:39   <DIR>   d--------   D:\WINDOWS\Pixart
2007-12-19 13:33 . 2007-12-19 13:33   <DIR>   d--------   D:\Program Files\VGA USB Camera
2007-12-19 13:33 . 2006-11-08 09:59   530,304   --a------   D:\WINDOWS\system32\drivers\PA707UCM.SYS
2007-12-19 13:33 . 2006-10-12 18:10   119,296   --a------   D:\WINDOWS\system32\SP7311.AX
2007-12-19 13:33 . 2004-08-03 23:07   59,264   --a------   D:\WINDOWS\system32\drivers\USBAUDIO.sys
2007-12-19 13:33 . 2004-08-03 23:07   59,264   --a--c---   D:\WINDOWS\system32\dllcache\usbaudio.sys
2007-12-19 13:33 . 2006-11-08 09:54   6,656   --a------   D:\WINDOWS\system32\CoInst.dll
2007-12-19 13:33 . 2006-11-08 20:09   518   --a------   D:\WINDOWS\system32\SP7311.INI
2007-12-19 13:31 . 2004-08-03 23:08   31,616   --a------   D:\WINDOWS\system32\drivers\usbccgp.sys
2007-12-19 13:31 . 2004-08-03 23:08   31,616   --a--c---   D:\WINDOWS\system32\dllcache\usbccgp.sys
2007-12-18 20:31 . 2007-12-18 20:32   <DIR>   d--------   D:\WFDB
2007-12-18 20:24 . 2007-12-18 20:24   <DIR>   d--------   D:\Documents and Settings\OmeGa\Data aplikací\ESET
2007-12-18 20:23 . 2007-12-18 20:23   <DIR>   d--------   D:\Documents and Settings\All Users\Data aplikací\ESET
2007-12-18 19:49 . 2007-12-18 19:49   1,158   --a------   D:\WINDOWS\mozver.dat
2007-12-18 15:25 . 2007-12-18 15:25   <DIR>   d--------   D:\Documents and Settings\OmeGa\Data aplikací\Media Player Classic
2007-12-18 15:11 . 2004-08-03 23:08   26,496   --a--c---   D:\WINDOWS\system32\dllcache\usbstor.sys
2007-12-18 15:02 . 2007-12-18 15:02   <DIR>   d--------   D:\Documents and Settings\OmeGa\Data aplikací\Talkback
2007-12-18 15:02 . 2007-12-18 15:02   0   --a------   D:\WINDOWS\nsreg.dat

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-10 12:46   ---------   d-----w   D:\Program Files\Blbosti
2008-01-08 14:34   ---------   d--h--w   D:\Program Files\InstallShield Installation Information
2007-12-19 12:33   ---------   d-----w   D:\Program Files\Common Files\InstallShield
2007-12-08 23:12   ---------   d-----w   D:\Program Files\Analog Devices
2007-12-05 05:26   2,782,208   ----a-w   D:\WINDOWS\system32\drivers\ati2mtag.sys
2007-12-05 03:05   368,640   ----a-w   D:\WINDOWS\system32\ATIDEMGX.dll
2007-12-05 03:04   269,312   ----a-w   D:\WINDOWS\system32\ati2dvag.dll
2007-12-05 02:56   147,456   ----a-w   D:\WINDOWS\system32\atipdlxx.dll
2007-12-05 02:55   43,520   ----a-w   D:\WINDOWS\system32\ati2edxx.dll
2007-12-05 02:55   26,112   ----a-w   D:\WINDOWS\system32\Ati2mdxx.exe
2007-12-05 02:55   122,880   ----a-w   D:\WINDOWS\system32\Oemdspif.dll
2007-12-05 02:55   122,880   ----a-w   D:\WINDOWS\system32\ati2evxx.dll
2007-12-05 02:54   307,200   ----a-w   D:\WINDOWS\system32\atiiiexx.dll
2007-12-05 02:53   53,248   ----a-w   D:\WINDOWS\system32\ATIDDC.DLL
2007-12-05 02:53   495,616   ----a-w   D:\WINDOWS\system32\ati2evxx.exe
2007-12-05 02:48   9,535,488   ----a-w   D:\WINDOWS\system32\atioglx2.dll
2007-12-05 02:44   3,175,584   ----a-w   D:\WINDOWS\system32\ati3duag.dll
2007-12-05 02:33   1,640,192   ----a-w   D:\WINDOWS\system32\ativvaxx.dll
2007-12-05 02:19   5,435,392   ----a-w   D:\WINDOWS\system32\atioglxx.dll
2007-12-05 02:19   385,024   ----a-w   D:\WINDOWS\system32\atikvmag.dll
2007-12-05 02:17   17,408   ----a-w   D:\WINDOWS\system32\atitvo32.dll
2007-12-05 02:16   49,152   ----a-w   D:\WINDOWS\system32\drivers\ati2erec.dll
2007-12-05 02:14   180,224   ----a-w   D:\WINDOWS\system32\atiok3x2.dll
2007-12-05 02:11   499,712   ----a-w   D:\WINDOWS\system32\ati2cqag.dll
2007-12-02 20:16   ---------   d-----w   D:\Program Files\MSXML 6.0
2007-12-02 20:13   ---------   d-----w   D:\Program Files\MSBuild
2007-12-02 20:11   ---------   d-----w   D:\Program Files\Windows Media Connect 2
2007-12-02 20:11   ---------   d-----w   D:\Program Files\Reference Assemblies
2007-12-02 20:10   ---------   d-----w   D:\Program Files\PROnetworks
2007-12-02 19:46   ---------   d-----w   D:\Documents and Settings\All Users\Data aplikací\Ulead Systems
2007-12-02 19:40   ---------   d-----w   D:\Program Files\Common Files\Ulead Systems
2007-12-02 19:15   ---------   d-----w   D:\Program Files\microsoft frontpage
2007-12-02 19:13   ---------   d-----w   D:\Program Files\MSXML 4.0
2007-11-21 18:23   81,920   ----a-w   D:\WINDOWS\system32\frapsvid.dll
2007-11-13 10:25   20,480   ----a-w   D:\WINDOWS\system32\drivers\secdrv.sys
2007-11-07 09:50   726,016   ----a-w   D:\WINDOWS\system32\lsasrv.dll
2007-10-29 22:37   1,290,240   ----a-w   D:\WINDOWS\system32\quartz.dll
2007-10-25 08:28   222,720   ----a-w   D:\WINDOWS\system32\wmasf.dll
2007-10-24 00:47   96,760   ----a-w   D:\WINDOWS\system32\dfshim.dll
2007-10-24 00:47   84,480   ----a-w   D:\WINDOWS\system32\mscories.dll
2007-10-24 00:47   282,112   ----a-w   D:\WINDOWS\system32\mscoree.dll
2007-10-24 00:47   158,720   ----a-w   D:\WINDOWS\system32\mscorier.dll
2007-10-22 02:39   267,272   ----a-w   D:\WINDOWS\system32\xactengine2_10.dll
2007-10-22 02:37   17,928   ----a-w   D:\WINDOWS\system32\X3DAudio1_2.dll
2007-10-12 14:14   3,734,536   ----a-w   D:\WINDOWS\system32\d3dx9_36.dll
2007-10-12 14:14   1,374,232   ----a-w   D:\WINDOWS\system32\D3DCompiler_36.dll
2007-10-11 08:55   88,576   ----a-w   D:\WINDOWS\system32\infocardapi.dll
2007-10-11 08:55   579,584   ----a-w   D:\WINDOWS\system32\icardagt.exe
2007-10-11 08:55   11,776   ----a-w   D:\WINDOWS\system32\icardres.dll
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="D:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:21 1694208]
"ctfmon.exe"="D:\WINDOWS\system32\ctfmon.exe" [2004-08-17 15:49 15360]
"Fraps"="D:\FRAPS\FRAPS.EXE" [2007-11-21 19:26 913064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="D:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-03 22:32 208952]
"PHIME2002ASync"="D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-03 22:32 455168]
"PHIME2002A"="D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-03 22:32 455168]
"SoundMAX"="D:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2006-07-13 07:12 729088]
"SoundMAXPnP"="D:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 20:34 868352]
"egui"="D:\Program Files\ESET\ESET Smart Security\egui.exe" [2007-11-08 16:13 1410304]
"WinFastDTV"="D:\Program Files\Blbosti\WinFast\WFDTV\DTVSchdl.exe" [2007-11-28 10:14 90112]
"WinFast Schedule"="D:\Program Files\Blbosti\WinFast\WFDTV\WFWIZ.exe" [2007-11-23 10:06 2846720]
"Monitor"="D:\WINDOWS\PixArt\PAC7311\Monitor.exe" [2006-11-03 11:01 319488]
"NeroFilterCheck"="D:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"StartCCC"="D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35 90112]
"Adobe Reader Speed Launcher"="D:\Program Files\Blbosti\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"RemoteControl"="D:\Program Files\Blbosti\PowerDVD\PDVDServ.exe" [2007-03-14 21:01 71216]
"LanguageShortcut"="D:\Program Files\Blbosti\PowerDVD\Language\Language.exe" [2007-02-07 16:21 54832]
"SpywareTerminator"="D:\Program Files\Blbosti\Spyware Terminator\SpywareTerminatorShield.exe" [2008-01-10 13:46 1420800]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS\system32\CTFMON.EXE" [2004-08-17 15:49 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"TSClientMSIUninstaller"="cmd.exe" [2004-08-17 15:49 389632 D:\WINDOWS\system32\cmd.exe]
"tscuninstall"="D:\WINDOWS\system32\tscupgrd.exe" [2004-08-17 15:42 44544]
"nltide_3"="advpack.dll" [2007-10-11 00:41 124928 D:\WINDOWS\system32\advpack.dll]
"nltide_2"="regsvr32 /s /n /i:U shell32" []

D:\Documents and Settings\OmeGa\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Spravca uloh.lnk - D:\WINDOWS\system32\taskmgr.exe [2004-08-17 15:49:28]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableCAD"= 1 (0x1)
"DisableStatusMessages"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoResolveSearch"= 1 (0x1)
"NoSMMyPictures"= 1 (0x1)
"ForceStartMenuLogoff"= 0 (0x0)
"NoSMHelp"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoResolveSearch"= 1 (0x1)
"NoSMMyPictures"= 1 (0x1)
"StartMenuLogoff"= 1 (0x1)
"ForceStartMenuLogoff"= 0 (0x0)
"NoSMHelp"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)

R1 sp_rsdrv2;Spyware Terminator Driver 2;D:\Documents and Settings\All Users\Data aplikací\Spyware Terminator\sp_rsdrv2.sys [2008-01-10 13:46]
R1 wfcxacap;WinFast TV PCI Audio Capture Driver;D:\WINDOWS\system32\DRIVERS\wfcxacap.sys [2006-08-07 03:50]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B};D:\Program Files\Blbosti\PowerDVD\[u]0[/u]00.fcl [2006-11-02 16:51]
R2 wfcxatun;WinFast TV Analog Tuner Driver;D:\WINDOWS\system32\drivers\wfcxatun.sys [2006-08-07 03:53]
R2 WFCXVCAP;WinFast TV Video Capture Driver;D:\WINDOWS\system32\drivers\wfcxvcap.sys [2006-08-07 07:10]
R3 PAC7311;VGA USB Camera;D:\WINDOWS\system32\DRIVERS\PA707UCM.SYS [2006-11-08 09:59]
R3 PSched;Plánovač paketů technologie QoS;D:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-03 23:04]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB;D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 23:08]
R3 usbhub;Ovladač standardního rozbočovače USB;D:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 00:08]
R3 wfcxdtun;WinFast DTV BDA Tuner/Demod Driver;D:\WINDOWS\system32\drivers\wfcxdtun.sys [2006-08-07 03:56]
R3 wfcxtcap;WinFast DTV BDA Transport Stream Capture Driver;D:\WINDOWS\system32\drivers\wfcxtcap.sys [2006-08-07 03:54]
R3 wfcxxbar;WinFast TV Crossbar Driver;D:\WINDOWS\system32\drivers\wfcxxbar.sys [2006-08-07 08:04]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;E:\Dokumenty\Projekty\Inštalačky\Programy\Everest\EVEREST Ultimate Edition\kerneld.wnt [2007-04-05 00:00]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB;D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]
S3 WFIOCTL;WFIOCTL;D:\Program Files\WinFast\WFDTV\WFIOCTL.SYS []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dcf2822a-ad71-11dc-9a19-001a924e877b}]
\Shell\AutoRun\command - F:\WINWORD.EXE
\Shell\explorer\Command - F:\WINWORD.EXE
\Shell\open\Command - F:\WINWORD.EXE

*Newly Created Service* - PROCEXP90
*Newly Created Service* - SP_RSDRV2
*Newly Created Service* - SRSERVICE
.
Contents of the 'Scheduled Tasks' folder
"2008-01-10 14:24:20 D:\WINDOWS\Tasks\User_Feed_Synchronization-{60E1DA63-599A-494D-8EF3-B77BBBB55211}.job"
- D:\WINDOWS\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-10 16:20:34
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-01-10 16:20:45
ComboFix-quarantined-files.txt  2008-01-10 15:20:44
.
2008-01-09 13:21:44   --- E O F --- 







_________________
PC: ASUS P5B deluxe, Q9400 @ 3.2GHz @ 1.25V, ATi 4670, WD 640GB Samsung 2TB, SB Audigy 2 @ kX drivers, Leadtek DTV 2000H; NB: Fujitsu Siemens Amilo Pi 2530; Foto: Canon EOS 550D @ Tamron VC 17-50mm F/2.8 & Tamron 55-200 F/4-5.6
Neposkytujem poradenstvo cez ICQ
"You have not lived, until you found something worth dying for"

Ak nieco potrebujete a dlhsie sa neozyvam, skuste IRC
Offline

Čestný člen
Čestný člen
HJT

Registrovaný: 07.04.07
Prihlásený: 24.02.21
Príspevky: 4438
Témy: 85
Bydlisko: Rožňava
Príspevok NapísalOffline : 10.01.2008 17:36

Omega ak ti este stale mrzne mozilla tak skus vytvoriť novy profil

Kód:
Správca profilov sa spúšťa cez príkazový riadok, najprv však zatvorte všetky okná Firefoxu a potom choďte do ponuky Štart > Spustiť > firefox.exe -p
Tu už môžete vytvoriť nový profil, premenovať alebo zmazať existujúci profil.


Malo by to pomôcť ;)







_________________
PC1: l CPU: AMD Phenom II X4 955BE C3 l MB: MSI 870A-G54 l RAM: 2x4GB A-DATA Gamers Series 1600 CL9 l VGA: SAPPHIRE R9 280X VAPOR-X l
HDD: SAMSUNG F3 1TB l DVD-RW: LG H22N l PSU: CORSAIR VX450W l MONITOR: LG LCD W2284F-PF l OS: WINDOWS7 HOME PREMIUM l
PC2: l CPU: AMD AthlonXP 2100+ 1733MHz (jadro Thoroughbred - B) socket A l MB: ASRock K7VT4A Pro l RAM: Apacer 1280MB 333MHz CL2.5 l
VGA: ASUS Nvidia N7600GS SILENT l HDD: Seagate 120GB ATA l CD-RW/DVD: LG H12 l PSU: Trust 370W l MONITOR: LG FLATRON L1919S l OS: XP SP3 SK l
NOTEBOOK: ASUS U36SG
Offline

Skúsený užívateľ
Skúsený užívateľ
HJT

Registrovaný: 22.03.07
Prihlásený: 23.06.23
Príspevky: 2096
Témy: 15
Bydlisko: Bratislava V
Príspevok NapísalOffline : 10.01.2008 17:41

Ešte vymaž:
D:\WINDOWS\imsins.BAK
D:\WINDOWS\VI20.set
F:\WINWORD.EXE

Pre istotu na www.virustotal.com skontroluj:
D:\Documents and Settings\All Users\Data aplikací\ezsid.dat
D:\WINDOWS\nsreg.dat
D:\WINDOWS\system32\tscupgrd.exe

A ešte nový hjt log, nech vidíme, ako sa má winword.exe :)


Offline

Čestný člen
Čestný člen
HJT

Registrovaný: 13.01.07
Prihlásený: 28.05.17
Príspevky: 10032
Témy: 60
Bydlisko: Dorú Araeba...
Príspevok Napísal autor témyOffline : 10.01.2008 22:18

pomazane, F: bol usb kluc, na kt. za neda zapisovat... a nsreg.dat ma 0B

Kód:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:18:03, on 10. 1. 2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20696)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\Program Files\Analog Devices\SoundMAX\Smax4.exe
D:\Program Files\Analog Devices\Core\smax4pnp.exe
D:\Program Files\ESET\ESET Smart Security\egui.exe
D:\Program Files\Blbosti\WinFast\WFDTV\DTVSchdl.exe
D:\Program Files\Blbosti\WinFast\WFDTV\WFWIZ.exe
D:\WINDOWS\PixArt\PAC7311\Monitor.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
D:\Program Files\Blbosti\PowerDVD\PDVDServ.exe
D:\Program Files\Messenger\msmsgs.exe
D:\WINDOWS\system32\ctfmon.exe
D:\FRAPS\FRAPS.EXE
D:\WINDOWS\system32\taskmgr.exe
D:\Program Files\ESET\ESET Smart Security\ekrn.exe
D:\Program Files\Cyberlink\Shared files\RichVideo.exe
D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\Program Files\Blbosti\QIP\qip.exe
D:\WINDOWS\explorer.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
D:\Program Files\Blbosti\WinFast\WFDTV\DVBTAP.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=9996
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Program Files\Blbosti\Orbitdownloader\orbitcth.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMAX] "D:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [SoundMAXPnP] D:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [egui] "D:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [WinFastDTV] D:\Program Files\Blbosti\WinFast\WFDTV\DTVSchdl.exe
O4 - HKLM\..\Run: [WinFast Schedule] D:\Program Files\Blbosti\WinFast\WFDTV\WFWIZ.exe
O4 - HKLM\..\Run: [Monitor] D:\WINDOWS\PixArt\PAC7311\Monitor.exe
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Blbosti\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RemoteControl] "D:\Program Files\Blbosti\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "D:\Program Files\Blbosti\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "D:\Program Files\Blbosti\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] D:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Fraps] D:\FRAPS\FRAPS.EXE
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'Default user')
O4 - Startup: Spravca uloh.lnk = D:\WINDOWS\system32\taskmgr.exe
O8 - Extra context menu item: &Download by Orbit - res://D:\Program Files\Blbosti\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://D:\Program Files\Blbosti\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://D:\Program Files\Blbosti\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://D:\Program Files\Blbosti\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\Blbosti\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\Blbosti\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D39D021F-42A8-462C-A1A4-DF63363CE526}: NameServer = 195.34.133.22,195.34.133.21
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - D:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - D:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - D:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - D:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 7607 bytes







_________________
PC: ASUS P5B deluxe, Q9400 @ 3.2GHz @ 1.25V, ATi 4670, WD 640GB Samsung 2TB, SB Audigy 2 @ kX drivers, Leadtek DTV 2000H; NB: Fujitsu Siemens Amilo Pi 2530; Foto: Canon EOS 550D @ Tamron VC 17-50mm F/2.8 & Tamron 55-200 F/4-5.6
Neposkytujem poradenstvo cez ICQ
"You have not lived, until you found something worth dying for"

Ak nieco potrebujete a dlhsie sa neozyvam, skuste IRC
Offline

Skúsený užívateľ
Skúsený užívateľ
HJT

Registrovaný: 22.03.07
Prihlásený: 23.06.23
Príspevky: 2096
Témy: 15
Bydlisko: Bratislava V
Príspevok NapísalOffline : 10.01.2008 22:33

V poriadku.


Offline

Čestný člen
Čestný člen
HJT

Registrovaný: 13.01.07
Prihlásený: 28.05.17
Príspevky: 10032
Témy: 60
Bydlisko: Dorú Araeba...
Príspevok Napísal autor témyOffline : 10.01.2008 22:48

uvidime ;)







_________________
PC: ASUS P5B deluxe, Q9400 @ 3.2GHz @ 1.25V, ATi 4670, WD 640GB Samsung 2TB, SB Audigy 2 @ kX drivers, Leadtek DTV 2000H; NB: Fujitsu Siemens Amilo Pi 2530; Foto: Canon EOS 550D @ Tamron VC 17-50mm F/2.8 & Tamron 55-200 F/4-5.6
Neposkytujem poradenstvo cez ICQ
"You have not lived, until you found something worth dying for"

Ak nieco potrebujete a dlhsie sa neozyvam, skuste IRC
Odpovedať na tému [ Príspevkov: 16 ] 


Podobné témy

 Témy  Odpovede  Zobrazenia  Posledný príspevok 
V tomto fóre nie sú ďalšie neprečítané témy. Preventívka HJT

v Antivíry a antispywary

5

495

06.07.2008 16:11

McDog Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. kontrola HJT

v Antivíry a antispywary

3

610

06.07.2008 11:58

marzo Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. HJT kontrola

v Antivíry a antispywary

9

574

09.07.2008 14:30

domcek Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Kontrola logu HJT

v Antivíry a antispywary

1

667

27.10.2007 14:10

Rbot Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. poistenie + HJT log

v Antivíry a antispywary

1

608

05.10.2008 2:27

Roberbo Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. HJT log - otazka

v Antivíry a antispywary

3

521

05.08.2008 1:13

Roberbo Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. pls kontrola hjt

v Antivíry a antispywary

1

493

08.07.2008 17:46

Tomas1 Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Kontrola logu HJT

v Antivíry a antispywary

3

655

17.01.2008 22:18

yaJohny Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Kontrola logu s HJT

v Antivíry a antispywary

7

605

11.06.2008 17:10

Hellboy248 Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. HJT nevie spraviť log...

v Antivíry a antispywary

15

1283

24.04.2008 23:46

HJT66 Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. prosim o kontrolu HJT

v Antivíry a antispywary

10

777

08.01.2008 0:40

domcek Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. kontrloa logu z HJT

v Antivíry a antispywary

23

953

01.01.2008 21:55

Devil_SK Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Kontrola Logu z hjt

v Antivíry a antispywary

19

800

10.12.2007 20:19

Dzimbo Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. prosím kontrolu logu HJT

v Antivíry a antispywary

9

734

07.11.2007 0:49

patrick1 Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. pozrite moj HJT log

v Antivíry a antispywary

3

835

26.10.2007 20:01

Rbot Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. prosim o kontrolu HJT

v Antivíry a antispywary

5

537

08.07.2008 1:16

domcek Zobrazenie posledných príspevkov


Nemôžete zakladať nové témy v tomto fóre
Nemôžete odpovedať na témy v tomto fóre
Nemôžete upravovať svoje príspevky v tomto fóre
Nemôžete mazať svoje príspevky v tomto fóre

Skočiť na:  

Powered by phpBB Jarvis © 2005 - 2024 PCforum, webhosting by WebSupport, secured by GeoTrust, edited by JanoF
Ako väčšina webových stránok aj my používame cookies. Zotrvaním na webovej stránke súhlasíte, že ich môžeme používať.
Všeobecné podmienky, spracovanie osobných údajov a pravidlá fóra