[ Príspevkov: 11 ] 
AutorSpráva
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 24.04.08
Prihlásený: 30.11.09
Príspevky: 39
Témy: 11 | 11
NapísalOffline : 15.05.2008 13:51 | Kontrola logu

Kamoš mal úplne nekrytý PC tak prosím o jeho kontrolu :loony:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:50:02, on 15. 5. 2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\TBPanel.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
D:\PROGRA~1\avast\ashDisp.exe
C:\Program Files\Java\jre1.5.0_12\bin\jusched.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ntvdm.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\NVIDIA\NetworkAccessManager\bin\nSvcIp.exe
C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\NVIDIA\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\AVG\AVG8\aAvgApi.exe
C:\Documents and Settings\Administrator\Desktop\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_12\bin\ssv.dll
O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [Gainward] C:\WINDOWS\TBPanel.exe /A
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\avast\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_12\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Kalendár.lnk = C:\WINDOWS\MENINY.EXE
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_12\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_12\bin\ssv.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{07F1FF38-D022-420E-9C50-71251DA63B4C}: NameServer = 192.168.4.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{07F1FF38-D022-420E-9C50-71251DA63B4C}: NameServer = 192.168.4.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{07F1FF38-D022-420E-9C50-71251DA63B4C}: NameServer = 192.168.4.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\avast\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\avast\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\avast\ashWebSv.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\NVIDIA\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - C:\NVIDIA\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 6692 bytes


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 24.03.07
Prihlásený: 28.07.16
Príspevky: 4153
Témy: 251 | 251
Bydlisko: Michalovce
NapísalOffline : 15.05.2008 14:41 | Kontrola logu

Log vizerá byť v poriadku.. Deje sa niečo s PC?


_________________
PC1: Intel Core i5 4690k / MSI Z97 Gaming 3 / Kingston HyperX Fury 8GB DDR3 / MSI R9 380 Gaming 2GB / Crucial MX100 256GB SSD / Samsung EcoGreen F3 HD105SI 1TB SATA / CoolerMaster G450M / LG IPS235P

PC2: AMD Phenom II X4 955 / ASUS M5A97 PRO / Kingston 8GB Kit DDR3 / grafika RIP :( /

NTB: Lenovo IdeaPad Y580 - Intel Core i5 3210 / 15.6" 1080p / 8GB DDR3 / NVIDIA GeForce GTX660M 2GB / SSD 90GB Intel 525 mSATA / HDD 1TB 5400 RPM
Offline

Užívateľ
Užívateľ
Kontrola logu

Registrovaný: 01.02.08
Prihlásený: 27.01.16
Príspevky: 246
Témy: 33 | 33
Bydlisko: Bratislava
NapísalOffline : 15.05.2008 15:21 | Kontrola logu

kde v systeme mozem najst tatyko vypis?


_________________
i7-3930k@4Ghz, MB: ASUS-P9X79, RAM:32GB@1600mhz, ASUS-GTX680-4GB, SSD: intel-520series-180gb, HDD: WD-RE4, NOCTUA NH-D14, Seasonic-X-660, FractalDesign-R3, LCD: 2x HP-ZR2440W, wacom-intuos4-A4
Offline

Užívateľ
Užívateľ
Kontrola logu

Registrovaný: 07.04.06
Prihlásený: 16.12.14
Príspevky: 3071
Témy: 119 | 119
Bydlisko: Nitra
NapísalOffline : 15.05.2008 15:24 | Kontrola logu

HijackThis stiahni tento program a on ti spravi taky log... a potom haved fixnes...


_________________
nemam rad ludi ktori hladaju dovody preco by to neslo .. ale krasni su ludia ktori hladaju dovody akoby to slo ....
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 24.04.08
Prihlásený: 30.11.09
Príspevky: 39
Témy: 11 | 11
Napísal autor témyOffline : 15.05.2008 19:05 | Kontrola logu

renderman : http://www.pcforum.sk/cistime-napadnuty ... 27265.html

Lordofminor : S PC sa nič nedeje, ale pre istotu lebo mať PC na internete 2 mesiace nechránený....no tak radšej som poprosil :).....a asi mal štastie.


Offline

Užívateľ
Užívateľ
Kontrola logu

Registrovaný: 31.08.07
Prihlásený: 15.03.11
Príspevky: 2179
Témy: 45 | 45
Bydlisko: Bratislava
NapísalOffline : 15.05.2008 19:08 | Kontrola logu

HJT66 píše:
a asi mal štastie.

skor by som povedal, ze nechodi na porno :lol:


_________________
Desktop:Asus P5Q Pro, e7200@3,17GHz + AC Freezer 7 Pro, Gainward 4850 + AC Accelero Twin Turbo, A-Data 4GB DDR2 VEE 800MHz cl4, Samsung 640GB Spinpoint F1, Asus 2014-L1T. Enermax Liberty 400W, NZXT Alpha, Samsung 226BW, Razer DeathAdder, Windows Vista Ultimate SP1 x64
„Najľahšie je poradiť druhému, najťažšie je poradiť sebe." Táles
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 24.03.07
Prihlásený: 28.07.16
Príspevky: 4153
Témy: 251 | 251
Bydlisko: Michalovce
NapísalOffline : 16.05.2008 17:27 | Kontrola logu

HJT66 píše:
Lordofminor : S PC sa nič nedeje, ale pre istotu lebo mať PC na internete 2 mesiace nechránený....no tak radšej som poprosil :).....a asi mal štastie.


Staci mať rozum popripade vyhliadnute stranky ktorym podobne su zavyrovane ale prave ta neni.. Uz aj ja som bez AV aj FW.. :)


_________________
PC1: Intel Core i5 4690k / MSI Z97 Gaming 3 / Kingston HyperX Fury 8GB DDR3 / MSI R9 380 Gaming 2GB / Crucial MX100 256GB SSD / Samsung EcoGreen F3 HD105SI 1TB SATA / CoolerMaster G450M / LG IPS235P

PC2: AMD Phenom II X4 955 / ASUS M5A97 PRO / Kingston 8GB Kit DDR3 / grafika RIP :( /

NTB: Lenovo IdeaPad Y580 - Intel Core i5 3210 / 15.6" 1080p / 8GB DDR3 / NVIDIA GeForce GTX660M 2GB / SSD 90GB Intel 525 mSATA / HDD 1TB 5400 RPM
Offline

Užívateľ
Užívateľ
Kontrola logu

Registrovaný: 21.08.07
Prihlásený: 14.12.10
Príspevky: 61
Témy: 4 | 4
Bydlisko: ZiLiNa
NapísalOffline : 02.06.2008 21:51 | Kontrola logu

prosim skontrovali by ste mi log



Logfile of HijackThis v1.99.1
Scan saved at 21:50:20, on 2.6.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Eset\nod32kui.exe
C:\PROGRA~1\MEDIAK~1\MagicKey.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\PROGRA~1\MEDIAK~1\OSD.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\WinAnonymous\plug\GDCW.exe
C:\Program Files\Common Files\WinAnonymous\stm.exe
C:\Program Files\WinAnonymous\GDC.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WinAnonymous\GDC.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\WINDOWS\ALCFDRTM.EXE
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Arovax AntiSpyware\arovaxantispyware.exe
C:\Program Files\Opera\Opera.exe
C:\Documents and Settings\PC\My Documents\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.qip.ru
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\2.bin\ASKSBAR.DLL
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [MagicKey] C:\PROGRA~1\MEDIAK~1\MagicKey.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SBI] C:\Documents and Settings\PC\Desktop\installer_sbd_en.exe
O4 - HKLM\..\Run: [GDCW] C:\Program Files\WinAnonymous\plug\GDCW.exe
O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Common Files\WinAnonymous\stm.exe" dm=http://winanonymous.com ad=http://winanonymous.com sd=http://ilp.winanonymous.com
O4 - HKLM\..\Run: [WinAnonymous] C:\Program Files\WinAnonymous\GDC.exe
O4 - HKLM\..\Run: [BM570266ed] Rundll32.exe "C:\WINDOWS\system32\cflgaett.dll",s
O4 - HKLM\..\Run: [54315571] rundll32.exe "C:\WINDOWS\system32\kiljrfwj.dll",b
O4 - HKLM\..\Run: [Arovax AntiSpyware] C:\Program Files\Arovax AntiSpyware\arovaxantispyware.exe /s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WinAnonymous] "C:\Program Files\WinAnonymous\GDC.exe" /scan
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {A4735C9C-6626-4386-9B93-2D9B79047AB8} (MediaPlugin Control) - http://www.joj.sk/fileadmin/joj_player/ ... Player.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

dakujem


_________________
každý človek zomrie, ale nie každý naozaj žije
Offline

Užívateľ
Užívateľ
Kontrola logu

Registrovaný: 02.09.07
Prihlásený: 20.11.17
Príspevky: 6419
Témy: 298 | 298
Bydlisko: Žilina
Vek: 24
NapísalOffline : 02.06.2008 22:03 | Kontrola logu

Cau Dr. Kokobus, mas kopu havete, fixni toto:

C:\Program Files\WinAnonymous\plug\GDCW.exe
C:\Program Files\WinAnonymous\GDC.exe
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O4 - HKLM\..\Run: [GDCW] C:\Program Files\WinAnonymous\plug\GDCW.exe
O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Common Files\WinAnonymous\stm.exe" dm=http://winanonymous.com ad=http://winanonymous.com sd=http://ilp.winanonymous.com
O4 - HKLM\..\Run: [WinAnonymous] C:\Program Files\WinAnonymous\GDC.exe
O4 - HKCU\..\Run: [WinAnonymous] "C:\Program Files\WinAnonymous\GDC.exe" /scan

Prajem pekný deň !


_________________
NTB: Dell Vostro 5470 - Core i5-4200U, GT 740M, 8GB DDR3-1600, Crucial MX100 256GB, 14" 1366x768
Audio: KRK RoKit 5 G2 White, Lexicon Alpha, M-Audio Axiom 25 MKII, AKG Y55
Phone: Samsung Galaxy S8
Vozenie: Alfa Romeo 159 SW 1.9JTDm 110kW - DPF/EGR/SWIRL OFF, BOSE SOUND
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 28.07.07
Príspevky: 3210
Témy: 41 | 41
Bydlisko: Brno
NapísalOffline : 02.06.2008 22:30 | Kontrola logu

Zdravim :)

Takze najprv postupuj podla navodu Combofix-u http://www.pcforum.sk/cistime-napadnuty ... 27265.html a v sekcii Spustenie scriptu vloz do kodu toto:

Kód:
File::
C:\Program Files\WinAnonymous\plug\GDCW.exe
C:\Program Files\Common Files\WinAnonymous\stm.exe
C:\Program Files\WinAnonymous\GDC.exe
C:\WINDOWS\system32\cflgaett.dll
C:\WINDOWS\system32\kiljrfwj.dll


potom log z combofixu vloz sem


Potom fixni v hijackthis:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.qip.ru
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O4 - HKLM\..\Run: [GDCW] C:\Program Files\WinAnonymous\plug\GDCW.exe
O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Common Files\WinAnonymous\stm.exe" dm=http://winanonymous.com ad=http://winanonymous.com sd=http://ilp.winanonymous.com
O4 - HKLM\..\Run: [WinAnonymous] C:\Program Files\WinAnonymous\GDC.exe
O4 - HKLM\..\Run: [BM570266ed] Rundll32.exe "C:\WINDOWS\system32\cflgaett.dll",s
O4 - HKLM\..\Run: [54315571] rundll32.exe "C:\WINDOWS\system32\kiljrfwj.dll",b
O4 - HKCU\..\Run: [WinAnonymous] "C:\Program Files\WinAnonymous\GDC.exe" /scan


_________________
PC: CPU: Intel i7 5820k @ 4.2 Ghz Cooler: NZXT Kraken x41 MB: ASUS X99-A GPU: ASUS Stryx 970 GTX 4GB RAM: 32 GB Kingston 2133 DDR4 SSD: Kingston Hyperx 240 GB HDD1: Seagate Barracuda 7200.14 3TB HDD2: Seagate Barracuda 7200 1TB PSU: Corsair RM 850 Case: NZXT Phantom 410 white LCD: DELL P2416D @ 75Hz AUDIO: Yamaha RN500 Repro: DALI Zensor 5 Phone: Galaxy S8+
NB: Lenovo Y500
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 18.06.08
Prihlásený: 04.05.13
Príspevky: 19
Témy: 1 | 1
NapísalOffline : 02.01.2010 19:04 | Kontrola logu

Logfile of IObit HijackScan v0.2.0.0
Scan saved at 18:20:38, on 2010-1-2

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\IObit\IObit Security 360\IS360srv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\IObit\IObit Security 360\IS360tray.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSI\3D!Turbo Experience\3D!Turbo.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\IObit\IObit Security 360\is360.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\IObit\IObit Security 360\a_hijackscan.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKCU\Software\Microsoft\Windows\CurrentVersion\Run\: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKLM\Software\Microsoft\Windows\CurrentVersion\Run\: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\Software\Microsoft\Windows\CurrentVersion\Run\: [nwiz] nwiz.exe /install
O4 - HKLM\Software\Microsoft\Windows\CurrentVersion\Run\: [NVCLOCK] Rundll32 nvclock.dll,fnNvclock
O4 - HKLM\Software\Microsoft\Windows\CurrentVersion\Run\: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\Software\Microsoft\Windows\CurrentVersion\Run\: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\Software\Microsoft\Windows\CurrentVersion\Run\: [IObit Security 360] "C:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}Java Plug-in 1.6.0_14 - http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}Java Plug-in 1.6.0_14 - http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}Java Plug-in 1.6.0_14 - http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: COMODO Firewall Pro Helper Service - Unknown - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Eset HTTP Server - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe
O23 - Service: Java Quick Starter - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Driver Helper Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe


 [ Príspevkov: 11 ] 


Kontrola logu



Podobné témy

 Témy  Odpovede  Zobrazenia  Posledný príspevok 
V tomto fóre nie sú ďalšie neprečítané témy.

Kontrola Logu.

v Antivíry a antispywary

0

329

01.09.2008 20:02

tinozv

V tomto fóre nie sú ďalšie neprečítané témy.

Kontrola logu

v Antivíry a antispywary

11

353

11.06.2008 20:54

markus.22

V tomto fóre nie sú ďalšie neprečítané témy.

Kontrola Logu

v Antivíry a antispywary

2

383

09.03.2008 18:47

Mandy

V tomto fóre nie sú ďalšie neprečítané témy.

kontrola logu

v Antivíry a antispywary

11

592

05.01.2008 11:00

feldino

V tomto fóre nie sú ďalšie neprečítané témy.

Kontrola Logu

v Antivíry a antispywary

3

561

16.11.2007 22:12

Rbot

V tomto fóre nie sú ďalšie neprečítané témy.

Kontrola logu

v Antivíry a antispywary

3

482

30.12.2007 15:36

Seto

V tomto fóre nie sú ďalšie neprečítané témy.

kontrola logu

v Antivíry a antispywary

3

419

22.02.2009 16:38

bayo15

V tomto fóre nie sú ďalšie neprečítané témy.

kontrola LOGU

v Antivíry a antispywary

19

615

30.07.2012 19:01

personal compuper

V tomto fóre nie sú ďalšie neprečítané témy.

kontrola logu

v Antivíry a antispywary

4

317

07.01.2008 12:22

Peterson

V tomto fóre nie sú ďalšie neprečítané témy.

kontrola logu

v Antivíry a antispywary

2

403

28.08.2008 14:00

yaJohny

V tomto fóre nie sú ďalšie neprečítané témy.

Kontrola Logu

v Antivíry a antispywary

0

320

10.03.2008 4:33

PE1987

V tomto fóre nie sú ďalšie neprečítané témy.

kontrola logu

v Antivíry a antispywary

20

971

28.02.2008 20:48

pepek.namornik

V tomto fóre nie sú ďalšie neprečítané témy.

Kontrola logu

v Antivíry a antispywary

0

613

30.04.2010 0:07

maminkask

V tomto fóre nie sú ďalšie neprečítané témy.

Kontrola logu

v Antivíry a antispywary

0

206

31.10.2012 16:33

Royksopp

V tomto fóre nie sú ďalšie neprečítané témy.

Kontrola logu

v Antivíry a antispywary

11

721

25.08.2007 20:26

Rbot

V tomto fóre nie sú ďalšie neprečítané témy.

kontrola LOGu

v Antivíry a antispywary

1

442

23.09.2008 16:03

dedko45



© 2005 - 2017 PCforum, edited by JanoF