[ Príspevkov: 8 ] 
AutorSpráva
Offline

Užívateľ
Užívateľ
userinit.exe problém

Registrovaný: 02.06.08
Prihlásený: 19.07.16
Príspevky: 3330
Témy: 147 | 147
Bydlisko: Žilina / Os...
Vek: 24
NapísalOffline : 20.07.2012 14:28 | userinit.exe problém

Mám doma teraz jeden notebook s Windows 7, problémom je systémový súbor userinit.exe, ktorý sa spúšťa pri štarte, a bol najskôr infikovaný i keď už na napr. virustotal ukazuje, že je čistý. Stále rovnaký problém, niekedy vyhodí po štarte aj chybovú hlášku s "host processes". Už mi celkovo došli nápady, ak ste mali niekto pod. problém, zišiel by sa mi help :)
PC som prebehol antivirmi (malware bytes, dr.web, avast, eset, AVG, combofix - ten zamrzne pri vymazávaní nejakých zložiek, už raz objavil, že bol tento súbor infikovaný, vyriešil ho ale celkovo problém nezmizol, hijackthis, log som kontroloval, ak by ste kukli prípadne, skúšal som aj nakopírovať nový súbor do system32 z môjho druhého PC, škúšal som system file check (sfc scan), hrabal som sa v registroch, kasperski TDSSK (anti rootkit) som zmazal rootkit, pretože blokoval ataport.sys a spôsoboval BSOD :shock: diki za ďalšie rady :) Kvôli tej chybe nefungujú nejaké služby, napr. nefunguje spojenie s modemom čo má uživateľ internet (mobilny alebo čo to je .) Reinštalovať systém moc nechcem, keďže nemám šajnu, kde je licenčný kód a je tu okolo 300GB dát, ktoré nemám kde zálohovať :rolleyes:

hihjack log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:39:36, on 19. 7. 2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16968)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\ProgramData\bProtectorForWindows\2.1.415.37\bProtect.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\HSPA USB MODEM\ModemListener.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: PriceGong - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.6.4\PriceGongIE.dll
O2 - BHO: Toolbar BHO - {1e91a655-bb4b-4693-a05e-2edebc4c9d89} - C:\PROGRA~1\MAPSGA~2\bar\1.bin\39bar.dll (file missing)
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll
O2 - BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\SEARCH~1\Datamngr\BROWSE~1.DLL
O2 - BHO: blekko search bar - {a0442ee1-d2e7-44c0-b4a5-8c4e6b035787} - C:\Program Files\blekkotb_020\blekkotb_019X.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
O2 - BHO: WiseConvert - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Program Files\WiseConvert\prxtbWise.dll
O2 - BHO: BS Player - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: WiseConvert Toolbar - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Program Files\WiseConvert\prxtbWise.dll
O3 - Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - (no file)
O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [ModemListener] C:\Program Files\HSPA USB MODEM\ModemListener.exe start
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: Bluetooth.lnk = ?
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~2\bprote~1\21415~1.37\protec~1.dll
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: bProtector - bProtector - C:\ProgramData\bProtectorForWindows\2.1.415.37\bProtect.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: DeviceManager - Unknown owner - C:\Program Files\Common Files\DeviceHelper\DeviceManager.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: WTGService - Unknown owner - C:\Users\asus\WTGService.exe

--
End of file - 7878 bytes

dik


_________________
PC - ASUS M2N-MX Se+ | AMD X2 4200+ | 2GB RAM | Nvidia 8600GT | WD 320GB | 350W |NTB - ASUS K50AB SX-010 | | ASUS X550L | SteelSeries Mousepad | A4tech XL-750BF | HTC Explorer |
CCNA (640-802) |
Offline

Užívateľ
Užívateľ
userinit.exe problém

Registrovaný: 18.12.08
Prihlásený: 28.11.17
Príspevky: 18992
Témy: 477 | 477
Bydlisko: Považská By...
Vek: 24
NapísalOffline : 20.07.2012 14:44 | userinit.exe problém

Reinstall systemu nepripada v uvahu?


_________________
Phone: Apple iPhone 7 128GB, Matte Black
[spoiler=Desktop + accessories][color=blue]MB:
ASRock 980DE3/U3S3, CPU: AMD PHENOM II X4 925, CPU cooler: CoolerMaster Hyper 212+, RAM: Corsair XMS3 4GB (Kit 2x2GB) 1600MHz DDR3, CL9, SSD: Samsung 840 EVO 120GB, HDD: Seagate Barracuda 7200.12 1TB, VGA: Sapphire ATI Radeon VAPOR-X HD5770, PSU: Corsair VX450, DVD-RW: SAMSUNG SH-S223C, CASE: CoolerMaster Elite 330 Black, LCD: LG FLATRON W2246T, 21.5", OS: Windows 10 Home, 64bit, Repro: Behringer MS40 + Monacor CARPOWER SP-252c (DIY BOX), Mouse: A4Tech EVO XGame XL740, Red, Mouse pad: SteelPad QcK+, Keyboard: TRUST KB-2200.[/spoiler]
Offline

Užívateľ
Užívateľ
userinit.exe problém

Registrovaný: 02.06.08
Prihlásený: 19.07.16
Príspevky: 3330
Témy: 147 | 147
Bydlisko: Žilina / Os...
Vek: 24
Napísal autor témyOffline : 20.07.2012 16:29 | userinit.exe problém

To by som chcel nechať ako poslednú možnosť :)


_________________
PC - ASUS M2N-MX Se+ | AMD X2 4200+ | 2GB RAM | Nvidia 8600GT | WD 320GB | 350W |NTB - ASUS K50AB SX-010 | | ASUS X550L | SteelSeries Mousepad | A4tech XL-750BF | HTC Explorer |
CCNA (640-802) |
Offline

Užívateľ
Užívateľ
userinit.exe problém

Registrovaný: 18.12.08
Prihlásený: 28.11.17
Príspevky: 18992
Témy: 477 | 477
Bydlisko: Považská By...
Vek: 24
NapísalOffline : 20.07.2012 16:51 | userinit.exe problém

Popisujes nejake problemy s modemom. Skus preinstalovat ovladac od toho modemu ak nejaky vyzaduje.
Inak licencne cislo win by sa malo dat cez nejaky sikovny soft vytiahnut aj zo systemu.


_________________
Phone: Apple iPhone 7 128GB, Matte Black
[spoiler=Desktop + accessories][color=blue]MB:
ASRock 980DE3/U3S3, CPU: AMD PHENOM II X4 925, CPU cooler: CoolerMaster Hyper 212+, RAM: Corsair XMS3 4GB (Kit 2x2GB) 1600MHz DDR3, CL9, SSD: Samsung 840 EVO 120GB, HDD: Seagate Barracuda 7200.12 1TB, VGA: Sapphire ATI Radeon VAPOR-X HD5770, PSU: Corsair VX450, DVD-RW: SAMSUNG SH-S223C, CASE: CoolerMaster Elite 330 Black, LCD: LG FLATRON W2246T, 21.5", OS: Windows 10 Home, 64bit, Repro: Behringer MS40 + Monacor CARPOWER SP-252c (DIY BOX), Mouse: A4Tech EVO XGame XL740, Red, Mouse pad: SteelPad QcK+, Keyboard: TRUST KB-2200.[/spoiler]
Offline

Užívateľ
Užívateľ
userinit.exe problém

Registrovaný: 02.06.08
Prihlásený: 19.07.16
Príspevky: 3330
Témy: 147 | 147
Bydlisko: Žilina / Os...
Vek: 24
Napísal autor témyOffline : 20.07.2012 20:55 | userinit.exe problém

Vyzerá, že by to mohlo byť aj OK, cez combofix to už konečne v pohode prešlo na poriadok, a zatiaľ to neukázalo, potreboval by som len vyčistiť combofix naporiadok už.
:lock:

ComboFix 12-07-20.01 - Administrator . 07. 2012 20:13:28.4.2 - x86 NETWORK
Microsoft Windows 7 Professional 6.1.7600.0.1250.421.1051.18.2988.2470 [GMT 2:00]
Running from: c:\users\Administrator\Desktop\ComboFix.exe
AV: AVG Internet Security 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\users\Administrator\1051.MST
.
-- Previous Run --
.
Infected copy of c:\windows\system32\userinit.exe was found and disinfected
Restored copy from - c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

.
--------
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_WTGService
.
.
((((((((((((((((((((((((( Files Created from 2012-06-20 to 2012-07-20 )))))))))))))))))))))))))))))))
.
.
2012-07-20 18:18 . 2012-07-20 18:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-20 18:18 . 2012-07-20 18:18 -------- d-----w- c:\users\asus\AppData\Local\temp
2012-07-20 14:33 . 2012-07-20 14:33 -------- d-----w- C:\rsit
2012-07-20 12:40 . 2012-07-20 12:40 -------- d-----w- C:\$AVG
2012-07-20 12:23 . 2012-07-20 12:23 -------- d-----w- c:\users\asus\AppData\Roaming\AVG2012
2012-07-20 10:22 . 2012-07-20 10:22 -------- d-sh--w- C:\DrWeb Quarantine
2012-07-20 09:26 . 2012-07-20 09:51 -------- d-----w- c:\programdata\AVG2012
2012-07-20 09:26 . 2012-07-20 09:33 -------- d-----w- c:\windows\system32\drivers\AVG
2012-07-20 09:25 . 2012-07-20 09:25 -------- d-----w- c:\program files\AVG
2012-07-20 09:19 . 2012-07-20 09:19 -------- d--h--w- c:\programdata\Common Files
2012-07-20 09:17 . 2012-07-20 09:34 -------- d-----w- c:\programdata\MFAData
2012-07-20 09:14 . 2012-07-20 09:14 -------- d-----w- c:\program files\Common Files\Doctor Web
2012-07-20 09:13 . 2012-07-20 10:24 -------- d-----w- c:\program files\DrWeb
2012-07-20 09:13 . 2012-07-20 10:16 -------- d-----w- c:\programdata\Doctor Web
2012-07-19 20:43 . 2012-07-19 20:43 -------- d---a-w- C:\.Trash-999
2012-07-19 20:39 . 2012-07-19 20:39 -------- d-----w- c:\program files\Trend Micro
2012-07-19 20:33 . 2012-07-19 20:33 -------- d-----w- C:\TDSSKiller_Quarantine
2012-07-19 19:10 . 2012-07-19 19:10 -------- d-----w- c:\windows\system32\Extensions
2012-07-19 17:51 . 2012-07-19 19:31 -------- d-----w- c:\program files\Anti Trojan Elite
2012-07-19 17:48 . 2012-07-20 10:36 -------- d-----w- c:\users\Administrator
2012-07-19 16:11 . 2012-07-03 16:21 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-07-19 16:11 . 2012-07-03 16:21 353688 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-07-19 16:11 . 2012-07-03 16:21 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-07-19 16:11 . 2012-07-03 16:21 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-07-19 16:11 . 2012-07-03 16:21 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-07-19 16:11 . 2012-07-03 16:21 57656 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-07-19 16:10 . 2012-07-03 16:21 41224 ----a-w- c:\windows\avastSS.scr
2012-07-19 16:10 . 2012-07-03 16:21 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-07-19 16:10 . 2012-07-19 16:10 -------- d-----w- c:\programdata\AVAST Software
2012-07-19 16:10 . 2012-07-19 16:10 -------- d-----w- c:\program files\AVAST Software
2012-07-19 12:56 . 2012-07-19 12:56 -------- d-----w- c:\program files\ESET
2012-07-19 12:46 . 2012-07-19 12:46 -------- d-----w- c:\users\asus\AppData\Roaming\Malwarebytes
2012-07-19 12:46 . 2012-07-19 12:46 -------- d-----w- c:\programdata\Malwarebytes
2012-07-19 12:46 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-19 12:46 . 2012-07-19 12:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-07-19 12:44 . 2012-07-19 19:34 -------- d-----w- c:\program files\CCleaner
2012-07-19 12:00 . 2009-04-07 12:32 29472 ----a-w- c:\windows\system32\drivers\btwl2cap.sys
2012-07-19 12:00 . 2010-01-15 11:22 86056 ----a-w- c:\windows\system32\drivers\btwaudio.sys
2012-07-19 12:00 . 2010-01-15 11:22 108072 ----a-w- c:\windows\system32\drivers\btwavdt.sys
2012-07-19 12:00 . 2010-01-15 11:22 18472 ----a-w- c:\windows\system32\drivers\btwrchid.sys
2012-07-13 06:32 . 2012-07-13 06:33 -------- d--h--w- c:\windows\AxInstSV
2012-07-11 17:36 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-07-11 17:36 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-07-11 17:36 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-07-11 17:36 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-07-11 17:35 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2012-07-11 17:35 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-07-11 17:35 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-07-11 17:35 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-07-11 17:35 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-30 16:05 . 1999-12-17 06:13 86016 ----a-w- c:\windows\unvise32.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-20 10:08 . 2012-01-26 21:02 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2012-07-11 22:41 . 2012-01-12 10:13 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-07-11 22:41 . 2012-01-26 21:02 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-05-25 11:51 . 2012-01-12 10:13 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}]
2012-03-19 17:35 85288 ----a-w- c:\program files\blekkotb_020\blekkotb_019X.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}]
2011-05-09 08:49 176936 ----a-w- c:\program files\WiseConvert\prxtbWise.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
2011-05-09 09:49 176936 ----a-w- c:\program files\BS_Player\prxtbBS_2.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\prxtbBS_2.dll" [2011-05-09 176936]
"{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}"= "c:\program files\WiseConvert\prxtbWise.dll" [2011-05-09 176936]
"{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}"= "c:\program files\blekkotb_020\blekkotb_019X.dll" [2012-03-19 85288]
.
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
.
[HKEY_CLASSES_ROOT\clsid\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}]
.
[HKEY_CLASSES_ROOT\clsid\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}"= "c:\program files\WiseConvert\prxtbWise.dll" [2011-05-09 176936]
"{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}"= "c:\program files\BS_Player\prxtbBS_2.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}]
.
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"ATKMEDIA"="c:\program files\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-05-11 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-05-11 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-05-11 170008]
"ModemListener"="c:\program files\HSPA USB MODEM\ModemListener.exe" [2010-05-10 98304]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-3-11 800032]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\BPROTE~1\21415~1.37\protector.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Launcher.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Launcher.lnk
backup=c:\windows\pss\Launcher.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
backup=c:\windows\pss\SRS Premium Sound.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Anti Trojan Elite]
2012-07-19 19:31 4076544 ----a-w- c:\program files\Anti Trojan Elite\TJEnder.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Anti-phishing Domain Advisor]
2012-03-01 18:57 232616 ----a-w- c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG_TRAY]
2012-01-24 15:24 2416480 ----a-w- c:\program files\AVG\AVG2012\avgtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DATAMNGR]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2012-07-12 11:37 138096 ----atw- c:\users\asus\AppData\Local\Facebook\Update\FacebookUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2012-07-03 11:46 462920 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2011-07-26 13:13 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
R0 SpiderG3;DrWeb file system scanner;c:\windows\system32\drivers\spiderg3.sys [x]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [x]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]
R3 ewsercd;Huawei DataCard USB Serial Port;c:\windows\system32\DRIVERS\ewsercd.sys [x]
R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [x]
R3 jrdusbser;Modem Interface Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\jrdusbser.sys [x]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6x.sys [x]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [x]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 ATE_PROCMON;ATE_PROCMON;c:\program files\Anti Trojan Elite\ATEPMon.sys [x]
S2 avgfws;AVG Firewall;c:\program files\AVG\AVG2012\avgfws.exe [x]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [x]
S2 bProtector;bProtector;c:\programdata\bProtectorForWindows\2.1.415.37\bProtect.exe [x]
S2 DeviceManager;DeviceManager;c:\program files\Common Files\DeviceHelper\DeviceManager.exe [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Zvuk pre obrazovky;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
S3 JME;JMicron Ethernet Adapter NDIS6.20 Driver;c:\windows\system32\DRIVERS\JME.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-19 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-07-19 16:21]
.
2012-07-19 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-952682481-4253036212-391605119-1000Core.job
- c:\users\asus\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-11 11:37]
.
2012-07-20 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-952682481-4253036212-391605119-1000UA.job
- c:\users\asus\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-11 11:37]
.
2012-07-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-26 13:13]
.
2012-07-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-26 13:13]
.
.
------- Supplementary Scan -------
.
TCP: DhcpNameServer = 213.151.236.74 213.151.236.66
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-10 - (no file)
MSConfigStartUp-IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
MSConfigStartUp-NBKeyScan - c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-952682481-4253036212-391605119-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,31,25,e3,f1,2d,a1,d2,4c,8d,ad,1b,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,31,25,e3,f1,2d,a1,d2,4c,8d,ad,1b,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,31,25,e3,f1,2d,a1,d2,4c,8d,ad,1b,\
.
[HKEY_USERS\S-1-5-21-952682481-4253036212-391605119-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="IE.AssocFile.HTM"
.
[HKEY_USERS\S-1-5-21-952682481-4253036212-391605119-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (Administrator)
"Progid"="IE.AssocFile.HTM"
.
[HKEY_USERS\S-1-5-21-952682481-4253036212-391605119-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="IE.AssocFile.MHT"
.
[HKEY_USERS\S-1-5-21-952682481-4253036212-391605119-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="IE.AssocFile.MHT"
.
[HKEY_USERS\S-1-5-21-952682481-4253036212-391605119-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.url\UserChoice]
@Denied: (2) (Administrator)
"Progid"="IE.AssocFile.URL"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(5460)
c:\program files\WIDCOMM\Bluetooth Software\btmmhook.dll
.
------------------------ Other Running Processes ------------------------
.
c:\progra~1\AVG\AVG2012\avgrsx.exe
c:\program files\AVG\AVG2012\avgcsrvx.exe
c:\program files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files\AVG\AVG2012\avgnsx.exe
c:\program files\AVG\AVG2012\avgemcx.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\taskhost.exe
c:\program files\P4G\BatteryLife.exe
c:\program files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
c:\windows\system32\conhost.exe
c:\program files\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\program files\WIDCOMM\Bluetooth Software\BtStackServer.exe
.
**************************************************************************
.
Completion time: 2012-07-20 20:28:29 - machine was rebooted
ComboFix-quarantined-files.txt 2012-07-20 18:28
.
Pre-Run: 169 195 429 888 bytes free
Post-Run: 169 002 201 088 bytes free
.
- - End Of File - - 3BEDE21CF2BC992A45210369DFA228E1


_________________
PC - ASUS M2N-MX Se+ | AMD X2 4200+ | 2GB RAM | Nvidia 8600GT | WD 320GB | 350W |NTB - ASUS K50AB SX-010 | | ASUS X550L | SteelSeries Mousepad | A4tech XL-750BF | HTC Explorer |
CCNA (640-802) |
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 14.09.16
Príspevky: 618
Témy: 2 | 2
NapísalOffline : 29.07.2012 11:32 | userinit.exe problém

vidím ze si robil robil log RSIT posli ho sem a teraz otvor poznámkový blok vlož do nho čo je qoute
Citácia:
KILLALL::
SecCenter::
{D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
folder::
C:\DrWeb Quarantine
c:\program files\Common Files\Doctor Web
c:\program files\DrWeb
c:\programdata\Doctor Web
C:\TDSSKiller_Quarantine
c:\program files\Anti Trojan Elite
c:\programdata\AVAST Software
c:\program files\AVAST Software
c:\program files\ESET
c:\users\asus\AppData\Local\Facebook
c:\program files\Google\GoogleToolbarNotifier

DirLook::
C:\.Trash-999
file::
c:\program files\BS_Player\prxtbBS_2.dll
c:\program files\WiseConvert\prxtbWise.dll
c:\program files\blekkotb_020\blekkotb_019X.dll
c:\program files\WiseConvert\prxtbWise.dll
c:\program files\BS_Player\prxtbBS_2.dll
c:\program files\Google\Update\GoogleUpdate.exe
c:\windows\system32\drivers\spiderg3.sys
c:\windows\system32\drivers\aswMonFlt.sys
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-952682481-4253036212-391605119-1000Core.job
c:\users\asus\AppData\Local\Facebook\Update\FacebookUpdate.exe
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-952682481-4253036212-391605119-1000UA.job
c:\users\asus\AppData\Local\Facebook\Update\FacebookUpdate.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\program files\Google\Update\GoogleUpdate.exe
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\program files\Google\Update\GoogleUpdate.exe




registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Anti Trojan Elite]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DATAMNGR]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

driver::
SpiderG3
gupdate
SkypeUpdate
gupdatem
aswFsBlk
aswSP
aswFsBlk
aswMonFlt
ATE_PROCMON




reglock::
[HKEY_USERS\S-1-5-21-952682481-4253036212-391605119-500\Software\Microsoft\Internet Explorer\User Preferences]
[HKEY_USERS\S-1-5-21-952682481-4253036212-391605119-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice
[HKEY_USERS\S-1-5-21-952682481-4253036212-391605119-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
[HKEY_USERS\S-1-5-21-952682481-4253036212-391605119-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\UserChoice]
[HKEY_USERS\S-1-5-21-952682481-4253036212-391605119-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\UserChoice]
[HKEY_USERS\S-1-5-21-952682481-4253036212-391605119-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.url\UserChoice]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]


atjob::
clearjavacache::
reboot::
ulož ho na plochu a pomenuj cfsript potom pretiahni cfscript cez combofix a log posli


Offline

Užívateľ
Užívateľ
userinit.exe problém

Registrovaný: 02.06.08
Prihlásený: 19.07.16
Príspevky: 3330
Témy: 147 | 147
Bydlisko: Žilina / Os...
Vek: 24
Napísal autor témyOffline : 29.07.2012 15:46 | userinit.exe problém

Už je všetko done, vír preč a celý ntb bol dočistený kompletne.


_________________
PC - ASUS M2N-MX Se+ | AMD X2 4200+ | 2GB RAM | Nvidia 8600GT | WD 320GB | 350W |NTB - ASUS K50AB SX-010 | | ASUS X550L | SteelSeries Mousepad | A4tech XL-750BF | HTC Explorer |
CCNA (640-802) |
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 14.09.16
Príspevky: 618
Témy: 2 | 2
NapísalOffline : 29.07.2012 15:49 | userinit.exe problém

no ved neni ked neaplikujes skript neni plne vyčisteny


 [ Príspevkov: 8 ] 


userinit.exe problém



Podobné témy

 Témy  Odpovede  Zobrazenia  Posledný príspevok 
V tomto fóre nie sú ďalšie neprečítané témy.

explorer.exe, dllhost.exe - vyťaženie 100% CPU

v Antivíry a antispywary

3

1429

24.01.2012 15:41

Reverser

V tomto fóre nie sú ďalšie neprečítané témy.

egui.exe a ekern.exe

v Antivíry a antispywary

4

865

24.04.2010 15:32

feldino

V tomto fóre nie sú ďalšie neprečítané témy.

svchost.exe problém

v Operačné systémy Microsoft

6

1447

24.08.2011 20:40

ViktorinoSK

V tomto fóre nie sú ďalšie neprečítané témy.

Problem- svchost.exe

v Ostatné programy

3

318

03.01.2011 19:42

br4n0

V tomto fóre nie sú ďalšie neprečítané témy.

svchost.exe problem

v Ostatné

2

170

29.07.2012 22:23

Denco1

V tomto fóre nie sú ďalšie neprečítané témy.

Problem explorer.exe

v Operačné systémy Microsoft

3

374

09.02.2007 19:29

piaggio

V tomto fóre nie sú ďalšie neprečítané témy.

rundll.exe problem

[ Choď na stránku:Choď na stránku: 1, 2 ]

v Antivíry a antispywary

31

1409

31.12.2011 10:50

prekto

V tomto fóre nie sú ďalšie neprečítané témy.

Problem otvarania exe

v Operačné systémy Microsoft

1

71

02.03.2013 11:20

Denco1

V tomto fóre nie sú ďalšie neprečítané témy.

problem so svchost.exe

v Antivíry a antispywary

7

9640

15.02.2007 11:52

arcanus666

V tomto fóre nie sú ďalšie neprečítané témy.

problem s explorer.exe

v Operačné systémy Microsoft

5

690

09.01.2008 22:10

prkyyynko

V tomto fóre nie sú ďalšie neprečítané témy.

problem s ashServ.exe

v Sieťové a internetové programy

5

475

19.09.2009 12:28

Jaro

V tomto fóre nie sú ďalšie neprečítané témy.

Otváranie exe. súborov problém.

v Operačné systémy Microsoft

4

666

01.04.2011 22:51

kuRca

V tomto fóre nie sú ďalšie neprečítané témy.

explorer exe nastal problem

v Operačné systémy Microsoft

5

328

17.12.2008 11:13

McDog

V tomto fóre nie sú ďalšie neprečítané témy.

Problem so svchost.exe

v Operačné systémy Microsoft

8

392

08.05.2008 0:38

br4n0

V tomto fóre nie sú ďalšie neprečítané témy.

Vista explorer.exe problem

v Operačné systémy Microsoft

1

938

10.08.2010 13:28

DMaMT

V tomto fóre nie sú ďalšie neprečítané témy.

problem so stahovanim .exe suborov

v Siete

17

719

21.08.2008 21:38

Daevid



© 2005 - 2017 PCforum, edited by JanoF