Logfile of HijackThis v1.99.1
Scan saved at 21:19:09, on 6.2.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\Programy\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
D:\ANTIVI~1\AVG\avgamsvr.exe
D:\ANTIVI~1\AVG\avgupsvc.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\svchost.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
D:\ANTIVI~1\AVG\avgcc.exe
D:\ANTIVI~1\AVG\avgemc.exe
D:\Programy\Winamp\winampa.exe
C:\WINDOWS\SOUNDMAN.EXE
D:\Programy\DAEMON Tools\daemon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
D:\Programy\ZoneAlarm\zlclient.exe
D:\vsecko ke hram\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
D:\Programy\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
D:\Programy\Ahead\InCD\InCD.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
D:\Programy\Xfire\xfire.exe
C:\WINDOWS\System32\alg.exe
D:\Programy\ZONEAL~1\MAILFR~1\mantispm.exe
D:\Antivirus atd\Microsoft Office\Office10\WINWORD.EXE
D:\Programy\Firefox\firefox.exe
D:\Programy\QIP\qip.exe
C:\Documents and Settings\janko\Plocha\hijacks\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.icq.com/start/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programy\Adobe\acrobat7\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\vsecko ke hram\Java\jre1.5.0_10\bin\ssv.dll
O4 - HKLM\..\Run: [AVG7_CC] D:\ANTIVI~1\AVG\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] D:\ANTIVI~1\AVG\avgemc.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [WinampAgent] D:\Programy\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [THGuard] "D:\Programy\TrojanHunter 4.2\THGuard.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "D:\Programy\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Msn Messenger] syon.exe
O4 - HKLM\..\Run: [EPSON Stylus C62 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C62 Series" /O6 "USB001" /M "Stylus C62"
O4 - HKLM\..\Run: [Zone Labs Client] D:\Programy\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\vsecko ke hram\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [VaCtrl] C:\Program Files\VoiceAge\Common\VaCtrl.exe
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKLM\..\Run: [RemoteControl] "D:\Programy\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] D:\Programy\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\RunServices: [Msn Messenger] syon.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PowerBar] "D:\Programy\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" /AtBootTime
O4 - HKCU\..\Run: [CMS_RSChecker] "D:\Programy\Nhhpu44\RSFAN.exe" -m
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: HDDlife.lnk = D:\Programy\BinarySense\HDDlife\HDDlifePro.exe
O4 - Startup: Xfire.lnk = D:\Programy\Xfire\xfire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Programy\Adobe\acrobat7\Reader\reader_sl.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Antivirus atd\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Download Using &BitSpirit - D:\Programy\BitSpirit\bsurl.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\ANTIVI~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Programy\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Programy\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{2BF7FDD3-EEF7-4C61-99F5-5E3FEBEB4741}: NameServer = 194.228.41.65 194.228.41.113
O17 - HKLM\System\CS1\Services\Tcpip\..\{2BF7FDD3-EEF7-4C61-99F5-5E3FEBEB4741}: NameServer = 194.228.41.65 194.228.41.113
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - D:\ANTIVI~1\AVG\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:\ANTIVI~1\AVG\avgupsvc.exe
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Generic Host Process for Win32 Service - Unknown owner - C:\WINDOWS\svchost.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\Programy\Ahead\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
dik ja jen jestli tam neco neni protoze casto mi skace to s tm odesilat/neodesilat
pls o kontrolu logu
- jankacek
- Žlutá karta
-
- Registrován: 28. led 2007
- Baron Prášil
- Začátečník
-
- Registrován: 08. čer 2006
tuto službu zastav a dej na zakázáno
O23 - Service: Generic Host Process for Win32 Service - Unknown owner - C:\WINDOWS\svchost.exe
(služby spustíš napsáním příkazu services.msc do Spustit... v nabídce START a klik na OK)
stahni si killbox
http://www.bleepingcomputer.com/files/s ... illBox.zip
rozbal,spust a do okýnka zkopíruj tučné
C:\WINDOWS\svchost.exe
zaškrtni Delete on Reboot
a klikni na křížek.stroj pude do restartu
toto najdi a nech zkontrolovat tady
http://www.virustotal.com/flash/index_en.html
O4 - HKLM\..\Run: [Msn Messenger] syon.exe
pošli novej log a výsledek kontroly
O23 - Service: Generic Host Process for Win32 Service - Unknown owner - C:\WINDOWS\svchost.exe
(služby spustíš napsáním příkazu services.msc do Spustit... v nabídce START a klik na OK)
stahni si killbox
http://www.bleepingcomputer.com/files/s ... illBox.zip
rozbal,spust a do okýnka zkopíruj tučné
C:\WINDOWS\svchost.exe
zaškrtni Delete on Reboot
a klikni na křížek.stroj pude do restartu
toto najdi a nech zkontrolovat tady
http://www.virustotal.com/flash/index_en.html
O4 - HKLM\..\Run: [Msn Messenger] syon.exe
pošli novej log a výsledek kontroly
- jankacek
- Žlutá karta
-
- Registrován: 28. led 2007
Logfile of HijackThis v1.99.1
Scan saved at 22:03:24, on 6.2.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\Programy\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
D:\ANTIVI~1\AVG\avgamsvr.exe
D:\ANTIVI~1\AVG\avgupsvc.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
D:\ANTIVI~1\AVG\avgcc.exe
D:\ANTIVI~1\AVG\avgemc.exe
D:\Programy\Winamp\winampa.exe
C:\WINDOWS\SOUNDMAN.EXE
D:\Programy\DAEMON Tools\daemon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
D:\Programy\ZoneAlarm\zlclient.exe
D:\vsecko ke hram\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
D:\Programy\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
D:\Programy\Ahead\InCD\InCD.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
D:\Programy\Xfire\xfire.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
D:\Programy\ZONEAL~1\MAILFR~1\mantispm.exe
D:\Programy\Firefox\firefox.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\janko\Plocha\hijacks\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.icq.com/start/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programy\Adobe\acrobat7\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\vsecko ke hram\Java\jre1.5.0_10\bin\ssv.dll
O4 - HKLM\..\Run: [AVG7_CC] D:\ANTIVI~1\AVG\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] D:\ANTIVI~1\AVG\avgemc.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [WinampAgent] D:\Programy\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [THGuard] "D:\Programy\TrojanHunter 4.2\THGuard.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "D:\Programy\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Msn Messenger] syon.exe
O4 - HKLM\..\Run: [EPSON Stylus C62 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C62 Series" /O6 "USB001" /M "Stylus C62"
O4 - HKLM\..\Run: [Zone Labs Client] D:\Programy\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\vsecko ke hram\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [VaCtrl] C:\Program Files\VoiceAge\Common\VaCtrl.exe
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKLM\..\Run: [RemoteControl] "D:\Programy\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] D:\Programy\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\RunServices: [Msn Messenger] syon.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PowerBar] "D:\Programy\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" /AtBootTime
O4 - HKCU\..\Run: [CMS_RSChecker] "D:\Programy\Nhhpu44\RSFAN.exe" -m
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: HDDlife.lnk = D:\Programy\BinarySense\HDDlife\HDDlifePro.exe
O4 - Startup: Xfire.lnk = D:\Programy\Xfire\xfire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Programy\Adobe\acrobat7\Reader\reader_sl.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Antivirus atd\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Download Using &BitSpirit - D:\Programy\BitSpirit\bsurl.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\ANTIVI~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Programy\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Programy\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{2BF7FDD3-EEF7-4C61-99F5-5E3FEBEB4741}: NameServer = 194.228.41.65 194.228.41.113
O17 - HKLM\System\CS1\Services\Tcpip\..\{2BF7FDD3-EEF7-4C61-99F5-5E3FEBEB4741}: NameServer = 194.228.41.65 194.228.41.113
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - D:\ANTIVI~1\AVG\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:\ANTIVI~1\AVG\avgupsvc.exe
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\Programy\Ahead\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
to poseldni s tim syonem sem ho nemohl najit
ja se za chvilu est podivam ted se ucim ale jinak este jestli nevis cim ot je ze se mi po kazdym vypnuti pc nechce hned nabehnou normalne nabiha az do ty doby jak maj nabehnout uzivatelsky ucty a vypne se .. musim pcokat cca 5 minut a az teprv de
Scan saved at 22:03:24, on 6.2.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\Programy\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
D:\ANTIVI~1\AVG\avgamsvr.exe
D:\ANTIVI~1\AVG\avgupsvc.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
D:\ANTIVI~1\AVG\avgcc.exe
D:\ANTIVI~1\AVG\avgemc.exe
D:\Programy\Winamp\winampa.exe
C:\WINDOWS\SOUNDMAN.EXE
D:\Programy\DAEMON Tools\daemon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
D:\Programy\ZoneAlarm\zlclient.exe
D:\vsecko ke hram\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
D:\Programy\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
D:\Programy\Ahead\InCD\InCD.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
D:\Programy\Xfire\xfire.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
D:\Programy\ZONEAL~1\MAILFR~1\mantispm.exe
D:\Programy\Firefox\firefox.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\janko\Plocha\hijacks\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.icq.com/start/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programy\Adobe\acrobat7\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\vsecko ke hram\Java\jre1.5.0_10\bin\ssv.dll
O4 - HKLM\..\Run: [AVG7_CC] D:\ANTIVI~1\AVG\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] D:\ANTIVI~1\AVG\avgemc.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [WinampAgent] D:\Programy\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [THGuard] "D:\Programy\TrojanHunter 4.2\THGuard.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "D:\Programy\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Msn Messenger] syon.exe
O4 - HKLM\..\Run: [EPSON Stylus C62 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C62 Series" /O6 "USB001" /M "Stylus C62"
O4 - HKLM\..\Run: [Zone Labs Client] D:\Programy\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\vsecko ke hram\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [VaCtrl] C:\Program Files\VoiceAge\Common\VaCtrl.exe
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKLM\..\Run: [RemoteControl] "D:\Programy\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] D:\Programy\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\RunServices: [Msn Messenger] syon.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PowerBar] "D:\Programy\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" /AtBootTime
O4 - HKCU\..\Run: [CMS_RSChecker] "D:\Programy\Nhhpu44\RSFAN.exe" -m
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: HDDlife.lnk = D:\Programy\BinarySense\HDDlife\HDDlifePro.exe
O4 - Startup: Xfire.lnk = D:\Programy\Xfire\xfire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Programy\Adobe\acrobat7\Reader\reader_sl.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Antivirus atd\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Download Using &BitSpirit - D:\Programy\BitSpirit\bsurl.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\ANTIVI~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Programy\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Programy\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{2BF7FDD3-EEF7-4C61-99F5-5E3FEBEB4741}: NameServer = 194.228.41.65 194.228.41.113
O17 - HKLM\System\CS1\Services\Tcpip\..\{2BF7FDD3-EEF7-4C61-99F5-5E3FEBEB4741}: NameServer = 194.228.41.65 194.228.41.113
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - D:\ANTIVI~1\AVG\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:\ANTIVI~1\AVG\avgupsvc.exe
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\Programy\Ahead\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
to poseldni s tim syonem sem ho nemohl najit
ja se za chvilu est podivam ted se ucim ale jinak este jestli nevis cim ot je ze se mi po kazdym vypnuti pc nechce hned nabehnou normalne nabiha az do ty doby jak maj nabehnout uzivatelsky ucty a vypne se .. musim pcokat cca 5 minut a az teprv de- Baron Prášil
- Začátečník
-
- Registrován: 08. čer 2006
- jankacek
- Žlutá karta
-
- Registrován: 28. led 2007
- likc
- Začátečník
-
- Registrován: 30. čer 2006
Chces tim rict, ze tim obchzis casovy limit na rapidu? To by byla veelka parada.jankacek píše:ted pisu narychl oa to na co se ptas je ziskani volnych rapidshare accountukdyz cekas cca 3 tejdny tak ejden dycyk chytnes
Kazdopadne me se to jevi jako docela uporny bastard.
Pak vecicka O4 - HKLM\..\Run: [Msn Messenger] syon.exe je hoodne podezrela, bo ji nezna ani google ani mrkvosoft, tak ze by to byla soucast messengeru???
No a pak je tu O4 - HKLM\..\Run: [VaCtrl] C:\Program Files\VoiceAge\Common\VaCtrl.exe, nicmene to jsi si asi nainstaloval, tak ze vis, co to je?
- jankacek
- Žlutá karta
-
- Registrován: 28. led 2007
- likc
- Začátečník
-
- Registrován: 30. čer 2006
Mozna jsem natvrdly. Kontroluje jestli nekde neni free account na rapid? Tak ze Ti to da vedet, ze muzes v tom okamziku stahovat? Ze jako nestahuje nikdo jiny ze stejne IP a zrovna nemusis cekat nez uplyne limit?
Ten syon je teda orisek. Pokud se vraci, tak musi byt nejaka dira v systemu. Na to by mela existovat aktualizace, ale MS to nezna... Jinac predpokladam, ze zaktualizovany win. mas.
Firma voiceage ze zabyva kodekama, podporou hracich platforem atd. Pokud nemas neco spesl na gamesy, tak se bez toho nejspis obejdes a melo by to jit odinstalovat jako regulerni program. Ale nejspis to nebude nic, co by Ti extra skodilo. Akorat to zbytecne bezi.
Ten syon je teda orisek. Pokud se vraci, tak musi byt nejaka dira v systemu. Na to by mela existovat aktualizace, ale MS to nezna... Jinac predpokladam, ze zaktualizovany win. mas.
Firma voiceage ze zabyva kodekama, podporou hracich platforem atd. Pokud nemas neco spesl na gamesy, tak se bez toho nejspis obejdes a melo by to jit odinstalovat jako regulerni program. Ale nejspis to nebude nic, co by Ti extra skodilo. Akorat to zbytecne bezi.