PCTuning fórum

Diskuze o hardware, software a overclockingu
https://forum.pctuning.cz/

Cuz lidi prosim o kontrolu logu

https://forum.pctuning.cz/viewtopic.php?t=112415

Stránka 1 z 1

Cuz lidi prosim o kontrolu logu

Napsal: stř 26. pro 2007, 22:22
od hansel
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:21:34, on 26.12.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\RevoTask.exe
C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Razer\DeathAdder\razerhid.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Razer\DeathAdder\razertra.exe
C:\WINDOWS\system32\oodtray.exe
C:\Program Files\Common Files\{24D3DEE6-0BBD-1029-0704-0703232001a4}\Update.exe
C:\Program Files\Razer\DeathAdder\razerofa.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\QIP\qip.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Bar888 - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\COMMON~1\{34D3D~1\Bar888.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Bar888 - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\COMMON~1\{34D3D~1\Bar888.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RevoTaskbarApp] C:\WINDOWS\system32\RevoTask.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [DeathAdder] C:\Program Files\Razer\DeathAdder\razerhid.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKLM\..\Run: [{24D3DEE6-0BBD-1029-0704-0703232001a4}] "C:\Program Files\Common Files\{24D3DEE6-0BBD-1029-0704-0703232001a4}\Update.exe" mc-110-12-0001670
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\RunServices: [MSUpdater] System32i.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [QIP2005] C:\Program Files\QIP\qip.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: COM+ Messages - Unknown owner - C:\WINDOWS\system32\svchosts.exe (file missing)
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\WINDOWS\system32\drivers\pclepci.sys
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Prime95 Service - Unknown owner - C:\Program Files\Prime95\prime95.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 7097 bytes

Napsal: čtv 27. pro 2007, 16:22
od rary
Stáhni si ComboFix a ulož ho na plochu, spusť ho.Postupuj dle pokynů na obrazovce, během aplikování ComboFixu neklikej do zobrazujícího se okna může se stát totiž že to proces zastaví.
Je možné, že se restartuje počítač, znamená to, že byli nalezeny škodlivé soubory a je nutný restart, aby je ComboFix smazal.
Po skončení se vytvoří log tak sem zkopíruj jeho obsah.

Poznámka: Pro spuštění ComboFixe je nutné mít práva administrátora.

Napsal: čtv 27. pro 2007, 18:17
od hansel
ComboFix 07-12-21.4 - HanseL 2007-12-27 18:14:06.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1029.18.2445 [GMT 1:00]
Running from: C:\Documents and Settings\HanseL\Plocha\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\Common Files\{24D3D~1
C:\Program Files\Common Files\{24D3D~1\system.dll
C:\Program Files\Common Files\{24D3D~1\Update.exe
C:\Program Files\Common Files\{34D3D~1
C:\Program Files\Common Files\{34D3D~1\Bar888.dll
C:\Program Files\Common Files\{34D3D~1\UnInstall.exe
C:\Program Files\Temporary
C:\Program Files\Temporary\wininstall.exe
C:\Program Files\WinAble
C:\Program Files\WinAble\winable.exe
C:\WINDOWS\system32\unsvchosts.lzma
C:\WINDOWS\system32\x64

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_COM+_MESSAGES
-------\COM+ Messages


((((((((((((((((((((((((( Files Created from 2007-11-27 to 2007-12-27 )))))))))))))))))))))))))))))))
.

2007-12-26 22:21 . 2007-12-26 22:21 <DIR> d-------- C:\Program Files\Trend Micro
2007-12-26 17:22 . 2007-12-26 17:22 <DIR> d-------- C:\Program Files\Lavalys
2007-12-25 23:25 . 2007-12-25 23:25 <DIR> d-------- C:\Program Files\Skype
2007-12-25 23:25 . 2007-12-25 23:25 <DIR> d-------- C:\Program Files\Common Files\Skype
2007-12-25 23:15 . 2007-12-27 18:16 11,493 --a------ C:\WINDOWS\system32\oodbs.lor
2007-12-25 22:30 . 2007-12-25 22:30 <DIR> d-------- C:\Program Files\OO Software
2007-12-23 21:31 . 2002-12-17 16:23 33,340 --------- C:\WINDOWS\system32\dbmsqlgc.dll
2007-12-23 21:31 . 2002-10-20 14:05 24,576 --------- C:\WINDOWS\system32\dbmsgnet.dll
2007-12-23 21:30 . 2007-12-23 21:30 <DIR> d-------- C:\Program Files\Microsoft SQL Server
2007-12-23 21:29 . 2007-12-23 21:34 <DIR> d-------- C:\Program Files\Sony
2007-12-23 19:22 . 2007-12-23 19:23 <DIR> d-------- C:\Program Files\High Quality Photo Resizer
2007-12-23 19:22 . 2002-05-26 17:16 373,760 --a------ C:\WINDOWS\system32\xwpdlx20.ocx
2007-12-23 14:53 . 2007-12-23 14:53 43,520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll
2007-12-17 07:02 . 2007-12-21 18:36 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-12-17 07:02 . 2007-12-17 07:02 1,409 --a------ C:\WINDOWS\QTFont.for
2007-12-07 17:43 . 2004-08-18 10:34 442,368 -ra------ C:\WINDOWS\system32\vp6vfw.dll
2007-12-01 23:11 . 2007-12-05 17:23 20,480 --a------ C:\WINDOWS\system32\H@tKeysH@@k.DLL
2007-12-01 22:52 . 2007-12-01 22:52 <DIR> d-------- C:\Program Files\Java
2007-12-01 22:52 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2007-12-01 22:51 . 2007-12-01 22:51 <DIR> d-------- C:\Program Files\Common Files\Java
2007-11-28 16:47 . 2007-11-28 16:47 <DIR> d-------- C:\Program Files\Tube Catcher 1.0
2007-11-27 17:37 . 2007-11-27 17:37 <DIR> d-------- C:\Program Files\Razer
2007-11-27 17:37 . 2006-11-23 05:55 73,728 --a------ C:\WINDOWS\system32\DeathAdder.cpl
2007-11-27 17:28 . 2005-03-03 19:47 31,104 --a------ C:\WINDOWS\system32\drivers\CYUSB.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-23 13:52 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-23 13:49 --------- d-----w C:\Program Files\Common Files\InstallShield
2007-12-19 15:00 --------- d-----w C:\Program Files\Opera
2007-12-08 07:52 --------- d-----w C:\Program Files\packo
2007-12-03 05:59 74,769 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_12_02_22_12_29_small.dmp.zip
2007-11-26 20:41 --------- d-----w C:\Program Files\PC Connectivity Solution
2007-11-26 20:41 --------- d-----w C:\Program Files\Nokia
2007-11-26 20:41 --------- d-----w C:\Program Files\DIFX
2007-11-26 20:41 --------- d-----w C:\Program Files\Common Files\PCSuite
2007-11-26 20:41 --------- d-----w C:\Program Files\Common Files\Nokia
2007-11-25 09:58 12,400 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-24 16:05 --------- d-----w C:\Program Files\proDAD
2007-11-24 15:53 --------- d-----w C:\Program Files\AdorageI-SAL
2007-11-24 15:53 --------- d-----w C:\Program Files\AdorageI-GfxDatas
2007-11-23 11:39 --------- d-----w C:\Program Files\Common Files\DirectX
2007-11-19 20:50 80,689 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_11_19_21_37_14_small.dmp.zip
2007-11-18 14:58 --------- d-----w C:\Program Files\Winamp
2007-11-17 23:44 --------- d-----w C:\Program Files\Audacity
2007-11-17 17:27 --------- d-----w C:\Program Files\Pinnacle
2007-11-13 16:08 --------- d-----w C:\Program Files\Microsoft IntelliType Pro
2007-11-11 18:35 --------- d-----w C:\Program Files\Total Video Converter
2007-11-11 11:09 --------- d-----w C:\Program Files\M-Audio
2007-11-11 10:46 356,352 ----a-w C:\WINDOWS\eSellerateEngine.dll
2007-11-11 09:13 --------- d-----w C:\Program Files\MSXML 4.0
2007-11-10 23:37 --------- d-----w C:\Program Files\PowerISO
2007-11-10 18:23 --------- d-----w C:\Program Files\InterVideo Information Service
2007-11-10 18:23 --------- d-----w C:\Program Files\Common Files\Ulead
2007-11-10 18:22 --------- d-----w C:\Program Files\InterVideo
2007-11-10 18:22 --------- d-----w C:\Program Files\Common Files\InterVideo
2007-11-09 18:54 --------- d-----w C:\Program Files\BitSpirit
2007-11-09 17:46 --------- d-----w C:\Program Files\ASUS
2007-11-09 16:02 --------- d-----w C:\Program Files\Webteh
2007-11-09 15:29 --------- d-----w C:\Program Files\Common Files\Ahead
2007-11-09 15:29 --------- d-----w C:\Program Files\Ahead
2007-11-08 21:18 --------- d-----w C:\Program Files\Common Files\Adobe
2007-11-08 21:14 --------- d-----w C:\Program Files\HP
2007-11-08 21:13 --------- d-----w C:\Program Files\Hewlett-Packard
2007-11-08 21:13 --------- d-----w C:\Program Files\Common Files\Hewlett-Packard
2007-11-08 21:00 --------- d-----w C:\Program Files\CCleaner
2007-11-08 20:59 --------- d-----w C:\Program Files\Yahoo!
2007-11-08 20:59 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2007-11-08 20:56 --------- d-----w C:\Program Files\K-Lite Codec Pack
2007-11-08 03:38 --------- d-----w C:\Program Files\QIP
2007-11-08 00:41 --------- d-----w C:\Program Files\microsoft frontpage
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 14:49]
"QIP2005"="C:\Program Files\QIP\qip.exe" [2007-07-15 11:43]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2007-04-20 06:57]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2007-04-20 06:57]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2007-04-20 06:57]
"RevoTaskbarApp"="C:\WINDOWS\system32\RevoTask.exe" [2004-06-14 16:58]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50]
"Ai Nap"="C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe" [2007-04-09 14:49]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2006-03-20 17:34]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2007-08-07 01:05]
"itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe" [2006-11-21 17:08]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 15:10]
"DeathAdder"="C:\Program Files\Razer\DeathAdder\razerhid.exe" [2007-09-07 15:54]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-09 00:02]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"OODefragTray"="C:\WINDOWS\system32\oodtray.exe" [2007-05-11 02:08]
"{24D3DEE6-0BBD-1029-0704-0703232001a4}"="C:\Program Files\Common Files\{24D3DEE6-0BBD-1029-0704-0703232001a4}\Update.exe" []
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-12-26 12:28]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"MSUpdater"="System32i.exe" []

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-17 14:49]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 10:17]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-12-26 12:27]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Synchronizer.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Synchronizer.lnk
backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
2004-05-12 15:18 241664 --a------ C:\Program Files\HP\hpcoretech\hpcmpmgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSLauncher]
C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync]
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2007-08-07 01:05 200704 --a------ C:\Program Files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinAble]
C:\Program Files\WinAble\winable.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2007-10-10 06:28 36352 --a------ C:\Program Files\Winamp\winampa.exe

R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2007-03-15 07:12]
R3 DAdderFltr;DeathAdder Mouse;C:\WINDOWS\system32\drivers\dadder.sys [2007-08-02 17:32]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-03 22:04]
S3 CyUsb;Cypress Generic USB Driver;C:\WINDOWS\system32\Drivers\CyUsb.sys [2005-03-03 19:47]

.
**************************************************************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-27 18:16:32
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-27 18:16:59 - machine was rebooted
.
2007-11-11 09:35:04 --- E O F ---

Napsal: sob 12. led 2008, 00:07
od BUBINO
Toto otestujte na virustotal.com:
C:\WINDOWS\system32\RevoTask.exe
C:\WINDOWS\system32\H@tKeysH@@k.DLL
C:\WINDOWS\system32\DeathAdder.cpl
C:\WINDOWS\system32\drivers\CYUSB.sys
C:\WINDOWS\Internet Logs\vsmon_2nd_2007_12_02_22_12_29_small.dmp.zip
C:\WINDOWS\Internet Logs\vsmon_2nd_2007_11_19_21_37_14_small.dmp.zip
eSellerateEngine.dll
Uploadnite po jednom a vysledky z neho sem skopirujte.

Toto ukoncite v Task Manageru (ctrl+alt+delete):
C:\Program Files\Common Files\{24D3DEE6-0BBD-1029-0704-0703232001a4}\Update.exe
a zmazat. AK nepojde, tak v nudzovom.Ak ani tak nepojde, tak hlasit.

Toto v programe HJT fixnite:
(na lavej strane vybranych hodnot oznacte policko a kliknite dole na panely "Fix Checked")

O4 - HKLM\..\Run: [{24D3DEE6-0BBD-1029-0704-0703232001a4}] "C:\Program Files\Common Files\{24D3DEE6-0BBD-1029-0704-0703232001a4}\Update.exe" mc-110-12-0001670
O4 - HKLM\..\RunServices: [MSUpdater] System32i.exe

Start >> Spustit >> napiste services.msc a z ponuky sluzieb vyhôadajte tuto:
COM+ Messages
Kliknite na nu a zakazte ju, alebo zastavte. Restartujte pocitac a urobte nove logy z HijackThis a ComboFix.
Všechny časy jsou v UTC+02:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz