Terminál Fórum - Téma megtekintése - Msn-en terjedő vírus eltávolítása

Megválaszolatlan hozzászólások | Aktív témák

Pontos idő: hétf. nov. 18, 2024 9:46

Msn-en terjedő vírus eltávolítása

Moderátorok: Wiki, Moderátorok

Oldal: 22 / 24

[ 1193 hozzászólás ]

Oldal Előző 1 ... 19, 20, 21, 22, 23, 24 Következő

Nyomtatóbarát verzió

Előző téma | Következő téma

Msn-en terjedő vírus eltávolítása

Szerző	Üzenet
Indurain arany tag Csatlakozott: pén. jan. 04, 2008 13:15 Hozzászólások: 133	Várok,hiszen te teszel nekem szívességet...előre is köszi
vas. jan. 06, 2008 9:55

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	Ok varj egy keveset merrt van egy kiss munkam,van ott egy csomo virus.
vas. jan. 06, 2008 9:50

Indurain arany tag Csatlakozott: pén. jan. 04, 2008 13:15 Hozzászólások: 133	Sikerült Object "video activex access Trojan" found in File System! Action Taken: No Action Taken. Object "grokster Spyware/Adware" found in File System! Action Taken: No Action Taken. Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken. Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken. Object "wareout Adware" found in File System! Action Taken: No Action Taken. Object "wareout Adware" found in File System! Action Taken: No Action Taken. Object "mirar Spyware/Adware" found in File System! Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CDDBControl" refers to invalid object "{F4BAFF02-F907-11D2-8F8F-00C04F4C3B9F}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CDDBControl.1" refers to invalid object "{F4BAFF02-F907-11D2-8F8F-00C04F4C3B9F}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbCredit" refers to invalid object "{BBF37BA4-2F4F-11D3-B02F-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbCredit.1" refers to invalid object "{BBF37BA4-2F4F-11D3-B02F-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbCredits" refers to invalid object "{F5F6A238-301B-11D3-B030-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbCredits.1" refers to invalid object "{F5F6A238-301B-11D3-B030-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbDisc" refers to invalid object "{B0528CE4-F67E-11D2-8F8E-00C04F4C3B9F}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbDisc.1" refers to invalid object "{B0528CE4-F67E-11D2-8F8E-00C04F4C3B9F}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbDiscs" refers to invalid object "{B0528CE2-F67E-11D2-8F8E-00C04F4C3B9F}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbDiscs.1" refers to invalid object "{B0528CE2-F67E-11D2-8F8E-00C04F4C3B9F}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbField" refers to invalid object "{BBF37B9C-2F4F-11D3-B02F-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbField.1" refers to invalid object "{BBF37B9C-2F4F-11D3-B02F-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbFieldList" refers to invalid object "{F5F6A23E-301B-11D3-B030-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbFieldList.1" refers to invalid object "{F5F6A23E-301B-11D3-B030-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbFullName.1" refers to invalid object "{BBF37BA2-2F4F-11D3-B02F-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbGenre" refers to invalid object "{8F8A59E4-1388-11D3-8F9D-00C04F4C3B9F}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbGenre.1" refers to invalid object "{8F8A59E4-1388-11D3-8F9D-00C04F4C3B9F}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbGenreTree" refers to invalid object "{F5F6A236-301B-11D3-B030-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbGenreTree.1" refers to invalid object "{F5F6A236-301B-11D3-B030-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbID3Tag" refers to invalid object "{D734EAE8-0810-4513-99B6-DDAC4BC30E29}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbID3Tag.1" refers to invalid object "{D734EAE8-0810-4513-99B6-DDAC4BC30E29}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbID3TagManager" refers to invalid object "{DFEF3E96-F1D4-47CE-A429-2CC8C10DFDB6}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbID3TagManager.1" refers to invalid object "{DFEF3E96-F1D4-47CE-A429-2CC8C10DFDB6}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbInfoWindow" refers to invalid object "{C073A662-A344-4611-8632-06452280EBB0}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbInfoWindow.1" refers to invalid object "{C073A662-A344-4611-8632-06452280EBB0}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbLanguage" refers to invalid object "{BBF37B98-2F4F-11D3-B02F-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbLanguage.1" refers to invalid object "{BBF37B98-2F4F-11D3-B02F-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbLanguageList" refers to invalid object "{F5F6A240-301B-11D3-B030-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbLanguageList.1" refers to invalid object "{F5F6A240-301B-11D3-B030-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbLanguages" refers to invalid object "{35F7528D-D4EB-40D1-AC99-93E4421B02D6}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbLanguages.1" refers to invalid object "{35F7528D-D4EB-40D1-AC99-93E4421B02D6}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbOptions" refers to invalid object "{417EA290-71D0-43FB-87A0-8F107C549B2A}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbOptions.1" refers to invalid object "{417EA290-71D0-43FB-87A0-8F107C549B2A}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CDDBProps" refers to invalid object "{97E14B03-0E0C-11D3-8F9D-00C04F4C3B9F}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CDDBProps.1" refers to invalid object "{97E14B03-0E0C-11D3-8F9D-00C04F4C3B9F}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbRegion" refers to invalid object "{BBF37B9A-2F4F-11D3-B02F-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbRegion.1" refers to invalid object "{BBF37B9A-2F4F-11D3-B02F-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbRegionList" refers to invalid object "{F5F6A242-301B-11D3-B030-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbRegionList.1" refers to invalid object "{F5F6A242-301B-11D3-B030-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbRole" refers to invalid object "{BBF37B96-2F4F-11D3-B02F-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbRole.1" refers to invalid object "{BBF37B96-2F4F-11D3-B02F-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbRoleList" refers to invalid object "{F5F6A244-301B-11D3-B030-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbRoleList.1" refers to invalid object "{F5F6A244-301B-11D3-B030-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbRoleTree.1" refers to invalid object "{93162670-FF1B-4844-8FBC-041F1ABB6F7A}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbSegment" refers to invalid object "{BBF37B9E-2F4F-11D3-B02F-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbSegment.1" refers to invalid object "{BBF37B9E-2F4F-11D3-B02F-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbSegments.1" refers to invalid object "{F5F6A234-301B-11D3-B030-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbTrack" refers to invalid object "{0BB07B14-0CC8-11D3-B00E-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbTrack.1" refers to invalid object "{0BB07B14-0CC8-11D3-B00E-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbUIOptions" refers to invalid object "{3836A5BF-51B3-4B37-8E96-9D429C22183C}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbUIOptions.1" refers to invalid object "{3836A5BF-51B3-4B37-8E96-9D429C22183C}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbURL" refers to invalid object "{BBF37BA0-2F4F-11D3-B02F-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbURL.1" refers to invalid object "{BBF37BA0-2F4F-11D3-B02F-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbURLList" refers to invalid object "{F5F6A23A-301B-11D3-B030-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbURLList.1" refers to invalid object "{F5F6A23A-301B-11D3-B030-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbURLManager" refers to invalid object "{AF1A9404-6CA9-11D3-B053-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbURLManager.1" refers to invalid object "{AF1A9404-6CA9-11D3-B053-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbURLTree.1" refers to invalid object "{F5F6A23C-301B-11D3-B030-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbUserInfo" refers to invalid object "{E5D17BB2-F52F-4C6A-B318-C0D16121014B}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.CddbUserInfo.1" refers to invalid object "{E5D17BB2-F52F-4C6A-B318-C0D16121014B}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.FullName" refers to invalid object "{BBF37BA2-2F4F-11D3-B02F-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.Segments" refers to invalid object "{F5F6A234-301B-11D3-B030-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\CDDBControl.URLTree" refers to invalid object "{F5F6A23C-301B-11D3-B030-00C04F4C0826}". Action Taken: No Action Taken. Entry "HKCR\DirectAnimation.PathControl" refers to invalid object "{D7A7D7C3-D47F-11D0-89D3-00A0C90833E6}". Action Taken: No Action Taken. Entry "HKCR\DirectAnimation.Sequence" refers to invalid object "{4F241DB1-EE9F-11D0-9824-006097C99E51}". Action Taken: No Action Taken. Entry "HKCR\DirectAnimation.SequencerControl" refers to invalid object "{B0A6BAE2-AAF0-11D0-A152-00A0C908DB96}". Action Taken: No Action Taken. Entry "HKCR\DirectAnimation.SpriteControl" refers to invalid object "{FD179533-D86E-11D0-89D6-00A0C90833E6}". Action Taken: No Action Taken. Entry "HKCR\DirectAnimation.StructuredGraphicsControl" refers to invalid object "{369303C2-D7AC-11D0-89D5-00A0C90833E6}". Action Taken: No Action Taken. Entry "HKCR\MCI.MMControl" refers to invalid object "{C1A8AF25-1257-101B-8FB0-0020AF039CA3}". Action Taken: No Action Taken. Entry "HKCR\MCI.MMControl.1" refers to invalid object "{C1A8AF25-1257-101B-8FB0-0020AF039CA3}". Action Taken: No Action Taken. Entry "HKCR\Microsoft.ActiveXPlugin" refers to invalid object "{06DD38D3-D187-11CF-A80D-00C04FD74AD8}". Action Taken: No Action Taken. Entry "HKCR\Microsoft.ActiveXPlugin.1" refers to invalid object "{06DD38D3-D187-11CF-A80D-00C04FD74AD8}". Action Taken: No Action Taken. Entry "HKCR\MSFlexGridLib.MSFlexGrid" refers to invalid object "{6262D3A0-531B-11CF-91F6-C2863C385E30}". Action Taken: No Action Taken. Entry "HKCR\MSFlexGridLib.MSFlexGrid.1" refers to invalid object "{6262D3A0-531B-11CF-91F6-C2863C385E30}". Action Taken: No Action Taken. Entry "HKCR\MSMask.MaskEdBox" refers to invalid object "{C932BA85-4374-101B-A56C-00AA003668DC}". Action Taken: No Action Taken. Entry "HKCR\MSMask.MaskEdBox.1" refers to invalid object "{C932BA85-4374-101B-A56C-00AA003668DC}". Action Taken: No Action Taken. Entry "HKCR\Testatl.CddbRoleTree" refers to invalid object "{93162670-FF1B-4844-8FBC-041F1ABB6F7A}". Action Taken: No Action Taken. Entry "HKCU\Software\Netscape\Netscape Navigator\User Trusted External Applications" refers to invalid object "C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\PrvCnt.exe". Action Taken: No Action Taken. Entry "HKCU\Software\Netscape\Netscape Navigator\User Trusted External Applications" refers to invalid object "C:\Program Files\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\PrvCnt.exe". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "F:\Game\Fifa 08\data\". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "F:\Game\Fifa 08\data\cmn\". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "F:\Game\Fifa 08\data\cmn\fe\". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "F:\Game\Fifa 08\data\gui\". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Program Files\Cyberlink\PowerDVD\Sim\". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "F:\Game\PES 2008\img\". Action Taken: No Action Taken. Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".1". Action Taken: No Action Taken. Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".adr". Action Taken: No Action Taken. Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".afs". Action Taken: No Action Taken. Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".B6T". Action Taken: No Action Taken. Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".cfg". Action Taken: No Action Taken. Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".cmp". Action Taken: No Action Taken. Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".crash". Action Taken: No Action Taken. Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".ddf07". Action Taken: No Action Taken. Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".mds". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Ashampoo WinOptimizer Platinum 3". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Missing Logos Patch by Warday". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{01EE13C7-04FC-4A46-B4C9-AFD43C0DDB5F}". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{16913489-B5E3-403E-AFD3-2B19BBE464D4}". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{191D24DA-8FEA-4EF6-8CC3-00B62CA34D49}". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{2959B9F6-2D49-4E0D-96F4-D684106FE48D}". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{32971938-65B1-4B38-B483-9A32560B7CF2}". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{3FBD22F5-7BD2-49FD-A05D-6308CDD7C818}". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{605F33FD-21E8-4B44-A1D0-57694A3E02BC}". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{69E4186D-D57C-49E0-B692-5C74BD9B08D7}". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{6EC77255-2E6B-49C0-B730-9C38410E0A85}". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{8102C80C-3FA1-4704-8B57-80EE4131C8C9}". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{8E37B5B2-10A8-4D75-87E2-9B2A014DCC12}". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{91B8E34E-54A1-4574-973D-75EFDFEED13D}". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{AA0370C1-BEB2-4C8E-ADFD-B7AFE85F0FBE}". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{AA064F65-9746-48EB-B2AE-8FAD1DEE849E}". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{B945219C-C51C-4BD0-BAD5-A3FED95B555F}". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{BDCD42BE-BD44-4472-8625-1F4230243C09}". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{C602034B-0E04-4A4C-994B-9BE7AEFF5931}". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{DA35E0D7-63D4-42FC-8EDC-18758EFD15E5}". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{F4A7AE1B-378F-41D2-857F-5AA1CB01533D}". Action Taken: No Action Taken. File E:\Bittorrent\Winchester\HDD Regenerator\hddreg.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\Letöltések\Luxor 3.exe infected by "Exe.Corrupted" Virus! Action Taken: No Action Taken. File E:\Letöltések\WebcamMax 4.1.2.2 [by fotzegeil]\Effects Package for WebcamMax 4.1.2.2.exe infected by "Exe.Corrupted" Virus! Action Taken: No Action Taken. File E:\Letöltések\WebcamMax 4.1.2.2 [by fotzegeil]\Patch\WebcamMax 4.1.2.2 Patch.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\Letöltések\WebcamMax 4.1.2.2 [by fotzegeil]\WebcamMax 4.1.2.2.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\Letöltések\Winchester\HDD Regenerator\HDD Regenerator.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\Letöltések\Winchester\HDD Regenerator\HDD-141.EXE infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\Letöltések\Winchester\HDD Regenerator\hr151.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\Letöltések\Winchester\KillDisk.Professional.v3.1.Erase.Your.Whole.Hard.Disk\DOS4GW.EXE infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\Letöltések\Winchester\KillDisk.Professional.v3.1.Erase.Your.Whole.Hard.Disk\fo-kdp31.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\Letöltések\Winchester\KillDisk.Professional.v3.1.Erase.Your.Whole.Hard.Disk\KD_WIN.EXE infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\Letöltések\Winchester\KillDisk.Professional.v3.1.Erase.Your.Whole.Hard.Disk\KILLDISK.EXE infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\System Volume Information\_restore{0BE2EC13-B98D-4EC4-A6F2-25570A686F41}\RP6\A0005398.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\System Volume Information\_restore{0BE2EC13-B98D-4EC4-A6F2-25570A686F41}\RP6\A0005404.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\System Volume Information\_restore{0BE2EC13-B98D-4EC4-A6F2-25570A686F41}\RP6\A0005418.EXE infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\System Volume Information\_restore{0BE2EC13-B98D-4EC4-A6F2-25570A686F41}\RP6\A0005419.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\System Volume Information\_restore{0BE2EC13-B98D-4EC4-A6F2-25570A686F41}\RP6\A0005421.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\System Volume Information\_restore{0BE2EC13-B98D-4EC4-A6F2-25570A686F41}\RP6\A0005422.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\System Volume Information\_restore{0BE2EC13-B98D-4EC4-A6F2-25570A686F41}\RP6\A0005528.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\System Volume Information\_restore{0BE2EC13-B98D-4EC4-A6F2-25570A686F41}\RP6\A0005589.exe infected by "Exe.Corrupted" Virus! Action Taken: No Action Taken. File E:\System Volume Information\_restore{0BE2EC13-B98D-4EC4-A6F2-25570A686F41}\RP6\A0005639.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\System Volume Information\_restore{0BE2EC13-B98D-4EC4-A6F2-25570A686F41}\RP6\A0005640.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\System Volume Information\_restore{0BE2EC13-B98D-4EC4-A6F2-25570A686F41}\RP6\A0005641.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\System Volume Information\_restore{0BE2EC13-B98D-4EC4-A6F2-25570A686F41}\RP6\A0005642.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\System Volume Information\_restore{0BE2EC13-B98D-4EC4-A6F2-25570A686F41}\RP6\A0005643.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\System Volume Information\_restore{0BE2EC13-B98D-4EC4-A6F2-25570A686F41}\RP6\A0005644.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\System Volume Information\_restore{0BE2EC13-B98D-4EC4-A6F2-25570A686F41}\RP6\A0005645.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\System Volume Information\_restore{0BE2EC13-B98D-4EC4-A6F2-25570A686F41}\RP6\A0005646.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\System Volume Information\_restore{0BE2EC13-B98D-4EC4-A6F2-25570A686F41}\RP6\A0005647.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\System Volume Information\_restore{0BE2EC13-B98D-4EC4-A6F2-25570A686F41}\RP6\A0005648.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\System Volume Information\_restore{0BE2EC13-B98D-4EC4-A6F2-25570A686F41}\RP6\A0005657.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\System Volume Information\_restore{0BE2EC13-B98D-4EC4-A6F2-25570A686F41}\RP6\A0005658.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\System Volume Information\_restore{30ADA9CA-A370-43B9-9351-A948F2860F5A}\RP409\A0117381.exe infected by "Exe.Corrupted" Virus! Action Taken: No Action Taken. File E:\System Volume Information\_restore{30ADA9CA-A370-43B9-9351-A948F2860F5A}\RP410\A0117577.EXE infected by "Exe.Corrupted" Virus! Action Taken: No Action Taken. File E:\System Volume Information\_restore{30ADA9CA-A370-43B9-9351-A948F2860F5A}\RP410\A0117601.exe infected by "Exe.Corrupted" Virus! Action Taken: No Action Taken. File E:\System Volume Information\_restore{E4949AD3-F306-42ED-AE14-19BAE329DACB}\RP1\A0000038.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\System Volume Information\_restore{E4949AD3-F306-42ED-AE14-19BAE329DACB}\RP1\A0000039.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\System Volume Information\_restore{E4949AD3-F306-42ED-AE14-19BAE329DACB}\RP1\A0000040.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\System Volume Information\_restore{E4949AD3-F306-42ED-AE14-19BAE329DACB}\RP1\A0000041.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\System Volume Information\_restore{E4949AD3-F306-42ED-AE14-19BAE329DACB}\RP1\A0000092.exe infected by "Exe.Corrupted" Virus! Action Taken: No Action Taken. File E:\System Volume Information\_restore{E4949AD3-F306-42ED-AE14-19BAE329DACB}\RP1\A0000094.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\System Volume Information\_restore{E4949AD3-F306-42ED-AE14-19BAE329DACB}\RP1\A0000097.exe infected by "Exe.Corrupted" Virus! Action Taken: No Action Taken. File E:\System Volume Information\_restore{E4949AD3-F306-42ED-AE14-19BAE329DACB}\RP1\A0000099.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File E:\System Volume Information\_restore{E4949AD3-F306-42ED-AE14-19BAE329DACB}\RP1\A0000115.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken. File F:\Finna Győző\Programok\Prog\Filmlejátszók\GDIVX199.EXE//data0009/SaveNow.exe tagged as "not-a-virus:AdWare.Win32.NewDotNet". Action Taken: No Action Taken. Na sikerült.Ez az eredmény...
vas. jan. 06, 2008 9:43

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	Igen ez komplikalt dolog,ha csinalsz logott meglehett kozte talalni,de ird ide mitt talalt.Engemett nem erdekell ami igy kezdodik hogy >OBJECT>az erdekell ami ijen hogy INFEKTED FILES.Csinalj printscrentt es ted ide.
vas. jan. 06, 2008 9:41

Indurain arany tag Csatlakozott: pén. jan. 04, 2008 13:15 Hozzászólások: 133	9 óra 9 perc lett a 2-3 órából...csak azt nem tudom,hogy az eredményt,hogy másolom,mert nem tudom átteni...
vas. jan. 06, 2008 9:37

Indurain arany tag Csatlakozott: pén. jan. 04, 2008 13:15 Hozzászólások: 133	Remélem.Köszi
szomb. jan. 05, 2008 21:58

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	Ok nyugodtan ez megtalalja a multt even elveszted penztarcadtt.
szomb. jan. 05, 2008 21:55

Indurain arany tag Csatlakozott: pén. jan. 04, 2008 13:15 Hozzászólások: 133	Elkezdtem...Majd jelzek,ha végzett...Eddigieket is köszi...Ha végzett elküldöm
szomb. jan. 05, 2008 21:53

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	Okk: Akor fixeld le ezekett.Es muszaj neked lefuttatni a MWAV-progitt. O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime Ezek csak felesleges dolgokk,na mostan leszeded eztt a progitt a scen ojan 2-3oraig tart.Ha tallal valamitt aztt az also ablakba teszi-es eztt ide teszed.Fogja kinalni hogy megvenni de nemkell raklikelsz hogy ok es megy tiovabb, Bealitod igy: http://www.james008.net/escanfree.jpg Inenn letoltodd.Es majd meglasuk hogy mivan. http://www.mwti.net/download/tools/mwav.exe
szomb. jan. 05, 2008 21:22

Indurain arany tag Csatlakozott: pén. jan. 04, 2008 13:15 Hozzászólások: 133	Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:48, on 2008-01-05 Platform: Windows XP Szervizcsomag 2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ASUS\GamerOSD\GamerOSD.exe C:\Program Files\Saitek\Software\Profiler.exe C:\Program Files\Saitek\Software\SaiSmart.exe C:\WINDOWS\vsnpstd.exe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Cyberlink\Shared Files\brs.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Windows Defender\MSASCui.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DAEMON Tools Pro\DTProAgent.exe C:\Program Files\TGTSoft\StyleXP\StyleXP.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Opera\Opera.exe C:\Program Files\uTorrent\uTorrent.exe E:\Letöltések\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.origo.hu/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hivatkozások O2 - BHO: Adobe PDF Reader hivatkozássúgó - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Profiler] C:\Program Files\Saitek\Software\Profiler.exe O4 - HKLM\..\Run: [SaiSmart] C:\Program Files\Saitek\Software\SaiSmart.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'HELYI SZOLGÁLTATÁS') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'HÁLÓZATI SZOLGÁLTATÁS') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: HP Image Zone gyorsindítása.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: E&xportálás Microsoft Excel formátumba - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{11CF5710-10D9-4944-A133-0464B530A468}: NameServer = 212.24.164.1 212.24.160.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{11CF5710-10D9-4944-A133-0464B530A468}: NameServer = 212.24.164.1 212.24.160.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{11CF5710-10D9-4944-A133-0464B530A468}: NameServer = 212.24.164.1 212.24.160.1 O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Auto Power-on & Shut-down Service (PCAutoPowerOnService) - Unknown owner - C:\Program Files\Auto Power-on\PCAutoPowerOnService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe -- End of file - 10849 bytes Még mindig leáll...passz
szomb. jan. 05, 2008 20:51

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	Ok Akorr most mivan??Aztt amitt kellet kitoroltuk,a kodecocot kicserelted,akorr tedd ide a logott a HJT-logott hogy nezem meg.Es ird le hogy mivan a gepell.
szomb. jan. 05, 2008 20:42

Indurain arany tag Csatlakozott: pén. jan. 04, 2008 13:15 Hozzászólások: 133	Itt az eredmény: Logfile of The Avenger version 1, by Swandog46 Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\jfmflxoc ***************** Script file located at: \??\C:\Program Files\sjhhmpop.txt Script file opened successfully. Script file read successfully Backups directory opened successfully at C:\Avenger *************** A másik kettőt meg már a forumba elküldtem.Szia Beginning to process script file: File C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe deleted successfully. Completed script processing. ***************** Finished! Terminate.
szomb. jan. 05, 2008 19:35

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	ok megcsinaljuk maskep. letoltodAvenger => http://swandog46.geekstogo.com/avenger.exe futatod – klik-„Input script manually“ –klik- nagyito uveg –KOD KOPIROZAS DECSAK AMI PIROSAL VAN – klik„Done“ –klik- Semafor – beleegyezes– kovetkezik a restart– ide teszed amit az avanger add,es mivan azokall amitt a virustotalon csinalsz.Az 10-15-percig tart.Nemkell az egesz gepett csinalni,hanemm-klik prochazett-megtalalod a te gepeden a fajlot-allo gomb elkuld es varsz az eredmenyre,es ismetled a kovetkazovell. Kód: Files to delete: C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe
szomb. jan. 05, 2008 18:55

Indurain arany tag Csatlakozott: pén. jan. 04, 2008 13:15 Hozzászólások: 133	Eztett megcsinalod igy.Start>futatas>beirod>notepad>ok Bekopirozod bele eztett. Kód: File:: C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe A ball felso sarokban elso full-kinyitod>4-sor=klik Aloll van 3-hoszukas ablak-a kozepsot bealitod-minden fajlok-vagy mapak A masik ablakban ahol TXT -van beirod eztett> CFScript.txt< Felull bealitod hogy az asztalra tevodjon-es leteszed-remelem a combofix is ott van.] Es megcsinalod igy-kikop egy logott aztett ide teszed .es a virustotal eredmenyet is.A virustotalon egyenkett elkuldod es mindig megvarod az eredmenytt. http://img.photobucket.com/albums/v666/ ... Script.gif Ezt az egészet nem értem...
szomb. jan. 05, 2008 18:46

Indurain arany tag Csatlakozott: pén. jan. 04, 2008 13:15 Hozzászólások: 133	Ezt a részt nem értem... Eztett megcsinalod igy.Start>futatas>beirod>notepad>ok Bekopirozod bele eztett. Kód: File:: C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe A ball felso sarokban elso full-kinyitod>4-sor=klik Aloll van 3-hoszukas ablak-a kozepsot bealitod-minden fajlok-vagy mapak A masik ablakban ahol TXT -van beirod eztett> CFScript.txt< Felull bealitod hogy az asztalra tevodjon-es leteszed-remelem a combofix is ott van.] Ezt a részt nem értem.Segítenél,hogy mit hova , hogyan...Köszi Es megcsinalod igy-kikop egy logott aztett ide teszed .es a virustotal eredmenyet is.A virustotalon egyenkett elkuldod es mindig megvarod az eredmenytt. http://img.photobucket.com/albums/v666/ ... Script.gif
szomb. jan. 05, 2008 18:45

Indurain arany tag Csatlakozott: pén. jan. 04, 2008 13:15 Hozzászólások: 133	A 3 három N-es mappa Nvidiás sugófájlokat tartalmaz amin sárga kérdöjelek vannak!Kettő men át a a vizsgálaton azoknak itt a logja: A(z) afp_debug.dat állomány feltöltve: 2008.01.05 18:08:23 (CET)Antivírus Verzió Utolsó frissítés Eredmény AhnLab-V3 2008.1.5.11 2008.01.05 - AntiVir 7.6.0.46 2008.01.04 - Authentium 4.93.8 2008.01.04 - Avast 4.7.1098.0 2008.01.04 - AVG 7.5.0.516 2008.01.05 - BitDefender 7.2 2008.01.05 - CAT-QuickHeal 9.00 2008.01.05 - ClamAV 0.91.2 2008.01.05 - DrWeb 4.44.0.09170 2008.01.05 - eSafe 7.0.15.0 2008.01.03 - eTrust-Vet 31.3.5432 2008.01.04 - Ewido 4.0 2008.01.05 - FileAdvisor 1 2008.01.05 - Fortinet 3.14.0.0 2008.01.05 - F-Prot 4.4.2.54 2008.01.04 - F-Secure 6.70.13030.0 2008.01.04 - Ikarus T3.1.1.15 2008.01.05 - Kaspersky 7.0.0.125 2008.01.05 - McAfee 5200 2008.01.04 - Microsoft 1.3109 2008.01.05 - NOD32v2 2766 2008.01.04 - Norman 5.80.02 2008.01.04 - Panda 9.0.0.4 2008.01.05 - Prevx1 V2 2008.01.05 - Rising 20.25.52.00 2008.01.05 - Sophos 4.24.0 2008.01.05 - Sunbelt 2.2.907.0 2008.01.05 - Symantec 10 2008.01.05 - TheHacker 6.2.9.180 2008.01.04 - VBA32 3.12.2.5 2008.01.02 - VirusBuster 4.3.26:9 2008.01.05 - Webwasher-Gateway 6.6.2 2008.01.04 - További információ File size: 2209 bytes MD5: 806602ace60d7b06f6fbbed22ae22263 SHA1: 2f2c88409cf247337b4142ef7531da07782c2ea0 PEiD: - A következő: A(z) d3dx.dat állomány feltöltve: 2008.01.05 18:21:19 (CET)Antivírus Verzió Utolsó frissítés Eredmény AhnLab-V3 2008.1.5.11 2008.01.05 - AntiVir 7.6.0.46 2008.01.04 - Authentium 4.93.8 2008.01.04 - Avast 4.7.1098.0 2008.01.04 - AVG 7.5.0.516 2008.01.05 - BitDefender 7.2 2008.01.05 - CAT-QuickHeal 9.00 2008.01.05 - ClamAV 0.91.2 2008.01.05 - DrWeb 4.44.0.09170 2008.01.05 - eSafe 7.0.15.0 2008.01.03 - eTrust-Vet 31.3.5432 2008.01.04 - Ewido 4.0 2008.01.05 - FileAdvisor 1 2008.01.05 - Fortinet 3.14.0.0 2008.01.05 - F-Prot 4.4.2.54 2008.01.04 - F-Secure 6.70.13030.0 2008.01.04 - Ikarus T3.1.1.15 2008.01.05 - Kaspersky 7.0.0.125 2008.01.05 - McAfee 5200 2008.01.04 - Microsoft 1.3109 2008.01.05 - NOD32v2 2766 2008.01.04 - Norman 5.80.02 2008.01.04 - Panda 9.0.0.4 2008.01.05 - Prevx1 V2 2008.01.05 - Rising 20.25.52.00 2008.01.05 - Sophos 4.24.0 2008.01.05 - Sunbelt 2.2.907.0 2008.01.05 - Symantec 10 2008.01.05 - TheHacker 6.2.9.180 2008.01.04 - VBA32 3.12.2.5 2008.01.02 - VirusBuster 4.3.26:9 2008.01.05 - Webwasher-Gateway 6.6.2 2008.01.04 - További információ File size: 4096 bytes MD5: b05693d68e876fe0a05811be42efd1b7 SHA1: b9dbbefb7d7ddd17d0d25f80cdb013b8c6b853b0 PEiD: - Folytatom a többi feladattal amit adtál.Szia
szomb. jan. 05, 2008 18:39

pepy ezüst tag Csatlakozott: kedd jan. 01, 2008 20:13 Hozzászólások: 72	kösz stell, csináld csak amit nagyon tudsz. ilyen rendes emberre mindig szügsége lesz azoknak akik nem értenek a géphez.
szomb. jan. 05, 2008 18:18

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	ok pepy-adig jo meg nemtallal semmit es a gep hiba nelkull megy.Ha nincsen problem,fagyas,restart,lassu gep-akkor minden renben van.Ha eltunt nembaj-ezek nemveszejes dolgok csak feleslegesek.
szomb. jan. 05, 2008 18:10

pepy ezüst tag Csatlakozott: kedd jan. 01, 2008 20:13 Hozzászólások: 72	szerintem jó stell. köszi.
szomb. jan. 05, 2008 18:09

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	ok Van idod. [quote]pepy írta: O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k[code] Igen TARGE T-cimbi az is felesleges dolog,de nemveszejes Hatt ha ez nekem ojan szorakozas.Nemis hined ell hogy mijen gondokatt okoznak ezek a bordelok,fagyastol kezdve restartal fojtatodva meg mindenfelle kulldes a gepboll.Ugy hogy meg megnem unom hatt csinalom. A hozzászólást 1 alkalommal szerkesztették, utoljára stell szomb. jan. 05, 2008 18:21-kor.
szomb. jan. 05, 2008 18:06

Indurain arany tag Csatlakozott: pén. jan. 04, 2008 13:15 Hozzászólások: 133	Csinálom,de nem túl haladós...
szomb. jan. 05, 2008 17:52

pepy ezüst tag Csatlakozott: kedd jan. 01, 2008 20:13 Hozzászólások: 72	szia stell. eltünt ez a 02-es, nem tudtam kijelölni. az avast nemtalált semmit. mi legyen?
szomb. jan. 05, 2008 17:05

TargeT a fórum lelke Csatlakozott: szer. márc. 24, 2004 13:43 Hozzászólások: 6712	pepy írta: O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k Hey, stell barátom Úgy látom, végtelen türelmed van ezekhez a log fájlokhoz. Én még ezt a fenti cuccost is kiiktatnám, mert minek. Amúgy meg mindig elcsodálkozom, egyesek mennyire szeretik a toolbarokat.
szomb. jan. 05, 2008 16:45

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	ok Szia pepy: A log rendben van ,ha az avast elkapta okett es kitorolte akor renben van.Meg eztett fixeld le a HJT.ban O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) Es az avastott frissidsd,Most meg csinald igy meg.Jobklikaz avast ikonra a jobsarokban>Masodig feliratt>futatni az avastott>Varsz egy csepett meg att kontrolaja .>bezarod az a segittot ojan hoszukas tabla.>Most a balfelso sarokban van ojan kiss nyilacska az avaston.>raklikelsz>kivalasztod >tervezni tesztett a restart utan>Bepontozod minden diskett-bepipazod>tesztelni az arhivot>klik a gombra Tervezni.Most ha akarod restart,a restart utan az avastt meg a windows elott att kontrolakja a lemezekett es ha tallal valamitt felkinalja torlest is.Tehatt torolsz. UDV.
szomb. jan. 05, 2008 15:55

pepy ezüst tag Csatlakozott: kedd jan. 01, 2008 20:13 Hozzászólások: 72	szia stell. lehet hogy baj van, keresett az avast, és ki írta , hogy van három trojai, én töröltem. küldök egy logot. meg nézed? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:23:54, on 2008.01.05. Platform: Windows XP Szervizcsomag 2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Comodo\Firewall\CPF.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Comodo\Firewall\cmdagent.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\totalcmd\TOTALCMD.EXE F:\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startlap.hu/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hivatkozások R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: BitComet Toolbar Helper - {6A373B7E-496E-424f-A9BE-486A5E9AB018} - C:\Program Files\BitComet Toolbar\v2.0.0.5\BitComet_Toolbar.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: BitComet Toolbar - {2E608F70-C430-4bc5-96F6-608E02EBA5B2} - C:\Program Files\BitComet Toolbar\v2.0.0.5\BitComet_Toolbar.dll O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'HELYI SZOLGÁLTATÁS') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'HÁLÓZATI SZOLGÁLTATÁS') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: E&xportálás Microsoft Excel formátumba - res://F:\offfice\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Kutatás - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 6873 bytes
szomb. jan. 05, 2008 15:31

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	Igen de irtam hogy tedyel fel >libavcodec<FFDShow<codecott. Na mostan Ezekett leteszteled a Virustotalon:http://www.virustotal.com/hu/ Idézet: C:\WINDOWS\NV3992976.TMP C:\WINDOWS\afp_debug.dat C:\WINDOWS\NV29882376.TMP C:\WINDOWS\NV17524024.TMP C:\WINDOWS\d3dx.dat Eztett megcsinalod igy.Start>futatas>beirod>notepad>ok Bekopirozod bele eztett. Kód: File:: C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe A ball felso sarokban elso full-kinyitod>4-sor=klik Aloll van 3-hoszukas ablak-a kozepsot bealitod-minden fajlok-vagy mapak A masik ablakban ahol TXT -van beirod eztett> CFScript.txt< Felull bealitod hogy az asztalra tevodjon-es leteszed-remelem a combofix is ott van.] Es megcsinalod igy-kikop egy logott aztett ide teszed .es a virustotal eredmenyet is.A virustotalon egyenkett elkuldod es mindig megvarod az eredmenytt. http://img.photobucket.com/albums/v666/sUBs/CFScript.gif
szomb. jan. 05, 2008 13:38

Indurain arany tag Csatlakozott: pén. jan. 04, 2008 13:15 Hozzászólások: 133	Igen levettem a divixes codeket.Várok.Köszi
szomb. jan. 05, 2008 12:45

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	OK-varjall meg kielemzem.Irtam neked a PU-ba a Kodecoc miat mar megcsinaltad??
szomb. jan. 05, 2008 12:35

Indurain arany tag Csatlakozott: pén. jan. 04, 2008 13:15 Hozzászólások: 133	itt vagyok Mindent megcsinaltam amit kértél.Leszedtem a nodot,maradt az avast,felraktam a legujabb nvidiát,majd ffd showt,ahogy írtad és nem múlt el a probléma.Letőltöttem a combofix-ot és küldöm a logját: ComboFix 08-01-04.1 - Én 2008-01-05 12:20:15.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1038.18.1417 [GMT 1:00] Running from: E:\Letöltések\ComboFix.exe . ((((((((((((((((((((((((( Files Created from 2007-12-05 to 2008-01-05 ))))))))))))))))))))))))))))))) . 2008-01-05 10:42 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe 2008-01-05 10:36 . 2008-01-05 10:36 <DIR> d-------- C:\Program Files\ffdshow 2008-01-05 10:36 . 2007-01-01 00:00 60,273 --a------ C:\WINDOWS\system32\pthreadGC2.dll 2008-01-05 10:36 . 2008-01-04 15:32 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll 2008-01-05 10:36 . 2008-01-04 15:32 6,144 --a------ C:\WINDOWS\system32\ff_acm.acm 2008-01-05 10:36 . 2007-01-01 00:00 547 --a------ C:\WINDOWS\system32\ff_vfw.dll.manifest 2008-01-05 10:30 . 2008-01-05 10:31 <DIR> d-------- C:\WINDOWS\NV3992976.TMP 2008-01-04 18:45 . 2008-01-04 18:45 <DIR> d-------- C:\Program Files\Windows Defender 2008-01-04 18:39 . 2008-01-04 18:39 2,209 --a------ C:\WINDOWS\afp_debug.dat 2008-01-04 11:52 . 2008-01-04 11:54 <DIR> d-------- C:\WINDOWS\NV29882376.TMP 2008-01-04 11:08 . 2008-01-04 11:16 <DIR> d-------- C:\Goal 2007-12-22 09:46 . 2007-12-22 09:46 <DIR> d-------- C:\Documents and Settings\Én\Application Data\Ashampoo 2007-12-21 18:59 . 2007-12-21 19:23 <DIR> d-------- C:\Program Files\Lavalys 2007-12-21 16:55 . 2007-12-21 16:57 <DIR> d-------- C:\WINDOWS\NV17524024.TMP 2007-12-21 09:34 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe 2007-12-21 09:34 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx 2007-12-21 09:34 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr 2007-12-21 09:34 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2007-12-21 09:34 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2007-12-21 09:34 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2007-12-21 09:34 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2007-12-21 09:34 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2007-12-20 21:43 . 2007-04-24 16:43 1,990 --a------ C:\WINDOWS\system32\drivers\net_m32.inf 2007-12-20 21:28 . 2007-12-21 08:14 <DIR> d-------- C:\Program Files\Common Files\Panda Software 2007-12-19 01:10 . 2007-12-20 18:23 <DIR> d-------- C:\WINDOWS\system32\ebay 2007-12-17 09:44 . 2007-12-17 09:44 <DIR> d-------- C:\Documents and Settings\Én\Application Data\PCToolsSpamMonitorPlus 2007-12-17 09:44 . 2007-12-17 09:44 <DIR> d-------- C:\Documents and Settings\Én\Application Data\PCToolsFirewallPlus 2007-12-17 09:43 . 2007-12-21 09:28 <DIR> d-------- C:\Program Files\PC Tools Internet Security 2007-12-17 00:38 . 2007-12-17 00:38 <DIR> d-------- C:\WINDOWS\Sun 2007-12-16 12:31 . 2008-01-04 19:14 <DIR> d-------- C:\Saw 4 2007-12-13 20:39 . 2007-12-13 20:39 <DIR> d-------- C:\Program Files\Fifa Master 2007-12-11 09:18 . 2007-12-12 20:27 <DIR> d-------- C:\WINDOWS\system32\hu-hu 2007-12-10 11:10 . 2007-12-10 11:10 34 --a------ C:\WINDOWS\system32\oeminfo.ini 2007-12-08 20:11 . 2007-12-08 20:13 9 --a------ C:\WINDOWS\nfsc_patch.ini 2007-12-08 16:45 . 2007-12-08 19:21 <DIR> d-------- C:\Program Files\ArtMoney 2007-12-08 08:07 . 2008-01-04 19:14 <DIR> d-------- C:\Program Files\Your Uninstaller 2008 2007-12-08 08:07 . 2008-01-04 17:55 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2007-12-08 08:07 . 2007-12-08 08:07 <DIR> d-------- C:\Documents and Settings\Én\Application Data\URSoft 2007-12-07 20:22 . 2007-12-07 20:22 4,096 --a------ C:\WINDOWS\d3dx.dat 2007-12-07 19:02 . 2007-12-07 19:02 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9 2007-12-07 19:01 . 2007-12-16 10:39 <DIR> d-------- C:\Documents and Settings\Én\Application Data\Wildfire 2007-12-07 19:01 . 2007-12-07 20:21 <DIR> d-------- C:\Documents and Settings\Én\Application Data\GameHouse 2007-12-07 18:55 . 2007-12-07 18:55 <DIR> d-------- C:\Program Files\GameHouse 2007-12-06 15:38 . 2007-12-06 15:46 18 --a------ C:\WINDOWS\power-on-task.ini 2007-12-06 15:30 . 2007-12-06 15:38 <DIR> d-------- C:\Program Files\Auto Power-on 2007-12-05 08:24 . 2007-12-05 08:24 <DIR> d-------- C:\Program Files\realtech VR 2007-12-05 01:41 . 2007-12-05 01:41 1,089,536 --a------ C:\WINDOWS\system32\nvcuda.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-01-05 11:20 --------- d-----w C:\Documents and Settings\Én\Application Data\uTorrent 2008-01-05 10:55 --------- d-----w C:\Documents and Settings\Én\Application Data\Skype 2008-01-05 09:55 196,608 ----a-w C:\WINDOWS\system32\drivers\nStandard.bin 2008-01-05 07:04 --------- d-----w C:\Documents and Settings\Én\Application Data\skypePM 2008-01-04 18:14 --------- d-----w C:\Program Files\LimeWire 2008-01-04 17:46 --------- d-----w C:\Program Files\Windows Live 2008-01-03 15:10 --------- d-----w C:\Program Files\Opera 2007-12-22 08:48 --------- d-----w C:\Program Files\ashampoo 2007-12-20 20:29 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-12-20 19:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2007-12-17 11:11 --------- d-----w C:\Documents and Settings\Én\Application Data\LimeWire 2007-12-13 07:22 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2007-12-11 19:37 --------- d-----w C:\Documents and Settings\Én\Application Data\Ahead 2007-12-10 14:39 --------- d-----w C:\Documents and Settings\Én\Application Data\Thinstall 2007-12-09 22:51 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys 2007-12-09 22:51 103,736 ----a-w C:\WINDOWS\system32\PnkBstrB.exe 2007-12-08 20:09 --------- d-----w C:\Program Files\Google 2007-12-08 17:56 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe 2007-12-05 01:53 356,352 ----a-w C:\WINDOWS\system32\NVUNINST.EXE 2007-12-05 00:41 81,920 ----a-w C:\WINDOWS\system32\nvwddi.dll 2007-12-05 00:41 81,920 ----a-w C:\WINDOWS\system32\nvmctray.dll 2007-12-05 00:41 8,523,776 ----a-w C:\WINDOWS\system32\nvcpl.dll 2007-12-05 00:41 753,664 ----a-w C:\WINDOWS\system32\nvcplui.exe 2007-12-05 00:41 7,435,392 ----a-w C:\WINDOWS\system32\drivers\nv4_mini.sys 2007-12-05 00:41 6,901,760 ----a-w C:\WINDOWS\system32\nvoglnt.dll 2007-12-05 00:41 6,549,504 ----a-w C:\WINDOWS\system32\nvdisps.dll 2007-12-05 00:41 5,773,568 ----a-w C:\WINDOWS\system32\nv4_disp.dll 2007-12-05 00:41 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll 2007-12-05 00:41 45,056 ----a-w C:\WINDOWS\system32\nvmccsrs.dll 2007-12-05 00:41 442,368 ----a-w C:\WINDOWS\system32\nvappbar.exe 2007-12-05 00:41 425,984 ----a-w C:\WINDOWS\system32\keystone.exe 2007-12-05 00:41 385,024 ----a-w C:\WINDOWS\system32\nvapi.dll 2007-12-05 00:41 356,352 ----a-w C:\WINDOWS\system32\nvudisp.exe 2007-12-05 00:41 35,328 ----a-w C:\WINDOWS\system32\nvcodins.dll 2007-12-05 00:41 35,328 ----a-w C:\WINDOWS\system32\nvcod.dll 2007-12-05 00:41 307,200 ----a-w C:\WINDOWS\system32\nvexpbar.dll 2007-12-05 00:41 3,710,976 ----a-w C:\WINDOWS\system32\nvvitvs.dll 2007-12-05 00:41 3,420,160 ----a-w C:\WINDOWS\system32\nvgames.dll 2007-12-05 00:41 286,720 ----a-w C:\WINDOWS\system32\nvnt4cpl.dll 2007-12-05 00:41 229,376 ----a-w C:\WINDOWS\system32\nvmccs.dll 2007-12-05 00:41 2,498,560 ----a-w C:\WINDOWS\system32\nvwss.dll 2007-12-05 00:41 188,416 ----a-w C:\WINDOWS\system32\nvmccss.dll 2007-12-05 00:41 155,716 ----a-w C:\WINDOWS\system32\nvsvc32.exe 2007-12-05 00:41 147,456 ----a-w C:\WINDOWS\system32\nvcolor.exe 2007-12-05 00:41 1,703,936 ----a-w C:\WINDOWS\system32\nvwdmcpl.dll 2007-12-05 00:41 1,626,112 ----a-w C:\WINDOWS\system32\nwiz.exe 2007-12-05 00:41 1,474,560 ----a-w C:\WINDOWS\system32\nview.dll 2007-12-05 00:41 1,339,392 ----a-w C:\WINDOWS\system32\nvdspsch.exe 2007-12-05 00:41 1,228,800 ----a-w C:\WINDOWS\system32\nvmobls.dll 2007-12-05 00:41 1,019,904 ----a-w C:\WINDOWS\system32\nvwimg.dll 2007-12-02 11:25 --------- d-----w C:\Documents and Settings\Én\Application Data\CyberLink 2007-12-02 11:23 --------- d-----w C:\Program Files\CyberLink 2007-12-02 11:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\CyberLink 2007-11-29 16:47 5,632 ----a-w C:\WINDOWS\system32\BReWErS.dll 2007-11-29 11:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\River Past G5 2007-11-29 10:52 164,787 ----a-w C:\WINDOWS\Screen Recorder Pro Uninstaller.exe 2007-11-29 10:52 --------- d-----w C:\Program Files\River Past 2007-11-29 10:52 --------- d-----w C:\Program Files\Common Files\River Past 2007-11-29 10:52 --------- d-----w C:\Documents and Settings\Én\Application Data\River Past G5 2007-11-29 00:50 127,034 ------r C:\WINDOWS\bwUnin-8.1.1.50-8876480SL.exe 2007-11-28 23:36 --------- d-----w C:\Documents and Settings\Én\Application Data\BSplayer PRO 2007-11-28 18:38 --------- d-----w C:\Program Files\BlazeVideo 2007-11-28 16:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files 2007-11-27 23:31 --------- d-----w C:\Program Files\MSXML 6.0 2007-11-27 19:26 --------- d-----w C:\Program Files\DaDaDev 2007-11-27 15:39 --------- d-----w C:\Program Files\MSBuild 2007-11-27 15:36 21,848 ----a-w C:\Documents and Settings\Én\Application Data\GDIPFONTCACHEV1.DAT 2007-11-27 15:36 --------- d-----w C:\Program Files\Reference Assemblies 2007-11-26 00:13 --------- d-----w C:\Program Files\Picasa2 2007-11-25 14:54 --------- d-----w C:\Program Files\ProxyShell 2007-11-25 12:20 --------- d-----w C:\Documents and Settings\Én\Application Data\Talkback 2007-11-25 11:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\ashampoo 2007-11-25 03:28 --------- d-----w C:\Program Files\EuroPrice Világatlasz 2007-11-24 21:25 --------- d-----w C:\Program Files\SystemRequirementsLab 2007-11-24 21:25 --------- d-----w C:\Documents and Settings\Én\Application Data\SystemRequirementsLab 2007-11-24 17:14 --------- d-----w C:\Documents and Settings\Én\Application Data\gtopala 2007-11-24 14:48 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2007-11-24 14:48 --------- d-----w C:\Program Files\AGEIA Technologies 2007-11-23 19:37 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2 2007-11-23 19:35 --------- d-----w C:\Program Files\MSXML 4.0 2007-11-23 10:46 --------- d-----w C:\Program Files\Mv2Player 2007-11-22 17:53 --------- d-----w C:\Program Files\File Recover 2007-11-22 17:06 --------- d-----w C:\Program Files\Smart Projects 2007-11-22 09:27 --------- d-----w C:\Program Files\MBMAKA+ 2007-11-22 09:17 --------- d-----w C:\Documents and Settings\Én\Application Data\MorphoLogic 2007-11-22 08:22 --------- d-----w C:\Documents and Settings\Én\Application Data\Logitech 2007-11-22 07:58 --------- d-----w C:\Program Files\Java 2007-11-22 07:58 --------- d-----w C:\Program Files\Common Files\Java 2007-11-22 07:50 118,784 ------r C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe 2007-11-22 07:50 --------- d-----w C:\Program Files\Logitech 2007-11-22 07:49 --------- d-----w C:\Program Files\Common Files\Logitech 2007-11-22 07:46 --------- d-----w C:\Documents and Settings\Én\Application Data\HP 2007-11-22 07:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\HP 2007-11-22 07:44 --------- d-----w C:\Program Files\Common Files\Sonic Shared 2007-11-22 07:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sonic 2007-11-22 07:43 --------- d-----w C:\Program Files\Common Files\HP 2007-11-22 07:41 --------- d-----w C:\Program Files\HP 2007-11-22 07:41 --------- d-----w C:\Program Files\Hewlett-Packard 2007-11-22 07:39 --------- d-----w C:\Program Files\Common Files\Hewlett-Packard 2007-11-21 16:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\MumboJumbo . ((((((((((((((((((((((((((((( snapshot@2008-01-05_10.44.40,53 ))))))))))))))))))))))))))))))))))))))))) . + 2008-01-05 09:54:52 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_638.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 15:47 15360] "DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 14:08 136136] "STYLEXP"="C:\Program Files\TGTSoft\StyleXP\StyleXP.exe" [2006-05-24 19:31 1372160] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-11-12 15:48 21760296] "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2007-10-14 18:09 103712] "LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-11-29 01:55 67128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2006-06-20 22:42 577536 C:\WINDOWS\soundman.exe] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776] "nwiz"="nwiz.exe" [2007-12-05 01:41 1626112 C:\WINDOWS\system32\nwiz.exe] "ASUSGamerOSD"="C:\Program Files\ASUS\GamerOSD\GamerOSD.exe" [2007-07-12 10:03 380928] "NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648] "Profiler"="C:\Program Files\Saitek\Software\Profiler.exe" [2004-01-28 09:19 159744] "SaiSmart"="C:\Program Files\Saitek\Software\SaiSmart.exe" [2004-01-28 09:19 98304] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648] "snpstd"="C:\WINDOWS\vsnpstd.exe" [2003-12-31 17:39 40960] "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2007-10-14 18:09 103712] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-10-19 20:16 286720] "NWEReboot"="" [] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 23:12 49152] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496] "BDRegion"="C:\Program Files\Cyberlink\Shared Files\brs.exe" [2007-11-16 19:20 91432] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2007-10-28 09:35 72736] "LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [2007-10-11 12:06 62760] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 19:20 866584] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 01:41 81920] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-17 15:47 15360] C:\Documents and Settings\All Users\Start Menu\Programs\Indˇt˘pult\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 02:48:00] Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 01:01:00] HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 23:23:26] HP Image Zone gyorsindˇt sa.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2005-05-12 00:49:24] Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-11-29 01:55:24] Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-11-22 08:49:30] Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 11:01:04] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 0 (0x0) "NoFileAssociate"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "UIHost"="C:\\WINDOWS\\system32\\LogonUi.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr] avldr.dll R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B};C:\Program Files\CyberLink\PowerDVD\000.fcl [2007-11-03 00:12] R3 asusgsb;ASUS Virtual Video Capture Device Driver;C:\WINDOWS\system32\drivers\asusgsb.sys [2007-07-12 10:03] R3 SaiH0109;SaiH0109;C:\WINDOWS\system32\DRIVERS\SaiH0109.sys [2004-01-30 14:19] R3 SaiU0109;SaiU0109;C:\WINDOWS\system32\DRIVERS\SaiU0109.sys [2004-01-30 14:19] R3 Video3D;ASUS Video3D Service;C:\WINDOWS\system32\Drivers\Video3D32.sys [2007-07-12 10:03] S2 PCAutoPowerOnService;Auto Power-on & Shut-down Service;C:\Program Files\Auto Power-on\PCAutoPowerOnService.exe [2006-02-08 14:12] S3 NETIMFLT;PANDA NDIS IM Filter Miniport;C:\WINDOWS\system32\DRIVERS\netimflt.sys [] S3 SIWIO;SIW low-level I/O driver;C:\WINDOWS\TEMP\SiwIo.sys [] . Contents of the 'Scheduled Tasks' folder "2008-01-05 09:57:51 C:\WINDOWS\Tasks\MP Scheduled Scan.job" - C:\Program Files\Windows Defender\MpCmdRun.exe . ************************************************************************ catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-05 12:22:16 Windows 5.1.2600 Szervizcsomag 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-01-05 12:22:50 ComboFix2.txt 2008-01-05 09:45:11 . 2008-01-04 19:11:13 --- E O F ---
szomb. jan. 05, 2008 12:31

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	ok: Renben van.Koszi: Udv
pén. jan. 04, 2008 8:10

Vica77 vas-tag Csatlakozott: csüt. jan. 03, 2008 19:08 Hozzászólások: 7	Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:47:37, on 2008.01.03. Platform: Windows XP Szervizcsomag 2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Comodo\Firewall\cmdagent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Analog Devices\SoundMAX\smax4.exe C:\WINDOWS\INF\MSI\SlowDownCPU\SlowDownCPU.exe C:\Program Files\Saitek\Software\SaiSmart.exe C:\WINDOWS\system32\qttask.exe C:\Program Files\Saitek\Software\Profiler.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\system32\MMTrayLSI.exe C:\WINDOWS\system32\MMTray2k.exe C:\WINDOWS\system32\MMTray.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\VM303_STI.EXE C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Comodo\Firewall\CPF.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DAEMON Tools Pro\DTProAgent.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\MultiKeyboard Driver\KbdDrv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Mozilla Firefox\firefox.exe D:\hijack\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startlap.hu/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hivatkozások R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: HP Smart Web Printing 1.0 - {AE84A6AA-A333-4B92-B276-C11E2212E4FE} - C:\Program Files\HP\Smart Web Printing\SmartWebPrinting.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray O4 - HKLM\..\Run: [SlowDownCPU] C:\WINDOWS\INF\MSI\SlowDownCPU\SlowDownCPU.exe O4 - HKLM\..\Run: [SaiSmart] C:\Program Files\Saitek\Software\SaiSmart.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime O4 - HKLM\..\Run: [Profiler] C:\Program Files\Saitek\Software\Profiler.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [MMTrayLSI] MMTrayLSI.exe O4 - HKLM\..\Run: [MMTray2K] MMTray2k.exe O4 - HKLM\..\Run: [MMTray] MMTray.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH) O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'HELYI SZOLGÁLTATÁS') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'HÁLÓZATI SZOLGÁLTATÁS') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: MutiKeyboard Driver.lnk = C:\Program Files\MultiKeyboard Driver\KbdDrv.exe O4 - Startup: My Little Pony Registration.lnk = H:\ATR1.EXE O4 - Global Startup: Adobe Reader gyorsindító.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xportálás Microsoft Excel formátumba - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{B69E35E0-FD12-4CF6-9104-49499F4593AB}: NameServer = 212.24.164.1 212.24.160.1 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 9932 bytes Ez az utolso hjk,meg van a ccleaner+a comodo is.Az e mail cimem gengs@citromail.hu Írj ide,jutalmul cserébe megihatnánk valamit valamikor.Mindent kösz,király vagy.Csá
csüt. jan. 03, 2008 23:53

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	Ok-Az semmi senki se szulettett tanultan. Mostan meg biztosito csinald az AVAngeral megegyszer. Kód: Registry keys to delete: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Remote Addressing"=- Utana talald meg feljeb -pepynek- leirtam a -CCleaner-pucolast-lehett hogy a masik oldalon van de megtalalod.Utana ugyanott megtalalod a TUZFALLAT-Felrakni.Es ha ez minden meglesz -majd ide teszed az utolso Hijack logott kontrolara.Mar nemuszaj ma ha nemerkezed.A geped Tiszta. UDV
csüt. jan. 03, 2008 22:39

Vica77 vas-tag Csatlakozott: csüt. jan. 03, 2008 19:08 Hozzászólások: 7	Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:28:15, on 2008.01.03. Platform: Windows XP Szervizcsomag 2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ATKKBService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Analog Devices\SoundMAX\smax4.exe C:\WINDOWS\INF\MSI\SlowDownCPU\SlowDownCPU.exe C:\Program Files\Saitek\Software\SaiSmart.exe C:\WINDOWS\system32\qttask.exe C:\Program Files\Saitek\Software\Profiler.exe C:\WINDOWS\system32\MMTrayLSI.exe C:\WINDOWS\system32\MMTray2k.exe C:\WINDOWS\system32\MMTray.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\VM303_STI.EXE C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\DAEMON Tools Pro\DTProAgent.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\MultiKeyboard Driver\KbdDrv.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\MSN Messenger\usnsvc.exe D:\hijack\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startlap.hu/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hivatkozások R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: HP Smart Web Printing 1.0 - {AE84A6AA-A333-4B92-B276-C11E2212E4FE} - C:\Program Files\HP\Smart Web Printing\SmartWebPrinting.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray O4 - HKLM\..\Run: [SlowDownCPU] C:\WINDOWS\INF\MSI\SlowDownCPU\SlowDownCPU.exe O4 - HKLM\..\Run: [SaiSmart] C:\Program Files\Saitek\Software\SaiSmart.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime O4 - HKLM\..\Run: [Profiler] C:\Program Files\Saitek\Software\Profiler.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [MMTrayLSI] MMTrayLSI.exe O4 - HKLM\..\Run: [MMTray2K] MMTray2k.exe O4 - HKLM\..\Run: [MMTray] MMTray.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH) O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'HELYI SZOLGÁLTATÁS') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'HÁLÓZATI SZOLGÁLTATÁS') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: MutiKeyboard Driver.lnk = C:\Program Files\MultiKeyboard Driver\KbdDrv.exe O4 - Startup: My Little Pony Registration.lnk = H:\ATR1.EXE O4 - Global Startup: Adobe Reader gyorsindító.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xportálás Microsoft Excel formátumba - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{B69E35E0-FD12-4CF6-9104-49499F4593AB}: NameServer = 212.24.164.1 212.24.160.1 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 9762 bytes Remélem ok lesz,bocsi amiert lassu vok.
csüt. jan. 03, 2008 22:31

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	Meg ott maradt egy makacs troja de fell uton vagyunk. Mostan Fixeld le a Hijackal ezekett.Ne tevedj. R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file R3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file) O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Windows Remote Addressing] wnpcgs.exe O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler O4 - Global Startup: enhanced keyboard driver.lnk = ? O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O20 - Winlogon Notify: ddcbxvv - ddcbxvv.dll (file missing) Van 2-darab antivirusod az egyikett leszedni-hagy meg amitt akarsz ketto nemlehett.Tehat Start>vezerlo pult >hoza vagy leveni progikatt es az egyikett leszeded.Restart es uj Hijack logott.
csüt. jan. 03, 2008 22:00

Vica77 vas-tag Csatlakozott: csüt. jan. 03, 2008 19:08 Hozzászólások: 7	////////////////////////////////////////// Avenger Pre-Processor log ////////////////////////////////////////// Syntax error in line --- does not appear to be a valid registry path. Line will be ignored. Error code: 0 Line: Windows Remote Addressing"="- Syntax error in line --- does not appear to be a valid registry path. Line will be ignored. Error code: 0 Line: [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8716cc8a-1cf9-11dc-be2a-0013d33c4480}] ////////////////////////////////////////// Logfile of The Avenger version 1, by Swandog46 Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\iahenviv ***************** Script file located at: \??\C:\WINDOWS\system32\rpwgpxni.txt Script file opened successfully. Script file read successfully Backups directory opened successfully at C:\Avenger *************** Beginning to process script file: File C:\WINDOWS\NirCmd.exe deleted successfully. File C:\WINDOWS\system32\iggxwlrm.ini deleted successfully. File C:\WINDOWS\system32\lrxjwqsm.ini deleted successfully. File C:\WINDOWS\system32\usjfkbre.ini deleted successfully. File C:\WINDOWS\system32\tmp47704.FOT deleted successfully. File C:\WINDOWS\system32\qivbqcnn.ini deleted successfully. File C:\WINDOWS\system32\ssjyfoqv.ini deleted successfully. Could not open registry key [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] for deletion Deletion of registry key [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] failed! Status: 0xc000003b Could not open registry key [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ddcbxvv] for deletion Deletion of registry key [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ddcbxvv] failed! Status: 0xc000003b Completed script processing. ***************** Finished! Terminate.Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:43:13, on 2008.01.03. Platform: Windows XP Szervizcsomag 2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Eset\nod32krn.exe C:\Program Files\Analog Devices\SoundMAX\smax4.exe C:\WINDOWS\INF\MSI\SlowDownCPU\SlowDownCPU.exe C:\Program Files\Saitek\Software\SaiSmart.exe C:\WINDOWS\system32\qttask.exe C:\Program Files\Saitek\Software\Profiler.exe C:\WINDOWS\system32\MMTrayLSI.exe C:\WINDOWS\system32\MMTray2k.exe C:\WINDOWS\system32\MMTray.exe C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\VM303_STI.EXE C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Eset\nod32kui.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DAEMON Tools Pro\DTProAgent.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\EnhanceKeyboard\kb_2k.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\WINDOWS\SYSTEM32\notepad.exe C:\Program Files\MultiKeyboard Driver\KbdDrv.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\MSN Messenger\usnsvc.exe D:\hijack\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startlap.hu/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hivatkozások R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) R3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file) R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: HP Smart Web Printing 1.0 - {AE84A6AA-A333-4B92-B276-C11E2212E4FE} - C:\Program Files\HP\Smart Web Printing\SmartWebPrinting.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Windows Remote Addressing] wnpcgs.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray O4 - HKLM\..\Run: [SlowDownCPU] C:\WINDOWS\INF\MSI\SlowDownCPU\SlowDownCPU.exe O4 - HKLM\..\Run: [SaiSmart] C:\Program Files\Saitek\Software\SaiSmart.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime O4 - HKLM\..\Run: [Profiler] C:\Program Files\Saitek\Software\Profiler.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [MMTrayLSI] MMTrayLSI.exe O4 - HKLM\..\Run: [MMTray2K] MMTray2k.exe O4 - HKLM\..\Run: [MMTray] MMTray.exe O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH) O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'HELYI SZOLGÁLTATÁS') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'HÁLÓZATI SZOLGÁLTATÁS') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: MutiKeyboard Driver.lnk = C:\Program Files\MultiKeyboard Driver\KbdDrv.exe O4 - Startup: My Little Pony Registration.lnk = H:\ATR1.EXE O4 - Global Startup: Adobe Reader gyorsindító.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: enhanced keyboard driver.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: E&xportálás Microsoft Excel formátumba - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{B69E35E0-FD12-4CF6-9104-49499F4593AB}: NameServer = 212.24.164.1 212.24.160.1 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: ddcbxvv - ddcbxvv.dll (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 10933 bytes Végre sikerült,itt az avanger+hjk
csüt. jan. 03, 2008 21:45

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	OK- Akkor csinald meg igy. Start>futatas>beirod>notepad>ok Bekopirozod bele eztett. Kód: File:: C:\WINDOWS\NirCmd.exe C:\WINDOWS\system32\iggxwlrm.ini C:\WINDOWS\system32\lrxjwqsm.ini C:\WINDOWS\system32\usjfkbre.ini C:\WINDOWS\system32\tmp47704.FOT C:\WINDOWS\system32\qivbqcnn.ini C:\WINDOWS\system32\ssjyfoqv.ini Registry:: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Remote Addressing"="- [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ddcbxvv] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8716cc8a-1cf9-11dc-be2a-0013d33c4480}] A ball felso sarokban elso full-kinyitod>4-sor=klik Aloll van 3-hoszukas ablak-a kozepsot bealitod-minden fajlok-vagy mapak A masik ablakban ahol TXT -van beirod eztett CFScript.txt Felull bealitod hogy az asztalra tevodjon-es leteszed-remelem a combofis is ott van.] ES megcsinalod IGY:http://img.photobucket.com/albums/v666/sUBs/CFScript.gif
csüt. jan. 03, 2008 21:33

Vica77 vas-tag Csatlakozott: csüt. jan. 03, 2008 19:08 Hozzászólások: 7	Hi Stell.letöltöttem a progit,bekopiroztam,de nem tudtam elfogadtatni a semaforral.syntax error in line. Ezt irta ki
csüt. jan. 03, 2008 21:22

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	Letoltod az AVANGER PROGRAMOT. http://swandog46.geekstogo.com/avenger.exe Futatod – klik-„Input script manually“ –klik- nagyito uveg– BEKOPIROZOD A KODOT-DE CSAK A PIROS BETUKETT. Kód: Files to delete: C:\WINDOWS\NirCmd.exe C:\WINDOWS\system32\iggxwlrm.ini C:\WINDOWS\system32\lrxjwqsm.ini C:\WINDOWS\system32\usjfkbre.ini C:\WINDOWS\system32\tmp47704.FOT C:\WINDOWS\system32\qivbqcnn.ini C:\WINDOWS\system32\ssjyfoqv.ini Registry keys to delete: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Remote Addressing"="- [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ddcbxvv] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8716cc8a-1cf9-11dc-be2a-0013d33c4480}] „klik-Done“ –klik- Semafor beleegyezell-– kovetkezik a restart PC – Ide teszed amitt az AVANGER ADD-ES uj HJT-LOGOT.
csüt. jan. 03, 2008 20:59

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	Ok- Mostan meg ted ide a Hijack-logott-azt amitt eloszor csinaltall-meg ez a gepp mentt egyaltalan?Enyi veszejes dolgott ritkan latni.Es varjal ojan 1/2-oratt.Kilkell elemeznem.AHA-MAR LATOM=OK.
csüt. jan. 03, 2008 20:12

Vica77 vas-tag Csatlakozott: csüt. jan. 03, 2008 19:08 Hozzászólások: 7	Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:07:46, on 2008.01.03. Platform: Windows XP Szervizcsomag 2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ATKKBService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Analog Devices\SoundMAX\smax4.exe C:\WINDOWS\INF\MSI\SlowDownCPU\SlowDownCPU.exe C:\Program Files\Saitek\Software\SaiSmart.exe C:\WINDOWS\system32\qttask.exe C:\Program Files\Saitek\Software\Profiler.exe C:\WINDOWS\system32\MMTrayLSI.exe C:\WINDOWS\system32\MMTray2k.exe C:\WINDOWS\system32\MMTray.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\VM303_STI.EXE C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Eset\nod32kui.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DAEMON Tools Pro\DTProAgent.exe C:\Program Files\EnhanceKeyboard\kb_2k.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\MultiKeyboard Driver\KbdDrv.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Mozilla Firefox\firefox.exe D:\hijack\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startlap.hu/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hivatkozások R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) R3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file) R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: HP Smart Web Printing 1.0 - {AE84A6AA-A333-4B92-B276-C11E2212E4FE} - C:\Program Files\HP\Smart Web Printing\SmartWebPrinting.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Windows Remote Addressing] wnpcgs.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray O4 - HKLM\..\Run: [SlowDownCPU] C:\WINDOWS\INF\MSI\SlowDownCPU\SlowDownCPU.exe O4 - HKLM\..\Run: [SaiSmart] C:\Program Files\Saitek\Software\SaiSmart.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime O4 - HKLM\..\Run: [Profiler] C:\Program Files\Saitek\Software\Profiler.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [MMTrayLSI] MMTrayLSI.exe O4 - HKLM\..\Run: [MMTray2K] MMTray2k.exe O4 - HKLM\..\Run: [MMTray] MMTray.exe O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH) O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'HELYI SZOLGÁLTATÁS') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'HÁLÓZATI SZOLGÁLTATÁS') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: MutiKeyboard Driver.lnk = C:\Program Files\MultiKeyboard Driver\KbdDrv.exe O4 - Startup: My Little Pony Registration.lnk = H:\ATR1.EXE O4 - Global Startup: Adobe Reader gyorsindító.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: enhanced keyboard driver.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: E&xportálás Microsoft Excel formátumba - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{B69E35E0-FD12-4CF6-9104-49499F4593AB}: NameServer = 212.24.164.1 212.24.160.1 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: ddcbxvv - ddcbxvv.dll (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 10810 bytes itt van minden,remélem jól csináltam.
csüt. jan. 03, 2008 20:10

Vica77 vas-tag Csatlakozott: csüt. jan. 03, 2008 19:08 Hozzászólások: 7	ComboFix 08-01-03.3 - ELI 2008-01-03 19:53:35.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1038.18.387 [GMT 1:00] Running from: F:\Letőltések\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\avviiypd.dll C:\WINDOWS\system32\ddayw.dll C:\WINDOWS\system32\dhyvwvht.dll C:\WINDOWS\system32\dpyiivva.ini C:\WINDOWS\system32\epoompcn.dll C:\WINDOWS\system32\felrmuio.dll C:\WINDOWS\system32\ghilhfkt.dll C:\WINDOWS\system32\gtfplyun.dll C:\WINDOWS\system32\hpnugren.ini C:\WINDOWS\system32\ieevnbat.dll C:\WINDOWS\system32\isuucjrp.dll C:\WINDOWS\system32\jlnmp.ini C:\WINDOWS\system32\jlnmp.ini2 C:\WINDOWS\system32\lutwnuhs.dll C:\WINDOWS\system32\mcrh.tmp C:\WINDOWS\system32\mrdlopxa.dll C:\WINDOWS\system32\ncpmoope.ini C:\WINDOWS\system32\nucaxnbl.ini C:\WINDOWS\system32\nuylpftg.ini C:\WINDOWS\system32\oqboiyqx.dll C:\WINDOWS\system32\oqhjkaeo.ini C:\WINDOWS\system32\pfdbmgun.dll C:\WINDOWS\system32\pmnlj.dll C:\WINDOWS\system32\svyckmbd.dll C:\WINDOWS\system32\teqcyeji.dll C:\WINDOWS\system32\tibaoyij.dll C:\WINDOWS\system32\tkhwdesm.dll C:\WINDOWS\system32\tsvekemo.dll C:\WINDOWS\system32\vofdwcwh.dll C:\WINDOWS\system32\wdyfjwkt.dll C:\WINDOWS\system32\wmaisxay.dll C:\WINDOWS\system32\wnmfsgdh.dll C:\WINDOWS\system32\yrvoautw.dll C:\WINDOWS\system32\yytikvjh.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\LEGACY_DOMAINSERVICE ((((((((((((((((((((((((( Files Created from 2007-12-03 to 2008-01-03 ))))))))))))))))))))))))))))))) . 2008-01-03 19:47 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe 2008-01-01 22:08 . 2008-01-01 22:08 <DIR> d-------- C:\Documents and Settings\ELI\Application Data\DivX 2008-01-01 22:07 . 2008-01-01 22:07 <DIR> d-------- C:\Documents and Settings\ELI\Application Data\Yahoo! 2008-01-01 22:07 . 2008-01-01 22:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion 2008-01-01 22:06 . 2008-01-01 22:06 <DIR> d-------- C:\Program Files\Yahoo! 2008-01-01 22:06 . 2008-01-01 22:07 <DIR> d-------- C:\Program Files\DivX 2008-01-01 22:06 . 2007-11-29 23:30 129,784 --------- C:\WINDOWS\system32\pxafs.dll 2008-01-01 22:06 . 2007-11-29 23:30 120,056 --------- C:\WINDOWS\system32\pxcpyi64.exe 2008-01-01 22:06 . 2007-11-29 23:30 118,520 --------- C:\WINDOWS\system32\pxinsi64.exe 2007-12-31 12:18 . 2008-01-01 16:40 1,032,219 ---hs---- C:\WINDOWS\system32\iggxwlrm.ini 2007-12-30 11:14 . 2007-12-31 12:12 1,032,039 ---hs---- C:\WINDOWS\system32\lrxjwqsm.ini 2007-12-28 19:54 . 2007-12-30 11:14 1,031,799 ---hs---- C:\WINDOWS\system32\usjfkbre.ini 2007-12-28 18:38 . 2007-12-28 18:38 1,409 --a------ C:\WINDOWS\system32\tmp47704.FOT 2007-12-27 19:49 . 2007-12-28 19:50 1,031,499 ---hs---- C:\WINDOWS\system32\qivbqcnn.ini 2007-12-26 19:54 . 2007-12-27 12:20 1,027,983 ---hs---- C:\WINDOWS\system32\ssjyfoqv.ini 2007-12-19 17:01 . 2008-01-01 23:07 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe 2007-12-19 17:01 . 2008-01-01 23:07 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys 2007-12-19 17:00 . 2008-01-01 23:07 103,736 --a------ C:\WINDOWS\system32\PnkBstrB.exe 2007-12-19 16:46 . 2007-05-16 16:45 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll 2007-12-19 16:46 . 2007-03-12 16:42 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll 2007-12-19 16:46 . 2007-05-16 16:45 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll 2007-12-19 16:46 . 2007-03-12 16:42 1,123,696 --a------ C:\WINDOWS\system32\D3DCompiler_33.dll 2007-12-19 16:46 . 2007-05-16 16:45 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll 2007-12-19 16:46 . 2007-03-15 16:57 443,752 --a------ C:\WINDOWS\system32\d3dx10_33.dll 2007-12-19 16:46 . 2007-06-20 20:46 266,088 --a------ C:\WINDOWS\system32\xactengine2_8.dll 2007-12-19 16:46 . 2007-04-04 18:55 261,480 --a------ C:\WINDOWS\system32\xactengine2_7.dll 2007-12-19 16:46 . 2007-01-24 15:27 255,848 --a------ C:\WINDOWS\system32\xactengine2_6.dll 2007-12-19 16:46 . 2007-06-20 20:45 18,280 --a------ C:\WINDOWS\system32\x3daudio1_2.dll 2007-12-19 16:28 . 2007-12-19 16:29 <DIR> d-------- C:\Documents and Settings\ELI\Application Data\DAEMON Tools Pro 2007-12-19 16:28 . 2007-12-19 16:28 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro 2007-12-19 16:23 . 2007-12-19 16:30 <DIR> d-------- C:\Program Files\DAEMON Tools Pro 2007-12-19 16:16 . 2007-12-19 16:16 685,816 --a------ C:\WINDOWS\system32\drivers\sptd.sys 2007-12-19 15:37 . 2007-12-19 15:37 <DIR> d-------- C:\Documents and Settings\ELI\Application Data\PCToolsSpamMonitorPlus 2007-12-19 15:37 . 2007-12-19 15:37 <DIR> d-------- C:\Documents and Settings\ELI\Application Data\PCToolsFirewallPlus 2007-12-19 15:35 . 2007-12-19 15:51 <DIR> d-------- C:\Program Files\PC Tools Internet Security 2007-12-19 15:20 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe 2007-12-19 15:20 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx 2007-12-19 15:20 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr 2007-12-19 15:20 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2007-12-19 15:20 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2007-12-19 15:20 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2007-12-19 15:20 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2007-12-19 15:20 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2007-12-19 15:12 . 2007-12-19 15:12 0 --a------ C:\WINDOWS\system32\mapisvc.inf 2007-12-19 15:11 . 2007-12-19 15:11 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys 2007-12-19 15:11 . 2007-12-19 15:11 298,104 --a------ C:\WINDOWS\system32\imon.dll 2007-12-19 15:11 . 2007-12-19 15:11 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys 2007-12-19 15:03 . 2007-12-19 15:03 <DIR> d-------- C:\Documents and Settings\ELI\Application Data\URSoft 2007-12-19 15:02 . 2007-12-19 15:07 <DIR> d-------- C:\Program Files\Your Uninstaller 2008 2007-12-17 20:45 . 2007-07-01 04:31 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat 2007-12-17 20:45 . 2007-07-01 04:36 1,028,096 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui 2007-12-17 20:44 . 2007-12-17 20:45 <DIR> d-------- C:\WINDOWS\system32\hu-hu 2007-12-17 20:39 . 2007-10-11 00:53 6,065,664 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll 2007-12-17 20:39 . 2007-10-11 00:53 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll 2007-12-17 20:39 . 2007-10-11 00:53 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll 2007-12-17 20:39 . 2007-10-11 00:53 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll 2007-12-17 20:39 . 2007-10-11 00:53 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll 2007-12-17 20:39 . 2007-10-11 00:53 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2007-12-17 20:39 . 2007-10-10 11:59 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe 2007-12-17 20:38 . 2007-08-13 18:54 33,792 --a--c--- C:\WINDOWS\system32\dllcache\custsat.dll 2007-12-12 18:58 . 2007-12-12 18:58 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\sentinel 2007-12-12 18:53 . 2007-12-26 22:51 <DIR> d-------- C:\Program Files\Common Files\Panda Software 2007-12-09 19:20 . 2007-12-09 19:20 <DIR> d-------- C:\Program Files\Ashampoo 2007-12-09 18:56 . 2007-12-09 18:56 <DIR> d-------- C:\Documents and Settings\ELI\Application Data\Thinstall 2007-12-09 18:55 . 2007-12-09 18:55 <DIR> d-------- C:\Program Files\Ashampoo AntiSpyWare 2.01 [ Portable by seven ] 2007-12-09 18:34 . 2007-12-09 18:34 <DIR> d-------- C:\Program Files\Alwil Software 2007-12-09 18:26 . 2007-12-09 18:26 <DIR> d-------- C:\Documents and Settings\ELI\Application Data\Spyware Terminator 2007-12-09 18:26 . 2007-12-09 18:26 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator 2007-12-04 18:17 . 2007-12-27 12:31 963 --a------ C:\WINDOWS\disney.ini 2007-12-04 18:17 . 2007-12-27 12:28 206 --a------ C:\WINDOWS\disneysy.ini 2007-12-04 02:33 . 2007-12-04 02:33 823,296 --a------ C:\WINDOWS\system32\divx_xx0c.dll 2007-12-04 02:33 . 2007-12-04 02:33 823,296 --a------ C:\WINDOWS\system32\divx_xx07.dll 2007-12-04 02:33 . 2007-12-04 02:33 802,816 --a------ C:\WINDOWS\system32\divx_xx11.dll 2007-12-04 02:33 . 2007-12-04 02:33 630,784 --a------ C:\WINDOWS\system32\divxdec.ax . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-01-03 18:44 --------- d-----w C:\Documents and Settings\ELI\Application Data\Skype 2008-01-02 15:01 --------- d-----w C:\Documents and Settings\ELI\Application Data\LimeWire 2007-12-31 18:45 --------- d-----w C:\Documents and Settings\ELI\Application Data\uTorrent 2007-12-31 16:16 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2007-12-29 14:01 --------- d-----w C:\Documents and Settings\ELI\Application Data\Image Zone Express 2007-12-28 12:34 --------- d-----w C:\Documents and Settings\ELI\Application Data\Wildfire 2007-12-27 11:31 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-12-23 11:32 --------- d-----w C:\Program Files\Opera 2007-12-22 21:49 --------- d-----w C:\Documents and Settings\ELI\Application Data\Azureus 2007-12-21 09:06 --------- d-----w C:\Program Files\ACE Mega CoDecS Pack 2007-12-19 15:24 --------- d-----w C:\Program Files\D-Tools 2007-11-29 22:30 43,528 ------w C:\WINDOWS\system32\drivers\pxhelp20.sys 2007-11-24 08:32 --------- d-----w C:\Program Files\Java 2007-11-20 17:22 --------- d-----w C:\Program Files\Picasa2 2007-11-19 12:17 --------- d-----w C:\Program Files\Windows Media Connect 2 2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys 2007-10-21 19:23 21,472 ----a-w C:\Documents and Settings\ELI\Application Data\GDIPFONTCACHEV1.DAT 2007-08-29 18:47 4,727,821 ----a-w C:\Program Files\Setup_0699dx.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-10-23 09:17 68856] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-05-18 12:14 23423528] "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 22:18 443968] "msnmsgr"="~C:\Program Files\MSN Messenger\msnmsgr.exe" [ ] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 15:47 15360] "DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 14:08 136136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Remote Addressing"="wnpcgs.exe" [] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-03-10 18:45 35328] "Tweak UI"="TWEAKUI.CPL" [2003-03-25 06:49 106544 C:\WINDOWS\system32\tweakui.cpl] "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2006-12-27 16:53 73840] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496] "SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [ ] "SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 09:11 1388544] "SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\smax4.exe" [2004-08-06 07:27 860160] "SlowDownCPU"="C:\WINDOWS\INF\MSI\SlowDownCPU\SlowDownCPU.exe" [2005-02-25 03:22 208896] "SaiSmart"="C:\Program Files\Saitek\Software\SaiSmart.exe" [2004-01-28 09:19 98304] "QuickTime Task"="C:\WINDOWS\system32\qttask.exe" [2006-12-05 17:07 77824] "Profiler"="C:\Program Files\Saitek\Software\Profiler.exe" [2004-01-28 09:19 159744] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648] "MMTrayLSI"="MMTrayLSI.exe" [2003-03-25 06:49 53248 C:\WINDOWS\system32\MMTrayLSI.exe] "MMTray2K"="MMTray2k.exe" [2003-03-25 06:49 57344 C:\WINDOWS\system32\MMTray2k.exe] "MMTray"="MMTray.exe" [2003-03-25 06:49 53248 C:\WINDOWS\system32\MMTray.exe] "ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2006-05-16 16:58 213936] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 20:52 49152] "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-17 15:48 110592 C:\WINDOWS\system32\bthprops.cpl] "BigDog303"="C:\WINDOWS\VM303_STI.exe" [2005-10-25 11:56 61440] "ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 18:41 45056] "nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-12-19 15:11 949376] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-17 15:47 15360] "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 22:18 443968] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ddcbxvv] ddcbxvv.dll R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\system32\drivers\sfsync03.sys [2005-12-06 16:11] R3 RushTopDevice;RushTopDevice;C:\WINDOWS\INF\MSI\SlowDownCPU\RushTop.sys [2005-02-22 07:47] R3 SlowDownCPU;SlowDownCPU;C:\WINDOWS\INF\MSI\SlowDownCPU\NTGLM7X.sys [2004-11-01 10:12] R3 ZSMC303;A4 TECH PC Camera H;C:\WINDOWS\system32\Drivers\usbVM303.sys [2005-10-27 07:34] S3 SaiH0109;SaiH0109;C:\WINDOWS\system32\DRIVERS\SaiH0109.sys [2004-01-30 14:19] S3 SaiU0109;SaiU0109;C:\WINDOWS\system32\DRIVERS\SaiU0109.sys [2004-01-30 14:19] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8716cc8a-1cf9-11dc-be2a-0013d33c4480}] \Shell\AutoRun\command - K:\RavMon.exe \Shell\explore\Command - K:\RavMon.exe -e \Shell\open\Command - K:\RavMon.exe . Contents of the 'Scheduled Tasks' folder "2008-01-02 19:11:00 C:\WINDOWS\Tasks\WebReg Deskjet F2100 series.job" - C:\Program Files\HP\Digital Imaging\bin\hpqwrg.exe . ************************************************************************ catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-03 20:00:22 Windows 5.1.2600 Szervizcsomag 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- DLLs Loaded Under Running Processes --------------------- PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.2180] -> C:\Program Files\Eset\pr_imon.dll . Completion time: 2008-01-03 20:02:47 - machine was rebooted [ELI] ComboFix-quarantined-files.txt 2008-01-03 19:02:44 . 2007-12-21 21:54:24 --- E O F --- ComboFix 08-01-03.3 - ELI 2008-01-03 19:53:35.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1038.18.387 [GMT 1:00] Running from: F:\Letőltések\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\avviiypd.dll C:\WINDOWS\system32\ddayw.dll C:\WINDOWS\system32\dhyvwvht.dll C:\WINDOWS\system32\dpyiivva.ini C:\WINDOWS\system32\epoompcn.dll C:\WINDOWS\system32\felrmuio.dll C:\WINDOWS\system32\ghilhfkt.dll C:\WINDOWS\system32\gtfplyun.dll C:\WINDOWS\system32\hpnugren.ini C:\WINDOWS\system32\ieevnbat.dll C:\WINDOWS\system32\isuucjrp.dll C:\WINDOWS\system32\jlnmp.ini C:\WINDOWS\system32\jlnmp.ini2 C:\WINDOWS\system32\lutwnuhs.dll C:\WINDOWS\system32\mcrh.tmp C:\WINDOWS\system32\mrdlopxa.dll C:\WINDOWS\system32\ncpmoope.ini C:\WINDOWS\system32\nucaxnbl.ini C:\WINDOWS\system32\nuylpftg.ini C:\WINDOWS\system32\oqboiyqx.dll C:\WINDOWS\system32\oqhjkaeo.ini C:\WINDOWS\system32\pfdbmgun.dll C:\WINDOWS\system32\pmnlj.dll C:\WINDOWS\system32\svyckmbd.dll C:\WINDOWS\system32\teqcyeji.dll C:\WINDOWS\system32\tibaoyij.dll C:\WINDOWS\system32\tkhwdesm.dll C:\WINDOWS\system32\tsvekemo.dll C:\WINDOWS\system32\vofdwcwh.dll C:\WINDOWS\system32\wdyfjwkt.dll C:\WINDOWS\system32\wmaisxay.dll C:\WINDOWS\system32\wnmfsgdh.dll C:\WINDOWS\system32\yrvoautw.dll C:\WINDOWS\system32\yytikvjh.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\LEGACY_DOMAINSERVICE ((((((((((((((((((((((((( Files Created from 2007-12-03 to 2008-01-03 ))))))))))))))))))))))))))))))) . 2008-01-03 19:47 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe 2008-01-01 22:08 . 2008-01-01 22:08 <DIR> d-------- C:\Documents and Settings\ELI\Application Data\DivX 2008-01-01 22:07 . 2008-01-01 22:07 <DIR> d-------- C:\Documents and Settings\ELI\Application Data\Yahoo! 2008-01-01 22:07 . 2008-01-01 22:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion 2008-01-01 22:06 . 2008-01-01 22:06 <DIR> d-------- C:\Program Files\Yahoo! 2008-01-01 22:06 . 2008-01-01 22:07 <DIR> d-------- C:\Program Files\DivX 2008-01-01 22:06 . 2007-11-29 23:30 129,784 --------- C:\WINDOWS\system32\pxafs.dll 2008-01-01 22:06 . 2007-11-29 23:30 120,056 --------- C:\WINDOWS\system32\pxcpyi64.exe 2008-01-01 22:06 . 2007-11-29 23:30 118,520 --------- C:\WINDOWS\system32\pxinsi64.exe 2007-12-31 12:18 . 2008-01-01 16:40 1,032,219 ---hs---- C:\WINDOWS\system32\iggxwlrm.ini 2007-12-30 11:14 . 2007-12-31 12:12 1,032,039 ---hs---- C:\WINDOWS\system32\lrxjwqsm.ini 2007-12-28 19:54 . 2007-12-30 11:14 1,031,799 ---hs---- C:\WINDOWS\system32\usjfkbre.ini 2007-12-28 18:38 . 2007-12-28 18:38 1,409 --a------ C:\WINDOWS\system32\tmp47704.FOT 2007-12-27 19:49 . 2007-12-28 19:50 1,031,499 ---hs---- C:\WINDOWS\system32\qivbqcnn.ini 2007-12-26 19:54 . 2007-12-27 12:20 1,027,983 ---hs---- C:\WINDOWS\system32\ssjyfoqv.ini 2007-12-19 17:01 . 2008-01-01 23:07 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe 2007-12-19 17:01 . 2008-01-01 23:07 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys 2007-12-19 17:00 . 2008-01-01 23:07 103,736 --a------ C:\WINDOWS\system32\PnkBstrB.exe 2007-12-19 16:46 . 2007-05-16 16:45 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll 2007-12-19 16:46 . 2007-03-12 16:42 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll 2007-12-19 16:46 . 2007-05-16 16:45 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll 2007-12-19 16:46 . 2007-03-12 16:42 1,123,696 --a------ C:\WINDOWS\system32\D3DCompiler_33.dll 2007-12-19 16:46 . 2007-05-16 16:45 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll 2007-12-19 16:46 . 2007-03-15 16:57 443,752 --a------ C:\WINDOWS\system32\d3dx10_33.dll 2007-12-19 16:46 . 2007-06-20 20:46 266,088 --a------ C:\WINDOWS\system32\xactengine2_8.dll 2007-12-19 16:46 . 2007-04-04 18:55 261,480 --a------ C:\WINDOWS\system32\xactengine2_7.dll 2007-12-19 16:46 . 2007-01-24 15:27 255,848 --a------ C:\WINDOWS\system32\xactengine2_6.dll 2007-12-19 16:46 . 2007-06-20 20:45 18,280 --a------ C:\WINDOWS\system32\x3daudio1_2.dll 2007-12-19 16:28 . 2007-12-19 16:29 <DIR> d-------- C:\Documents and Settings\ELI\Application Data\DAEMON Tools Pro 2007-12-19 16:28 . 2007-12-19 16:28 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro 2007-12-19 16:23 . 2007-12-19 16:30 <DIR> d-------- C:\Program Files\DAEMON Tools Pro 2007-12-19 16:16 . 2007-12-19 16:16 685,816 --a------ C:\WINDOWS\system32\drivers\sptd.sys 2007-12-19 15:37 . 2007-12-19 15:37 <DIR> d-------- C:\Documents and Settings\ELI\Application Data\PCToolsSpamMonitorPlus 2007-12-19 15:37 . 2007-12-19 15:37 <DIR> d-------- C:\Documents and Settings\ELI\Application Data\PCToolsFirewallPlus 2007-12-19 15:35 . 2007-12-19 15:51 <DIR> d-------- C:\Program Files\PC Tools Internet Security 2007-12-19 15:20 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe 2007-12-19 15:20 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx 2007-12-19 15:20 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr 2007-12-19 15:20 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2007-12-19 15:20 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2007-12-19 15:20 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2007-12-19 15:20 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2007-12-19 15:20 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2007-12-19 15:12 . 2007-12-19 15:12 0 --a------ C:\WINDOWS\system32\mapisvc.inf 2007-12-19 15:11 . 2007-12-19 15:11 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys 2007-12-19 15:11 . 2007-12-19 15:11 298,104 --a------ C:\WINDOWS\system32\imon.dll 2007-12-19 15:11 . 2007-12-19 15:11 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys 2007-12-19 15:03 . 2007-12-19 15:03 <DIR> d-------- C:\Documents and Settings\ELI\Application Data\URSoft 2007-12-19 15:02 . 2007-12-19 15:07 <DIR> d-------- C:\Program Files\Your Uninstaller 2008 2007-12-17 20:45 . 2007-07-01 04:31 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat 2007-12-17 20:45 . 2007-07-01 04:36 1,028,096 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui 2007-12-17 20:44 . 2007-12-17 20:45 <DIR> d-------- C:\WINDOWS\system32\hu-hu 2007-12-17 20:39 . 2007-10-11 00:53 6,065,664 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll 2007-12-17 20:39 . 2007-10-11 00:53 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll 2007-12-17 20:39 . 2007-10-11 00:53 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll 2007-12-17 20:39 . 2007-10-11 00:53 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll 2007-12-17 20:39 . 2007-10-11 00:53 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll 2007-12-17 20:39 . 2007-10-11 00:53 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2007-12-17 20:39 . 2007-10-10 11:59 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe 2007-12-17 20:38 . 2007-08-13 18:54 33,792 --a--c--- C:\WINDOWS\system32\dllcache\custsat.dll 2007-12-12 18:58 . 2007-12-12 18:58 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\sentinel 2007-12-12 18:53 . 2007-12-26 22:51 <DIR> d-------- C:\Program Files\Common Files\Panda Software 2007-12-09 19:20 . 2007-12-09 19:20 <DIR> d-------- C:\Program Files\Ashampoo 2007-12-09 18:56 . 2007-12-09 18:56 <DIR> d-------- C:\Documents and Settings\ELI\Application Data\Thinstall 2007-12-09 18:55 . 2007-12-09 18:55 <DIR> d-------- C:\Program Files\Ashampoo AntiSpyWare 2.01 [ Portable by seven ] 2007-12-09 18:34 . 2007-12-09 18:34 <DIR> d-------- C:\Program Files\Alwil Software 2007-12-09 18:26 . 2007-12-09 18:26 <DIR> d-------- C:\Documents and Settings\ELI\Application Data\Spyware Terminator 2007-12-09 18:26 . 2007-12-09 18:26 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator 2007-12-04 18:17 . 2007-12-27 12:31 963 --a------ C:\WINDOWS\disney.ini 2007-12-04 18:17 . 2007-12-27 12:28 206 --a------ C:\WINDOWS\disneysy.ini 2007-12-04 02:33 . 2007-12-04 02:33 823,296 --a------ C:\WINDOWS\system32\divx_xx0c.dll 2007-12-04 02:33 . 2007-12-04 02:33 823,296 --a------ C:\WINDOWS\system32\divx_xx07.dll 2007-12-04 02:33 . 2007-12-04 02:33 802,816 --a------ C:\WINDOWS\system32\divx_xx11.dll 2007-12-04 02:33 . 2007-12-04 02:33 630,784 --a------ C:\WINDOWS\system32\divxdec.ax . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-01-03 18:44 --------- d-----w C:\Documents and Settings\ELI\Application Data\Skype 2008-01-02 15:01 --------- d-----w C:\Documents and Settings\ELI\Application Data\LimeWire 2007-12-31 18:45 --------- d-----w C:\Documents and Settings\ELI\Application Data\uTorrent 2007-12-31 16:16 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2007-12-29 14:01 --------- d-----w C:\Documents and Settings\ELI\Application Data\Image Zone Express 2007-12-28 12:34 --------- d-----w C:\Documents and Settings\ELI\Application Data\Wildfire 2007-12-27 11:31 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-12-23 11:32 --------- d-----w C:\Program Files\Opera 2007-12-22 21:49 --------- d-----w C:\Documents and Settings\ELI\Application Data\Azureus 2007-12-21 09:06 --------- d-----w C:\Program Files\ACE Mega CoDecS Pack 2007-12-19 15:24 --------- d-----w C:\Program Files\D-Tools 2007-11-29 22:30 43,528 ------w C:\WINDOWS\system32\drivers\pxhelp20.sys 2007-11-24 08:32 --------- d-----w C:\Program Files\Java 2007-11-20 17:22 --------- d-----w C:\Program Files\Picasa2 2007-11-19 12:17 --------- d-----w C:\Program Files\Windows Media Connect 2 2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys 2007-10-21 19:23 21,472 ----a-w C:\Documents and Settings\ELI\Application Data\GDIPFONTCACHEV1.DAT 2007-08-29 18:47 4,727,821 ----a-w C:\Program Files\Setup_0699dx.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-10-23 09:17 68856] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-05-18 12:14 23423528] "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 22:18 443968] "msnmsgr"="~C:\Program Files\MSN Messenger\msnmsgr.exe" [ ] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 15:47 15360] "DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 14:08 136136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Remote Addressing"="wnpcgs.exe" [] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-03-10 18:45 35328] "Tweak UI"="TWEAKUI.CPL" [2003-03-25 06:49 106544 C:\WINDOWS\system32\tweakui.cpl] "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2006-12-27 16:53 73840] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496] "SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [ ] "SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 09:11 1388544] "SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\smax4.exe" [2004-08-06 07:27 860160] "SlowDownCPU"="C:\WINDOWS\INF\MSI\SlowDownCPU\SlowDownCPU.exe" [2005-02-25 03:22 208896] "SaiSmart"="C:\Program Files\Saitek\Software\SaiSmart.exe" [2004-01-28 09:19 98304] "QuickTime Task"="C:\WINDOWS\system32\qttask.exe" [2006-12-05 17:07 77824] "Profiler"="C:\Program Files\Saitek\Software\Profiler.exe" [2004-01-28 09:19 159744] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648] "MMTrayLSI"="MMTrayLSI.exe" [2003-03-25 06:49 53248 C:\WINDOWS\system32\MMTrayLSI.exe] "MMTray2K"="MMTray2k.exe" [2003-03-25 06:49 57344 C:\WINDOWS\system32\MMTray2k.exe] "MMTray"="MMTray.exe" [2003-03-25 06:49 53248 C:\WINDOWS\system32\MMTray.exe] "ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2006-05-16 16:58 213936] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 20:52 49152] "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-17 15:48 110592 C:\WINDOWS\system32\bthprops.cpl] "BigDog303"="C:\WINDOWS\VM303_STI.exe" [2005-10-25 11:56 61440] "ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 18:41 45056] "nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-12-19 15:11 949376] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-17 15:47 15360] "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 22:18 443968] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ddcbxvv] ddcbxvv.dll R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\system32\drivers\sfsync03.sys [2005-12-06 16:11] R3 RushTopDevice;RushTopDevice;C:\WINDOWS\INF\MSI\SlowDownCPU\RushTop.sys [2005-02-22 07:47] R3 SlowDownCPU;SlowDownCPU;C:\WINDOWS\INF\MSI\SlowDownCPU\NTGLM7X.sys [2004-11-01 10:12] R3 ZSMC303;A4 TECH PC Camera H;C:\WINDOWS\system32\Drivers\usbVM303.sys [2005-10-27 07:34] S3 SaiH0109;SaiH0109;C:\WINDOWS\system32\DRIVERS\SaiH0109.sys [2004-01-30 14:19] S3 SaiU0109;SaiU0109;C:\WINDOWS\system32\DRIVERS\SaiU0109.sys [2004-01-30 14:19] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8716cc8a-1cf9-11dc-be2a-0013d33c4480}] \Shell\AutoRun\command - K:\RavMon.exe \Shell\explore\Command - K:\RavMon.exe -e \Shell\open\Command - K:\RavMon.exe . Contents of the 'Scheduled Tasks' folder "2008-01-02 19:11:00 C:\WINDOWS\Tasks\WebReg Deskjet F2100 series.job" - C:\Program Files\HP\Digital Imaging\bin\hpqwrg.exe . ************************************************************************ catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-03 20:00:22 Windows 5.1.2600 Szervizcsomag 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- DLLs Loaded Under Running Processes --------------------- PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.2180] -> C:\Program Files\Eset\pr_imon.dll . Completion time: 2008-01-03 20:02:47 - machine was rebooted [ELI] ComboFix-quarantined-files.txt 2008-01-03 19:02:44 . 2007-12-21 21:54:24 --- E O F ---
csüt. jan. 03, 2008 20:08

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	ok Szia. Van benne egypar troja. letoltod eztt a progitt-a kepernyore teszed.-Futatod ha kerdez valamitt kivaklasztod az 1-lehetosegett-a scan ojan 10-percig tart.A scen allatt seminek se szabad kinyitva lenie-bongeszok-programok. Nemszabad sehova se klikelni csak ulni es nezni.A gep restartol es csinal C:\combofix.Txt.-szinten ide teszed.ES uj Hijack logott is. http://download.bleepingcomputer.com/sUBs/ComboFix.exe
csüt. jan. 03, 2008 19:37

Vica77 vas-tag Csatlakozott: csüt. jan. 03, 2008 19:08 Hozzászólások: 7	Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:16:23, on 2008.01.03. Platform: Windows XP Szervizcsomag 2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ATKKBService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Analog Devices\SoundMAX\smax4.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\INF\MSI\SlowDownCPU\SlowDownCPU.exe C:\Program Files\Saitek\Software\SaiSmart.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\qttask.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Saitek\Software\Profiler.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\MMTrayLSI.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\MMTray2k.exe C:\WINDOWS\system32\MMTray.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\VM303_STI.EXE C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DAEMON Tools Pro\DTProAgent.exe C:\Program Files\EnhanceKeyboard\kb_2k.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\MultiKeyboard Driver\KbdDrv.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Alwil Software\Avast4\ashSimpl.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Mozilla Firefox\firefox.exe D:\hijack\HijackThis.exe C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\agent.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startlap.hu/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hivatkozások R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) R3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file) R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Windows Remote Addressing] wnpcgs.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray O4 - HKLM\..\Run: [SlowDownCPU] C:\WINDOWS\INF\MSI\SlowDownCPU\SlowDownCPU.exe O4 - HKLM\..\Run: [SaiSmart] C:\Program Files\Saitek\Software\SaiSmart.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime O4 - HKLM\..\Run: [Profiler] C:\Program Files\Saitek\Software\Profiler.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [MMTrayLSI] MMTrayLSI.exe O4 - HKLM\..\Run: [MMTray2K] MMTray2k.exe O4 - HKLM\..\Run: [MMTray] MMTray.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH) O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [989cd490] rundll32.exe "C:\WINDOWS\system32\avviiypd.dll",b O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'HELYI SZOLGÁLTATÁS') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'HÁLÓZATI SZOLGÁLTATÁS') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: MutiKeyboard Driver.lnk = C:\Program Files\MultiKeyboard Driver\KbdDrv.exe O4 - Startup: My Little Pony Registration.lnk = H:\ATR1.EXE O4 - Global Startup: Adobe Reader gyorsindító.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: enhanced keyboard driver.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: E&xportálás Microsoft Excel formátumba - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{B69E35E0-FD12-4CF6-9104-49499F4593AB}: NameServer = 212.24.164.1 212.24.160.1 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 10201 bytes Szia stell,pepy haverja vok,vica77 en vagyok bejelentkezve.nézd már meg légyszi hogy milyen állapotu a gépem?kösz
csüt. jan. 03, 2008 19:21

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	Rendben van,nekem is egy kicsit fajnak a szemeim,mert regeltoll egy csunya orosz Trojat gyilkolok es mindig ujra eled.Ez uj fajta eltunik es ujra jelenkezik.A fegyverek elcsorbultak,de mar kigondoltam valamitt.Majd holnap kiirtom a gyereknek.Most csak ojan piheno kontrola mint nektek kell.
csüt. jan. 03, 2008 17:35

pepy ezüst tag Csatlakozott: kedd jan. 01, 2008 20:13 Hozzászólások: 72	köszi stell,haza megy és küld egyet. szép napot. nekem minden ok.
csüt. jan. 03, 2008 17:29

stell a fórum lelke Csatlakozott: vas. jún. 24, 2007 10:18 Hozzászólások: 6679 Tartózkodási hely: Revuca.S.k>>Szlovákia, nem tudok jól magyarul írni, ezért ilyen amit látsz,	ok SZIA-pepy: Nyugottan tegyetek ide es irjatok le ha van e valami gond a PC-vel.
csüt. jan. 03, 2008 17:23

pepy ezüst tag Csatlakozott: kedd jan. 01, 2008 20:13 Hozzászólások: 72	szia stell. egyik jó barátomnak is volt trójaia megnéznél-e neki egy hijack -logot?
csüt. jan. 03, 2008 17:17

TargeT a fórum lelke Csatlakozott: szer. márc. 24, 2004 13:43 Hozzászólások: 6712	A privátot majd privátba küldöm. De ha már úgyis annyit ghostolsz, tényleg próbáld ki a NOD32-t. A WinFaxPro meg visszatelepíthető gondolom, ha levitte az eltávolító. Noha az nincs a pusztítottak közt felsorolva, csak NAV, NIS, AntiSpam, Ghost, SytemWorks, 360, ilyesmi. Nem akarlak zrikálni, illetve jóértelemben dehogyem. Tudjuk, hogy vonzódsz a régebbi megszokott dolgokhoz, de a mai világban már egy NAV 2004 az tényleg kuka.
csüt. jan. 03, 2008 15:33

Laci_L a fórum lelke Csatlakozott: szer. márc. 24, 2004 13:43 Hozzászólások: 11960 Tartózkodási hely: Budapest, Solymár	TargeT Idézet: Na most akkor neked melyik van? NAV 2004 Idézet: nen annyira vészes a helyzet, hogy pont egy ilyen vírusba keveredjek pont én az adott netezési szokásaimmal Evvel én is így vagyok Idézet: Azért az egy hetes reakciót már mégis karcsúnak tartom. Pedig így van a 2004-nél Idézet: A 2008 az pedig már valóban észrevehetően, jelentősen, Nortonhoz képest üdítően gyorsult. Felrakom, de előbb Ghostolok. Idézet: próbáld ki a NOD32-t. Sokaknál láttam. Valahogy megszoktam ezt a NAV nevű "sz*art". Idézet: Meg fogsz lepődni, mennyivel gyorsul a géped. Észreveszem nagyobb anyagok másolásánál Idézet: Norton Removal Toolod gondolom van. Persze. De van WinFax-om is (ami tényleg jó), és akkor az is repül (valószínüleg). Majd kitalálok valamit. Idézet: Csak neked. Köszi, de ez már privát.
csüt. jan. 03, 2008 15:10

TargeT a fórum lelke Csatlakozott: szer. márc. 24, 2004 13:43 Hozzászólások: 6712	Na most akkor neked melyik van? Valahol azt írták, hogy a Symantec az új vírusok jelentkezése után valami 9 órával ad ki frissítést, míg van aki már fél órával. (Nem biztos persze, hogy az a vírusirtó amúgy feltétlen "jobb".) De azért szerintem nen annyira vészes a helyzet, hogy pont egy ilyen vírusba keveredjek pont én az adott netezési szokásaimmal. Hacsak nem valami féregszerűség, de akkor meg op. rendszer biztonsági rés probléma inkább. Azért az egy hetes reakciót már mégis karcsúnak tartom. Ha már Norton, a 2007 még tényleg visszafogta a gépet, bár javulást ígértek. A 2008 az pedig már valóban észrevehetően, jelentősen, Nortonhoz képest üdítően gyorsult. Hacsak azt nem vesszük, ha ilyemire gondoltál, hogy "átveszi a hatalmat", ahogy toolbart pakol az Explorerbe, Firefoxba. Bár lehet némi haszna a mesterjelszavas automatikus bejelentkezésnek egyes weboldalaknál. A phising őrülettől viszont én magam nem tartok, az a rész nekem inkább zavaró. Tehát két javaslatom lenne. Nyugodtan térj át a 2008-ra, ha Nortonhoz ragaszkodsz, vagy méginkább próbáld ki a NOD32-t. 3.0.621 a legújabb verzió most. Inkább küldök neked hozzá kódot. Csak neked. (Bár vannak egyéb updateres megoldások is. Nemigen próbáltam.) Meg fogsz lepődni, mennyivel gyorsul a géped. Norton Removal Toolod gondolom van.
csüt. jan. 03, 2008 14:49
Hozzászólások megjelenítése: Rendezés

Oldal: 22 / 24

[ 1193 hozzászólás ]

Oldal Előző 1 ... 19, 20, 21, 22, 23, 24 Következő

Ki van itt

Jelenlévő fórumozók: nincs regisztrált felhasználó valamint 4 vendég

Nem nyithatsz témákat ebben a fórumban.
Nem válaszolhatsz egy témára ebben a fórumban.
Nem szerkesztheted a hozzászólásaidat ebben a fórumban.
Nem törölheted a hozzászólásaidat ebben a fórumban.

Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group.
Designed by ST Software for PTF.
Magyar fordítás © Magyar phpBB Közösség