Download | Programy

prosim o kontrolu logu s hijackthis

Problematika virů a antivirů, zabezpečení PC, firewall, spyware, kontrola logu, hesla, webové prohlížeče

Moderátoři: mozek007, Ryan, Moderátoři

Anonymous2
Uživatel
Uživatel
Příspěvky: 2203
Registrován: sob úno 09, 2008 19:23

prosim o kontrolu logu s hijackthis

Příspěvek od Anonymous2 »

cc kluci nedavno sem stahl jakej si ee soubor rozklikl ho a on se vyparil hned me bylo jasny ze to je vir...no a od te doby to dela probelmy uz sem jich nekolik vylewcil a kdovi co este ale myslim si ze ten smejd je este tady D: tady posilam loga:



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:47:35, on 4.8.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\QIP\qip.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/?from=icqhp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll
O2 - BHO: (no name) - {6EB35830-8222-4990-A484-D21FEDD4B033} - C:\WINDOWS\system32\fccaAqon.dll (file missing)
O2 - BHO: (no name) - {777FBD77-1D4E-4953-99E2-4D6C69D3D1Db} - C:\WINDOWS\system32\ddkfitmh.dll
O2 - BHO: (no name) - {D76DE2CA-892C-4970-8984-9166B8E5F317} - (no file)
O2 - BHO: (no name) - {F0A3F0C7-EAD4-450B-8476-890773DE17C8} - C:\WINDOWS\system32\mlJDuuTM.dll (file missing)
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [c08b132d] rundll32.exe "C:\WINDOWS\system32\mivppgsy.dll",b
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Bitcomet Ultra Accelerator.lnk = C:\Program Files\Bitcomet Ultra Accelerator\BitComet Ultra Accelerator.exe
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{1C27315E-0282-496A-A328-C4F4C14A31E7}: NameServer = 10.0.0.1,82.119.243.5
O17 - HKLM\System\CCS\Services\Tcpip\..\{D2E968C3-5DAF-4B69-88D0-D5A418C48C62}: NameServer = 10.0.0.1,82.119.243.5
O17 - HKLM\System\CS1\Services\Tcpip\..\{1C27315E-0282-496A-A328-C4F4C14A31E7}: NameServer = 10.0.0.1,82.119.243.5
O17 - HKLM\System\CS2\Services\Tcpip\..\{1C27315E-0282-496A-A328-C4F4C14A31E7}: NameServer = 10.0.0.1,82.119.243.5
O17 - HKLM\System\CS3\Services\Tcpip\..\{1C27315E-0282-496A-A328-C4F4C14A31E7}: NameServer = 10.0.0.1,82.119.243.5
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: fccaAqon - fccaAqon.dll (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 5243 bytes


jo a nekukejte me na antivir je to sracka vim...ale nic zdarma sem nenasel...kdyztak pisnete co je lepsi ..zadaco a co zere mene pameti..bo jak bych to rekl mene zpomaluje pc :D ;) ;)
Ryan
Čestný člen
Příspěvky: 316
Registrován: sob dub 21, 2007 11:05
Bydliště: tam kde je přístup k netu:-) / Českomoravská Vysočina
Kontaktovat uživatele:

Re: prosim o kontrolu logu s hijackthis

Příspěvek od Ryan »

stahnete a ulozte nejlepe na plochu ComboFix

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano:

Obrázek

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware


po restartu aplikace vytvori log, ulozeny na C:/Combofix.txt (pri opakovanem pouziti jsou logy oznaceny Combofix2.txt atd.), jeho obsah vlozte sem
Anonymous2
Uživatel
Uživatel
Příspěvky: 2203
Registrován: sob úno 09, 2008 19:23

Re: prosim o kontrolu logu s hijackthis

Příspěvek od Anonymous2 »

ComboFix 08-08-08.02 - alisek 2008-08-09 12:37:05.2 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1029.18.548 [GMT 2:00]
Running from: C:\Documents and Settings\alisek\Plocha\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\WINDOWS\BMc3b820b1.txt
C:\WINDOWS\BMc3b820b1.xml
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\arbumcmj.ini
C:\WINDOWS\system32\ddkfitmh.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\MTuuDJlm.ini
C:\WINDOWS\system32\MTuuDJlm.ini2
C:\WINDOWS\system32\oerqrpnl.dll
C:\WINDOWS\system32\rjacdcoo.dll
C:\WINDOWS\system32\shdhnfrc.ini
C:\WINDOWS\system32\ucufrupx.dll
C:\WINDOWS\system32\ysgppvim.ini

.
((((((((((((((((((((((((( Files Created from 2008-07-09 to 2008-08-09 )))))))))))))))))))))))))))))))
.

2008-08-06 00:03 . 2008-08-06 00:29 <DIR> d-------- C:\Program Files\3ivx
2008-08-05 19:35 . 2008-08-05 20:11 <DIR> d-------- C:\Documents and Settings\alisek\Data aplikací\gtk-2.0
2008-08-05 19:35 . 2008-08-05 19:38 <DIR> d-------- C:\Documents and Settings\alisek\Data aplikací\avidemux
2008-08-05 17:55 . 2008-08-06 00:23 <DIR> d-------- C:\Program Files\Movie Joiner
2008-08-05 17:48 . 2008-08-05 17:53 <DIR> d-------- C:\Program Files\Fx Joiner
2008-08-05 17:48 . 2004-03-08 23:00 662,288 --a------ C:\WINDOWS\system32\MSComCt2.ocx
2008-08-05 17:48 . 2006-01-29 22:05 86,016 --a------ C:\WINDOWS\system32\FxB11Ax1.ocx
2008-08-03 19:14 . 2008-08-03 19:14 141 --a------ C:\WINDOWS\wininit.ini
2008-08-03 16:27 . 2008-08-03 16:27 <DIR> d-------- C:\Program Files\Trend Micro
2008-08-03 16:24 . 2008-08-03 23:19 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2008-08-02 20:18 . 2008-08-03 16:20 1,487,872 --a------ C:\WINDOWS\system32\rmdjpntr.ini.ren
2008-08-02 20:10 . 2008-08-02 20:12 <DIR> d-------- C:\Program Files\Nová složka
2008-08-01 14:48 . 2008-08-05 12:41 <DIR> dr-h----- C:\$VAULT$.AVG
2008-08-01 14:14 . 2008-08-03 16:56 34,056 --ahs---- C:\WINDOWS\system32\TtDffMoq.ini2.ren
2008-08-01 14:14 . 2008-08-03 16:58 34,056 --ahs---- C:\WINDOWS\system32\TtDffMoq.ini.ren
2008-07-29 10:52 . 2008-08-09 12:31 <DIR> d-------- C:\Program Files\Steam
2008-07-24 14:23 . 2008-07-24 14:23 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\nView_Profiles
2008-07-18 00:18 . 2008-03-28 19:03 120,568 --a------ C:\WINDOWS\system32\pxcpyi64.exe
2008-07-18 00:18 . 2008-03-28 19:03 118,256 --a------ C:\WINDOWS\system32\pxinsi64.exe
2008-07-15 08:30 . 2008-07-16 23:30 <DIR> d-------- C:\Documents and Settings\alisek\Data aplikací\Hamachi
2008-07-15 08:28 . 2008-07-15 08:30 <DIR> d-------- C:\Program Files\Hamachi
2008-07-15 08:28 . 2008-07-15 08:28 25,280 --a------ C:\WINDOWS\system32\drivers\hamachi.sys
2008-07-14 23:01 . 2008-07-16 21:40 <DIR> d-------- C:\Documents and Settings\alisek\Data aplikací\My Battle for Middle-earth Files
2008-07-14 19:47 . 2008-07-14 20:05 <DIR> d-------- C:\Program Files\Common Files\EasyInfo
2008-07-13 19:49 . 2008-07-13 19:52 <DIR> d-------- C:\Documents and Settings\alisek\Data aplikací\ICQ
2008-07-12 17:49 . 2008-07-12 17:56 <DIR> d-------- C:\Program Files\Winamp
2008-07-12 17:49 . 2008-07-12 17:53 <DIR> d-------- C:\Documents and Settings\alisek\Data aplikací\Winamp
2008-07-12 17:45 . 2008-07-12 17:45 <DIR> d-------- C:\Documents and Settings\alisek\Data aplikací\Apple Computer
2008-07-12 17:41 . 2008-07-12 17:41 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Apple
2008-07-12 00:58 . 2008-07-22 19:50 <DIR> d-------- C:\Program Files\MediaMonkey
2008-07-10 11:37 . 2008-07-10 11:37 <DIR> d-------- C:\Documents and Settings\alisek\Data aplikací\ICQ Toolbar
2008-07-09 23:56 . 2008-07-09 23:56 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\ICQ

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-08 16:30 --------- d-----w C:\Documents and Settings\alisek\Data aplikací\AVG7
2008-08-06 21:15 --------- d-----w C:\Documents and Settings\alisek\Data aplikací\Skype
2008-08-03 15:02 --------- d---a-w C:\Documents and Settings\All Users\Data aplikací\TEMP
2008-08-02 16:56 --------- d-----w C:\Program Files\QIP
2008-08-01 14:36 --------- d-----w C:\Program Files\BitComet
2008-07-09 21:57 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-08 12:35 --------- d-----w C:\Program Files\Mv2Player
2008-07-05 15:18 --------- d-----w C:\Program Files\Bitcomet Ultra Accelerator
2008-07-05 14:13 2,560 ----a-w C:\WINDOWS\system32\bitcometres.dll
2008-06-30 21:59 --------- d-----w C:\Documents and Settings\alisek\Data aplikací\PC Suite
2008-06-30 21:34 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-06-28 12:55 --------- d-----w C:\Documents and Settings\alisek\Data aplikací\Zoner
2008-06-28 12:35 --------- d-----w C:\Documents and Settings\alisek\Data aplikací\DonationCoder
2008-06-21 19:47 --------- d-----w C:\Program Files\Common Files\Adobe
2008-06-21 17:59 --------- d-----w C:\Program Files\Common Files\Vbox
2008-06-19 14:24 --------- d-----w C:\Program Files\Teamspeak2_RC2
2008-06-19 14:24 --------- d-----w C:\Documents and Settings\alisek\Data aplikací\teamspeak2
2008-06-15 14:11 --------- d-----w C:\Program Files\ACE Mega CoDecS Pack
2008-05-31 17:31 108,144 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-05-26 12:49 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2008-05-26 12:49 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2008-05-26 11:50 472,576 ----a-w C:\WINDOWS\Nvidia Omega Drivers v2.169.21 Uninstall.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files\steam\steam.exe" [2008-08-01 14:06 1271032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-06-28 09:19 580096]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 12:22 7700480]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-22 12:22 86016]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-07-09 16:16 36352]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 15:28 577536 C:\WINDOWS\soundman.exe]
"nwiz"="nwiz.exe" [2006-10-22 12:22 1622016 C:\WINDOWS\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-17 15:49 15360]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-05-26 14:48 219136]

C:\Documents and Settings\alisek\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bitcomet Ultra Accelerator.lnk - C:\Program Files\Bitcomet Ultra Accelerator\BitComet Ultra Accelerator.exe [2006-09-09 18:52:16 425984]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.sl_anet"= C:\PROGRA~1\ACEMEG~1\SystemS\sl_anet.acm
"vidc.yv12"= C:\PROGRA~1\ACEMEG~1\SystemS\ATI\atiyuv12.DLL
"msacm.msaudio1"= C:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\msaud32.acm

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"=
"C:\\Program Files\\QIP\\qip.exe"=
"C:\\Program Files\\BitComet\\BitComet.exe"=
"C:\\Program Files\\Hamachi\\hamachi.exe"=
"C:\\Program Files\\Steam\\steamapps\\skidomyl\\counter-strike\\hl.exe"=
"C:\\Program Files\\Nová složka\\Counter-Strike 1.6\\cstrike.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"10404:TCP"= 10404:TCP:BitComet 10404 TCP
"10404:UDP"= 10404:UDP:BitComet 10404 UDP

R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-03 23:04]
.
- - - - ORPHANS REMOVED - - - -

BHO-{6EB35830-8222-4990-A484-D21FEDD4B033} - C:\WINDOWS\system32\fccaAqon.dll
BHO-{F0A3F0C7-EAD4-450B-8476-890773DE17C8} - C:\WINDOWS\system32\mlJDuuTM.dll
HKLM-Run-c08b132d - C:\WINDOWS\system32\mivppgsy.dll
HKLM-Run-TrojanScanner - C:\Program Files\Trojan Remover\Trjscan.exe
ShellExecuteHooks-{6EB35830-8222-4990-A484-D21FEDD4B033} - C:\WINDOWS\system32\fccaAqon.dll
Notify-fccaAqon - fccaAqon.dll


.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\alisek\Data aplikací\Mozilla\Firefox\Profiles\swwfiz7f.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.cz
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npclntax_ZangoSA.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\NPMySrch.dll


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-09 12:39:06
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-08-09 12:40:50
ComboFix-quarantined-files.txt 2008-08-09 10:40:48

Pre-Run: 6,988,374,016
Post-Run: 6,977,617,920

154 --- E O F --- 2008-05-26 13:47:02
Anonymous2
Uživatel
Uživatel
Příspěvky: 2203
Registrován: sob úno 09, 2008 19:23

Re: prosim o kontrolu logu s hijackthis

Příspěvek od Anonymous2 »

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:18:15, on 10.8.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\pavsrv51.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\AVENGINE.EXE
C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe
c:\program files\panda security\panda internet security 2008\firewall\PSHOST.EXE
C:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Warecentral\PrintKey-Pro\PKey_Pro.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\SRVLOAD.EXE
C:\Program Files\Panda Security\Panda Internet Security 2008\WebProxy.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\PavBckPT.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\psimreal.exe
C:\Documents and Settings\Matej\Plocha\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Security\Panda Internet Security 2008\Inicio.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: PrintKey-Pro.lnk = C:\Program Files\Warecentral\PrintKey-Pro\PKey_Pro.exe
O4 - Global Startup: Rychlé spuštění aplikace HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\pavsrv51.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe
O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda security\panda internet security 2008\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

--
End of file - 6001 bytes
Ryan
Čestný člen
Příspěvky: 316
Registrován: sob dub 21, 2007 11:05
Bydliště: tam kde je přístup k netu:-) / Českomoravská Vysočina
Kontaktovat uživatele:

Re: prosim o kontrolu logu s hijackthis

Příspěvek od Ryan »

alexik: Jak se teď vaše PC chová?
Ryan
Čestný člen
Příspěvky: 316
Registrován: sob dub 21, 2007 11:05
Bydliště: tam kde je přístup k netu:-) / Českomoravská Vysočina
Kontaktovat uživatele:

Re: prosim o kontrolu logu s hijackthis

Příspěvek od Ryan »

milop: váš log je OK
Anonymous2
Uživatel
Uživatel
Příspěvky: 2203
Registrován: sob úno 09, 2008 19:23

Re: prosim o kontrolu logu s hijackthis

Příspěvek od Anonymous2 »

nfm co melo by to bejt ok?vcera sem mel chybu nechtel me najet pc me to psalo ze chybi systemovej soubor 32 cosik a nechtel se rozjet dokud sem tam nedal xpecka a ted uz to jde ...ufidim no kdyztak sem este pisnu
Ryan
Čestný člen
Příspěvky: 316
Registrován: sob dub 21, 2007 11:05
Bydliště: tam kde je přístup k netu:-) / Českomoravská Vysočina
Kontaktovat uživatele:

Re: prosim o kontrolu logu s hijackthis

Příspěvek od Ryan »

alexik píše:nfm co melo by to bejt ok?vcera sem mel chybu nechtel me najet pc me to psalo ze chybi systemovej soubor 32 cosik a nechtel se rozjet dokud sem tam nedal xpecka a ted uz to jde ...ufidim no kdyztak sem este pisnu
sledujte to a kdyžtak se ozvěte. nákaza by ovšem měla být pryč.
Odpovědět