viiiiruuus!!!! - HJT-loki

Discussion in 'Virukset ja haittaohjelmat' started by pongi, Jan 28, 2006.

  1. pongi

    pongi Regular member

    Joined:
    Apr 12, 2005
    Messages:
    189
    Likes Received:
    0
    Trophy Points:
    26
    Moi!Awast ja Ewido huuta mun pojan konessa,että virus!!!,mutta ei kumpikaan osa poistaa.Olisiko joku viisas niin ystävällinen,ja katsoisko,että voiski jotenkin fixata!?Kiitos!
    Edit: Widows on unkarinkielinen1
    Tässä olis loki
    Logfile of HijackThis v1.99.1
    Scan saved at 13:12:23, on 2006.01.28.
    Platform: Windows XP Szervizcsomag 2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    E:\smc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\ABIT\ABITEQ\abiteq.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    E:\DC__~1\ashDisp.exe
    C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
    E:\dc++\aswUpdSv.exe
    E:\dc++\ashServ.exe
    E:\bin\btwdins.exe
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\Program Files\ewido anti-malware\ewidoguard.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\WINDOWS\vsnpstd.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
    C:\WINDOWS\system32\ctfmon.exe
    c:\progra~1\intern~1\iexplore.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    E:\!Games!\Steam.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
    C:\Program Files\Skype\Phone\Skype.exe
    E:\dc++\ashMaiSv.exe
    E:\BTTray.exe
    E:\dc++\ashWebSv.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Documents and Settings\Rendszergazda\Dokumentumok\My Skype Received Files\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mmabrvommf.biz/69abYPaQczDYdLXAY7bA25HNkfN3FtmX4GUrMCXk/hjTp9ZhhNk2ZaEFcZYgu0V/.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.port.hu/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hivatkozások
    R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {5173B2C0-A14D-B344-A52D-E0EEA81B9C9F} - C:\DOCUME~1\RENDSZ~1\APPLIC~1\BOWSSE~1\pop error.exe
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [ABITEQ] C:\Program Files\ABIT\ABITEQ\abiteq.exe -M
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
    O4 - HKLM\..\Run: [EZEMO] C:\Program Files\EZ Emoticons\EZ.exe
    O4 - HKLM\..\Run: [avast!] E:\DC__~1\ashDisp.exe
    O4 - HKLM\..\Run: [SmcService] E:\smc.exe -startgui
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
    O4 - HKLM\..\Run: [Trans lite chin obj] C:\Documents and Settings\All Users\Application Data\anti up trans lite\Cool Hide.exe
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Axis drv] C:\DOCUME~1\RENDSZ~1\APPLIC~1\STOPPI~1\filmdrive.exe
    O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
    O4 - HKCU\..\Run: [Steam] E:\!Games!\Steam.exe -silent
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: BTTray.lnk = ?
    O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNxdm414YYHU
    O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: E&xportálás Microsoft Excel formátumba - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Send To &Bluetooth - E:\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
    O9 - Extra button: Kutatás - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\btsendto_ie.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
    O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://map2.index.hu/MGViewer/ActiveX/mgaxctrl.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1114598342500
    O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - E:\dc++\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - Unknown owner - E:\dc++\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - E:\dc++\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - E:\dc++\ashWebSv.exe" /service (file missing)
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - E:\bin\btwdins.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
    O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - E:\smc.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
     
    Last edited: Jan 28, 2006
    pongi, Jan 28, 2006
    #1
  2. Tonski

    Tonski Regular member

    Joined:
    Nov 18, 2005
    Messages:
    670
    Likes Received:
    0
    Trophy Points:
    26
    Poista ohjauspaneelista:

    MyWebSearch (Nimessä voi olla merkkejä/numeroita)

    Sitten fixaa nämä:
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mmabrvommf.biz/69abYPaQczDYdLXAY7bA25HNkfN3FtmX4GUrMCXk/hj...
    R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
    O2 - BHO: (no name) - {5173B2C0-A14D-B344-A52D-E0EEA81B9C9F} - C:\DOCUME~1\RENDSZ~1\APPLIC~1\BOWSSE~1\pop error.exe
    O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
    O4 - HKLM\..\Run: [Trans lite chin obj] C:\Documents and Settings\All Users\Application Data\anti up trans lite\Cool Hide.exe
    O4 - HKCU\..\Run: [Axis drv] C:\DOCUME~1\RENDSZ~1\APPLIC~1\STOPPI~1\filmdrive.exe
    O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE
    O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
    O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNxdm414YYHU

    Aseta piilotiedostot näkyviin, tässä ohje:

    Windows XP

    * Klikkaa Käynnistä.
    * Avaa Oma Tietokone.
    * Valitse Työkalut ylämenusta ja klikkaa Kansion asetukset.
    * Valitse Näytä välilehti.
    * Piilotiedostot/kansiot kohdalla valitse Näytä piilotetut tiedostot ja kansiot.
    * Poista rasti ruudusta -> Piilota suojatut käyttöjärjestelmätiedostot
    * Klikkaa Kyllä varmistaaksesi muutokset.
    * Klikkaa OK.

    Avaa kone vikasietotilaan. Se onnistuu näin: --->Paina F8 koneen käynnistyessä niin pitkään kunnes esiin tulee valikko. Valitse sitten siitä Vikasietotila.<---

    Poista vikasietotilassa nämä tiedostot:

    C:\Program Files\[bold]MyWebSearch\[/bold]<--- KANSIO
    C:\DOCUME~1\RENDSZ~1\APPLIC~1\STOPPI~1\[bold]filmdrive.exe[/bold]
    C:\Documents and Settings\All Users\Application Data\[bold]anti up trans lite[/bold]<--- KANSIO
    C:\DOCUME~1\RENDSZ~1\APPLIC~1\[bold]BOWSSE~1[/bold]<--- KANSIO

    Sinulla näyttääkin jo olevan Ewido koneella.
    Tässä ohjeet Ewidon käyttöön siltä varalta että olet unohtanut ne:

    http://keskustelu.afterdawn.com/thread_view.cfm/260186

    Skannaa sitten Ewidolla koneesi. Sitten tallenna sen raportti. Palaa Normaalitilaan, ja lähetä uusi HJT-loki SEKÄ Ewidon raportti.
     
    Last edited: Jan 28, 2006
    Tonski, Jan 28, 2006
    #2
  3. pongi

    pongi Regular member

    Joined:
    Apr 12, 2005
    Messages:
    189
    Likes Received:
    0
    Trophy Points:
    26
    Kiitos Tonski vastauksesta,yritettiin tehdä kaikki sun ohjeiden mukaan.
    Tässä olis uusi Hjt loki,ja Ewidon raportti,valitettavasti myöskin unkarin kielellä.Avast ei enää huuda viruksesta,siis tilanne on varmasti parenemain päin!
    Logfile of HijackThis v1.99.1
    Scan saved at 17:34:40, on 2006.01.28.
    Platform: Windows XP Szervizcsomag 2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    E:\smc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\ABIT\ABITEQ\abiteq.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    E:\DC__~1\ashDisp.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\WINDOWS\vsnpstd.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    E:\!Games!\Steam.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
    C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
    E:\dc++\aswUpdSv.exe
    E:\dc++\ashServ.exe
    E:\bin\btwdins.exe
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\Program Files\ewido anti-malware\ewidoguard.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    E:\BTTray.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\WINDOWS\system32\svchost.exe
    E:\dc++\ashMaiSv.exe
    E:\dc++\ashWebSv.exe
    C:\totalcmd\TOTALCMD.EXE
    C:\Documents and Settings\Rendszergazda\Dokumentumok\My Skype Received Files\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.ubmudqabpwtlejjmja.uk/69...kfN3FtmX4GUrMCXk/hhiSwtDiY/hvqEFcZYgu0V/.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.port.hu/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hivatkozások
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [ABITEQ] C:\Program Files\ABIT\ABITEQ\abiteq.exe -M
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [EZEMO] C:\Program Files\EZ Emoticons\EZ.exe
    O4 - HKLM\..\Run: [avast!] E:\DC__~1\ashDisp.exe
    O4 - HKLM\..\Run: [SmcService] E:\smc.exe -startgui
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Steam] E:\!Games!\Steam.exe -silent
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: BTTray.lnk = ?
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: E&xportálás Microsoft Excel formátumba - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Send To &Bluetooth - E:\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
    O9 - Extra button: Kutatás - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\btsendto_ie.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
    O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://map2.index.hu/MGViewer/ActiveX/mgaxctrl.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1114598342500
    O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - E:\dc++\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - Unknown owner - E:\dc++\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - E:\dc++\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - E:\dc++\ashWebSv.exe" /service (file missing)
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - E:\bin\btwdins.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
    O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - E:\smc.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe



    --------------------------------------------------------
    ewido anti-malware - Találati jelentés
    ---------------------------------------------------------

    + Készült: 17:13:53, 2006.01.28.
    + Jelentés-Ellen&#337;rz&#337;összeg: 43784285

    + Keresés eredménye:

    C:\Documents and Settings\Rendszergazda\Cookies\rendszergazda@ad.yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Tisztítás mentéssel
    C:\Documents and Settings\Rendszergazda\Local Settings\Temp\SHNT288.exe -> Spyware.NewDotNet : Tisztítás mentéssel
    C:\Program Files\VVSN\VVSN.exe -> Adware.SaveNow : Tisztítás mentéssel


    ::Jelentés Vége
     
    pongi, Jan 28, 2006
    #3
  4. Tonski

    Tonski Regular member

    Joined:
    Nov 18, 2005
    Messages:
    670
    Likes Received:
    0
    Trophy Points:
    26
    Tämähän on parantunut reilusti. Tämä kohta ei silti lähtenyt. Jos ei muuten lähde niin koeta poistaa se vikasietotilassa (HUOM! Jos sinulla on Norton koneella niin älä fixaa tuota 023-kohtaa äläkä tee tuota ohjetta joka kehottaa menemään Suorita-toimintoon. Muuten jos olet poistanut Nortonin niin tee ne ohjeiden mukaan!):

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mmabrvommf.biz/69abYPaQczDYdLXAY7bA25HNkfN3FtmX4GUrMCXk/hj...
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

    Sitten mene Käynnistä-valikon Suorita-toimintoon. Kirjoita tekstikenttään [bold]services.msc[/bold] ja uuden ikkunan pitäisi aueta. Siinä ikkunassa on listä auki olevista ohjelmista. Etsi sieltä ohjelmista semmoinen kuin [bold]Symantec[/bold] ja tuplaklikkaa sitä. Sitten valitse käynnistymistavaksi Seis ja toimintatavaksi Ei käytössä. Sitten poista tämä kansio:

    C:\Program Files\Common Files[bold]\Symantec Shared[/bold]

    Jotenkin en tunnistanut tuota EZEMO-nimistä ohjelmaa. Osaatko selittää mikä se on? Siis tämä:

    O4 - HKLM\..\Run: [EZEMO] C:\Program Files\EZ Emoticons\EZ.exe

    Tuo R1 oli siis ainut tunnistettava pahis jonka tästä lokista löysin. Jos saatte sen lähtemään niin lokin pitäisi olla ihan puhdas. (Paitsi jos ette tunnista tuota EZEMO-ohjelmaa ja se on pahis)
     
    Last edited: Jan 28, 2006
    Tonski, Jan 28, 2006
    #4
  5. pongi

    pongi Regular member

    Joined:
    Apr 12, 2005
    Messages:
    189
    Likes Received:
    0
    Trophy Points:
    26
    Kiitos taas,palaan asiaan huomenna,koska mainitsin jo,että pojan koneesta on kysymys,ja hän ei ole nyt kotona - varmaankin jossain bailaamassa - ja mulla ei ole tietoa Ezemo ohjelmasta,mutta kysyn huomenna.Siis kiitos avusta,ja jatkan huomenna!
     
    pongi, Jan 28, 2006
    #5
  6. pongi

    pongi Regular member

    Joined:
    Apr 12, 2005
    Messages:
    189
    Likes Received:
    0
    Trophy Points:
    26
    Hei taas!Tämä Ezemo ohjelma on joku chatti hymiö-juttu, elikkä saa jäädä.
    Tääsä olis - toivottavasti - viimeinen loki,pitäisi olla puhdas,vai mitä?
    Kiitos kovasti avusta,ja osaamista!!!

    EDIT: Nyt vasta huomasin,että se piru R1 rivi taas on palanut,yrtätään vikasietotilassa poistaa!

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    E:\smc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\ABIT\ABITEQ\abiteq.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    E:\DC__~1\ashDisp.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\WINDOWS\vsnpstd.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
    E:\!Games!\Steam.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
    E:\dc++\aswUpdSv.exe
    E:\dc++\ashServ.exe
    c:\progra~1\intern~1\iexplore.exe
    E:\BTTray.exe
    E:\bin\btwdins.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\Program Files\ewido anti-malware\ewidoguard.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\svchost.exe
    E:\dc++\ashMaiSv.exe
    E:\dc++\ashWebSv.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\totalcmd\TOTALCMD.EXE
    C:\Documents and Settings\Rendszergazda\Dokumentumok\My Skype Received Files\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.fadcwryvzwuekn.net/69abYPaQczDYdLXAY7bA25HNkfN3FtmX4GUrMCXk/hh443Z8HjBA_qEFcZYgu0V/.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.port.hu/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hivatkozások
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [ABITEQ] C:\Program Files\ABIT\ABITEQ\abiteq.exe -M
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [EZEMO] C:\Program Files\EZ Emoticons\EZ.exe
    O4 - HKLM\..\Run: [avast!] E:\DC__~1\ashDisp.exe
    O4 - HKLM\..\Run: [SmcService] E:\smc.exe -startgui
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Steam] E:\!Games!\Steam.exe -silent
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [Axis drv] C:\DOCUME~1\RENDSZ~1\APPLIC~1\STOPPI~1\filmdrive.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: BTTray.lnk = ?
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: E&xportálás Microsoft Excel formátumba - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Send To &Bluetooth - E:\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
    O9 - Extra button: Kutatás - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\btsendto_ie.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
    O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://map2.index.hu/MGViewer/ActiveX/mgaxctrl.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1114598342500
    O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - E:\dc++\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - Unknown owner - E:\dc++\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - E:\dc++\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - E:\dc++\ashWebSv.exe" /service (file missing)
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - E:\bin\btwdins.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
    O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - E:\smc.exe

     
    Last edited: Jan 29, 2006
    pongi, Jan 29, 2006
    #6
  7. pongi

    pongi Regular member

    Joined:
    Apr 12, 2005
    Messages:
    189
    Likes Received:
    0
    Trophy Points:
    26
    Siis tämä
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =

    ei suostu lähtemään,ei edes vikasietotilassa.
    Miten pääsisi siitä eroon?
     
    pongi, Jan 29, 2006
    #7
  8. Tonski

    Tonski Regular member

    Joined:
    Nov 18, 2005
    Messages:
    670
    Likes Received:
    0
    Trophy Points:
    26
    Koneenne on nyt melkein täysin puhdas. Ainut kohta mikä on enää jäljellä pahiksista on tuo:

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.fadcwryvzwuekn.net/69abYPaQczDYdLXAY7bA25HNkfN3FtmX4GU...

    Koneenne oli aika pahana kun lähetit tuon lokin tänne. Osa pahiksista voi johtua siitä että poikasi lataa DC++ ohjelmalla. (Imurointiohjelma) Nyt näyttää ihan puhtaalta. Jos tuo R1 (Tämä --> R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.fadcwryvzwuekn.net/69abYPaQczDYdLXAY7bA25HNkfN3FtmX4GU... <---) ei lähde edes vikasietotilassa niin en valitettavasti osaa neuvoa... Kokeilkaa pari kertaa fixata tuo vikasieto- ja normaalitilassa ja jos ei lähde niin sanon jollekkin vielä osaavammalle että käy katsomassa. Ei tarvitse lähettää uutta lokia sano vain lähtikö se R1:nen.

    EDIT:
    Anteeksi tein pikkuisen virheen. Tämäkin pitää fixata.

    O4 - HKCU\..\Run: [Axis drv] C:\DOCUME~1\RENDSZ~1\APPLIC~1\STOPPI~1\filmdrive.exe

    Sitten poista tämä kansio vikasietotilassa:

    C:\DOCUME~1\RENDSZ~1\APPLIC~1\[bold]STOPPI~1\[/bold]<---KANSIO

    Jos asetit piilotiedostot pois näkyvistä ETKÄ löydä tuota kansiota niin aseta piilotiedostot tuon poiston ajaksi taas näkyviin. Mutta tuo tosissaan fixiin ja vikasietotilassa kansio pois. Sitten uusi kone uudelleenkäynnistykseen ja uusi loki. (Muista myös fixata tuota R1:stä)
     
    Last edited: Jan 29, 2006
    Tonski, Jan 29, 2006
    #8
  9. pongi

    pongi Regular member

    Joined:
    Apr 12, 2005
    Messages:
    189
    Likes Received:
    0
    Trophy Points:
    26
    OK,miltä nyt näyttää?


    Logfile of HijackThis v1.99.1
    Scan saved at 13:19:39, on 2006.01.29.
    Platform: Windows XP Szervizcsomag 2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    E:\smc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\ABIT\ABITEQ\abiteq.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    E:\DC__~1\ashDisp.exe
    C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
    E:\dc++\aswUpdSv.exe
    E:\dc++\ashServ.exe
    E:\bin\btwdins.exe
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\Program Files\ewido anti-malware\ewidoguard.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\WINDOWS\vsnpstd.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    E:\!Games!\Steam.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
    C:\Program Files\Skype\Phone\Skype.exe
    E:\BTTray.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    E:\dc++\ashMaiSv.exe
    E:\dc++\ashWebSv.exe
    C:\totalcmd\TOTALCMD.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Documents and Settings\Rendszergazda\Dokumentumok\My Skype Received Files\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.port.hu/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hivatkozások
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [ABITEQ] C:\Program Files\ABIT\ABITEQ\abiteq.exe -M
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [EZEMO] C:\Program Files\EZ Emoticons\EZ.exe
    O4 - HKLM\..\Run: [avast!] E:\DC__~1\ashDisp.exe
    O4 - HKLM\..\Run: [SmcService] E:\smc.exe -startgui
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Steam] E:\!Games!\Steam.exe -silent
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: BTTray.lnk = ?
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: E&xportálás Microsoft Excel formátumba - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Send To &Bluetooth - E:\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
    O9 - Extra button: Kutatás - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\btsendto_ie.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
    O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://map2.index.hu/MGViewer/ActiveX/mgaxctrl.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1114598342500
    O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - E:\dc++\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - Unknown owner - E:\dc++\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - E:\dc++\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - E:\dc++\ashWebSv.exe" /service (file missing)
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - E:\bin\btwdins.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
    O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - E:\smc.exe

     
    pongi, Jan 29, 2006
    #9
  10. W8m

    W8m Guest

    En osaa enää muuten auttaa, kun että tuo HjT kannattaisi siirtää omaan polkuunsa, eli C:\HjT\
     
    W8m, Jan 29, 2006
    #10
  11. pongi

    pongi Regular member

    Joined:
    Apr 12, 2005
    Messages:
    189
    Likes Received:
    0
    Trophy Points:
    26
    Kiitos!
     
    pongi, Jan 29, 2006
    #11
  12. Tonski

    Tonski Regular member

    Joined:
    Nov 18, 2005
    Messages:
    670
    Likes Received:
    0
    Trophy Points:
    26
    Oleppa hyvä. =)
     
    Tonski, Jan 29, 2006
    #12

Share This Page