|
|||||||||||
28.07.2004., 14:44
|
#1 |
|
AutoCad & Allplan expert
Datum registracije: Jan 2004
Lokacija: Zagreb-Karlovac i okilica
Postovi: 2,159
|
kaj da se obrise (hijack this )
evo log-a frendovog pc-ja, Logfile of HijackThis v1.98.0 Scan saved at 14:43:32, on 28. 07. 04 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\MSTASK.EXE C:\WINDOWS\SYSTEM\ATI2EVXX.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\TASKMON.EXE C:\WINDOWS\SYSTEM\INTERNAT.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\WINDOWS\NEWMIXER.EXE C:\WINDOWS\SYSTEM\QTTASK.EXE C:\PROGRAM FILES\WINAMP\WINAMPA.EXE C:\WINDOWS\SYSTEM\TMCCALL.EXE C:\WINDOWS\SYSTEM\DDHELP.EXE C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATIPTAXX.EXE C:\WINDOWS\SYSTEM\STIMON.EXE C:\PROGRAM FILES\ICQLITE\ICQLITE.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\WINDOWS\SYSTEM\MICOREW.EXE C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE C:\WINDOWS\SYSTEM\RNAAPP.EXE C:\WINDOWS\SYSTEM\TAPISRV.EXE C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mp3hi-fi.com/cgi-bin/l/lnk.cgi?l=searchdef R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://gtejdb.t.muxa.cc/s.php?aid=581 (obfuscated) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://gtejdb.t.muxa.cc/s.php?aid=581 (obfuscated) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.porn385.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://gtejdb.t.muxa.cc/s.php?aid=581 (obfuscated) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://gtejdb.t.muxa.cc/s.php?aid=581 (obfuscated) R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://gtejdb.t.muxa.cc/h.php?aid=581 (obfuscated) R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://gtejdb.t.muxa.cc/s.php?aid=581 (obfuscated) R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://gtejdb.t.muxa.cc/s.php?aid=581 (obfuscated) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = http://gtejdb.t.muxa.cc/h.php?aid=581 (obfuscated) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = http://gtejdb.t.muxa.cc/h.php?aid=581 (obfuscated) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL O2 - BHO: (no name) - {B21C8D77-008B-4D42-8C69-04D3E676F8EE} - C:\PROGRA~1\WIRETA~1\BROWSE~1.DLL (file missing) O2 - BHO: CControl Object - {3643ABC2-21BF-46B9-B230-F247DB0C6FD6} - C:\PROGRAM FILES\E2G\IEBHOS.DLL O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - HKLM\..\Run: [internat.exe] internat.exe O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [C-Media Mixer] C:\WINDOWS\NewMixer.exe /startup O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [TurboMemoryCharger] C:\PROGRAM FILES\TURBO MEMORY CHARGER\TURBOMEMORYCHARGER.exe O4 - HKLM\..\Run: [tmccall] C:\WINDOWS\SYSTEM\TMCCALL.exe O4 - HKLM\..\Run: [Turbo Memory] C:\PROGRAM FILES\TURBOMEMORY\TURBOMEMORY.exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [CXMon] "C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe" O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize O4 - HKLM\..\Run: [WinUpdate] C:\windows\p385.hta O4 - HKLM\..\Run: [SpeedUpMyPC] C:\PROGRAM FILES\LIUTILITIES\SPEEDUPMYPC\SPEEDUPMYPC.EXE traybar O4 - HKLM\..\Run: [URBOVCDT] C:\WINDOWS\SYSTEM\URBOVCDT.exe O4 - HKLM\..\Run: [sys] regedit -s sys.reg O4 - HKLM\..\Run: [PHLPAPII] C:\WINDOWS\SYSTEM\PHLPAPII.exe O4 - HKLM\..\Run: [MICOREW] C:\WINDOWS\SYSTEM\MICOREW.exe O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [ATIPOLL] ati2evxx.exe O4 - HKLM\..\RunServices: [ATISmart] C:\WINDOWS\SYSTEM\ati2s9ag.exe O4 - HKCU\..\RunOnce: [ICQ Lite] C:\PROGRAM FILES\ICQLITE\ICQLITE.EXE -trayboot O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: ICQ 4.0 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra button: Turbo Memory Charger - {ECC5778A-6E89-BFCE-13CE-81F134789E7B} - C:\PROGRAM FILES\TURBO MEMORY CHARGER\TURBOMEMORYCHARGER (file missing) O9 - Extra 'Tools' menuitem: Turbo Memory Charger - {ECC5778A-6E89-BFCE-13CE-81F134789E7B} - C:\PROGRAM FILES\TURBO MEMORY CHARGER\TURBOMEMORYCHARGER (file missing) O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll O12 - Plugin for .PDF: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll O16 - DPF: {E9041F85-3C18-4A7E-A29D-E24F84B79BF1} - http://64.7.220.98/downloads/UGO20.exe O18 - Filter: text/html - {4F7681E5-6CAF-478D-9CB8-4CA593BEE7FB} - C:\WINDOWS\SYSTEM\XPLUGIN.DLL kj da radi?
__________________
none |
|
|
|
|
|
|
Oglas
|
Oglasni prostor
|
 |
|
|
