Forumi
Home Pravila i pomoć Članovi Kalendar Današnji postovi


Povratak   PC Ekspert Forum > Računala > Problemi > Softverski problemi
Ime
Lozinka

Odgovori
 
Uređivanje
Staro 02.03.2006., 15:59   #1
Ivan_1
Premium
 
Datum registracije: May 2004
Lokacija: Duga Resa
Postovi: 823
pomoc! Hijack This log

frend ima problema...sto maknuti?

Logfile of HijackThis v1.99.0
Scan saved at 15:40:54, on 2.3.2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
F:\Program Files\TGTSoft\StyleXP\Logon\CurrentLogon.EXE
F:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
F:\WINDOWS\system32\spoolsv.exe
F:\Program Files\MessengerPlus! 3\MsgPlus.exe
F:\Program Files\Macrogaming\SweetIM\SweetIM.exe
f:\progra~1\intern~1\iexplore.exe
F:\Program Files\Internet Explorer\iexplore.exe
F:\WINDOWS\system32\ZoneLabs\vsmon.exe
F:\Documents and Settings\Administrator\Desktop\Gapi\Slike\New Folder\utorrent.exe
F:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
F:\Program Files\Registry Fix 3.0.2\Registry Fix.exe
F:\Program Files\MSN Messenger\msnmsgr.exe
F:\WINDOWS\explorer.exe
F:\WINDOWS\TEMP\win619.tmp.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\TEMP\win619.tmp.exe
F:\Documents and Settings\Administrator\Desktop\Gapi\HijackThis.exe

R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - F:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - F:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: (no name) - {27FAC4B8-7CB4-C269-9647-63A7F20A9E12} - F:\DOCUME~1\ADMINI~1\APPLIC~1\WARNID~1\Dart Beep.exe (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - F:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O2 - BHO: (no name) - {FD25A07E-662F-B8B9-F202-B15865E2D9AB} - F:\DOCUME~1\ADMINI~1\APPLIC~1\WARNID~1\MediaArmy.exe
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - F:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE F:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MessengerPlus3] "F:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [NeroCheck] F:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SweetIM] F:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\RunOnce: [SpybotSnD] "F:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [STYLEXP] F:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [SweetIM] F:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [ante file] F:\DOCUME~1\ADMINI~1\APPLIC~1\BONEFI~1\grim trans.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{1F784CB8-8E95-4C56-8A2E-D3A780F95B37}: NameServer = 195.29.150.3 195.29.150.4
O23 - Service: StyleXPService - Unknown - F:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TrueVector Internet Monitor - Zone Labs, LLC - F:\WINDOWS\system32\ZoneLabs\vsmon.exe
Ivan_1 je offline   Reply With Quote
Staro 02.03.2006., 16:30   #2
atha
Moderator
Moj komp
 
atha's Avatar
 
Datum registracije: Jan 2005
Lokacija: Rijeka
Postovi: 9,067
daj malo proceshljaj sa ad-aware i cwshredderom takodjer.

pobrishi:
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - F:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - F:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: (no name) - {27FAC4B8-7CB4-C269-9647-63A7F20A9E12} - F:\DOCUME~1\ADMINI~1\APPLIC~1\WARNID~1\Dart Beep.exe (file missing)
O2 - BHO: (no name) - {FD25A07E-662F-B8B9-F202-B15865E2D9AB} - F:\DOCUME~1\ADMINI~1\APPLIC~1\WARNID~1\MediaArmy.exe
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - F:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O4 - HKLM\..\Run: [SweetIM] F:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [SweetIM] F:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [ante file] F:\DOCUME~1\ADMINI~1\APPLIC~1\BONEFI~1\grim trans.exe

malo manje klikanja po glupostima.
kada ovo obrishesh, ad-aware i cwsredder - malo prochesljaj, restart.
i ponovno paste-aj log ovdje.
__________________
___________
Just atha
x
atha je offline   Reply With Quote
Oglasni prostor
Oglas
 
Oglas
Staro 02.03.2006., 21:03   #3
rihr
Registered User
 
Datum registracije: Jun 2005
Lokacija: hrri
Postovi: 4
atha,molim te dal je potrebno ovdje sta brisati...
hvala


Logfile of HijackThis v1.99.1
Scan saved at 20:53:58, on 2.3.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\T-Com MAXadsl CD-ROM\T-Com Siemens ADSL A-100 Modem\Adsl\dslagent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCCLIENT.EXE
C:\Program Files\Trend Micro\PC-cillin 2002\PCCGUIDE.EXE
C:\Program Files\Trend Micro\PC-cillin 2002\POP3TRAP.EXE
C:\PROGRA~1\pdfrd\FOXITR~1.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Metro\LOCALS~1\Temp\Rar$EX00.058\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - Default URLSearchHook is missing
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: (no name) - {4da4616d-7e6e-4fd9-a2d5-b6c535733e22} - (no file)
O3 - Toolbar: SearchTran - {C3A6061D-1CF6-488a-86C9-B89423F1E64B} - C:\Program Files\SearchTran Demo\SearchTran_IE_bar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\T-Com MAXadsl CD-ROM\T-Com Siemens ADSL A-100 Modem\Adsl\dslagent.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1125244048572
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1125244971249
O17 - HKLM\System\CCS\Services\Tcpip\..\{EC56BF54-9DE2-46E1-A6C2-5C8DCCAE7789}: NameServer = 195.29.150.3 195.29.150.4
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
rihr je offline   Reply With Quote
Oglasni prostor
Oglas
 
Oglas
Odgovori



Pravila postanja
Vi ne možete otvarati nove teme
Vi ne možete pisati odgovore
Vi ne možete uploadati priloge
Vi ne možete uređivati svoje poruke

BB code je Uključeno
Smajlići su Uključeno
[IMG] kod je Uključeno
HTML je Isključeno

Idi na