HijackThis log- sta trebam izbrisati

Black Lotus · 15.03.2005., 21:05

jel sve u redu ili nesto nije u redu?

Logfile of HijackThis v1.98.2
Scan saved at 21:04:30, on 15.03.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
D:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
D:\Programme\Logitech\MouseWare\system\em_exec.exe
C:\Programme\Java\jre1.5.0_01\bin\jusched.exe
C:\WINDOWS\System32\ctfmon.exe
D:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\System32\m?iexec.exe
c:\progra~1\intern~1\iexplore.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\mdm.exe
D:\downloads\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1A7D531D-6026-E474-D1B5-4B63C436491C} - C:\DOKUME~1\Tihi\ANWEND~1\OPEN64~1\corn htm.exe
O2 - BHO: (no name) - {62DAD9C8-3000-74EB-787B-48B60E6EF393} - C:\WINDOWS\System32\bcvp.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [Tau Monitor] D:\PROGRA~1\Agnitum\TAUSCA~1.7\taumon.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Zone Labs Client] "D:\Programme\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [ICQ Lite] D:\Programme\ICQLite\ICQLite.exe -minimize
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] D:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Vymcckbq] C:\WINDOWS\System32\m?iexec.exe
O4 - HKCU\..\Run: [OPTIONFLAP] C:\DOKUME~1\Tihi\ANWEND~1\PROXYT~1\rdr about.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] D:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = D:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Programme\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Recherche-Assistent - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Reference 2001\EROProj.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O9 - Extra button: Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - D:\PROGRA~1\Agnitum\OUTPOS~1\TRASH.EXE (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Show Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - D:\PROGRA~1\Agnitum\OUTPOS~1\TRASH.EXE (file missing) (HKCU)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by15fd.bay15.hotmail.msn.com/...s/MsnPUpld.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Service Client v.3.4) - http://ccon.futuremark.com/global/msc34.cab

-POP- · 15.03.2005., 23:39

Costa...

Costa · 16.03.2005., 17:19

Najprije izgasi preko TaskManagera
C:\WINDOWS\System32\m?iexec.exe

Pa sredi:
O2 - BHO: (no name) - {1A7D531D-6026-E474-D1B5-4B63C436491C} - C:\DOKUME~1\Tihi\ANWEND~1\OPEN64~1\corn htm.exe
O2 - BHO: (no name) - {62DAD9C8-3000-74EB-787B-48B60E6EF393} - C:\WINDOWS\System32\bcvp.dll
O4 - HKCU\..\Run: [Vymcckbq] C:\WINDOWS\System32\m?iexec.exe
O4 - HKCU\..\Run: [OPTIONFLAP] C:\DOKUME~1\Tihi\ANWEND~1\PROXYT~1\rdr about.exe
O9 - Extra button: Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - D:\PROGRA~1\Agnitum\OUTPOS~1\TRASH.EXE (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Show Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - D:\PROGRA~1\Agnitum\OUTPOS~1\TRASH.EXE (file missing) (HKCU)

Ako nisi sam postavio proxy onda sredi i ovo:
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

Mislim da je vrijeme da ozbiljno razmislis o nekom boljem browseru tipa Firefox ili Opera.

15.03.2005., 21:05	#1
Black Lotus CurSedPala Datum registracije: Jan 2004 Lokacija: Bec Postovi: 173	HijackThis log- sta trebam izbrisati jel sve u redu ili nesto nije u redu? Logfile of HijackThis v1.98.2 Scan saved at 21:04:30, on 15.03.2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe D:\Programme\Zone Labs\ZoneAlarm\zlclient.exe D:\Programme\Logitech\MouseWare\system\em_exec.exe C:\Programme\Java\jre1.5.0_01\bin\jusched.exe C:\WINDOWS\System32\ctfmon.exe D:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\WINDOWS\System32\m?iexec.exe c:\progra~1\intern~1\iexplore.exe C:\Programme\Internet Explorer\iexplore.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Programme\MSN Messenger\msnmsgr.exe C:\WINDOWS\System32\mdm.exe D:\downloads\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1A7D531D-6026-E474-D1B5-4B63C436491C} - C:\DOKUME~1\Tihi\ANWEND~1\OPEN64~1\corn htm.exe O2 - BHO: (no name) - {62DAD9C8-3000-74EB-787B-48B60E6EF393} - C:\WINDOWS\System32\bcvp.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [Tau Monitor] D:\PROGRA~1\Agnitum\TAUSCA~1.7\taumon.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Zone Labs Client] "D:\Programme\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_01\bin\jusched.exe O4 - HKLM\..\Run: [ICQ Lite] D:\Programme\ICQLite\ICQLite.exe -minimize O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [LDM] D:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [Vymcckbq] C:\WINDOWS\System32\m?iexec.exe O4 - HKCU\..\Run: [OPTIONFLAP] C:\DOKUME~1\Tihi\ANWEND~1\PROXYT~1\rdr about.exe O4 - HKCU\..\RunOnce: [ICQ Lite] D:\Programme\ICQLite\ICQLite.exe -trayboot O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = D:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = D:\Programme\Microsoft Office\Office10\OSA.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra button: Recherche-Assistent - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Reference 2001\EROProj.dll O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLite\ICQLite.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE O9 - Extra button: Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - D:\PROGRA~1\Agnitum\OUTPOS~1\TRASH.EXE (file missing) (HKCU) O9 - Extra 'Tools' menuitem: Show Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - D:\PROGRA~1\Agnitum\OUTPOS~1\TRASH.EXE (file missing) (HKCU) O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by15fd.bay15.hotmail.msn.com/...s/MsnPUpld.cab O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Service Client v.3.4) - http://ccon.futuremark.com/global/msc34.cab __________________ Viarama U8568 Pro P4 2.66@2.8Ghz 512 ddr Maxtor 120 Gb 9600 XT 545/310 MX 510

15.03.2005., 23:39	#2
-POP- Eddie Moj komp Datum registracije: Mar 2004 Lokacija: Osijek Postovi: 5,490	Costa... __________________

16.03.2005., 17:19	#3
Costa Moderator Datum registracije: Aug 2003 Lokacija: Zagreb Postovi: 3,193	Najprije izgasi preko TaskManagera C:\WINDOWS\System32\m?iexec.exe Pa sredi: O2 - BHO: (no name) - {1A7D531D-6026-E474-D1B5-4B63C436491C} - C:\DOKUME~1\Tihi\ANWEND~1\OPEN64~1\corn htm.exe O2 - BHO: (no name) - {62DAD9C8-3000-74EB-787B-48B60E6EF393} - C:\WINDOWS\System32\bcvp.dll O4 - HKCU\..\Run: [Vymcckbq] C:\WINDOWS\System32\m?iexec.exe O4 - HKCU\..\Run: [OPTIONFLAP] C:\DOKUME~1\Tihi\ANWEND~1\PROXYT~1\rdr about.exe O9 - Extra button: Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - D:\PROGRA~1\Agnitum\OUTPOS~1\TRASH.EXE (file missing) (HKCU) O9 - Extra 'Tools' menuitem: Show Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - D:\PROGRA~1\Agnitum\OUTPOS~1\TRASH.EXE (file missing) (HKCU) Ako nisi sam postavio proxy onda sredi i ovo: R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost Mislim da je vrijeme da ozbiljno razmislis o nekom boljem browseru tipa Firefox ili Opera. __________________ Duke Nukem 3D online igranje TUTORIAL

Oglasni prostor
PC Ekspert Forum Oglas

Oglasni prostor
PC Ekspert Forum Oglas