|
11.07.2004., 11:48 | #1 |
Premium
Datum registracije: Feb 2004
Lokacija: Jablanovec
Postovi: 105
|
Hijackthis log (kaj treba obrisat?)
Napravio sam scan sa hijackthis-om i molim vas recite kaj treba oznacit P.S. Imam onaj problem s rundll32.exe End now
__________________
Athlon 2400+@2344Mhz (212X11),1,85V 512 DDR400 @424Mhz Ati Radeon 9000Pro 128Mb NF7-S Maxtor 80GB @7200 o/min. Midi tower 400W |
11.07.2004., 12:24 | #2 |
Moderator
Datum registracije: Aug 2003
Lokacija: Zagreb
Postovi: 3,193
|
Najprije killaj u TaskManageru: C:\WINDOWS\System32\bkfhovrc.exe Kopiraj HijackThis u neki dir tak da ti napravi backup onoga kaj izbrise. Ovo je za slucaj da nekaj podje po zlu. Zatim sredi: R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.wholeworldmarket.com/search/ R3 - URLSearchHook: PerfectNavBHO Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - C:\PROGRA~1\PERFEC~1\BHO\PERFEC~1.DLL O2 - BHO: NavErrRedir Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - C:\PROGRA~1\PERFEC~1\BHO\PERFEC~1.DLL O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL O4 - HKLM\..\Run: [updmgr] C:\Program Files\Common files\updmgr\updmgr.exe O4 - HKLM\..\Run: [Windows Update] C:\WINDOWS\System32\tkutxjz.exe O4 - HKLM\..\Run: [NVIDIA Video drivers] video_32D.exe O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINDOWS\Downloaded Program Files\bridge.dll",Load O4 - HKLM\..\Run: [tcujoezke] C:\WINDOWS\System32\bkfhovrc.exe O4 - HKLM\..\RunOnce: [DELDIR0.EXE] "C:\DOCUME~1\MARKOP~1\LOCALS~1\Temp\DELDIR0.EXE" "C:\Program Files\McAfee\McAfee Shared Components\Guardian\" O4 - Global Startup: gstartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe O19 - User stylesheet: C:\WINDOWS\sstyle.css
__________________
|
|
|
Oglas
|
|
11.07.2004., 12:25 | #3 |
Premium
Datum registracije: Feb 2004
Lokacija: Jablanovec
Postovi: 105
|
Hvala, ali se netrebate mucit s ovim attachmentom jer sam problem uspio rijesit sa SPYBOTOM S&D!!
__________________
Athlon 2400+@2344Mhz (212X11),1,85V 512 DDR400 @424Mhz Ati Radeon 9000Pro 128Mb NF7-S Maxtor 80GB @7200 o/min. Midi tower 400W |
18.07.2004., 13:35 | #4 |
Registered User
Datum registracije: Jul 2004
Lokacija: Zagreb
Postovi: 4
|
Gospodo znalci, daj meni recite kaj da maknem u HJT. Šaljem vam njegov log. Ne koristim uopće Internet Explorer nego Operu ako to kaj znaći. Logfile of HijackThis v1.98.0 Scan saved at 13:23:20, on 18.7.2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe C:\WINDOWS\System32\CTSvcCDA.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton Utilities\NPROTECT.EXE C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\TBPanel.exe C:\Program Files\Creative\Audio2K\PROGRAM\CTMIX32.EXE C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe C:\Program Files\Winamp3\winampa.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Motherboard Monitor 5\MBM5.EXE C:\Program Files\Zone Labs\ZoneAlarm1\zlclient.exe C:\Program Files\ICQLite\ICQLite.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\System32\ctfmon.exe C:\Bug_pretraživać\BugCD Pretrazivac\BugCD Pretrazivac.exe C:\Program Files\Norton Utilities\SYSDOC32.EXE C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\RealVNC\WinVNC\WinVNC.exe C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe C:\Program Files\Netropa\Onscreen Display\OSD.exe C:\Program Files\Opera7\opera.exe C:\Program Files\HiJackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://minisearch.startnow.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://minisearch.startnow.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startnow.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://minisearch.startnow.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://minisearch.startnow.com R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://minisearch.startnow.com R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://minisearch.startnow.com O1 - Hosts: 12.129.205.209 search.netscape.com12.129.205.209 sitefinder.verisign.com O1 - Hosts: 12.129.205.209 search.netscape.com12.129.205.209 sitefinder.verisign.com O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: QuickSearch Search Bar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - C:\Program Files\QuickSearch\QuickSearchBar1_27.dll O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\Jccatch.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Crack Find Search - {A6790AA5-C6C7-4BCF-A46D-0FDAC4EA90EB} - C:\WINDOWS\SrchPlug.dll O3 - Toolbar: QuickSearch Search Bar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - C:\Program Files\QuickSearch\QuickSearchBar1_27.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll O4 - HKLM\..\Run: [Gainward] C:\WINDOWS\TBPanel.exe /A O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [CreativeMixer] C:\Program Files\Creative\Audio2K\PROGRAM\CTMIX32.EXE /t O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\winampa.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [MBM 5] "C:\Program Files\Motherboard Monitor 5\MBM5.EXE" O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm1\zlclient.exe O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [BugCD Pretrazivac] C:\Bug_pretraživać\BugCD Pretrazivac\BugCD Pretrazivac.exe O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Norton System Doctor.lnk = C:\Program Files\Norton Utilities\SYSDOC32.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file) O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file) O9 - Extra button: ICQ 4.0 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{2CBBE3E0-565A-4D8F-AB2B-3EB0D9719CC7}: NameServer = 161.53.114.145 161.53.114.135 O21 - SSODL: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - (no file) |
18.07.2004., 20:57 | #5 |
Feldwebel
Datum registracije: Feb 2002
Lokacija: bolnica
Postovi: 3,735
|
Tebi je najpametnije napraviti format c: Divna kolekcija virusa, crva, spywarea, adwarea i još nekih kaka. ZA treba podesiti, a NAV updejtati povremeno.
__________________
Tih kao mačka Brz kao gepard Jak kao lav Elegantan kao leopard Nisam to ja, to je moj komp. |
18.07.2004., 21:19 | #6 |
Registered User
Datum registracije: Jul 2004
Lokacija: Zagreb
Postovi: 4
|
Pa neznam baš. Svako malo i updejtam i Adaware i Spybot i automatski Nortona i pustam ih svakih 3 dana da pročešljaju komp i nema ništa. Daj mi samo reci koji od ovih programa kaj se vrte na mom kompu su virusi, trojanci, crvi ili još kakva beštija. ZoneAlarm je istina bog postavljen po defaultu, ali mi je sve uredno javljao. Večinu ovih programa znam kaj su, ali ako za neki znaš sa sigurnošću da su maliciozni, molim te mi ih pokaži. Thanx |
18.07.2004., 23:46 | #7 | |
Feldwebel
Datum registracije: Feb 2002
Lokacija: bolnica
Postovi: 3,735
|
Citiraj:
Ne koristi BUG CD-ove makni Norton Utilities makni QuickTime Koristi Privacy od ZA. Uključi TeaTimer kod Spybot S&D. Probleme valjda nisi vidio jer ne koristiš IE nego operu. Problem je što ih imaš. Nisam siguran da će ovo sve riješiti.
__________________
Tih kao mačka Brz kao gepard Jak kao lav Elegantan kao leopard Nisam to ja, to je moj komp. |
|
19.07.2004., 00:17 | #8 |
Registered User
Datum registracije: Jul 2004
Lokacija: Zagreb
Postovi: 4
|
Hvala na trudu. Daj mi samo reci zakaj maknem norton utilities? |
19.07.2004., 00:19 | #9 |
Feldwebel
Datum registracije: Feb 2002
Lokacija: bolnica
Postovi: 3,735
|
Loš program koji samo napravi sranja po sistemu. Ničemu ne služi a zauzima resurse. Treba još pljuvati po njemu?
__________________
Tih kao mačka Brz kao gepard Jak kao lav Elegantan kao leopard Nisam to ja, to je moj komp. |
19.07.2004., 00:23 | #10 |
Registered User
Datum registracije: Jul 2004
Lokacija: Zagreb
Postovi: 4
|
Fala majstore na pomoći. Daj mi samo reci kak znaš kaj je trebalo obrisati, a kaj ne? |
|
|
Oglas
|
|
19.07.2004., 00:29 | #11 |
Feldwebel
Datum registracije: Feb 2002
Lokacija: bolnica
Postovi: 3,735
|
Pluginovi i search za IE zasigurno nisu dio Windowsa. Isto kako i BUG pretrazivaći, redirect linkovi, toolbarovi i slične gluposti.
__________________
Tih kao mačka Brz kao gepard Jak kao lav Elegantan kao leopard Nisam to ja, to je moj komp. |
19.07.2004., 03:42 | #12 | |
Moderator
Datum registracije: Aug 2003
Lokacija: Zagreb
Postovi: 3,193
|
Citiraj:
__________________
|
|
|
|
Oglas
|
|
|
|