Forumi


Povratak   PC Ekspert Forum > Računala > Problemi > Softverski problemi
Osvježi stranicu HijackThis
Ime
Lozinka

Odgovori
 
Uređivanje
Staro 12.09.2004., 16:25   #1
Black Lotus
CurSedPala
 
Black Lotus's Avatar
 
Datum registracije: Jan 2004
Lokacija: Bec
Postovi: 173
HijackThis- pomozite
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\mssvc32.exe
F:\Norton\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\scagent.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\services\msxmidi.exe
F:\Norton\navapw32.exe
F:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
C:\windows\system32\winexplor.exe
C:\Programme\MSN Apps\Updater\01.02.3000.1001\de-at\msnappau.exe
C:\windows\system32\winapig.exe
C:\Program Files\Winad Client\Winad.exe
F:\Logitech\MouseWare\system\em_exec.exe
C:\Programme\Web_Rebates\WebRebates0.exe
C:\WINDOWS\System32\ctfmon.exe
F:\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\WINDOWS\System32\cli.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Winad Client\WinClt.exe
C:\Programme\Web_Rebates\WebRebates1.exe
F:\Downloads\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:NavigationFailure
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:NavigationFailure
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.coolsearch.biz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lookfor.cc?pin=29126
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://lookfor.cc/sp.php?pin=29126
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:NavigationFailure
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:NavigationFailure
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:NavigationFailure
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:NavigationFailure
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://your-searcher.com/index.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,SearchURL = http://your-searcher.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
F3 - REG:win.ini: run=C:\WINDOWS\System32\services\msxmidi.exe
O2 - BHO: ie - {2FF5573C-0EB5-43db-A1B2-C4326813468E} - c:\windows\iehr.dll
O2 - BHO: (no name) - {4EA1105E-B440-7DB5-D358-10550AD92842} - C:\WINDOWS\System32\xnzkqn.dll
O2 - BHO: HBO Class - {5321E378-FFAD-4999-8C62-03CA8155F0B3} - C:\WINDOWS\System32\services\2.01.00.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programme\MSN Apps\ST\01.02.3000.1001\en-xu\stmain.dll
O2 - BHO: (no name) - {AEBE8B99-77A1-4EA2-A2DC-3A66E47C5511} - C:\WINDOWS\System32\dkkkf.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\01.02.3000.1001\de-at\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - F:\Norton\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - F:\Norton\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\01.02.3000.1001\de-at\msntb.dll
O4 - HKLM\..\Run: [mssvc32] mssvc32.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NAV Agent] F:\Norton\navapw32.exe
O4 - HKLM\..\Run: [Zone Labs Client] F:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [mysoft] C:\windows\system32\winexplor.exe
O4 - HKLM\..\Run: [msnappau] "C:\Programme\MSN Apps\Updater\01.02.3000.1001\de-at\msnappau.exe"
O4 - HKLM\..\Run: [xpsystem] C:\WINDOWS\System32\services\msxmidi.exe
O4 - HKLM\..\Run: [winstart] C:\windows\system32\winapig.exe
O4 - HKLM\..\Run: [Winad Client] C:\Program Files\Winad Client\Winad.exe
O4 - HKLM\..\Run: [WebRebates0] "C:\Programme\Web_Rebates\WebRebates0.exe"
O4 - HKLM\..\RunServices: [mssvc32] mssvc32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] F:\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [Ducd] C:\Dokumente und Einstellungen\Tihi\Anwendungsdaten\nabu.exe
O4 - HKCU\..\Run: [Unm] C:\WINDOWS\System32\cli.exe
O4 - HKCU\..\Run: [xpsystem] C:\WINDOWS\System32\services\msxmidi.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = F:\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: Web Rebates - file://C:\Programme\Web_Rebates\Sy1150\Tp1150\scri1150a.htm
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O13 - DefaultPrefix: http://www.microsoet.com/start.php?url=
O13 - WWW Prefix: http://www.microsoet.com/start.php?url=
O15 - Trusted Zone: *.05p.com
O15 - Trusted Zone: *.blazefind.com
O15 - Trusted Zone: *.clickspring.net
O15 - Trusted Zone: *.flingstone.com
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.my-internet.info
O15 - Trusted Zone: *.scoobidoo.com
O15 - Trusted Zone: *.searchbarcash.com
O15 - Trusted Zone: *.searchmiracle.com
O15 - Trusted Zone: *.slotch.com
O15 - Trusted Zone: *.xxxtoolbar.com
O16 - DPF: {0B682CC1-FB40-4006-A5DD-99EDD3C9095D} (vbiewer control) - http://www.thepaymentcentre.com/build/vbiewer.cab
O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\foo.mht!http://195.225.177.13/420/online.chm::/on-line.exe
O16 - DPF: {11010101-1001-1111-1000-110112345678} - ms-its:mhtml:file://C: oo.mhtml!http://81.9.3.86//scripts//dw//chm.chm?id=dp::/win.exe
O16 - DPF: {11120607-1001-1111-1000-110199901123} - ms-its:mhtml:file://C:\foo.mht!http://www.terra.es/personal7/hsjqpd...::/on-line.exe
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - file://c:\x.cab
O16 - DPF: {2048B51E-8D74-4762-82CE-B48CF545EEEA} - http://62.4.84.150/data/sc.cab
O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} (Installer Class) - http://www.xxxtoolbar.com/ist/softwa...06_regular.cab
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} - http://www.mt-download.com/MediaTicketsInstaller.cab
O16 - DPF: {FFA6CE4C-2199-4A4F-9542-12E0163D6841} - http://sessa.isprime.com:8080/tel2net/CABDialer.cab
O18 - Filter: text/html - {DD4F82E6-827B-481F-A312-69DEF42748F5} - C:\WINDOWS\System32\dkkkf.dll
O18 - Filter: text/plain - {DD4F82E6-827B-481F-A312-69DEF42748F5} - C:\WINDOWS\System32\dkkkf.dll
__________________
Viarama U8568 Pro
P4 2.66@2.8Ghz
512 ddr
Maxtor 120 Gb
9600 XT 545/310
MX 510
Zadnje izmijenjeno od: Black Lotus. 12.09.2004. u 16:59.
Black Lotus je offline   Reply With Quote
Staro 12.09.2004., 17:31   #2
Costa
Moderator
 
Costa's Avatar
 
Datum registracije: Aug 2003
Lokacija: Zagreb
Postovi: 3,193
Pogasi:
C:\WINDOWS\System32\mssvc32.exe
C:\WINDOWS\system32\scagent.exe
C:\WINDOWS\System32\services\msxmidi.exe
C:\windows\system32\winexplor.exe
C:\Programme\MSN Apps\Updater\01.02.3000.1001\de-at\msnappau.exe
C:\windows\system32\winapig.exe
C:\Program Files\Winad Client\Winad.exe
F:\Logitech\MouseWare\system\em_exec.exe
C:\Programme\Web_Rebates\WebRebates0.exe
C:\WINDOWS\System32\cli.exe
C:\Program Files\Winad Client\WinClt.exe
C:\Programme\Web_Rebates\WebRebates1.exe

Sredi
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about :NavigationFailure
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about :NavigationFailure
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.coolsearch.biz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lookfor.cc?pin=29126
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://lookfor.cc/sp.php?pin=29126
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about :NavigationFailure
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about :NavigationFailure
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about :NavigationFailure
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about :NavigationFailure
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://your-searcher.com/index.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,SearchURL = http://your-searcher.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about :blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about :blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
F3 - REG:win.ini: run=C:\WINDOWS\System32\services\msxmidi.exe
O2 - BHO: ie - {2FF5573C-0EB5-43db-A1B2-C4326813468E} - c:\windows\iehr.dll
O2 - BHO: (no name) - {4EA1105E-B440-7DB5-D358-10550AD92842} - C:\WINDOWS\System32\xnzkqn.dll
O2 - BHO: HBO Class - {5321E378-FFAD-4999-8C62-03CA8155F0B3} - C:\WINDOWS\System32\services\2.01.00.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programme\MSN Apps\ST\01.02.3000.1001\en-xu\stmain.dll
O2 - BHO: (no name) - {AEBE8B99-77A1-4EA2-A2DC-3A66E47C5511} - C:\WINDOWS\System32\dkkkf.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\01.02.3000.1001\de-at\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\01.02.3000.1001\de-at\msntb.dll
O4 - HKLM\..\Run: [mssvc32] mssvc32.exe
O4 - HKLM\..\Run: [mysoft] C:\windows\system32\winexplor.exe
O4 - HKLM\..\Run: [msnappau] "C:\Programme\MSN Apps\Updater\01.02.3000.1001\de-at\msnappau.exe"
O4 - HKLM\..\Run: [xpsystem] C:\WINDOWS\System32\services\msxmidi.exe
O4 - HKLM\..\Run: [winstart] C:\windows\system32\winapig.exe
O4 - HKLM\..\Run: [Winad Client] C:\Program Files\Winad Client\Winad.exe
O4 - HKLM\..\Run: [WebRebates0] "C:\Programme\Web_Rebates\WebRebates0.exe"
O4 - HKLM\..\RunServices: [mssvc32] mssvc32.exe
O4 - HKCU\..\Run: [Ducd] C:\Dokumente und Einstellungen\Tihi\Anwendungsdaten\nabu.exe
O4 - HKCU\..\Run: [xpsystem] C:\WINDOWS\System32\services\msxmidi.exe
O8 - Extra context menu item: Web Rebates - file://C:\Programme\Web_Rebates\Sy1150\Tp1150\scri1150a.htm
O13 - DefaultPrefix: http://www.microsoet.com/start.php?url=
O13 - WWW Prefix: http://www.microsoet.com/start.php?url=
O15 - Trusted Zone: *.05p.com
O15 - Trusted Zone: *.blazefind.com
O15 - Trusted Zone: *.clickspring.net
O15 - Trusted Zone: *.flingstone.com
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.my-internet.info
O15 - Trusted Zone: *.scoobidoo.com
O15 - Trusted Zone: *.searchbarcash.com
O15 - Trusted Zone: *.searchmiracle.com
O15 - Trusted Zone: *.slotch.com
O15 - Trusted Zone: *.xxxtoolbar.com
O16 - DPF: {0B682CC1-FB40-4006-A5DD-99EDD3C9095D} (vbiewer control) - http://www.thepaymentcentre.com/build/vbiewer.cab
O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\foo.mht!http://195.225.177.13/420/online.chm::/on-line.exe
O16 - DPF: {11010101-1001-1111-1000-110112345678} - ms-its:mhtml:file://C: oo.mhtml!http://81.9.3.86//scripts//dw//chm.chm?id=dp::/win.exe
O16 - DPF: {11120607-1001-1111-1000-110199901123} - ms-its:mhtml:file://C:\foo.mht!http://www.terra.es/personal7/hsjqp...m::/on-line.exe
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - file://c:\x.cab
O16 - DPF: {2048B51E-8D74-4762-82CE-B48CF545EEEA} - http://62.4.84.150/data/sc.cab
O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} (Installer Class) - http://www.xxxtoolbar.com/ist/softw...006_regular.cab
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} - http://www.mt-download.com/MediaTicketsInstaller.cab
O16 - DPF: {FFA6CE4C-2199-4A4F-9542-12E0163D6841} - http://sessa.isprime.com:8080/tel2net/CABDialer.cab
O18 - Filter: text/html - {DD4F82E6-827B-481F-A312-69DEF42748F5} - C:\WINDOWS\System32\dkkkf.dll
O18 - Filter: text/plain - {DD4F82E6-827B-481F-A312-69DEF42748F5} - C:\WINDOWS\System32\dkkkf.dll
Costa je offline   Reply With Quote
Oglasni prostor
Oglas
 
Oglas
Staro 13.09.2004., 13:25   #3
Black Lotus
CurSedPala
 
Black Lotus's Avatar
 
Datum registracije: Jan 2004
Lokacija: Bec
Postovi: 173
THX men
__________________
Viarama U8568 Pro
P4 2.66@2.8Ghz
512 ddr
Maxtor 120 Gb
9600 XT 545/310
MX 510
Black Lotus je offline   Reply With Quote
Oglasni prostor
Oglas
 
Oglas
Odgovori

« Prethodna tema | Sljedeća tema »


Pravila postanja
Vi ne možete otvarati nove teme
Vi ne možete pisati odgovore
Vi ne možete uploadati priloge
Vi ne možete uređivati svoje poruke
BB code je Uključeno
Smajlići su Uključeno
[IMG] kod je Uključeno
HTML je Isključeno
Idi na



© 1999-2023 PC Ekspert - Sva prava pridržana ISSN 1334-2940
Ad Management by RedTyger
Powered by vBulletin®
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.