[es] - Logfile of HijackThis

drmix
Mostar

Član broj: 25362
Poruke: 39
193.198.39.*

Profil

^{09.02.2005. u 22:31 - pre 233 meseci}

pokusam otvoriti npr. hotmail.com, otvara mi se nesto stoto... ne znam u cemu je problem
sorry na ovome velikom C/P, nek moderatori izbrisu dio koji ne treba. HVALA PUNO

Logfile of HijackThis v1.97.7
Scan saved at 21:58:46, on 7.2.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\wt\wcmdmgr.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Ctzru\Etpfx.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\windows\system32\msdmxm.exe
C:\windows\system32\sp2ctr.exe
C:\windows\system32\evthtm.exe
C:\Program Files\Avant Browser\avant.exe
C:\Program Files\Winamp\winamp.exe
C:\WINDOWS\temp\FORMAT.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\GORANC~1\LOCALS~1\Temp\Rar$EX0s.v20\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\GORANC~1\LOCALS~1\Temp\sp.dll/sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\GORANC~1\LOCALS~1\Temp\sp.dll/sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R3 - URLSearchHook: (no name) - _{341FB59F-3507-443b-8147-423B4E3B2B15} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
O2 - BHO: (no name) - {962F12AE-2773-4BEB-99EA-B5C3AB9A6606} - C:\WINDOWS\System32\DSMANA~1.DLL
O2 - BHO: (no name) - {98AA4D54-F4EA-48A7-B818-3B679419B630} - C:\WINDOWS\System32\milc.dll
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [Jajv] C:\WINDOWS\xichnd.exe
O4 - HKLM\..\Run: [˘‰¸u0–4C
}ďÁzî[8C:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\xichnd.exe
O4 - HKLM\..\Run: [Qamhllk] C:\Program Files\Ctzru\Etpfx.exe
O4 - HKLM\..\Run: [˘‰¸u0–4C
}ďÁzîžigÝC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\xichnd.exe
O4 - HKLM\..\Run: [˘‰¸u0Ô@ÔÁÔ]ú"ü‰üžiC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\xichnd.exe
O4 - HKLM\..\Run: [˘‰¸u0Ô@ÔÁÔÁÔ]ú"ü‰üC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\xichnd.exe
O4 - HKLM\..\Run: [˘‰¸u0Ô@ÔÁÔ]ú"ü‰¸u0C:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\xichnd.exe
O4 - HKLM\..\Run: [˘‰¸u0ÔÁÔ]ú"ü‰üžigÝC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\xichnd.exe
O4 - HKLM\..\Run: [EvtHtm] c:\windows\system32\evthtm.exe /nocomm
O4 - HKLM\..\Run: [XVUSMXRM] c:\windows\system32\xvusmxrm.exe /install
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [EasyMessage] "C:\Program Files\Zango Messenger\em2.exe" -wait
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Define - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O8 - Extra context menu item: Blokiraj sve slike sa istog servera - C:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Dodaj u crnu listu reklama - C:\Program Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Look Up in &Encyclopedia - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O8 - Extra context menu item: Otvori sve linkove na ovoj stranici... - C:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Označi - C:\Program Files\Avant Browser\Highlight.htm
O8 - Extra context menu item: Traži - C:\Program Files\Avant Browser\Search.htm
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Encarta Encyclopedia (HKLM)
O9 - Extra 'Tools' menuitem: Encarta Encyclopedia (HKLM)
O9 - Extra button: Define (HKLM)
O9 - Extra 'Tools' menuitem: Define (HKLM)
O9 - Extra button: Researcher (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O16 - DPF: {0F9B4CA4-A30F-480A-841D-69B45C50A8F8} (SekureL0gin.SekureKontrol) - http://secure2.comned.com/signuptemplates/AktiveSekurity.cab
O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\foo.mht!http://bin.wordsx.cc/8xnlDBScJIzBap1IwrMc0bc.chm::/on-line.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=34738&clcid=0x409
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab33902.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com...ockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7724D693-FCA7-4761-996B-F0795FA693A1}: NameServer = 212.247.71.242

drMiX

Odgovor na temu