HijackThis scanlog – prosim pomoč

Ojla!

Glede na to, da so se dogajale čudne stvari z mojim compom, sem se odločil še za ta scan…

Sedaj pa, normalno, potrebujem pomoč…

A bi šlo?

Ups – kako naj pa sedaj pripopam scanlog?

Sem poskusil priložiti kar beležnico, pa jo ne sprejme:-((

a bo?

Trenutno forum deluje kot &/($&”/(#&(“/$(“$=
ti kar prilepi vsebino beležnice semkaj, ne pa kot priponko.

samo kopiraj&prilepi pa bo.

Ja, včasih pa res mal preveč kompliciram :-))

Logfile of HijackThis v1.99.1
Scan saved at 18:08:34, on 17.4.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ABIT\ABIT uGuru\uGuru.exe
D:\Picasa2\PicasaMediaDetector.exe
C:\WINDOWS\system32\sstray.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Varovalni sistem 2006\Common\FSM32.EXE
C:\WINDOWS\system32\ctfmon.exe
D:\Vremenko\vremenko.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Corel\Graphics8\Programs\MFIndexer.exe
C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe
C:\PROGRA~1\VAROVA~1\backweb\1584371\Program\SERVIC~1.EXE
C:\Program Files\Varovalni sistem 2006\Anti-Virus\fsgk32st.exe
C:\Program Files\Varovalni sistem 2006\backweb\1584371\program\fsbwsys.exe
C:\Program Files\Varovalni sistem 2006\Anti-Virus\FSGK32.EXE
C:\Program Files\Varovalni sistem 2006\Common\FSMA32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Varovalni sistem 2006\Anti-Virus\fssm32.exe
C:\Program Files\Varovalni sistem 2006\Common\FSMB32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Varovalni sistem 2006\backweb\1584371\Program\fspex.exe
C:\Program Files\Varovalni sistem 2006\Common\FCH32.EXE
C:\Program Files\Varovalni sistem 2006\Common\FAMEH32.EXE
C:\Program Files\Varovalni sistem 2006\Anti-Virus\fsqh.exe
C:\Program Files\Varovalni sistem 2006\Anti-Virus\fsrw.exe
C:\Program Files\Varovalni sistem 2006\FSPC\fspc.exe
C:\Program Files\Varovalni sistem 2006\FWES\Program\fsdfwd.exe
C:\Program Files\Varovalni sistem 2006\Anti-Virus\fsav32.exe
C:\PROGRA~1\VAROVA~1\ANTI-S~1\fsaw.exe
C:\Program Files\Varovalni sistem 2006\FSGUI\fsguidll.exe
D:\Azureus\Azureus.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Darko in Tanča\Desktop\HijackThis.exe

R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 – BHO: Adobe PDF Reader Link Helper – {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 – BHO: (no name) – {53707962-6F74-2D53-2644-206D7942484F} – D:\SPYBOT~1\SDHelper.dll
O2 – BHO: SSVHelper Class – {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} – C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 – BHO: QUICKfind BHO Object – {C08DF07A-3E49-4E25-9AB0-D3882835F153} – C:\PROGRA~1\TEXTware\QUICKF~1\PlugIns\IEHelp.dll
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [ABIT uGuru] C:\Program Files\ABIT\ABIT uGuru\uGuru.exe
O4 – HKLM\..\Run: [Picasa Media Detector] D:\Picasa2\PicasaMediaDetector.exe
O4 – HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 – HKLM\..\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe”
O4 – HKLM\..\Run: [Windows Defender] “C:\Program Files\Windows Defender\MSASCui.exe” -hide
O4 – HKLM\..\Run: [F-Secure Manager] “C:\Program Files\Varovalni sistem 2006\Common\FSM32.EXE” /splash
O4 – HKLM\..\Run: [F-Secure TNB] “C:\Program Files\Varovalni sistem 2006\TNB\TNBUtil.exe” /CHECKALL /WAITFORSW
O4 – HKLM\..\Run: [F-Secure Startup Wizard] “C:\Program Files\Varovalni sistem 2006\FSGUI\FSSW.EXE” /reboot
O4 – HKLM\..\Run: [News Service] “C:\Program Files\Varovalni sistem 2006\FSGUI\ispnews.exe”
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [Vremenko] D:\Vremenko\vremenko.exe
O4 – HKCU\..\Run: [updateMgr] “C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe” AcRdB7_0_9 -reboot 1
O4 – HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 – HKCU\..\Run: [Uniblue Registry Booster2] C:\Program Files\Uniblue\RegistryBooster2\RegistryBooster.exe /S
O4 – Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 – Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 – Global Startup: Corel MEDIA FOLDERS INDEXER 8.LNK = C:\Corel\Graphics8\Programs\MFIndexer.exe
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 – Global Startup: NaturalColorLoad.lnk = ?
O4 – Global Startup: Varovalni sistem 2006.lnk = C:\Program Files\Varovalni sistem 2006\backweb\1584371\Program\fspex.exe
O8 – Extra context menu item: &Prepreči to pojavno okno – C:\Program Files\Varovalni sistem 2006\Anti-Spyware\blockpopups.htm
O8 – Extra context menu item: I&zvoz v Microsoft Excel – res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 – Extra button: (no name) – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 – Extra ‘Tools’ menuitem: Sun Java Console – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 – Extra button: Spletni filter – {200DB664-75B5-47c0-8B45-A44ACCF73C00} – C:\Program Files\Varovalni sistem 2006\FSPC\fspcmsie.dll
O9 – Extra button: (no name) – {200DB664-75B5-47c0-8B45-A44ACCF73F01} – C:\Program Files\Varovalni sistem 2006\FSPC\fspcmsie.dll
O9 – Extra ‘Tools’ menuitem: Spletni filter – {200DB664-75B5-47c0-8B45-A44ACCF73F01} – C:\Program Files\Varovalni sistem 2006\FSPC\fspcmsie.dll
O9 – Extra button: Ščit za IE – {300DB664-75B5-47c0-8B45-A44ACCF73C00} – C:\Program Files\Varovalni sistem 2006\Anti-Spyware\ieshield.dll
O9 – Extra ‘Tools’ menuitem: Ščit za IE … – {300DB664-75B5-47c0-8B45-A44ACCF73C00} – C:\Program Files\Varovalni sistem 2006\Anti-Spyware\ieshield.dll
O9 – Extra button: (no name) – {85d1f590-48f4-11d9-9669-0800200c9a66} – %windir%\bdoscandel.exe (file missing)
O9 – Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner v8 – {85d1f590-48f4-11d9-9669-0800200c9a66} – %windir%\bdoscandel.exe (file missing)
O9 – Extra button: (no name) – {e2e2dd38-d088-4134-82b7-f2ba38496583} – %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 – Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 – {e2e2dd38-d088-4134-82b7-f2ba38496583} – %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 – Extra button: Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra ‘Tools’ menuitem: Windows Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O10 – Broken Internet access because of LSP provider ‘winsflt.dll’ missing
O11 – Options group: [INTERNATIONAL] International*
O16 – DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) – http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 – DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) – http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 – DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) – http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab
O16 – DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) – http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1132866573000
O16 – DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) – http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586-jc.cab
O16 – DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) – http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 – Protocol: textwareilluminatorbase – {CE5CD329-1650-414A-8DB0-4CBF72FAED87} – C:\WINDOWS\system32\textwareilluminatorbaseProtocol.dll
O20 – Winlogon Notify: WgaLogon – C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 – SSODL: WPDShServiceObj – {AAA288BA-9A4C-45B0-95D7-94D524869DB5} – C:\WINDOWS\system32\WPDShServiceObj.dll
O23 – Service: Varovalni sistem 2006 (BackWeb Plug-in – 1584371) – F-Secure Corp. – C:\PROGRA~1\VAROVA~1\backweb\1584371\Program\SERVIC~1.EXE
O23 – Service: FSGKHS (F-Secure Gatekeeper Handler Starter) – F-Secure Corporation – C:\Program Files\Varovalni sistem 2006\Anti-Virus\fsgk32st.exe
O23 – Service: fsbwsys – F-Secure Corp. – C:\Program Files\Varovalni sistem 2006\backweb\1584371\program\fsbwsys.exe
O23 – Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) – F-Secure Corporation – C:\Program Files\Varovalni sistem 2006\FWES\Program\fsdfwd.exe
O23 – Service: F-Secure HTTP Server (fshttps) – F-Secure Corporation – C:\Program Files\Varovalni sistem 2006\FSPC\fshttps\fshttps.exe
O23 – Service: F-Secure Management Agent (FSMA) – F-Secure Corporation – C:\Program Files\Varovalni sistem 2006\Common\FSMA32.EXE
O23 – Service: Norman API-hooking helper (NipSvc) – Unknown owner – C:\Norman\Nvc\BIN\nipsvc.exe (file missing)

na 1. pogled ni videti nič.
razen da imaš celu kup AV programov in cel kup antispy programov.
Če jih ne potrebuješ – ti je f-secure čisto dovolj in mogoče še
MS anytispyware ..

Res imam F-secure varnostni sistem (Amis), SpyBot in Windows defender – za slednjega mislim, da ne bi bilo nič narobe, če ga odstranim.

Sej po svoje sem kar vesel, da Hijack ni nič našel…

Potem je bil pa res mogoče kriv petek, trinajsti?

Pa lep pozdrav in hvala!