bocsi, de emberi hiba miatt egy olyan log filet másoltam be, ahol mûxik az IE,
ez egy olyan, ahol nem:
Logfile of HijackThis v1.97.7
Scan saved at 10:08:08, on 2004. 01. 21.
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 SP1 (5.00.2920.0000)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\System32\SCardSvr.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\MS\SMS\CORE\BIN\CLISVCL.EXE
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\mnmsrvc.exe
C:\WINNT\system32\regsvc.exe
C:\Program Files\SAP Frontend\SapGui\srvany.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\SAP Frontend\SapGui\rfccom.exe
C:\WINNT\System32\snmp.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\igfxtray.exe
C:\WINNT\System32\hkcmd.exe
C:\WINNT\MS\SMS\CORE\BIN\LAUNCH32.EXE
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\WINNT\system32\internat.exe
S:\oscan\SchUpd.exe
C:\WINNT\MS\SMS\CLICOMP\SWDist32\bin\smsmon32.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\WINNT\system32\proquota.exe
C:\Program Files\Microsoft Office\Office\OUTLOOK.EXE
C:\Program Files\Common Files\System\MAPI\1038\nt\MAPISP32.EXE
C:\WINNT\system32\mmc.exe
C:\Program Files\NetMeeting\conf.exe
C:\WINNT\system32\cmd.exe
C:\WINNT\system32\cmd.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Microsoft Office\Office\EXCEL.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\OfficeScan NT\tmlisten.exe
C:\Program Files\OfficeScan NT\ntrtscan.exe
C:\Program Files\OfficeScan NT\PCCNTMON.EXE
C:\WINNT\MS\SMS\clicomp\apa\Bin\smsapm32.exe
I:\Task-list\Bin\Project1.exe
C:\PROGRA~1\WinZip\winzip32.exe
C:\Data\download\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = fttp://www.webmania.hu/kereso
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by
(v1.0.18)
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;<local>
F2 - REG:system.ini: UserInit=CatUInit
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat
5.0\Reader\ActiveX\AcroIEHelper.ocx
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\OfficeScan NT\pccntmon.exe"
O4 - HKLM\..\Run: [cryptoex] C:\WINNT\system32\wscript.exe "C:\Program Files\CryptoEx Security
Suite\PolicyUpdate.vbs"
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [DirXconnect settings] C:\\PROGRA~1\DIRXDI~1\dxdSetup.exe -silent -dxcsettings
O4 - HKLM\..\Run: [SMS Application Launcher] C:\WINNT\MS\SMS\CORE\BIN\LAUNCH32.EXE
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP
Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKCU\..\Run: [CatUserRun] wscript.exe "C:\Program Files\CatPC\CatLogon\CatUserRun.vbe"
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - Startup: OfficeScan Update.lnk.lnk = oscan\SchUpd.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) -
https://components.viewpoint.com/MTSInstallers/MetaStream3.cab?url=http://www.fujitsu-siemens.com/pocketloox/h
tml/eu/english/viewpoint.html
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Macromedia Shockwave Director Control) -
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) -
http://i.a.cnn.net/cnn/resources/cult3d/cult.cab
O16 - DPF: {402EE96E-2CE8-482D-ADA5-CECEEA07E16D} (TurnTool Scene) - http://www.turntool.com/ViewerInstall.exe
O16 - DPF: {8702D9E1-890B-4BF2-A233-FA44E582B2DE} (Dialer_activex Control) -
http://vad.mainentrypoint.com/dialer/bin/CE10000/TEST/dialer_activex.cab
O16 - DPF: {9b935470-ad4a-11d5-b63e-00c04faedb18} (Oracle JInitiator 1.1.8.16) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain =
O17 - HKLM\System\CCS\Services\Tcpip\..\{61AA4493-61DA-491B-B588-0D8A167D48B4}: NameServer =
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain =
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain =
thx
lassan két hete nem jutok dûlõre ezzel a problémával :(