Logfile of HijackThis v1.97.7
Scan saved at 11:59:06, on 2008.07.03.
Platform: Windows XP Szervizcsomag 2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\OP\System32\smss.exe
C:\OP\system32\csrss.exe
C:\OP\system32\winlogon.exe
C:\OP\system32\services.exe
C:\OP\system32\lsass.exe
C:\OP\system32\Ati2evxx.exe
C:\OP\system32\svchost.exe
C:\OP\system32\svchost.exe
C:\OP\System32\svchost.exe
C:\OP\system32\svchost.exe
C:\OP\system32\svchost.exe
C:\OP\system32\ZoneLabs\vsmon.exe
C:\OP\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\OP\System32\alg.exe
C:\OP\system32\wscntfy.exe
C:\OP\Explorer.EXE
C:\OP\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\OP\system32\algssl.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\OP\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hivatkozások
F2 - REG:system.ini: UserInit=C:\OP\system32\userinit.exe,C:\OP\system32\ntos.exe,
O1 - Hosts: 127.0.0.47 windowsupdate.microsoft.com
O1 - Hosts: 127.0.0.24 go.microsoft.com
O1 - Hosts: 127.0.0.29 msdn.microsoft.com
O1 - Hosts: 127.0.0.33 office.microsoft.com
O1 - Hosts: 127.0.0.40 support.microsoft.com
O1 - Hosts: 127.0.0.38 sophos.com
O1 - Hosts: 127.0.0.34 phx.corporate-ir.net
O1 - Hosts: 127.0.0.20 fastclick.net
O1 - Hosts: 127.0.0.21 f-secure.com
O1 - Hosts: 127.0.0.22 ftp.f-secure.com
O1 - Hosts: 127.0.0.23 ftp.sophos.com
O1 - Hosts: 127.0.0.23 sophos.com
O1 - Hosts: 127.0.0.46 viruslist.ru
O1 - Hosts: 127.0.0.41 symantec.com
O1 - Hosts: 127.0.0.25 liveupdate.symantec.com
O1 - Hosts: 127.0.0.37 service1.symantec.com
O1 - Hosts: 127.0.0.36 securityresponse.symantec.com
O1 - Hosts: 127.0.0.42 update.symantec.com
O1 - Hosts: 127.0.0.43 updates.symantec.com
O1 - Hosts: 127.0.0.41 symantecstore.com
O1 - Hosts: 127.0.0.41 www.symantecstore.com
O1 - Hosts: 127.0.0.6 avp.ch
O1 - Hosts: 127.0.0.7 avp.com
O1 - Hosts: 127.0.0.8 avp.ru
O1 - Hosts: 127.0.0.26 mast.mcafee.com
O1 - Hosts: 127.0.0.27 mcafee.com
O1 - Hosts: 127.0.0.27 www.mcafee.com
O1 - Hosts: 127.0.0.32 networkassociates.com
O1 - Hosts: 127.0.0.32 www.networkassociates.com
O1 - Hosts: 127.0.0.31 nai.com
O1 - Hosts: 127.0.0.35 secure.nai.com
O1 - Hosts: 127.0.0.45 vil.nai.com
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobes\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [IMJPMIG8.2] msime80.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\OP\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsServer] msfir80.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportálás Microsoft Excel formátumba - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
sikerult a hijackot ugy elinditan hogy elkezdtem orult modon rakattintani sokszor.Itt a log