na virustotal nisam mogao da udjem nikako ...autokms.exe sam ubacio u search i sada ga nema nigdje ...mora da sam ga obrisao iz Malware Bytes-a
evo Hi Jack log
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:13:12 AM, on 1/28/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17093)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\htpatch.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\TechSmith\Snagit 9\Snagit32.exe
C:\Program Files\TechSmith\Snagit 9\TSCHelp.exe
C:\Program Files\TechSmith\Snagit 9\SnagPriv.exe
C:\Program Files\TechSmith\Snagit 9\snagiteditor.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://search.conduit.com?SearchSource=10&ctid=CT2269050
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
O1 - Hosts: 85.242.255.97 google.com
O1 - Hosts: 85.242.255.97
www.google.com
O1 - Hosts: 85.242.255.97 facebook.com
O1 - Hosts: 85.242.255.97
www.facebook.com
O1 - Hosts: 85.242.255.97 yahoo.com
O1 - Hosts: 85.242.255.97
www.yahoo.com
O1 - Hosts: 85.242.255.97 facebook.co.uk
O1 - Hosts: 85.242.255.97
www.facebook.co.uk
O1 - Hosts: 85.242.255.97 google.co.uk
O1 - Hosts: 85.242.255.97
www.google.co.uk
O1 - Hosts: 85.242.255.97 youtube.com
O1 - Hosts: 85.242.255.97
www.youtube.com
O1 - Hosts: 85.242.255.97
www.youtube.co.uk
O1 - Hosts: 85.242.255.97 youtube.com
O1 - Hosts: 85.242.255.97 blogspot.com
O1 - Hosts: 85.242.255.97
www.blogspot.com
O1 - Hosts: 85.242.255.97wikipedia.com
O1 - Hosts: 85.242.255.97
www.wikipedia.com
O1 - Hosts: 85.242.255.97 myspace.com
O1 - Hosts: 85.242.255.97
www.myspace.com
O1 - Hosts: 85.242.255.97 google.ca
O1 - Hosts: 85.242.255.97
www.google.fr
O1 - Hosts: 85.242.255.97 google.fr
O1 - Hosts: 85.242.255.97
www.google.es
O1 - Hosts: 85.242.255.97 google.es
O1 - Hosts: 85.242.255.97
www.google.pt
O1 - Hosts: 85.242.255.97 google.pt
O1 - Hosts: 85.242.255.97
www.sharecash.org
O1 - Hosts: 85.242.255.97 sharecash.org
O1 - Hosts: 85.242.255.97
www.forums.sharecash.org
O1 - Hosts: 85.242.255.97
www.google.ca
O1 - Hosts: 85.242.255.97 forums.sharecash.org
O1 - Hosts: 85.242.255.97
www.warez-bb.org
O1 - Hosts: 85.242.255.97 warez-bb.org
O1 - Hosts: 85.242.255.97 facebook.fr
O1 - Hosts: 85.242.255.97
www.facebook.fr
O1 - Hosts: 85.242.255.97
www.facebook.com
O1 - Hosts: 85.242.255.97 google.com
O1 - Hosts: 85.242.255.97
www.google.com
O1 - Hosts: 85.242.255.97 facebook.com
O1 - Hosts: 85.242.255.97
www.facebook.com
O1 - Hosts: 85.242.255.97 yahoo.com
O1 - Hosts: 85.242.255.97
www.yahoo.com
O1 - Hosts: 85.242.255.97 facebook.co.uk
O1 - Hosts: 85.242.255.97
www.facebook.co.uk
O1 - Hosts: 85.242.255.97 google.co.uk
O1 - Hosts: 85.242.255.97
www.google.co.uk
O1 - Hosts: 85.242.255.97 youtube.com
O1 - Hosts: 85.242.255.97
www.youtube.com
O1 - Hosts: 85.242.255.97
www.youtube.co.uk
O1 - Hosts: 85.242.255.97 youtube.com
O1 - Hosts: 85.242.255.97 blogspot.com
O1 - Hosts: 85.242.255.97
www.blogspot.com
O1 - Hosts: 85.242.255.97wikipedia.com
O1 - Hosts: 85.242.255.97
www.wikipedia.com
O1 - Hosts: 85.242.255.97 myspace.com
O1 - Hosts: 85.242.255.97
www.myspace.com
O1 - Hosts: 85.242.255.97 google.ca
O1 - Hosts: 85.242.255.97
www.google.fr
O1 - Hosts: 85.242.255.97 google.fr
O1 - Hosts: 85.242.255.97
www.google.es
O1 - Hosts: 85.242.255.97 google.es
O1 - Hosts: 85.242.255.97
www.google.pt
O1 - Hosts: 85.242.255.97 google.pt
O1 - Hosts: 85.242.255.97
www.sharecash.org
O1 - Hosts: 85.242.255.97 sharecash.org
O1 - Hosts: 85.242.255.97
www.forums.sharecash.org
O1 - Hosts: 85.242.255.97
www.google.ca
O1 - Hosts: 85.242.255.97 forums.sharecash.org
O1 - Hosts: 85.242.255.97
www.warez-bb.org
O1 - Hosts: 85.242.255.97 warez-bb.org
O1 - Hosts: 85.242.255.97 facebook.fr
O1 - Hosts: 85.242.255.97
www.facebook.fr
O1 - Hosts: 85.242.255.97
www.facebook.com
O1 - Hosts: 85.242.255.97 google.com
O1 - Hosts: 85.242.255.97
www.google.com
O1 - Hosts: 85.242.255.97 facebook.com
O1 - Hosts: 85.242.255.97
www.facebook.com
O1 - Hosts: 85.242.255.97 yahoo.com
O1 - Hosts: 85.242.255.97
www.yahoo.com
O1 - Hosts: 85.242.255.97 facebook.co.uk
O1 - Hosts: 85.242.255.97
www.facebook.co.uk
O1 - Hosts: 85.242.255.97 google.co.uk
O1 - Hosts: 85.242.255.97
www.google.co.uk
O1 - Hosts: 85.242.255.97 youtube.com
O1 - Hosts: 85.242.255.97
www.youtube.com
O1 - Hosts: 85.242.255.97
www.youtube.co.uk
O1 - Hosts: 85.242.255.97 youtube.com
O1 - Hosts: 85.242.255.97 blogspot.com
O1 - Hosts: 85.242.255.97
www.blogspot.com
O1 - Hosts: 85.242.255.97wikipedia.com
O1 - Hosts: 85.242.255.97
www.wikipedia.com
O1 - Hosts: 85.242.255.97 myspace.com
O1 - Hosts: 85.242.255.97
www.myspace.com
O1 - Hosts: 85.242.255.97 google.ca
O1 - Hosts: 85.242.255.97
www.google.fr
O1 - Hosts: 85.242.255.97 google.fr
O1 - Hosts: 85.242.255.97
www.google.es
O1 - Hosts: 85.242.255.97 google.es
O1 - Hosts: 85.242.255.97
www.google.pt
O1 - Hosts: 85.242.255.97 google.pt
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.3.0.5\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll
O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Administrator\Application Data\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\Administrator\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/wi...t/wuweb_site.cab?1292380418562
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
--
End of file - 11356 bytes