Trenger tolkning av Hijackthis log.

[korholm]

Hei lasta net et program som heter hijackthis, men da jeg kjørte det kunne det ikke si meg hva jeg kunne slette eller ikke. Er det noen som kan si meg det.

 

Logfile of HijackThis v1.99.1

Scan saved at 00:36:49, on 16.06.2005

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe

C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe

C:\Programfiler\Norton Personal Firewall\ISSVC.exe

C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe

C:\WINDOWS\Explorer.EXE

C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe

C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Programfiler\Logitech\iTouch\iTouch.exe

C:\Programfiler\HP\hpcoretech\hpcmpmgr.exe

C:\Programfiler\D-Tools\daemon.exe

C:\Programfiler\Logitech\MouseWare\system\em_exec.exe

C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Programfiler\HP\hpcoretech\comp\hptskmgr.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Programfiler\Java\jre1.5.0_02\bin\jusched.exe

C:\Programfiler\Kazaa Lite K++\Kazaa.kpp

C:\WINDOWS\system32\ctfmon.exe

C:\Programfiler\MSN Messenger\msnmsgr.exe

C:\Programfiler\Skype\Phone\Skype.exe

C:\Programfiler\Fellesfiler\Autodata Limited Shared\Service\ADCDLicSvc.exe

C:\Programfiler\Fellesfiler\Microsoft Shared\VS7Debug\mdm.exe

C:\Programfiler\Norton AntiVirus\navapsvc.exe

C:\Programfiler\Ares\Ares.exe

C:\Programfiler\BitLord\BitLord.exe

C:\Programfiler\SpeedswitchXP\SpeedswitchXP.exe

C:\Programfiler\Norton AntiVirus\IWP\NPFMntor.exe

C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXE

C:\Programfiler\WinZip\WZQKPICK.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE

C:\WINDOWS\System32\svchost.exe

C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\Programfiler\MSN Apps\Updater\01.02.3000.1001\no\msnappau.exe

C:\Documents and Settings\Kai Arne Orholm\Skrivebord\hijackthis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.startsiden.no

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startsiden.no/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.startsiden.no

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startsiden.no/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

O1 - Hosts: 64.91.255.87 www.dcsresearch.com

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programfiler\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

O2 - BHO: Norton Personal Firewall - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programfiler\Fellesfiler\Symantec Shared\AdBlocking\NISShExt.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\MSN Apps\MSN Toolbar\01.02.4000.1001\no\msntb.dll

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programfiler\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\MSN Apps\MSN Toolbar\01.02.4000.1001\no\msntb.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programfiler\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Norton Personal Firewall - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programfiler\Fellesfiler\Symantec Shared\AdBlocking\NISShExt.dll

O4 - HKLM\..\Run: [anvshell] anvshell.exe

O4 - HKLM\..\Run: [LiveNote] livenote.exe

O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programfiler\Logitech\iTouch\iTouch.exe

O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe

O4 - HKLM\..\Run: [HP Component Manager] "C:\Programfiler\HP\hpcoretech\hpcmpmgr.exe"

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programfiler\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [KAZAA] "C:\Programfiler\Kazaa Lite K++\kpp.exe" "C:\Programfiler\Kazaa Lite K++\Kazaa.kpp" /SYSTRAY

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programfiler\Java\jre1.5.0_02\bin\jusched.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Programfiler\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [skype] "C:\Programfiler\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [ares] "C:\Programfiler\Ares\Ares.exe" -h

O4 - HKCU\..\Run: [bitComet] "C:\Programfiler\BitLord\BitLord.exe"

O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe

O4 - HKCU\..\Run: [speedswitchXP] C:\Programfiler\SpeedswitchXP\SpeedswitchXP.exe

O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programfiler\WinZip\WZQKPICK.EXE

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_02\bin\npjpi150_02.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_02\bin\npjpi150_02.dll

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - https://download.macromedia.com/pub/shockwa...director/sw.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab

O23 - Service: Autodata Limited License Service - Autodata Limited - C:\Programfiler\Fellesfiler\Autodata Limited Shared\Service\ADCDLicSvc.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe

O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Programfiler\Norton Personal Firewall\ISSVC.exe

O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Programfiler\Norton AntiVirus\navapsvc.exe

O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Programfiler\Norton AntiVirus\IWP\NPFMntor.exe

O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXE

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

O23 - Service: SAVScan - Symantec Corporation - C:\Programfiler\Norton AntiVirus\SAVScan.exe

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FELLES~1\SYMANT~1\SCRIPT~1\SBServ.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe

 

#Topic endret av moderator#

Endret 16. juni 2005 av Jankee

[Anonym234]

Tips; Bytt emnefeltet, ellers stenges denne...

[zjulik]

Heisan. HijackThis gir en grei oversikt over

- hva som kjører hos deg

- hva som starter med maskinen

 

Du har gjort det som normalt gjøres med loggen, nemlig å poste den til beskuelse. Og loggen din ser sunn ut, såvidt jeg kan se. Litt mye som er satt til oppstart, men ikke noe styggedom.

 

Har du et problem med maskinen, siden du poster?

[korholm]

Ja har det. Den har blitt bedre, men den er fremdeles alt for treig

[zjulik]

Da får du begynne å rydde litt...mye å hente på det.

- Tøm boss - CrapCleaner

- Rens registeret - RegSupreme

- Defrag - Windows sin/PerfectDisk/Diskkeeper

- Fjern unødvendige oppstartselementer - HijackThis/RegSupreme

- Kjør evt et tweakprogram som optimaliserer en del innstillinger - Tuneup Utilities, TuneXP e l.

 

Har du sjelden gjort noe av dette, skulle det ikke forbause meg om du kan ende med en maskin som oppleves som dobbelt så kvikk.

[korholm]

Takk for tipset det hjalp å rydde litt. Den er blitt mye berdre