Gå til innhold

HiJack this log, hva må gjøres...?

egd1

Av egd1
i IKT-drift og sikkerhet

Anbefalte innlegg

egd1

egd1

Skrevet
Skrevet (endret)

Logfile of HijackThis v1.99.1

Scan saved at 15:27:45, on 17.10.2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

H:\WINDOWS\System32\smss.exe

H:\WINDOWS\system32\csrss.exe

H:\WINDOWS\system32\winlogon.exe

H:\WINDOWS\system32\services.exe

H:\WINDOWS\system32\lsass.exe

H:\WINDOWS\system32\svchost.exe

H:\WINDOWS\system32\svchost.exe

H:\WINDOWS\System32\svchost.exe

H:\WINDOWS\system32\svchost.exe

H:\WINDOWS\system32\svchost.exe

H:\WINDOWS\system32\spoolsv.exe

H:\WINDOWS\system32\netsecurity.exe

H:\WINDOWS\ATKKBService.exe

H:\WINDOWS\system32\CTsvcCDA.EXE

H:\WINDOWS\eHome\ehRecvr.exe

H:\WINDOWS\eHome\ehSched.exe

c:\Norman\Bin\Zanda.exe

H:\WINDOWS\system32\nvsvc32.exe

H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

H:\WINDOWS\system32\svchost.exe

H:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

H:\WINDOWS\ehome\mcrdsvc.exe

c:\Norman\Nvc\bin\nvcoas.exe

c:\Norman\bin\NJEEVES.EXE

c:\Norman\Nvc\BIN\NVCSCHED.EXE

c:\Norman\Nvc\BIN\nipsvc.exe

H:\WINDOWS\system32\dllhost.exe

H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

H:\WINDOWS\System32\alg.exe

H:\WINDOWS\ehome\ehtray.exe

H:\program files\Analog Devices\SoundMAX\Smax4.exe

H:\WINDOWS\eHome\ehmsas.exe

H:\Program Files\ASUS\AASP\1.00.01\aaCenter.exe

C:\Norman\bin\ZLH.EXE

H:\WINDOWS\CTHELPER.EXE

H:\Program Files\Logitech\MouseWare\system\em_exec.exe

H:\WINDOWS\system32\CTXFIHLP.EXE

H:\WINDOWS\SYSTEM32\CTXFISPI.EXE

H:\WINDOWS\system32\RUNDLL32.EXE

C:\program files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE

H:\program files\Creative\Shared Files\Module Loader\DLLML.exe

C:\program files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe

H:\Program Files\Analog Devices\Core\smax4pnp.exe

c:\Norman\Nvc\BIN\NIP.EXE

C:\Program Files\PowerISO\PWRISOVM.EXE

c:\Norman\Nvc\bin\cclaw.exe

H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe

H:\Program Files\Roxio\Media Experience\DMXLauncher.exe

H:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe

H:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe

H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe

H:\WINDOWS\system32\ctfmon.exe

H:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe

H:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\VoipStunt.com\VoipStunt\VoipStunt.exe

C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe

C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe

H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

H:\program files\ASUS WiFi-AP Solo\RtWLan.exe

C:\Program Files\Nordic Pirat Forum\NPFTrayIcon.exe

H:\program files\Plextor\PlexTool.exe

H:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

H:\program files\MSN Messenger\msnmsgr.exe

H:\Documents and Settings\Inge L\Desktop\304.exe

H:\WINDOWS\system32\svchost.exe[/color]

H:\WINDOWS\explorer.exe

H:\Program Files\MSN Messenger\msnmsgr.exe

H:\WINDOWS\system32\svchost.exe

H:\Program Files\Windows Defender\MsMpEng.exe

H:\Program Files\Windows Defender\MSASCui.exe

H:\Program Files\Internet Explorer\iexplore.exe

H:\Program Files\Spyware Doctor\sdhelp.exe

H:\Program Files\Spyware Doctor\swdoctor.exe

H:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe

H:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

H:\Program Files\Internet Explorer\iexplore.exe

H:\Documents and Settings\Inge L\Desktop\hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.google.com/mail/

O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com

O1 - Hosts: 127.255.255.255 www.alcohol-soft.com

O1 - Hosts: 127.255.255.255 images.alcohol-soft.com

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - c:\PROGRA~1\SPYBOT~1\SDHelper.dll (file missing)

O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - H:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - h:\program files\google\googletoolbar1.dll

O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - H:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - h:\program files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [ehTray] H:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [soundMAX] "H:\program files\Analog Devices\SoundMAX\Smax4.exe" /tray

O4 - HKLM\..\Run: [AsusServiceProvider] "H:\Program Files\ASUS\AASP\1.00.01\aaCenter.exe"

O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" H:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install

O4 - HKLM\..\Run: [Ai Nap] "H:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe -AISUITE"

O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe

O4 - HKLM\..\Run: [Norman ZANDA] "c:\Norman\bin\ZLH.EXE" /LOAD /SPLASH

O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE

O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE

O4 - HKLM\..\Run: [updReg] H:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [CTRegRun] H:\WINDOWS\CTRegRun.EXE

O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" H:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [CTDVDDET] "c:\program files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"

O4 - HKLM\..\Run: [RCSystem] "H:\program files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup

O4 - HKLM\..\Run: [AudioDrvEmulator] "H:\program files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "H:\program files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"

O4 - HKLM\..\Run: [VolPanel] "c:\program files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r

O4 - HKLM\..\Run: [NeroFilterCheck] "H:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe"

O4 - HKLM\..\Run: [soundMAXPnP] "H:\Program Files\Analog Devices\Core\smax4pnp.exe"

O4 - HKLM\..\Run: [PWRISOVM.EXE] "c:\Program Files\PowerISO\PWRISOVM.EXE"

O4 - HKLM\..\Run: [RoxWatchTray] "H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"

O4 - HKLM\..\Run: [DMXLauncher] "H:\Program Files\Roxio\Media Experience\DMXLauncher.exe"

O4 - HKLM\..\Run: [RoxioDragToDisc] "H:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"

O4 - HKLM\..\Run: [explorer] "H:\Documents and Settings\Inge L\Desktop\304.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "H:\Program Files\Java\jre1.5.0_06\bin\jusched.exe"

O4 - HKLM\..\Run: [Windows Defender] "H:\Program Files\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [spySweeper] "H:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray

O4 - HKCU\..\Run: [ASUS SmartDoctor] "C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe" /start

O4 - HKCU\..\Run: [MsnMsgr] "H:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] "H:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [skype] "H:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [VoipStunt] "C:\Program Files\VoipStunt.com\VoipStunt\VoipStunt.exe" -nosplash -minimized

O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R

O4 - HKCU\..\Run: [Creative MediaSource Go] "C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe" /SCB

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [spyware Doctor] "H:\Program Files\Spyware Doctor\swdoctor.exe" /Q

O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ?

O4 - Global Startup: NPFTrayIcon.lnk = C:\Program Files\Nordic Pirat Forum\NPFTrayIcon.exe

O4 - Global Startup: PlexTools Professional.lnk = H:\program files\Plextor\PlexTool.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - H:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204

O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.5) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1159984882796

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15026/CTPID.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - H:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - H:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: WRNotifier - H:\WINDOWS\SYSTEM32\WRLogonNTF.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - H:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: .NETSecurity - Unknown owner - H:\WINDOWS\system32\netsecurity.exe

O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - H:\WINDOWS\ATKKBService.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - H:\WINDOWS\system32\CTsvcCDA.EXE

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: NBService - Nero AG - C:\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - c:\Norman\Nvc\BIN\nipsvc.exe

O23 - Service: Norman NJeeves - Unknown owner - c:\Norman\bin\NJEEVES.EXE

O23 - Service: Norman ZANDA - Unknown owner - c:\Norman\Bin\Zanda.exe

O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - c:\Norman\Nvc\bin\nvcoas.exe

O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - c:\Norman\Nvc\BIN\NVCSCHED.EXE

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - H:\Program Files\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe

O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - H:\Program Files\Common Files\Sonic Shared\RoxioUpnpService9.exe

O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - H:\Program Files\Spyware Doctor\sdhelp.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - H:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - H:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - H:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

Endret av egd1
Lenke til kommentar

Opprett en konto eller logg inn for å kommentere

Du må være et medlem for å kunne skrive en kommentar

Opprett konto

Det er enkelt å melde seg inn for å starte en ny konto!

Start en konto

Logg inn

Har du allerede en konto? Logg inn her.

Logg inn nå
Gå til emneliste
×
×
  • Opprett ny...