Gå til innhold

sjekke denne hicack loggen

trrunde

Av trrunde
i IKT-drift og sikkerhet

Anbefalte innlegg

trrunde

trrunde

Skrevet
Skrevet

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\WINDOWS\system32\Dfssvc.exe

C:\WINDOWS\System32\dns.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\inetsrv\inetinfo.exe

C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Binn\sqlservr.exe

C:\Program Files\Eset\nod32krn.exe

C:\WINDOWS\system32\ntfrs.exe

C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\OPHCLDCS.EXE

C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\System32\wins.exe

C:\Program Files\Exchsrvr\bin\exmgmt.exe

C:\Program Files\Exchsrvr\bin\mad.exe

C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Exchsrvr\bin\store.exe

C:\Program Files\Microsoft Windows Small Business Server\Networking\POP3\imbservice.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\dmadmin.exe

C:\WINDOWS\Explorer.EXE

c:\windows\system32\inetsrv\w3wp.exe

C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe

C:\Program Files\Eset\nod32kui.exe

C:\Program Files\Cobian Backup 8\cbInterface.exe

C:\Program Files\Analog Devices\SoundMAX\SMTray.exe

C:\Program Files\DAEMON Tools\daemon.exe

C:\Program Files\Okidata\OKI LPR Utility\okilpr.exe

C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

C:\Program Files\Opera\Opera.exe

C:\Documents and Settings\Administrator\Desktop\HiJackThis_v2.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://companyweb

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://companyweb

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O4 - HKLM\..\Run: [DWPersistentQueuedReporting] C:\PROGRA~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE -a

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"

O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE

O4 - HKLM\..\Run: [Cobian Backup 8 interface] "C:\Program Files\Cobian Backup 8\cbInterface.exe" -service

O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [uTorrent] c:\Program Files\uTorrent\utorrent.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033

O4 - HKCU\..\Run: [Jump gpl] C:\DOCUME~1\ADMINI~1\APPLIC~1\UPONLI~1\start load.exe

O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')

O4 - Startup: Server Management.lnk = ?

O4 - Global Startup: OKI LPR Utility.lnk = C:\Program Files\Okidata\OKI LPR Utility\okilpr.exe

O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O14 - IERESET.INF: START_PAGE_URL=http://companyweb

O15 - ESC Trusted Zone: http://*.adobe.com

O15 - ESC Trusted Zone: http://mirrors.evolva.ro

O15 - ESC Trusted Zone: http://*.filext.com

O15 - ESC Trusted Zone: http://www.google.no

O15 - ESC Trusted Zone: http://*.imagine-msn.com

O15 - ESC Trusted Zone: http://*.java.com

O15 - ESC Trusted Zone: http://login.jdata.no

O15 - ESC Trusted Zone: http://*.live.com

O15 - ESC Trusted Zone: http://no.msn.com

O15 - ESC Trusted Zone: http://*.msn.com

O15 - ESC Trusted Zone: http://*.search.msn.no

O15 - ESC Trusted Zone: http://www.norek.no

O15 - ESC Trusted Zone: http://opera.nsc.no

O15 - ESC Trusted Zone: http://download.openoffice.org

O15 - ESC Trusted Zone: http://www.openoffice.org

O15 - ESC Trusted Zone: http://www.opera.com

O15 - ESC Trusted Zone: http://*.router

O15 - ESC Trusted Zone: *.security_mmc.exe

O15 - ESC Trusted Zone: http://www.sun.com

O15 - ESC Trusted Zone: http://*.windowslive.no

O15 - ESC Trusted Zone: http://*.windowsupdate.com

O15 - ESC Trusted Zone: http://*.windowsupdate.com (HKLM)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1178464303640

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = runde.local

O17 - HKLM\Software\..\Telephony: DomainName = runde.local

O17 - HKLM\System\CCS\Services\Tcpip\..\{E6443011-9C1C-4D7A-99A0-F3DA22CCB46A}: NameServer = 10.0.0.3,130.67.60.68

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = runde.local

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Cobian Backup 8 service (CobBMService) - Luis Cobian - C:\Program Files\Cobian Backup 8\cbService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

O23 - Service: OKI OPHC DCS Loader - Oki Data Corporation - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\OPHCLDCS.EXE

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

 

er ikke sikker på om det skal være noe rart her, men når jeg restartet pcen ville ikke live messenger starte

Lenke til kommentar

Videoannonse

Videoannonse
Annonse
Gjest medlem-105082

Gjest medlem-105082

Skrevet
Skrevet

Last ned SAS. Installer, oppdater og kjør en 'complete' scan.

 

Når SAS er ferdig legger du ut en ny Hijackthis loggen sammen med SAS loggen (preferences->statistics/logs)

Lenke til kommentar

Opprett en konto eller logg inn for å kommentere

Du må være et medlem for å kunne skrive en kommentar

Opprett konto

Det er enkelt å melde seg inn for å starte en ny konto!

Start en konto

Logg inn

Har du allerede en konto? Logg inn her.

Logg inn nå
Gå til emneliste

  • Hvem er aktive   0 medlemmer

    • Ingen innloggede medlemmer aktive
×
×
  • Opprett ny...