Kan noen se på hjthis loggen min

[Saiyaman]

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 23:06:35, on 06.02.2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\Explorer.EXE

C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe

C:\WINDOWS\system32\VTtrayp.exe

C:\WINDOWS\system32\VTTimer.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\AGRSMMSG.exe

C:\Programfiler\Apoint2K\Apoint.exe

C:\PROGRA~1\Grisoft\AVG7\avgcc.exe

C:\Programfiler\Apoint2K\Apntex.exe

C:\WINDOWS\system32\rundll32.exe

C:\PROGRA~1\Grisoft\AVG7\avgw.exe

C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Programfiler\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

C:\Programfiler\Internet Explorer\IEXPLORE.EXE

C:\WINDOWS\system32\msiexec.exe

C:\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programfiler\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programfiler\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programfiler\google\googletoolbar1.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programfiler\Yahoo!\Companion\Installs\cpn\yt.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [Apoint] C:\Programfiler\Apoint2K\Apoint.exe

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] C:\Programfiler\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9d.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')

O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOKAL TJENESTE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE')

O4 - HKUS\S-1-5-21-1085031214-152049171-1343024091-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Ellen & Eivind')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - S-1-5-21-1085031214-152049171-1343024091-1005 Startup: OpenOffice.org 2.3.lnk = C:\Programfiler\OpenOffice.org 2.3\program\quickstart.exe (User 'Ellen & Eivind')

O4 - S-1-5-21-1085031214-152049171-1343024091-1005 User Startup: OpenOffice.org 2.3.lnk = C:\Programfiler\OpenOffice.org 2.3\program\quickstart.exe (User 'Ellen & Eivind')

O4 - Global Startup: Microsoft Office.lnk = C:\Programfiler\Microsoft Office\Office\OSA9.EXE

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programfiler\Yahoo!\Common\yinsthelper.dll

O21 - SSODL: RunOnceCheck - {101e2cf1-386d-4fcf-b143-c4cfb363a123} - C:\WINDOWS\Installer\{101e2cf1-386d-4fcf-b143-c4cfb363a123}\RunOnceCheck.dll (file missing)

O21 - SSODL: zip - {ddd2daf2-01fc-4ea2-8560-87f062a12ba7} - C:\WINDOWS\Installer\{ddd2daf2-01fc-4ea2-8560-87f062a12ba7}\zip.dll

O21 - SSODL: CheckRam - {9c6442e2-2a0c-42b1-8852-eba0b668fb4e} - C:\WINDOWS\Installer\{9c6442e2-2a0c-42b1-8852-eba0b668fb4e}\CheckRam.dll (file missing)

O21 - SSODL: BootAlrt - {66ab5416-48e5-4acd-b4fb-c2daa676a57a} - C:\WINDOWS\Installer\{66ab5416-48e5-4acd-b4fb-c2daa676a57a}\BootAlrt.dll (file missing)

O21 - SSODL: RunOnceSys - {fbc5e6fe-7705-4bb0-b53f-e626b0b22443} - C:\WINDOWS\Installer\{fbc5e6fe-7705-4bb0-b53f-e626b0b22443}\RunOnceSys.dll (file missing)

O21 - SSODL: ServiceBoot - {a46a8995-25a6-4d5a-b4d3-db581ca5ef7d} - C:\WINDOWS\Installer\{a46a8995-25a6-4d5a-b4d3-db581ca5ef7d}\ServiceBoot.dll (file missing)

O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Programfiler\Google\Common\Google Updater\GoogleUpdaterService.exe

 

--

End of file - 6883 bytes

 

Hei har merka at den berbare pcen går treigt hele tiden nå så lurte på om noen kunne se på den?

[norbat]

Du kan fixe følgende linjer med hjt:

O21 - SSODL: RunOnceCheck - {101e2cf1-386d-4fcf-b143-c4cfb363a123} - C:\WINDOWS\Installer\{101e2cf1-386d-4fcf-b143-c4cfb363a123}\RunOnceCheck.dll (file missing)

O21 - SSODL: zip - {ddd2daf2-01fc-4ea2-8560-87f062a12ba7} - C:\WINDOWS\Installer\{ddd2daf2-01fc-4ea2-8560-87f062a12ba7}\zip.dll

O21 - SSODL: CheckRam - {9c6442e2-2a0c-42b1-8852-eba0b668fb4e} - C:\WINDOWS\Installer\{9c6442e2-2a0c-42b1-8852-eba0b668fb4e}\CheckRam.dll (file missing)

O21 - SSODL: BootAlrt - {66ab5416-48e5-4acd-b4fb-c2daa676a57a} - C:\WINDOWS\Installer\{66ab5416-48e5-4acd-b4fb-c2daa676a57a}\BootAlrt.dll (file missing)

O21 - SSODL: RunOnceSys - {fbc5e6fe-7705-4bb0-b53f-e626b0b22443} - C:\WINDOWS\Installer\{fbc5e6fe-7705-4bb0-b53f-e626b0b22443}\RunOnceSys.dll (file missing)

O21 - SSODL: ServiceBoot - {a46a8995-25a6-4d5a-b4d3-db581ca5ef7d} - C:\WINDOWS\Installer\{a46a8995-25a6-4d5a-b4d3-db581ca5ef7d}\ServiceBoot.dll (file missing)

 

Loggen viser ingen spesielle ting som skulle tilsi at PC-en kjører tregt.

 

Du kan prøve en generell opprydding:

 

1. Avinstaller prog. du ikke bruker

 

2. Kjør en rens med CCleaner: Last ned CCleaner. Start programmet. Gå til 'Valg'->'Avansert'. Fjern avkryssingen framfor: "bare slett midlertidige filer......." Klikk på 'Renser' og deretter 'Kjør CCleaner'.

 

3. Er det program som ikke behøver å starte opp sammen med Windows: Start->Kjør, skriv: msconfig. Velg arkfanen Oppstart. Fjern avmerkingen framfor de prosesser som ikke behøver å starte opp sammen med Win.

 

4. Trenger PC-en en diskdefragmentering? (Tilbehør->systemverktøy->systemgjenoppretting)

 

5. Kjør en full scan med et antispywareprogram (Det har du sikkert allerede gjort med AVG AntiSpyware?)

Endret 6. februar 2008 av norbat