Kan noen sjekke og hjelpe meg med Hijack This loggen min?

[Green_Monster]

Har litt problemer med update og har misstanke om at det er en del feil i registry etter at det ble påpekt fra MS Support, lurte derfor på om noen kunne hjelpe meg litt med HijackThis loggen min?

[DarkZhade]

du kan jo med fordel poste loggen din

[Green_Monster]

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 08:38:16, on 20.05.2008

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

 

Running processes:

C:\Program Files (x86)\ASUS WiFi-AP Solo\RtWLan.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

C:\Program Files (x86)\MagicTune Premium\GammaTray.exe

C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe

C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpWareSE4.exe

C:\Program Files (x86)\Java\jre1.6.0_05\bin\jusched.exe

C:\Program Files (x86)\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe

C:\Windows\SysWOW64\CTXFISPI.EXE

C:\Program Files (x86)\AVG\AVG8\avgtray.exe

C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe

C:\Windows\SysWOW64\CtHelper.exe

C:\Windows\SysWOW64\Ctxfihlp.exe

C:\Program Files (x86)\Common Files\Teleca Shared\Generic.exe

C:\Program Files (x86)\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe

C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE

C:\Program Files (x86)\Internet Explorer\ieuser.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Windows\SysWow64\Macromed\Flash\FlashUtil9e.exe

C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: Torrent-Search Toolbar - {e0c7b854-d5ce-4db6-9804-be1438603d89} - C:\Program Files (x86)\Torrent-Search\tbTorr.dll

F2 - REG:system.ini: UserInit=userinit.exe

O1 - Hosts: ::1 localhost

O2 - BHO: Koblingshjelpeprogram for Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll

O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\googletoolbar1.dll

O2 - BHO: Torrent-Search Toolbar - {e0c7b854-d5ce-4db6-9804-be1438603d89} - C:\Program Files (x86)\Torrent-Search\tbTorr.dll

O3 - Toolbar: Torrent-Search Toolbar - {e0c7b854-d5ce-4db6-9804-be1438603d89} - C:\Program Files (x86)\Torrent-Search\tbTorr.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\googletoolbar1.dll

O4 - HKLM\..\Run: [soundTray] "C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe"

O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe

O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_05\bin\jusched.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files (x86)\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions

O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r

O4 - HKLM\..\Run: [updReg] C:\Windows\UpdReg.EXE

O4 - HKLM\..\Run: [CTXFIREG] CTxfiReg.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\VistaCodecPack\QT\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~2\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL

O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE

O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files (x86)\Download Manager\DLM.exe /windowsstart /startifwork

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJENESTE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJENESTE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETTVERKSTJENESTE')

O4 - HKUS\S-1-5-18\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'Default user')

O4 - Startup: Registration Ghost Recon Advanced Warfighter.LNK = C:\Program Files (x86)\Ubisoft\Ghost Recon Advanced Warfighter\Support\Register\RegistrationReminder.exe

O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ?

O4 - Global Startup: GammaTray.lnk = ?

O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

O9 - Extra button: (no name) - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)

O9 - Extra button: (no name) - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)

O13 - Gopher Prefix:

O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab

O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/softwareupdate/su/...031/CTSUEng.cab

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shock...ash/swflash.cab

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su2...15035/CTPID.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dll

O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: MagicTuneEngine - Unknown owner - C:\Program Files (x86)\MagicTune Premium\MagicTuneEngine.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

 

--

End of file - 11394 bytes

[InsertNumLock]

Ingenting galt med den.

Har noen unødvendige filer, men de burde ikke skape problemer.

 

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

O9 - Extra button: (no name) - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

[Green_Monster]

Godt å høre, hva med alle de på 023 da? Og kan jeg fjerne de på en eller annen måte forstår det som at de ikke trenger å ligge der siden de har file missing?!? Funker ikke med fix i HJT

 

Edit: glemmer å takke... tusen takk !

Endret 20. mai 2008 av Cri

[r2d290]

Vil i tillegg legge til at du bør sette hake foran følgende linjer (i fet skrift)

 

 

Hvis du ikke trenger/kjenner til Torrent-Search

R3 - URLSearchHook: Torrent-Search Toolbar - {e0c7b854-d5ce-4db6-9804-be1438603d89} - C:\Program Files (x86)\Torrent-Search\tbTorr.dll

O2 - BHO: Torrent-Search Toolbar - {e0c7b854-d5ce-4db6-9804-be1438603d89} - C:\Program Files (x86)\Torrent-Search\tbTorr.dll

O3 - Toolbar: Torrent-Search Toolbar - {e0c7b854-d5ce-4db6-9804-be1438603d89} - C:\Program Files (x86)\Torrent-Search\tbTorr.dll

 

avslutt alle programmer utenom hijackthis (inkludert spyware-program)

Trykk "fix checked"

 

Restart maskinen, og post ny logg.

 

Har du hatt noen problemer med maskinen, eller var det bare en sjekk?

Endret 20. mai 2008 av r2d290

[Green_Monster]

Har problemer med en update og MS-support påpekte at det var en del ting i HJT loggen som kunne påvirke/stenge for updaten. Dessuten var det veldig greit å sjekke den.

 

Jeg kjenner til og bruker torrent searchbar

 

09 og 023 (file missing) punkten kommer tilbake ved oppstart av maskinen etter fix

Endret 20. mai 2008 av Cri

[norbat]

023-linjene lar du bare være i fred. Se bort i fra at det står file missing.

 

Er det noen spesielle oppdateringer som ikke vil la seg installere eller er det generelt?

[Green_Monster]

Det er denne som har hengt i systemet lenge nå. Andre oppdateringer har gått forbi, men denne har alltid feil og jeg har forsøkt stand-alone oppdatering også uten hell (Tillhører ikke dette systemet). Har lest i div forum at flere har samme feil når det gjelder denne, men håper at jeg slipper å clean install hele Vista på nytt.

 

 

Oppdatering for Windows Vista for x64-baserte systemer (KB938371)

 

Installasjonsdato: ‎21.‎05.‎2008 12:18

 

Installasjonsstatus: Mislykket

 

Feildetaljer: Kode 80073712

 

Oppdateringstype: Viktig

 

Ved å installere denne oppdateringen gjør du det mulig å installere fremtidige oppdateringer på alle utgaver av Windows Vista. Denne oppdateringen kan være nødvendig før valgte fremtidige oppdateringer kan installeres. Når du har installert dette elementet, kan det hende du må starte datamaskinen på nytt. Elementet kan ikke fjernes etter at det er installert.

 

Mer informasjon:

http://support.microsoft.com/kb/938371

 

Hjelp og støtte:

http://support.microsoft.com

 

Har også forsøkt å slette SofwareDistribution mappen for at den skal resette og forsøke på nytt + en del koder jeg har fått fra support for å skrive inn i CMD. Alt uten hell

Endret 21. mai 2008 av Cri

[norbat]

Tror det beste er å 'reparere' installasjonen

1. Start opp PC-en

2. Sett i Vista CD-en

3. Kjør setup.exe hvis ikke cd/DVD-en starter automatisk - velg Install/installer

4. Når du får spm om hvilke type installasjon, velger du Upgrade/oppgradering gjeldne operativsystem

5. Last ned oppdateringer etterpå.