[LØST]Hijackthis log fil, ser den ok ut ?

MKej · 27. mai 2008

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 23:09:13, on 31.12.2001

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Boot mode: Normal

Running processes:

C:\windows\System32\smss.exe

C:\windows\system32\csrss.exe

C:\windows\system32\winlogon.exe

C:\windows\system32\services.exe

C:\windows\system32\lsass.exe

C:\windows\system32\svchost.exe

C:\windows\System32\svchost.exe

C:\windows\system32\spoolsv.exe

C:\Programfiler\Java\jre1.6.0_02\bin\jusched.exe

C:\windows\System32\RUNDLL32.EXE

C:\Programfiler\Microsoft IntelliPoint\point32.exe

C:\windows\SOUNDMAN.EXE

C:\Programfiler\LogMeIn\LogMeInSystray.exe

C:\Programfiler\ESET\ESET NOD32 Antivirus\egui.exe

C:\Programfiler\Winamp\winampa.exe

C:\Programfiler\MSN Messenger\MsnMsgr.Exe

C:\Programfiler\Creative\MediaSource5\MtdAcqu.exe

C:\Programfiler\Creative\MediaSource5\CTDetctu.exe

C:\Programfiler\Creative\Sync Manager Unicode\CTSyncU.exe

C:\Programfiler\Tunebite\tunebite.exe

C:\Programfiler\InterVideo\Common\Bin\WinCinemaMgr.exe

C:\WINDOWS\System32\CTsvcCDA.exe

C:\windows\System32\nvsvc32.exe

C:\Programfiler\Raxco\PerfectDisk\PDAgent.exe

C:\Programfiler\PostgreSQL\8.3\bin\pg_ctl.exe

C:\Programfiler\Spyware Doctor\sdhelp.exe

C:\windows\System32\svchost.exe

C:\WINDOWS\System32\wdfmgr.exe

C:\Programfiler\PostgreSQL\8.3\bin\postgres.exe

C:\windows\System32\CPdeSrvU.exe

C:\Programfiler\PostgreSQL\8.3\bin\postgres.exe

C:\Programfiler\Raxco\PerfectDisk\PDEngine.exe

C:\windows\System32\wuauclt.exe

C:\WINDOWS\System32\wbem\wmiprvse.exe

C:\Programfiler\ESET\ESET NOD32 Antivirus\ekrn.exe

C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe

C:\WINDOWS\System32\wbem\wmiprvse.exe

C:\windows\explorer.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_02\bin\jusched.exe"

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [intelliPoint] "C:\Programfiler\Microsoft IntelliPoint\point32.exe"

O4 - HKLM\..\Run: [bearShare] "C:\Programfiler\BearShare\BearShare.exe" /pause

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Programfiler\LogMeIn\LogMeInSystray.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [egui] "C:\Programfiler\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice

O4 - HKLM\..\Run: [WinampAgent] C:\Programfiler\Winamp\winampa.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [MtdAcqu] "C:\Programfiler\Creative\MediaSource5\MtdAcqu.exe" /s

O4 - HKCU\..\Run: [Creative Detector U] "C:\Programfiler\Creative\MediaSource5\CTDetctu.exe" /R

O4 - HKCU\..\Run: [steam] "c:\programfiler\steam\steam.exe" -silent

O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Programfiler\Creative\Sync Manager Unicode\CTSyncU.exe"

O4 - HKCU\..\Run: [tunebite.exe] C:\Programfiler\Tunebite\tunebite.exe -tray

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJENESTE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETTVERKSTJENESTE')

O4 - HKUS\S-1-5-21-1957994488-1965331169-725345543-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'postgres')

O4 - HKUS\S-1-5-21-1957994488-1965331169-725345543-1005\..\RunOnce: [NeroHomeFirstStart] C:\Programfiler\Fellesfiler\Ahead\Lib\NMFirstStart.exe (User 'postgres')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programfiler\InterVideo\Common\Bin\WinCinemaMgr.exe

O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_02\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_02\bin\ssv.dll

O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Mads Kristensen\Start-meny\Programmer\Absolute Poker\Absolute Poker.lnk (file missing)

O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Mads Kristensen\Start-meny\Programmer\Absolute Poker\Absolute Poker.lnk (file missing)

O9 - Extra button: PokerArena English Poker - {1D14B319-E8D7-4491-BE7E-530FD1777D29} - C:\Programfiler\pokerarenaenglishMPP\MPPoker.exe

O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll

O9 - Extra button: Betway Casino - {3063c161-2f7e-4225-ba73-08bc8f64c67e} - C:\Programfiler\Betway\Casino\casinogame.exe

O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe

O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe

O9 - Extra button: Betway.com Poker - {4CBB5C71-1BA0-49ca-93CD-159AF8AA0CC9} - C:\Programfiler\Betway\Poker\MPPoker.exe

O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Programfiler\UltimateBet\UltimateBet.exe

O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Programfiler\UltimateBet\UltimateBet.exe

O9 - Extra button: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe

O9 - Extra 'Tools' menuitem: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe

O9 - Extra button: bet365 Poker - {B1BA4A3F-1C95-497b-9F82-F8DA4A5C89DD} - C:\Programfiler\bet365MPP\MPPoker.exe

O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programfiler\PartyGaming\PartyPoker\RunApp.exe

O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programfiler\PartyGaming\PartyPoker\RunApp.exe

O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Programfiler\UnibetpokerMPP\MPPoker.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\MSMSGS.EXE (file missing)

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\MSMSGS.EXE (file missing)

O16 - DPF: {5CD4310E-88FB-43C1-BE24-5F3FA9C5C9D1} (KooPlayer Control) - http://www.euchannels.net/update/KooPlayer.ocx

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1167052363546

O21 - SSODL: buprestidae - {b59f3ba4-98da-4b5f-8a2d-7b56fb11140b} - (no file)

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe

O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Programfiler\ESET\ESET NOD32 Antivirus\EHttpSrv.exe

O23 - Service: Eset Service (ekrn) - ESET - C:\Programfiler\ESET\ESET NOD32 Antivirus\ekrn.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: NBService - Nero AG - C:\Programfiler\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\System32\nvsvc32.exe

O23 - Service: PDAgent - Raxco Software, Inc. - C:\Programfiler\Raxco\PerfectDisk\PDAgent.exe

O23 - Service: PDEngine - Raxco Software, Inc. - C:\Programfiler\Raxco\PerfectDisk\PDEngine.exe

O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Programfiler\PostgreSQL\8.3\bin\pg_ctl.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Programfiler\SiSoftware\SiSoftware Sandra Lite XI.SP1\Win32\RpcDataSrv.exe

O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Programfiler\SiSoftware\SiSoftware Sandra Lite XI.SP1\RpcSandraSrv.exe

O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Programfiler\Spyware Doctor\sdhelp.exe

--

End of file - 9357 bytes

Endret 28. mai 2008 av MKej

snippsat · 27. mai 2008

Start HijackThis "scan" finn disse linjene merk dem,så trykk fix checked.

O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Mads Kristensen\Start-meny\Programmer\Absolute Poker\Absolute Poker.lnk (file missing)

O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Mads Kristensen\Start-meny\Programmer\Absolute Poker\Absolute Poker.lnk (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\MSMSGS.EXE (file missing)

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\MSMSGS.EXE (file missing)

O21 - SSODL: buprestidae - {b59f3ba4-98da-4b5f-8a2d-7b56fb11140b} - (no file)

Du bør tenke på og oppgradere til SP2.

Ellers ser det greit ut.

MKej · 28. mai 2008

Takker

Logg inn

[LØST]Hijackthis log fil, ser den ok ut ?

Anbefalte innlegg

MKej

Lenke til kommentar

Videoannonse

snippsat

Lenke til kommentar

MKej

Lenke til kommentar

Opprett en konto eller logg inn for å kommentere

Opprett konto

Logg inn

Populær nå

Russlands invasjon av Ukraina [Ny tråd, les førstepost] 1 2 3 4 3647

Hvem er aktive 0 medlemmer