Hijackthis log

Af Juniorbruger OstepopS | 23-10-2005 23:05 | 993 visninger | 4 svar, hop til seneste

hey hol.. ville lige spørge om der var en herinde der gad at bruge et par minutter på en hijackthislog. for jeg fatter ikke sindsygt meget af det.. Logfile of HijackThis v1.99.1 Scan saved at 23:01:24, on 23-10-2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSExplorer.EXE C:WINDOWSsystem32spoolsv.exe C:WINDOWSSystem32RUNDLL32.EXE C:Program FilesD-Toolsdaemon.exe C:Program FilesGoogleGmail Notifiergnotify.exe C:WINDOWSSystem32GSICON.EXE C:WINDOWSSystem32dslagent.exe C:Program FilesCreativeSBAudigy2Surround MixerCTSysVol.exe C:Program FilesCreativeSBAudigy2DVDAudioCTDVDDet.EXE C:WINDOWSSystem32CTHELPER.EXE C:PROGRA~1mcafee.comvsomcvsshld.exe C:PROGRA~1mcafee.comvsomcvsescn.exe C:PROGRA~1McAfee.comPERSON~1MpfTray.exe C:Program FilesMSN MessengerMsnMsgr.Exe C:Program FilesLogitechSetPointSetPoint.exe C:Program FilesCommon FilesLogitechKHALKHALMNPR.EXE C:PROGRA~1McAfee.comPERSON~1MpfAgent.exe c:progra~1mcafee.comvsomcvsftsn.exe C:Program FilesMessengermsmsgs.exe C:WINDOWSSystem32CTsvcCDA.exe c:PROGRA~1mcafee.comvsomcvsrte.exe C:PROGRA~1McAfee.comPERSON~1MPFSERVICE.exe C:WINDOWSSystem32 vsvc32.exe C:WINDOWSSystem32MsPMSPSv.exe c:PROGRA~1mcafee.comvsomcshield.exe C:WINDOWSsystem32svchost.exe c:progra~1mcafeeMCAFEE~3MssSrv.exe c:progra~1mcafeeMCAFEE~3MssCli.exe C:PROGRA~1McAfee.comAgentmcagent.exe C:Program FilesWindows Media Playerwmplayer.exe C:DOCUME~1ADMINI~1LOCALS~1TempRar$EX00.859HijackThis.exe R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://g.msn.com[...] R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext = http://www.msn.dk[...] O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:progra~1mcafee.comvsomcvsshl.dll O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup O4 - HKLM..Run: [nwiz] nwiz.exe /install O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSSystem32NvMcTray.dll,NvTaskbarInit O4 - HKLM..Run: [DAEMON Tools-1033] "C:Program FilesD-Toolsdaemon.exe" -lang 1033 O4 - HKLM..Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:Program FilesGoogleGmail Notifiergnotify.exe O4 - HKLM..Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM..Run: [GSICONEXE] GSICON.EXE O4 - HKLM..Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM..Run: [CTSysVol] C:Program FilesCreativeSBAudigy2Surround MixerCTSysVol.exe O4 - HKLM..Run: [CTDVDDet] C:Program FilesCreativeSBAudigy2DVDAudioCTDVDDet.EXE O4 - HKLM..Run: [CTHelper] CTHELPER.EXE O4 - HKLM..Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL O4 - HKLM..Run: [SBDrvDet] C:Program FilesCreativeSB Drive DetSBDrvDet.exe /r O4 - HKLM..Run: [UpdReg] C:WINDOWSUpdReg.EXE O4 - HKLM..Run: [VSOCheckTask] "c:PROGRA~1mcafee.comvsomcmnhdlr.exe" /checktask O4 - HKLM..Run: [VirusScan Online] "c:PROGRA~1mcafee.comvsomcvsshld.exe" O4 - HKLM..Run: [MCAgentExe] c:PROGRA~1mcafee.comagentmcagent.exe O4 - HKLM..Run: [MCUpdateExe] C:PROGRA~1McAfee.comAgentMcUpdate.exe O4 - HKLM..Run: [MPFExe] C:PROGRA~1McAfee.comPERSON~1MpfTray.exe O4 - HKLM..Run: [SiSUSBRG] C:WINDOWSSiSUSBrg.exe O4 - HKLM..Run: [NeroFilter] NeroFilterCheck.EXE O4 - HKLM..Run: [McSpyVirusMap] c:progra~1mcafeeMCAFEE~3McSpy.exe /cmd:VirusMap O4 - HKLM..Run: [McSpyUpgrade] c:progra~1mcafeeMCAFEE~3McSpy.exe /cmd:Upgrade O4 - HKLM..Run: [_AntiSpyware] c:progra~1mcafeeMCAFEE~3MssCli.exe O4 - HKLM..Run: [CleanUp] C:PROGRA~1McAfee.comSharedmcappins.exe /v=3 /cleanup O4 - HKLM..Run: [McRegWiz] C:PROGRA~1McAfee.comAgentMcRegWiz.exe /autorun O4 - HKLM..RunServices: [MICROSFT MX UPDATE SUPPORT] taskmngrs.exe O4 - HKCU..Run: [MsnMsgr] "C:Program FilesMSN MessengerMsnMsgr.Exe" /background O4 - Startup: Tiscali connection.lnk = ? O4 - Global Startup: Logitech SetPoint.lnk = C:Program FilesLogitechSetPointSetPoint.exe O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSweb elated.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSweb elated.htm O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - http://download.gigabyte.com.tw[...] O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com[...] O17 - HKLMSystemCCSServicesTcpip..{53A04F2C-ECAF-48D7-B3ED-1A6A475A8BC4}: NameServer = 212.54.64.170 212.54.64.171 O17 - HKLMSystemCS1ServicesTcpip..{53A04F2C-ECAF-48D7-B3ED-1A6A475A8BC4}: NameServer = 212.54.64.170 212.54.64.171 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:PROGRA~1MSNMES~1msgrapp.dll" (file missing) O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:WINDOWSSystem32CTsvcCDA.exe O23 - Service: McAfee AntiSpyware Real-Time Scanner (McAfeeAntiSpyware) - McAfee, Inc. - c:progra~1mcafeeMCAFEE~3MssSrv.exe O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:PROGRA~1mcafee.comvsomcshield.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:PROGRA~1McAfee.comAgentmcupdmgr.exe O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:PROGRA~1mcafee.comvsomcvsrte.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:PROGRA~1McAfee.comPERSON~1MPFSERVICE.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSSystem32 vsvc32.exe
--

Man kan godt have det sjovt uden at drikke :D http://www.blizzard.com[...]

#1
guanomo
Guru
24-10-2005 08:41

Rapporter til Admin

Du har kun en lille smule i din log fil. Download disse værktøjer men kør dem ikke endnu: Kaspersky Scanner http://www.spywareinfo.dk[...] Ad-aware http://www.download.com[...] spybot. http://www.download.com[...] Deaktivere systemgendannelse, højreklik denne computer>egenskaber>systemgendannel Genstart PC i fejlsikret tilstand (tryk F8 gentagne gange ved opstart). ------------------------------ Kør så en ny scanning med HJT og sæt flueben ved disse: O4 - HKLM..RunServices: [MICROSFT MX UPDATE SUPPORT] taskmngrs.exe O4 - Startup: Tiscali connection.lnk = ? O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSweb elated.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSweb elated.htm Luk alle øvrige programvinduer så kun HJT er åben. Klik på "Fix checked". ------------------------------------------- ------------------------ Installer og kør derefter Kaspersky scanneren. (Sæt flueben i følgende: Memory, Startup folders, drive, Registry, System folders og Services. - og prik i følgende: All local drives og Scan all files. Klik på scan.) Denne scanning kan godt tage et par timer alt efter hvor meget du har liggende på din computer. Når scanningen er færdig, og har slettet dine evt. virus. Klik på Ok. Klik på exit, klik på exit igen, hvis du ikke ønsker at købe programmet. TIP: du skal ikke klikke på Add to Startup folders, så scannes din maskine hver gang du starter Windows op. ----------------------- Ad-aware SE Tag en "Full System Scan" med Ad-aware og ikke "Smart System Scan" og fix alt det den finder. Sæt selv haktegn/flueben i de boxe der er. ----------------------- Spybot S&D Der er en knap som hedder Scan og fix alt det den finder og selv sætter flueben i. ----------------------- Kør så en diskoprydning. (Start=> Programmer=> Tilbehør=> Systemværktøjer=> Diskoprydning. Sæt flueben ved temp-filer, temporary internet files og papirkurv). ---------------------- Genstart i normal tilstand, Lav så en ny hjt log fil til tjek. Du må først aktivere systemgendannelse igen, når jeg siger til. Husk at få opdateret dit system gennem windows update.
--
Når man kigger ind i evigheden, forstår man, der er vigtigere ting her i livet end dem, man bruger hele dagen på.

#2
OstepopS
Juniorbruger
24-10-2005 17:07

Rapporter til Admin

hey guanomo så har jeg gjort det du har sagt.. og det hele ser ud til at virke.. men vil lige smide en log for en sikkerheds skyld. Logfile of HijackThis v1.99.1 Scan saved at 17:03:04, on 24-10-2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSExplorer.EXE C:WINDOWSsystem32spoolsv.exe C:WINDOWSSystem32RUNDLL32.EXE C:Program FilesD-Toolsdaemon.exe C:Program FilesGoogleGmail Notifiergnotify.exe C:WINDOWSSystem32GSICON.EXE C:WINDOWSSystem32dslagent.exe C:Program FilesCreativeSBAudigy2Surround MixerCTSysVol.exe C:Program FilesCreativeSBAudigy2DVDAudioCTDVDDet.EXE C:WINDOWSSystem32CTHELPER.EXE C:PROGRA~1mcafee.comvsomcvsshld.exe C:PROGRA~1mcafee.comvsomcvsescn.exe C:PROGRA~1mcafee.comagentmcagent.exe C:PROGRA~1McAfee.comPERSON~1MpfTray.exe C:progra~1mcafeeMCAFEE~3MssCli.exe C:Program FilesMSN MessengerMsnMsgr.Exe C:Program FilesLogitechSetPointSetPoint.exe C:Program FilesCommon FilesLogitechKHALKHALMNPR.EXE C:PROGRA~1McAfee.comPERSON~1MpfAgent.exe c:progra~1mcafee.comvsomcvsftsn.exe C:Program FilesMessengermsmsgs.exe C:WINDOWSSystem32CTsvcCDA.exe c:progra~1mcafeeMCAFEE~3MssSrv.exe c:PROGRA~1mcafee.comvsomcvsrte.exe C:PROGRA~1McAfee.comPERSON~1MPFSERVICE.exe C:WINDOWSSystem32 vsvc32.exe C:WINDOWSSystem32MsPMSPSv.exe C:WINDOWSsystem32svchost.exe c:PROGRA~1mcafee.comvsomcshield.exe C:Program FilesInternet Exploreriexplore.exe C:Documents and SettingsAdministratorDesktopHijackThis.exe R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://g.msn.com[...] R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext = http://www.msn.dk[...] O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:Program FilesSpybot - Search & DestroySDHelper.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:progra~1mcafee.comvsomcvsshl.dll O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup O4 - HKLM..Run: [nwiz] nwiz.exe /install O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSSystem32NvMcTray.dll,NvTaskbarInit O4 - HKLM..Run: [DAEMON Tools-1033] "C:Program FilesD-Toolsdaemon.exe" -lang 1033 O4 - HKLM..Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:Program FilesGoogleGmail Notifiergnotify.exe O4 - HKLM..Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM..Run: [GSICONEXE] GSICON.EXE O4 - HKLM..Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM..Run: [CTSysVol] C:Program FilesCreativeSBAudigy2Surround MixerCTSysVol.exe O4 - HKLM..Run: [CTDVDDet] C:Program FilesCreativeSBAudigy2DVDAudioCTDVDDet.EXE O4 - HKLM..Run: [CTHelper] CTHELPER.EXE O4 - HKLM..Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL O4 - HKLM..Run: [SBDrvDet] C:Program FilesCreativeSB Drive DetSBDrvDet.exe /r O4 - HKLM..Run: [UpdReg] C:WINDOWSUpdReg.EXE O4 - HKLM..Run: [VSOCheckTask] "c:PROGRA~1mcafee.comvsomcmnhdlr.exe" /checktask O4 - HKLM..Run: [VirusScan Online] "c:PROGRA~1mcafee.comvsomcvsshld.exe" O4 - HKLM..Run: [MCAgentExe] c:PROGRA~1mcafee.comagentmcagent.exe O4 - HKLM..Run: [MCUpdateExe] C:PROGRA~1McAfee.comAgentmcupdate.exe O4 - HKLM..Run: [MPFExe] C:PROGRA~1McAfee.comPERSON~1MpfTray.exe O4 - HKLM..Run: [SiSUSBRG] C:WINDOWSSiSUSBrg.exe O4 - HKLM..Run: [_AntiSpyware] c:progra~1mcafeeMCAFEE~3MssCli.exe O4 - HKCU..Run: [MsnMsgr] "C:Program FilesMSN MessengerMsnMsgr.Exe" /background O4 - Global Startup: Logitech SetPoint.lnk = C:Program FilesLogitechSetPointSetPoint.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengerMSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengerMSMSGS.EXE O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - http://download.gigabyte.com.tw[...] O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com[...] O17 - HKLMSystemCCSServicesTcpip..{53A04F2C-ECAF-48D7-B3ED-1A6A475A8BC4}: NameServer = 212.54.64.170 212.54.64.171 O17 - HKLMSystemCS1ServicesTcpip..{53A04F2C-ECAF-48D7-B3ED-1A6A475A8BC4}: NameServer = 212.54.64.170 212.54.64.171 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:PROGRA~1MSNMES~1msgrapp.dll" (file missing) O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:WINDOWSSystem32CTsvcCDA.exe O23 - Service: McAfee AntiSpyware Real-Time Scanner (McAfeeAntiSpyware) - McAfee, Inc. - c:progra~1mcafeeMCAFEE~3MssSrv.exe O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:PROGRA~1mcafee.comvsomcshield.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:PROGRA~1McAfee.comAgentmcupdmgr.exe O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:PROGRA~1mcafee.comvsomcvsrte.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:PROGRA~1McAfee.comPERSON~1MPFSERVICE.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSSystem32 vsvc32.exe
--
Man kan godt have det sjovt uden at drikke :D

#3
guanomo
Guru
25-10-2005 08:34

Rapporter til Admin

#2 den ser fin ud. Du kan godt aktivere systemgendannelse igen og opdatere dit system via. windows update.
--
Når man kigger ind i evigheden, forstår man, der er vigtigere ting her i livet end dem, man bruger hele dagen på.

#4
OstepopS
Gæst
25-10-2005 14:45

Rapporter til Admin

mange tak for hjælpen guanomo :)
--
Gæstebruger, opret dit eget login og få din egen signatur.