Melvin Snerken Skrevet 24. mars 2007 Skrevet 24. mars 2007 (endret) Klikk for å se/fjerne innholdet nedenfor Logfile of HijackThis v1.99.1Scan saved at 21:59:26, on 24.03.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe C:\WINDOWS\system32\Rundll32.exe C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\HbTools\Bin\4.8.2.0\HbtOEAddOn.exe C:\Program Files\D-Link\AirPlus G\AirGCFG.exe C:\Program Files\Hbtools\HBTV\HBTV.exe C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\Common Files\{D46F967D-0648-1033-0916-05031505002f}\Update.exe C:\WINDOWS\system32\nfomon\nfomon.exe C:\WINDOWS\system32\vidmon\vidmon.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\DOCUME~1\INGRID~1\MYDOCU~1\ASKS~1\wuauboot.exe C:\Program Files\Skype\Phone\Skype.exe C:\WINDOWS\system32\??sembly\n?tdde.exe C:\Program Files\Ipwindows\ipwins.exe C:\Documents and Settings\All Users\Start Menu\Programs\Startup\svchost.exe C:\Program Files\Skype\Plugin Manager\SkypePM.exe C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe C:\WINDOWS\ATKKBService.exe C:\WINDOWS\system32\svchosts.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\limewire\limewire.exe C:\Program Files\Samurize\Config.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\HbTools\Bin\4.8.2.0\HbtSrv.exe C:\Program Files\PeDevice\PeDev.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\INGRID~1\LOCALS~1\Temp\Rar$EX00.735\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sol.no/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/SmartOffers/Servi...omeLeftPane.htm R3 - Default URLSearchHook is missing O2 - BHO: (no name) - {2119898B-1413-1898-6B54-19E4CBC1B2C7} - C:\WINDOWS\system32\qxeg.dll (file missing) O2 - BHO: (no name) - {33B3DE40-6781-4F00-A34D-67E34BECA992} - C:\WINDOWS\system32\iknkrwer.dll O2 - BHO: TVEngine Helper /fleok=1D8A83A5C2E6107C91A475760EA83FA5EF80752B94E2DE7E597E442B37C0 - {4B18DD50-C996-44fc-AC52-0FECFF82ED58} - c:\program files\hbtools\hbtv\hbtvhelper.dll O2 - BHO: HbTools - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.8.2.0\HbtHostIE.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: (no name) - {906C2C15-EF8B-E250-F3AD-B6DEB8C00AC4} - C:\WINDOWS\system32\duf.dll (file missing) O2 - BHO: (no name) - {95352A42-EE84-E757-F2AD-B6DEB8C05EC7} - C:\WINDOWS\system32\udkde.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: CDLPObj Object - {BE2ED590-CA49-46B5-8CCE-244FB2E0D1AA} - C:\WINDOWS\DLP.dll O2 - BHO: (no name) - {C4390F1C-BC8E-C751-F1D8-BEDEC8B75CC2} - C:\WINDOWS\system32\ucegdw.dll (file missing) O2 - BHO: (no name) - {D82C4A28-A0E9-8E3D-CD4B-F7BADE3743CE} - C:\WINDOWS\system32\akggfb.dll (file missing) O2 - BHO: PEDEV_IEListener Class - {E1412445-4FF8-410e-8D24-F2CF86B171A4} - C:\Program Files\PeDevice\PeDev.dll O3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.8.2.0\HbtHostIE.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [HbTools] C:\Program Files\HbTools\Bin\4.8.2.0\HbtOEAddOn.exe O4 - HKLM\..\Run: [waegcwdk] C:\WINDOWS\system32\ggejgscc.exe O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [{D46F967D-0648-1033-0916-05031505002f}] "C:\Program Files\Common Files\{D46F967D-0648-1033-0916-05031505002f}\Update.exe" te-110-12-0000073 O4 - HKLM\..\Run: [{D46F967D-0647-1033-0916-05031505002f}] "C:\Program Files\Common Files\{D46F967D-0647-1033-0916-05031505002f}\Update.exe" te-110-12-0000073 O4 - HKLM\..\Run: [Nfo] C:\WINDOWS\system32\nfomon\nfomon.exe O4 - HKLM\..\Run: [vidmon] C:\WINDOWS\system32\vidmon\vidmon.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Ptte] "C:\DOCUME~1\INGRID~1\MYDOCU~1\ASKS~1\wuauboot.exe" -vt yazb O4 - HKCU\..\Run: [Muz] C:\WINDOWS\system32\M?crosoft.NET\w?auboot.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Pfeydi] C:\WINDOWS\system32\??sembly\n?tdde.exe O4 - HKCU\..\Run: [ipWins] C:\Program Files\Ipwindows\ipwins.exe O4 - Global Startup: svchost.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) - http://update.videoegg.com/Install/Windows...ggPublisher.exe O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: COM+ Messages - Unknown owner - C:\WINDOWS\system32\svchosts.exe" -e te-110-12-0000073 (file missing) O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe Hva kan jeg slette? Endret 24. mars 2007 av kezoom
norbat Skrevet 24. mars 2007 Skrevet 24. mars 2007 Hent Combofix og legg det på skrivebordet. Hent SAS (free edition), installer og oppdater. Lukk programmet. Kjør Combofix.exe - følg veiledningen. Ikke klikk på vinduet mens programmet kjører. Når combofix er ferdig, restarter du i sikker modus (tapp F8 under oppstart) Kjør en full scan med SAS Restart i normal tilstand. Post en ny HJT-logg + loggen fra SAS (preferences->statistics/logs)
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå