Analyse av HiJackthis logg

Mystikal1 · 24. april 2007

Hei, dette er loggen fra en HiJack scan jeg tok nå nettop

Logfile of HijackThis v1.99.1
Scan saved at 13:44:44, on 24.04.2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe
C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe
C:\Programfiler\KSE\nHancer 32bit\nHancerService.exe
C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\Programfiler\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe
C:\Programfiler\Razer\razerhid.exe
C:\WINDOWS\System32\RunDLL32.exe
C:\Programfiler\QuickTime\qttask.exe
C:\Programfiler\Messenger\msmsgs.exe
C:\Programfiler\KSE\nHancer 32bit\nHancer.exe
C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programfiler\108Mbps Wireless LAN Adapter\WLANPRO.exe
C:\Programfiler\SEC\Highlight III\HighlightAgent.exe
C:\Programfiler\SEC\Natural Color\NaturalColorLoad.exe
C:\Programfiler\Xfire\Xfire.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Programfiler\SEC\Highlight III\Highlight.exe
C:\Programfiler\Razer\razertra.exe
C:\Programfiler\Razer\razerofa.exe
C:\Programfiler\Mozilla Firefox\firefox.exe
c:\Programfiler\Norton AntiVirus\navapsvc.exe
C:\Program Files\HijackThis\testino.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.overture.com/d/search/p/hp/overpanel/?mkt=no&Partner=hp_no_pre_desk_panel
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.overture.com/d/search/p/hp/overpanel/?mkt=no&Partner=hp_no_pre_desk_panel
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.overture.com/d/search/p/hp/overpanel/?mkt=no&Partner=hp_no_pre_desk_panel
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.overture.com/d/search/p/hp/overpanel/?mkt=no&Partner=hp_no_pre_desk_panel
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.overture.com/d/search/p/hp/overpanel/?mkt=no&Partner=hp_no_pre_desk_panel
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.overture.com/d/search/p/hp/overpanel/?mkt=no&Partner=hp_no_pre_desk_panel
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programfiler\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - c:\Programfiler\Fellesfiler\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Programfiler\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Programfiler\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - c:\Programfiler\Fellesfiler\Symantec Shared\AdBlocking\NISShExt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programfiler\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [iTunesHelper] C:\Programfiler\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [UpdateManager] "c:\Programfiler\Fellesfiler\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [DmwClient] "C:\Programfiler\DMW Client 3\dmwclient.exe"
O4 - HKLM\..\Run: [razer] C:\Programfiler\Razer\razerhid.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [nHancer] "C:\Programfiler\KSE\nHancer 32bit\nHancer.exe" /tray
O4 - HKCU\..\Run: [Steam] "C:\spill\Steam.exe" -silent
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: Xfire.lnk = C:\Programfiler\Xfire\Xfire.exe
O4 - Global Startup: 108Mbps Wireless LAN Adapter Configuration Utility.lnk = ?
O4 - Global Startup: Highlight Agent.lnk = C:\Programfiler\SEC\Highlight III\HighlightAgent.exe
O4 - Global Startup: NaturalColorLoad.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O12 - Plugin for .tga: C:\Programfiler\Internet Explorer\PLUGINS\npqtplugin7.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe
O23 - Service: Norton AntiVirus Auto-Protect-tjeneste (navapsvc) - Symantec Corporation - c:\Programfiler\Norton AntiVirus\navapsvc.exe
O23 - Service: nHancer Support (nHancer) - KSE - Korndörfer Software Engineering - C:\Programfiler\KSE\nHancer 32bit\nHancerService.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Programfiler\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe

tok bare 5 sekunder å scanne :ohmy:

24. april 2007

Kjør Hijackthis og slett:

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)

Last ned SAS, installer, oppdater, kjør 'complete scan' og slett alt som kommer opp.

Legg ut en SAS logg (Preferences->statistics/logs)

Kjør deretter Hijackthis på nytt og legg ut en ny logg her.

Endret 24. april 2007 av medlem-105082

Logg inn

Analyse av HiJackthis logg

Anbefalte innlegg

Mystikal1

Lenke til kommentar

Videoannonse

Gjest medlem-105082

Lenke til kommentar

Opprett en konto eller logg inn for å kommentere

Opprett konto

Logg inn

Populær nå

FOTBALL-EM 2024 1 2 3 4 6

Woke i moderne underholdningsindustri 1 2 3 4 199

Hvem er aktive 0 medlemmer