Gå til innhold

sjekke denne hicack loggen

trrunde

Av trrunde
i IKT-drift og sikkerhet

Anbefalte innlegg

trrunde

trrunde

Skrevet
Skrevet

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\WINDOWS\system32\Dfssvc.exe

C:\WINDOWS\System32\dns.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\inetsrv\inetinfo.exe

C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Binn\sqlservr.exe

C:\Program Files\Eset\nod32krn.exe

C:\WINDOWS\system32\ntfrs.exe

C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\OPHCLDCS.EXE

C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\System32\wins.exe

C:\Program Files\Exchsrvr\bin\exmgmt.exe

C:\Program Files\Exchsrvr\bin\mad.exe

C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Exchsrvr\bin\store.exe

C:\Program Files\Microsoft Windows Small Business Server\Networking\POP3\imbservice.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\dmadmin.exe

C:\WINDOWS\Explorer.EXE

c:\windows\system32\inetsrv\w3wp.exe

C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe

C:\Program Files\Eset\nod32kui.exe

C:\Program Files\Cobian Backup 8\cbInterface.exe

C:\Program Files\Analog Devices\SoundMAX\SMTray.exe

C:\Program Files\DAEMON Tools\daemon.exe

C:\Program Files\Okidata\OKI LPR Utility\okilpr.exe

C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

C:\Program Files\Opera\Opera.exe

C:\Documents and Settings\Administrator\Desktop\HiJackThis_v2.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://companyweb

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://companyweb

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O4 - HKLM\..\Run: [DWPersistentQueuedReporting] C:\PROGRA~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE -a

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"

O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE

O4 - HKLM\..\Run: [Cobian Backup 8 interface] "C:\Program Files\Cobian Backup 8\cbInterface.exe" -service

O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [uTorrent] c:\Program Files\uTorrent\utorrent.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033

O4 - HKCU\..\Run: [Jump gpl] C:\DOCUME~1\ADMINI~1\APPLIC~1\UPONLI~1\start load.exe

O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')

O4 - Startup: Server Management.lnk = ?

O4 - Global Startup: OKI LPR Utility.lnk = C:\Program Files\Okidata\OKI LPR Utility\okilpr.exe

O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O14 - IERESET.INF: START_PAGE_URL=http://companyweb

O15 - ESC Trusted Zone: http://*.adobe.com

O15 - ESC Trusted Zone: http://mirrors.evolva.ro

O15 - ESC Trusted Zone: http://*.filext.com

O15 - ESC Trusted Zone: http://www.google.no

O15 - ESC Trusted Zone: http://*.imagine-msn.com

O15 - ESC Trusted Zone: http://*.java.com

O15 - ESC Trusted Zone: http://login.jdata.no

O15 - ESC Trusted Zone: http://*.live.com

O15 - ESC Trusted Zone: http://no.msn.com

O15 - ESC Trusted Zone: http://*.msn.com

O15 - ESC Trusted Zone: http://*.search.msn.no

O15 - ESC Trusted Zone: http://www.norek.no

O15 - ESC Trusted Zone: http://opera.nsc.no

O15 - ESC Trusted Zone: http://download.openoffice.org

O15 - ESC Trusted Zone: http://www.openoffice.org

O15 - ESC Trusted Zone: http://www.opera.com

O15 - ESC Trusted Zone: http://*.router

O15 - ESC Trusted Zone: *.security_mmc.exe

O15 - ESC Trusted Zone: http://www.sun.com

O15 - ESC Trusted Zone: http://*.windowslive.no

O15 - ESC Trusted Zone: http://*.windowsupdate.com

O15 - ESC Trusted Zone: http://*.windowsupdate.com (HKLM)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1178464303640

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = runde.local

O17 - HKLM\Software\..\Telephony: DomainName = runde.local

O17 - HKLM\System\CCS\Services\Tcpip\..\{E6443011-9C1C-4D7A-99A0-F3DA22CCB46A}: NameServer = 10.0.0.3,130.67.60.68

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = runde.local

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Cobian Backup 8 service (CobBMService) - Luis Cobian - C:\Program Files\Cobian Backup 8\cbService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

O23 - Service: OKI OPHC DCS Loader - Oki Data Corporation - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\OPHCLDCS.EXE

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

 

er ikke sikker på om det skal være noe rart her, men når jeg restartet pcen ville ikke live messenger starte

Videoannonse

Videoannonse
Annonse
Gjest medlem-105082

Gjest medlem-105082

Skrevet
Skrevet

Last ned SAS. Installer, oppdater og kjør en 'complete' scan.

 

Når SAS er ferdig legger du ut en ny Hijackthis loggen sammen med SAS loggen (preferences->statistics/logs)

Opprett en konto eller logg inn for å kommentere

Du må være et medlem for å kunne skrive en kommentar

Opprett konto

Det er enkelt å melde seg inn for å starte en ny konto!

Start en konto

Logg inn

Har du allerede en konto? Logg inn her.

Logg inn nå
Gå til emneliste
×
×
  • Opprett ny...