HJT log tjekkes tak

Af Monsterbruger jonstrup | 26-06-2006 12:48 | 945 visninger | 2 svar, hop til seneste

En der lige har tid til at tjekke min HJT log :) ? Logfile of HijackThis v1.99.1 Scan saved at 12:46:47, on 26-06-2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:ProgrammerSygateSPFsmc.exe C:WINDOWSExplorer.EXE C:WINDOWSsystem32spoolsv.exe C:PROGRA~1GrisoftAVGFRE~1avgamsvr.exe C:PROGRA~1GrisoftAVGFRE~1avgupsvc.exe C:ProgrammerWIDCOMMBluetooth-softwareintwdins.exe C:ProgrammerHome CinemaPowerCinemaKernelTVCLCapSvc.exe C:ProgrammerCyberLinkShared FilesCLML_NTServiceCLMLServer.exe C:ProgrammerCyberLinkShared FilesCLML_NTServiceCLMLService.exe C:ProgrammerF-Secure Internet Securityackweb4476822programfsbwsys.exe C:WINDOWSsystem32 vsvc32.exe C:WINDOWSsystem32slserv.exe C:WINDOWSsystem32svchost.exe C:ProgrammerHome CinemaPowerCinemaKernelTVCLSched.exe C:ProgrammerSynapticsSynTPSynTPLpr.exe C:ProgrammerSynapticsSynTPSynTPEnh.exe C:PROGRA~1GrisoftAVGFRE~1avgemc.exe C:WINDOWSSOUNDMAN.EXE C:WINDOWSsystem32RUNDLL32.EXE C:ProgrammeriTunesiTunesHelper.exe C:WINDOWSsystem32ctfmon.exe C:ProgrammeriPodiniPodService.exe C:ProgrammerWIDCOMMBluetooth-softwareBTTray.exe C:ProgrammerLogitechSetPointSetPoint.exe C:PROGRA~1WIDCOMMBLUETO~1BTSTAC~1.EXE C:ProgrammerFælles filerLogitechKHALKHALMNPR.EXE C:WINDOWSSystem32svchost.exe C:WINDOWSsystem32msiexec.exe C:Documents and SettingsChristianSkrivebordHijackThis.exe R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Hyperlinks O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:ProgrammerAdobeAcrobat 7.0ActiveXAcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:ProgrammerSpybot - Search & DestroySDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:programmergooglegoogletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:programmergooglegoogletoolbar1.dll O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup O4 - HKLM..Run: [SynTPLpr] C:ProgrammerSynapticsSynTPSynTPLpr.exe O4 - HKLM..Run: [SynTPEnh] C:ProgrammerSynapticsSynTPSynTPEnh.exe O4 - HKLM..Run: [AVG7_CC] C:PROGRA~1GrisoftAVGFRE~1avgcc.exe /STARTUP O4 - HKLM..Run: [AVG7_EMC] C:PROGRA~1GrisoftAVGFRE~1avgemc.exe O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM..Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM..Run: [Alcmtr] ALCMTR.EXE O4 - HKLM..Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM..Run: [nwiz] nwiz.exe /install O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit O4 - HKLM..Run: [MSConfig] C:WINDOWSPCHealthHelpCtrBinariesMSConfig.exe /auto O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:ProgrammerAdobeAcrobat 7.0Reader eader_sl.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Logitech SetPoint.lnk = C:ProgrammerLogitechSetPointSetPoint.exe O4 - Global Startup: Microsoft Office.lnk = C:ProgrammerMicrosoft OfficeOffice10OSA.EXE O8 - Extra context menu item: &Google-søgning - res://C:ProgrammerGoogleGoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Oversæt engelsk ord - res://C:ProgrammerGoogleGoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Lignende sider - res://C:ProgrammerGoogleGoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Send til &Bluetooth - C:ProgrammerWIDCOMMBluetooth-softwaretsendto_ie_ctx.htm O8 - Extra context menu item: Tilbage via links - res://C:ProgrammerGoogleGoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Øjebliksbillede af side i cache - res://C:ProgrammerGoogleGoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgrammerJavajre1.5.0_01in pjpi150_01.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgrammerJavajre1.5.0_01in pjpi150_01.dll O9 - Extra button: Adgangforalle.dk fjernbetjening - {0AD5A451-967F-46BD-9F5E-39247D7FC77F} - c:AdgangForAlleadgangforalle.exe (file missing) O9 - Extra 'Tools' menuitem: Adgangforalle.dk fjernbetjening - {0AD5A451-967F-46BD-9F5E-39247D7FC77F} - c:AdgangForAlleadgangforalle.exe (file missing) O9 - Extra button: MultiPoker - {641F4F4E-6C91-4159-869E-9F5CE6F0F64E} - C:ProgrammerMultiPokerMultiPoker.exe (file missing) O9 - Extra 'Tools' menuitem: MultiPoker - {641F4F4E-6C91-4159-869E-9F5CE6F0F64E} - C:ProgrammerMultiPokerMultiPoker.exe (file missing) O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:ProgrammerPartyPokerPartyPoker.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:ProgrammerPartyPokerPartyPoker.exe (file missing) O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:ProgrammerWIDCOMMBluetooth-softwaretsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:ProgrammerWIDCOMMBluetooth-softwaretsendto_ie.htm O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com[...] O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com[...] O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net[...] O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com[...] O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com[...] O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk[...] O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com[...] O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:PROGRA~1MSNMES~1MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:ProgrammerFælles filerMicrosoft SharedHelphxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:PROGRA~1MSNMES~1MSGRAP~1.DLL O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:WINDOWSsystem32txppanel.dll O20 - Winlogon Notify: WgaLogon - C:WINDOWSSYSTEM32WgaLogon.dll O23 - Service: Apache2 - Unknown owner - C:AppServApacheinApache.exe" -k runservice (file missing) O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVGFRE~1avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVGFRE~1avgupsvc.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:ProgrammerWIDCOMMBluetooth-softwareintwdins.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:ProgrammerHome CinemaPowerCinemaKernelTVCLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:ProgrammerHome CinemaPowerCinemaKernelTVCLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:ProgrammerCyberLinkShared FilesCLML_NTServiceCLMLServer.exe O23 - Service: fsbwsys - F-Secure Corp. - C:ProgrammerF-Secure Internet Securityackweb4476822programfsbwsys.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:ProgrammerFælles filerInstallShieldDriver11Intel 32IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:ProgrammeriPodiniPodService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:ProgrammerFælles filerMacromedia SharedServiceMacromedia Licensing.exe O23 - Service: MySQL - Unknown owner - C:AppServmysqlinmysqld-nt.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32 vsvc32.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%WinPcap pcapd.exe" -d -f "%ProgramFiles%WinPcap pcapd.ini (file missing) O23 - Service: SmartLinkService (SLService) - - C:WINDOWSSYSTEM32slserv.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:ProgrammerSygateSPFsmc.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:PROGRA~1COMMON~1X10Commonx10nets.exe
--

#1
Theking2
Super Nørd
26-06-2006 20:57

Rapporter til Admin

Hej Åben HJT, scan og sæt flueben i følgende: R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = O9 - Extra button: Adgangforalle.dk fjernbetjening - {0AD5A451-967F-46BD-9F5E-39247D7FC77F} - c:AdgangForAlleadgangforalle.exe (file missing) O9 - Extra 'Tools' menuitem: Adgangforalle.dk fjernbetjening - {0AD5A451-967F-46BD-9F5E-39247D7FC77F} - c:AdgangForAlleadgangforalle.exe (file missing) O9 - Extra button: MultiPoker - {641F4F4E-6C91-4159-869E-9F5CE6F0F64E} - C:ProgrammerMultiPokerMultiPoker.exe (file missing) O9 - Extra 'Tools' menuitem: MultiPoker - {641F4F4E-6C91-4159-869E-9F5CE6F0F64E} - C:ProgrammerMultiPokerMultiPoker.exe (file missing) O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:ProgrammerPartyPokerPartyPoker.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:ProgrammerPartyPokerPartyPoker.exe (file missing) Tryk på Fix Checked. Loggen er nu ren. Hvis du oplever yderligere problemer så prøv dette: Hent - Kaspersky Scanner http://www.spywareinfo.dk[...] - Ewido Security Suite http://www.ewido.net[...] Installer Ewido SS, åben det og Update det og luk det igen. Gør følgende: ----------------------- Kør en diskoprydning. (Start=> Programmer=> Tilbehør=> Systemværktøjer=> Diskoprydning. Sæt flueben ved temp-filer, temporary internet files og papirkurv). ----------------------- Installer og scan så med Kaspersky scanneren. Sæt flueben i følgende: Memory, Startup folders, drive, Registry, System folders og Services. - og prik i følgende: All local drives og Scan all files. Klik på scan. Du skal ikke klikke på Add to Startup folders, for så scannes din PC, hver gang du starter Windows op ----------------------- Ewido Security Suite Åben programmet Gå i "Scanner" og vælg "Complete System Scan" Vælg Remove til alt hvad den finder. ----------------------- Genstart pc'en, ingen ny log behøves.
--
http://www.hattrick.org[...] Alliancen (570540) Hol.dk HJT Supporter

#2
jonstrup
Monsterbruger
26-06-2006 21:01

Rapporter til Admin

Jeg siger mange tak :)
--