Hijack Analys tack!

[holy_wood]

Advanced SystemCare säger att deras rapport är 100% kompatibel med HijackThis logg så jag skickar med den! Nyfiken på om det är något som är galet!

 

Logfile of Advanced SystemCare 3 Security Analyzer

Scan saved at 12:50:49, on 2010-10-17

Platform: Windows XP (WinNT 5.1)

MSIE: Internet Explorer v8.0 (8.0.6001.18702)

Boot mode: Normal

 

Running processes:

D:\WINDOWS\System32\smss.exe

D:\Program\AVG\AVG10\avgchsvx.exe

D:\WINDOWS\system32\winlogon.exe

D:\WINDOWS\system32\services.exe

D:\WINDOWS\system32\lsass.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\Explorer.EXE

D:\WINDOWS\system32\spoolsv.exe

D:\Program\AVG\AVG10\avgtray.exe

D:\Program\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe

D:\Program\AVG\AVG10\avgwdsvc.exe

D:\Program\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

D:\Program\Java\jre6\bin\jqs.exe

D:\Program\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe

D:\Program\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe

D:\Program\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

D:\WINDOWS\system32\nvsvc32.exe

D:\WINDOWS\system32\PnkBstrA.exe

D:\WINDOWS\system32\PnkBstrB.exe

D:\Program\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe

D:\Program\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

D:\Program\AVG\AVG10\avgnsx.exe

D:\Program\AVG\AVG10\avgemcx.exe

D:\Program\Internet Explorer\iexplore.exe

D:\WINDOWS\system32\ctfmon.exe

D:\Program\Internet Explorer\iexplore.exe

D:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

D:\Program\AVG\AVG10\avgrsx.exe

D:\Program\AVG\AVG10\avgcsrvx.exe

D:\Program\Internet Explorer\iexplore.exe

D:\Program\Internet Explorer\iexplore.exe

D:\Program\Internet Explorer\iexplore.exe

D:\Program\IObit\Advanced SystemCare 3\AWC.exe

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program\AVG\AVG10\avgssie.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Program\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - D:\Program\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

O2 - BHO: Google Dictionary Compression sdch - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: JQSIEStartDetectorImpl - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - D:\Program\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Program\Google\Google Toolbar\GoogleToolbar.dll

O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - D:\Program\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] "D:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKLM\..\Run: [AVG_TRAY] D:\Program\AVG\AVG10\avgtray.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://D:\Program\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program\Messenger\msmsgs.exe

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

O16 - DPF: {3B36B017-7E49-426B-95B0-B5CECD83C2E2} (IfolorUploader Control) - http://fika-web.ifolor.net/ORDERINGGENERAL/LowRes/app_support/_2_1_9/5/ActiveX/IfolorUploader_fika.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1241682225750

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_21) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://62.181.87.189/activex/AxisCamControl.cab

O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} (Java Plug-in 1.6.0_21) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_21) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - D:\Program\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - D:\Program\AVG\AVG10\avgwdsvc.exe

O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - D:\Program\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe

O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - D:\Program\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - D:\Program\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - D:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program\Java\jre6\bin\jqs.exe

O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - D:\Program\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe

O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - D:\Program\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PnkBstrA - Unknown - D:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown - D:\WINDOWS\system32\PnkBstrB.exe

[RicoRehn]

hej, de ända jag ser som jag skulle ta bort Google Toolbar, men om du använder den så, annars är de bara fint men vänta och se vad proffsen säger

[Cecilia]

Oavsett vad IObit anser så saknar jag en del som finns i en HijackThis-logg men inte i den här, t ex vilket Service Pack som är installerat.

 

Men jag ser inget skadligt i loggen, men å andra sidan kan ju en dator vara kraftigt infekterad utan att det syns i en HijackThis-logg.