Just nu i M3-nätverket
Jump to content

Hijack Analys tack!


holy_wood

Recommended Posts

Advanced SystemCare säger att deras rapport är 100% kompatibel med HijackThis logg så jag skickar med den! Nyfiken på om det är något som är galet!

 

Logfile of Advanced SystemCare 3 Security Analyzer

Scan saved at 12:50:49, on 2010-10-17

Platform: Windows XP (WinNT 5.1)

MSIE: Internet Explorer v8.0 (8.0.6001.18702)

Boot mode: Normal

 

Running processes:

D:\WINDOWS\System32\smss.exe

D:\Program\AVG\AVG10\avgchsvx.exe

D:\WINDOWS\system32\winlogon.exe

D:\WINDOWS\system32\services.exe

D:\WINDOWS\system32\lsass.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\Explorer.EXE

D:\WINDOWS\system32\spoolsv.exe

D:\Program\AVG\AVG10\avgtray.exe

D:\Program\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe

D:\Program\AVG\AVG10\avgwdsvc.exe

D:\Program\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

D:\Program\Java\jre6\bin\jqs.exe

D:\Program\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe

D:\Program\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe

D:\Program\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

D:\WINDOWS\system32\nvsvc32.exe

D:\WINDOWS\system32\PnkBstrA.exe

D:\WINDOWS\system32\PnkBstrB.exe

D:\Program\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe

D:\Program\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

D:\Program\AVG\AVG10\avgnsx.exe

D:\Program\AVG\AVG10\avgemcx.exe

D:\Program\Internet Explorer\iexplore.exe

D:\WINDOWS\system32\ctfmon.exe

D:\Program\Internet Explorer\iexplore.exe

D:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

D:\Program\AVG\AVG10\avgrsx.exe

D:\Program\AVG\AVG10\avgcsrvx.exe

D:\Program\Internet Explorer\iexplore.exe

D:\Program\Internet Explorer\iexplore.exe

D:\Program\Internet Explorer\iexplore.exe

D:\Program\IObit\Advanced SystemCare 3\AWC.exe

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program\AVG\AVG10\avgssie.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Program\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - D:\Program\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

O2 - BHO: Google Dictionary Compression sdch - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: JQSIEStartDetectorImpl - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - D:\Program\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Program\Google\Google Toolbar\GoogleToolbar.dll

O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - D:\Program\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] "D:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKLM\..\Run: [AVG_TRAY] D:\Program\AVG\AVG10\avgtray.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://D:\Program\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program\Messenger\msmsgs.exe

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

O16 - DPF: {3B36B017-7E49-426B-95B0-B5CECD83C2E2} (IfolorUploader Control) - http://fika-web.ifolor.net/ORDERINGGENERAL/LowRes/app_support/_2_1_9/5/ActiveX/IfolorUploader_fika.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1241682225750

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_21) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://62.181.87.189/activex/AxisCamControl.cab

O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} (Java Plug-in 1.6.0_21) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_21) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - D:\Program\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - D:\Program\AVG\AVG10\avgwdsvc.exe

O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - D:\Program\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe

O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - D:\Program\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - D:\Program\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - D:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program\Java\jre6\bin\jqs.exe

O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - D:\Program\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe

O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - D:\Program\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PnkBstrA - Unknown - D:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown - D:\WINDOWS\system32\PnkBstrB.exe

Link to comment
Share on other sites

hej, de ända jag ser som jag skulle ta bort Google Toolbar, men om du använder den så, annars är de bara fint :) men vänta och se vad proffsen säger ;)

Link to comment
Share on other sites

Oavsett vad IObit anser så saknar jag en del som finns i en HijackThis-logg men inte i den här, t ex vilket Service Pack som är installerat.

 

Men jag ser inget skadligt i loggen, men å andra sidan kan ju en dator vara kraftigt infekterad utan att det syns i en HijackThis-logg.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...