Just nu i M3-nätverket
Jump to content

Hijackthis log


Guest idgadmin

Recommended Posts

Guest idgadmin

Jag tror jag har fått lite spywares som jag gärna skulle vilja bli av med :)

 

Skulle bli väldigt glad om någon kunde hjälpa mig.

 

Logfile of HijackThis v1.99.1

Scan saved at 17:06:24, on 2005-03-15

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program\Apache Group\Apache2\bin\Apache.exe

C:\Program\Grisoft\AVGFRE~1\avgamsvr.exe

C:\Program\Grisoft\AVGFRE~1\avgupsvc.exe

C:\Program\Apache Group\Apache2\bin\Apache.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program\NetLimiter\NetLimiter.exe

C:\WINDOWS\TBPanel.exe

C:\Program\Messenger Plus! 3\MsgPlus.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program\WHATPU~1\WHATPU~1.EXE

C:\PROGRAM\FRAPS\FRAPS.EXE

C:\Program\Apache Group\Apache2\bin\ApacheMonitor.exe

C:\Program\Logitech\Video\FxSvr2.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\msiexec.exe

C:\Program\Messenger\msmsgs.exe

C:\Documents and Settings\Martin Ericson\Skrivbord\hijackthis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\MARTIN~1\LOKALA~1\Temp\se.dll/sp.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\MARTIN~1\LOKALA~1\Temp\se.dll/sp.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar1.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar1.dll

O4 - HKLM\..\Run: [NetLimiter] C:\Program\NetLimiter\NetLimiter.exe /s

O4 - HKLM\..\Run: [Gainward] C:\WINDOWS\TBPanel.exe /A

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program\Messenger Plus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKCU\..\Run: [WhatPulse] C:\Program\WHATPU~1\WHATPU~1.EXE

O4 - HKCU\..\Run: [Fraps] C:\PROGRAM\FRAPS\FRAPS.EXE

O4 - Global Startup: Monitor Apache Servers.lnk = C:\Program\Apache Group\Apache2\bin\ApacheMonitor.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O23 - Service: Adobe LM Service - Unknown owner - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Apache2 - Unknown owner - C:\Program\Apache Group\Apache2\bin\Apache.exe" -k runservice (file missing)

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\Program\Grisoft\AVGFRE~1\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\Program\Grisoft\AVGFRE~1\avgupsvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

 

 

 

Link to comment
Share on other sites

Ta bort MSN Plus.

Sen kanske det inte är så smart att köra Apache på en vanlig dator. Är inte direkt säkert.

 

---------------------------------------

"Cheating is like masturbation. Feels good while you're doing it but once you're finished it only emphasizes how empty and shallow your life really is."

 

 

Link to comment
Share on other sites

Guest idgadmin

Nu vart det nog rent tror jag, tack så mycket :) Men för säkerhetsskull kolla igen ^^

 

Logfile of HijackThis v1.99.1

Scan saved at 17:44:59, on 2005-03-15

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program\NetLimiter\NetLimiter.exe

C:\WINDOWS\TBPanel.exe

C:\Program\Messenger Plus! 3\MsgPlus.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program\WHATPU~1\WHATPU~1.EXE

C:\PROGRAM\FRAPS\FRAPS.EXE

C:\Program\Apache Group\Apache2\bin\ApacheMonitor.exe

C:\Program\Apache Group\Apache2\bin\Apache.exe

C:\Program\Grisoft\AVGFRE~1\avgamsvr.exe

C:\Program\Grisoft\AVGFRE~1\avgupsvc.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program\Apache Group\Apache2\bin\Apache.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Documents and Settings\Martin Ericson\Skrivbord\hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

O2 - BHO: (no name) - {2BBC7438-66D9-474C-98BA-4F5B2DE9A486} - C:\WINDOWS\system32\lfba.dll (file missing)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar1.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar1.dll

O4 - HKLM\..\Run: [NetLimiter] C:\Program\NetLimiter\NetLimiter.exe /s

O4 - HKLM\..\Run: [Gainward] C:\WINDOWS\TBPanel.exe /A

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program\Messenger Plus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKCU\..\Run: [WhatPulse] C:\Program\WHATPU~1\WHATPU~1.EXE

O4 - HKCU\..\Run: [Fraps] C:\PROGRAM\FRAPS\FRAPS.EXE

O4 - Global Startup: Monitor Apache Servers.lnk = C:\Program\Apache Group\Apache2\bin\ApacheMonitor.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O23 - Service: Adobe LM Service - Unknown owner - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Apache2 - Unknown owner - C:\Program\Apache Group\Apache2\bin\Apache.exe" -k runservice (file missing)

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\Program\Grisoft\AVGFRE~1\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\Program\Grisoft\AVGFRE~1\avgupsvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

 

 

 

Link to comment
Share on other sites

Guest idgadmin

Haha, jag tror han rensade lite för väl =) iexplore.exe verkar vara försvunnet :), finns det att tanka hem igen eller? :P

 

Link to comment
Share on other sites

 

Skapa en ny mapp på C:\ och placera HijackThis.exe dit så C:\HjT\HijackThis.exe

 

 

Scanna med Hijack bocka i följande rader stäng Web-läsaren och alla andra öppna fönster och klicka FIX checked

 

O2 - BHO: (no name) - {2BBC7438-66D9-474C-98BA-4F5B2DE9A486} - C:\WINDOWS\system32\lfba.dll (file missing)

 

Starta om datorn och ny Hijack logg.

 

> Haha, jag tror han rensade lite för väl =) iexplore.exe verkar vara försvunnet :), finns det att tanka hem igen eller? :P <

 

Gjorde den är du säker.

 

 

 

 

 

Link to comment
Share on other sites

Guest idgadmin

Iexplore startade inte när jag körde "iexplore" i kör, men nu verkar det fungera igen :) Tack så mycket! Kolla loggen en sista gång nudå för säkerhetsskull :)

 

 

Logfile of HijackThis v1.99.1

Scan saved at 18:17:49, on 2005-03-15

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program\NetLimiter\NetLimiter.exe

C:\WINDOWS\TBPanel.exe

C:\Program\Messenger Plus! 3\MsgPlus.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program\WHATPU~1\WHATPU~1.EXE

C:\PROGRAM\FRAPS\FRAPS.EXE

C:\Program\Apache Group\Apache2\bin\ApacheMonitor.exe

C:\Program\Apache Group\Apache2\bin\Apache.exe

C:\Program\Grisoft\AVGFRE~1\avgamsvr.exe

C:\Program\Grisoft\AVGFRE~1\avgupsvc.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program\Apache Group\Apache2\bin\Apache.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program\Logitech\Video\AlbumDB2.exe

C:\Program\Logitech\Video\FxSvr2.exe

C:\HjT\HijackThis.exe

 

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar1.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar1.dll

O4 - HKLM\..\Run: [NetLimiter] C:\Program\NetLimiter\NetLimiter.exe /s

O4 - HKLM\..\Run: [Gainward] C:\WINDOWS\TBPanel.exe /A

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program\Messenger Plus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKCU\..\Run: [WhatPulse] C:\Program\WHATPU~1\WHATPU~1.EXE

O4 - HKCU\..\Run: [Fraps] C:\PROGRAM\FRAPS\FRAPS.EXE

O4 - Global Startup: Monitor Apache Servers.lnk = C:\Program\Apache Group\Apache2\bin\ApacheMonitor.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1110905513781

O23 - Service: Adobe LM Service - Unknown owner - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Apache2 - Unknown owner - C:\Program\Apache Group\Apache2\bin\Apache.exe" -k runservice (file missing)

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\Program\Grisoft\AVGFRE~1\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\Program\Grisoft\AVGFRE~1\avgupsvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

 

 

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...