mvh Martin
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:42:51, on 2009-01-04
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:NormanNpmbinELOGSVC.EXE
C:NormanNpmBinZanda.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:ProgramDelade filerSymantec SharedccSvcHst.exe
C:WINDOWSsystem32spoolsv.exe
C:ProgramNetropaMultimedia Keyboardnhksrv.exe
C:ProgramDelade filerAppleMobile Device SupportbinAppleMobileDeviceService.exe
C:ProgramBonjourmDNSResponder.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32CNAB4RPK.EXE
C:WINDOWSSOUNDMAN.EXE
C:ProgramFSCWireless Wheel MouseMOUSE32A.EXE
C:ProgramNetropaMultimedia KeyboardMMKeybd.exe
C:ProgramMessengerPlus! 3MsgPlus.exe
C:ProgramAdobePhotoshop Album Starter Edition3.0Appsapdproxy.exe
C:ProgramJavajre1.6.0_01binjusched.exe
C:ProgramGoogleGoogle Desktop SearchGoogleDesktop.exe
C:ProgramDelade filerSymantec SharedccApp.exe
C:ProgramMicrosoft IntelliType Proitype.exe
C:ProgramMicrosoft IntelliPointipoint.exe
C:ProgramSearch SettingsSearchSettings.exe
C:ProgramQuickTimeQTTask.exe
C:ProgramiTunesiTunesHelper.exe
C:WINDOWSsystem32rundll32.exe
C:NormanNpmbinZLH.EXE
C:WINDOWSsystem32ctfmon.exe
C:ProgramMessengerMsmsgs.exe
C:ProgramNetropaMultimedia KeyboardTrayMon.exe
C:ProgramNetropaOnscreen DisplayOSD.exe
C:ProgramNetropaInetKbInetkb.exe
C:NormanNpmbinNJEEVES.EXE
C:Last.fmLastFMHelper.exe
C:NormannsebinNSESVC.EXE
C:ProgramiPodbiniPodService.exe
C:WINDOWSSystem32alg.exe
C:NormanNvcbinnvcoas.exe
C:NormanNvcBINNIP.EXE
C:NormanNvcBINNVCSCHED.EXE
C:NormanNvcbincclaw.exe
C:ProgramMozilla Firefoxfirefox.exe
C:WINDOWSexplorer.exe
C:ProgramTrend MicroHijackThisHijackThis.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32wbemwmiprvse.exe
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,SearchAssistant = http://search.imesh....ex.html?src=ssb
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://search.imesh....ex.html?src=ssb
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://search.imesh....ex.html?src=ssb
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://search.imesh....ex.html?src=ssb
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 - URLSearchHook: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:ProgramBearShare applicationsBearShare MediaBarMediaBar.dll (file missing)
R3 - URLSearchHook: iMesh MediaBar - {B7D3E479-CC68-42B5-A338-938ECE35F419} - C:ProgramiMesh applicationsiMesh mediabarMediaBar.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:ProgramYahoo!CompanionInstallscpnyt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:ProgramAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:ProgramDelade filerSymantec SharedcoSharedBrowser1.5NppBho.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:ProgramAskBarDisbarbinaskBar.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:ProgramFlashGetjccatch.dll
O2 - BHO: (no name) - {498b333e-a702-434c-9515-849713fbbfb8} - C:WINDOWSsystem32gopapodu.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:MYDOWN~1SPYBOT~1SDHelper.dll
O2 - BHO: XBTP01621 - {54B62CEF-8A07-4d3c-A2EF-DDF184264374} - C:ProgramIMESHA~1IMESHM~1MediaBar.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:ProgramSPYWAR~1toolsiesdsg.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:ProgramDealiokb125Dealio.dll
O2 - BHO: (no name) - {6E94FA35-698C-3A56-A54C-67E33B9EAAB8} - C:WINDOWSsystem32ixtnflgl.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:ProgramJavajre1.6.0_01binssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:ProgramDelade filerMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Softonic English Toolbar - {930f1200-f5f1-4870-bac6-e233ec8e7023} - C:ProgramSoftonic_EnglishtbSoft.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:programgooglegoogletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:ProgramGoogleGoogleToolbarNotifier3.1.807.1746swg.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:ProgramSearch Settingskb125SearchSettings.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:ProgramFlashGetgetflash.dll
O2 - BHO: XBTP02634 - {F97DA966-F09D-4cab-BF29-75A0026986EA} - C:ProgramBEARSH~1BEARSH~2MediaBar.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:ProgramYahoo!CompanionInstallscpnyt.dll
O3 - Toolbar: iMesh MediaBar - {B7D3E479-CC68-42B5-A338-938ECE35F419} - C:ProgramiMesh applicationsiMesh mediabarMediaBar.dll
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:ProgramBearShare applicationsBearShare MediaBarMediaBar.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:programgooglegoogletoolbar4.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:ProgramDelade filerSymantec SharedcoSharedBrowser1.5UIBHO.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:ProgramFlashGetfgiebar.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:ProgramDealiokb125Dealio.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:ProgramAskBarDisbarbinaskBar.dll
O3 - Toolbar: Softonic English Toolbar - {930f1200-f5f1-4870-bac6-e233ec8e7023} - C:ProgramSoftonic_EnglishtbSoft.dll
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [LWBMOUSE] C:ProgramFSCWireless Wheel MouseMOUSE32A.EXE
O4 - HKLM..Run: [MULTIMEDIA KEYBOARD] C:ProgramNetropaMultimedia KeyboardMMKeybd.exe
O4 - HKLM..Run: [MessengerPlus3] "C:ProgramMessengerPlus! 3MsgPlus.exe"
O4 - HKLM..Run: [Adobe Photo Downloader] "C:ProgramAdobePhotoshop Album Starter Edition3.0Appsapdproxy.exe"
O4 - HKLM..Run: [SunJavaUpdateSched] "C:ProgramJavajre1.6.0_01binjusched.exe"
O4 - HKLM..Run: [Google Desktop Search] "C:ProgramGoogleGoogle Desktop SearchGoogleDesktop.exe" /startup
O4 - HKLM..Run: [ccApp] "C:ProgramDelade filerSymantec SharedccApp.exe"
O4 - HKLM..Run: [itype] "C:ProgramMicrosoft IntelliType Proitype.exe"
O4 - HKLM..Run: [IntelliPoint] "C:ProgramMicrosoft IntelliPointipoint.exe"
O4 - HKLM..Run: [au] C:ProgramDealioDealioAU.exe
O4 - HKLM..Run: [SearchSettings] C:ProgramSearch SettingsSearchSettings.exe
O4 - HKLM..Run: [Symantec PIF AlertEng] "C:ProgramDelade filerSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe" /a /m "C:ProgramDelade filerSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}AlertEng.dll"
O4 - HKLM..Run: [QuickTime Task] "C:ProgramQuickTimeQTTask.exe" -atboottime
O4 - HKLM..Run: [iTunesHelper] "C:ProgramiTunesiTunesHelper.exe"
O4 - HKLM..Run: [piletofetu] Rundll32.exe "C:WINDOWSsystem32fagunake.dll",s
O4 - HKLM..Run: [c241ce41] rundll32.exe "C:WINDOWSsystem32manuhavi.dll",b
O4 - HKLM..Run: [Norman ZANDA] "C:NormanNpmbinZLH.EXE" /LOAD /SPLASH
O4 - HKLM..Run: [CPMc172fddd] Rundll32.exe "c:windowssystem32nevoputo.dll",a
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [MSMSGS] "C:ProgramMessengerMsmsgs.exe" /background
O4 - HKCU..Run: [Free Download Manager] C:ProgramFree Download Managerfdm.exe -autorun
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUSS-1-5-19..Run: [piletofetu] Rundll32.exe "C:WINDOWSsystem32fagunake.dll",s (User 'LOKAL TJÄNST')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:ProgramDelade filerAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:ProgramAdobeAcrobat 7.0Readerreader_sl.exe
O4 - Global Startup: Last.fm Helper.lnk = C:Last.fmLastFMHelper.exe
O8 - Extra context menu item: &Windows Live Search - res://C:ProgramWindows Live Toolbarmsntb.dll/search.htm
O8 - Extra context menu item: Compare Prices with &Dealio - C:Documents and SettingsMartinApplication DataDealiokb125resDealioSearch.html
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: Download All by FlashGet - C:ProgramFlashGetjc_all.htm
O8 - Extra context menu item: Download Image with Download Manager - tbr:iemenudownload
O8 - Extra context menu item: Download URL in selection with Download Manager - tbr:iemenudownsel
O8 - Extra context menu item: Download URL with Download Manager - tbr:iemenudownload
O8 - Extra context menu item: Download using FlashGet - C:ProgramFlashGetjc_link.htm
O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:ProgramMICROS~2OFFICE11EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgramJavajre1.6.0_01binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgramJavajre1.6.0_01binssv.dll
O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:ProgramMICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:ProgramFlashGetflashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:ProgramFlashGetflashget.exe
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:ProgramDealiokb125Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:ProgramDealiokb125Dealio.dll
O9 - Extra button: @c:ProgramMessengerMsgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:ProgramMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: @c:ProgramMessengerMsgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:ProgramMessengermsmsgs.exe
O16 - DPF: {00C1329F-D6C9-46A2-8C3F-23F50977F0A5} (SMUpdateAX Class) - http://www.liquidlab...et/SetupInf.cab
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://lnknsr03.gbgsd.se/qp2.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.c...nst20040510.cab
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - http://lnknsr05.gbgsd.se/iNotes6W.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:ProgramDELADE~1SkypeSKYPE4~1.DLL
O20 - AppInit_DLLs: C:ProgramGoogleGOOGLE~1GOEC62~1.DLL C:WINDOWSsystem32jahasike.dll c:windowssystem32nevoputo.dll c:windowssystem32topapope.dll c:windowssystem32zuhuwuro.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:windowssystem32zuhuwuro.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:windowssystem32zuhuwuro.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:ProgramDelade filerAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:ProgramBonjourmDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:ProgramDelade filerSymantec SharedccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:ProgramDelade filerSymantec SharedccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:ProgramDelade filerSymantec SharedccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:ProgramDelade filerSymantec SharedVAScannercomHost.exe
O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:NormanNpmbinELOGSVC.EXE
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:ProgramGoogleGoogle Desktop SearchGoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:ProgramGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:ProgramDelade filerInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:ProgramiPodbiniPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:ProgramSymantecLIVEUP~1LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:ProgramDelade filerSymantec SharedccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:ProgramDelade filerSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:ProgramNetropaMultimedia Keyboardnhksrv.exe
O23 - Service: Norman NJeeves - Norman ASA - C:NormanNpmbinNJEEVES.EXE
O23 - Service: Norman ZANDA - Norman ASA - C:NormanNpmBinZanda.exe
O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:NormannsebinNSESVC.EXE
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:NormanNvcbinnvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:NormanNvcBINNVCSCHED.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:ProgramSpyware DoctorpctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:ProgramSpyware DoctorpctsSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:ProgramDelade filerSymantec SharedCCPD-LCsymlcsvc.exe
O23 - Service: CLCV0 (UTSCSI) - Unknown owner - C:WINDOWSsystem32UTSCSI.EXE
--
End of file - 15727 bytes
Det här inlägget har redigerats av Malou: 24 januari 2009 - 20:45
Tråden/Ämnet är låst:
