HiJackThis log.

Software d.  19. november. 2006, skrevet af Kimj
Vist: 647 gange.

Kimj
 
Overclocker
Tilføjet:
19-11-2006 11:30:37
Svar/Indlæg:
13/7
kan i ikke lige kigge på denne log

Logfile of HijackThis v1.99.1
Scan saved at 11:12:46, on 19-11-2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\\WINDOWS\\System32\\smss.exe
C:\\WINDOWS\\system32\\winlogon.exe
C:\\WINDOWS\\system32\\services.exe
C:\\WINDOWS\\system32\\lsass.exe
C:\\WINDOWS\\system32\\svchost.exe
C:\\WINDOWS\\System32\\svchost.exe
C:\\WINDOWS\\System32\\brsvc01a.exe
C:\\WINDOWS\\system32\\spoolsv.exe
C:\\WINDOWS\\System32\\brss01a.exe
C:\\WINDOWS\\Explorer.EXE
C:\\Programmer\\Symantec\\Norton Ghost 2003\\GhostStartTrayApp.exe
C:\\Programmer\\ScanSoft\\PaperPort\\pptd40nt.exe
C:\\Programmer\\Brother\\ControlCenter2\\brctrcen.exe
C:\\Programmer\\Fælles filer\\Real\\Update_OB\\realsched.exe
C:\\WINDOWS\\system32\\LVCOMSX.EXE
C:\\Programmer\\Logitech\\Video\\LogiTray.exe
C:\\Programmer\\Intel\\Intel Matrix Storage Manager\\iaanotif.exe
C:\\Programmer\\RivaTuner v2.0 RC 15.7\\RivaTuner.exe
C:\\Programmer\\RivaTuner v2.0 RC 15.7\\Tools\\RivaTunerStatisticsServer\\RivaTunerStatisticsServer.exe
C:\\PROGRA~1\\Nokia\\NOKIAP~1\\LAUNCH~1.EXE
C:\\WINDOWS\\System32\\RUNDLL32.EXE
C:\\WINDOWS\\System32\\wkssr.exe
C:\\Programmer\\Java\\jre1.5.0_09\\bin\\jusched.exe
C:\\WINDOWS\\SOUNDMAN.EXE
C:\\WINDOWS\\System32\\ctfmon.exe
C:\\Programmer\\MSN Messenger\\MsnMsgr.Exe
D:\\installerede spil\\hl2\\steam.exe
C:\\Programmer\\Skype\\Phone\\Skype.exe
C:\\Programmer\\Nokia\\Nokia PC Suite 6\\PcSync2.exe
C:\\Programmer\\Metacafe\\MetacafeAgent.exe
C:\\Programmer\\AVerTV\\QuickTV.exe
C:\\Programmer\\Logitech\\Video\\FxSvr2.exe
C:\\WINDOWS\\system32\\Brmfrmps.exe
C:\\PROGRA~1\\Symantec\\NORTON~1\\GHOSTS~2.EXE
C:\\Programmer\\Intel\\Intel Matrix Storage Manager\\iaantmon.exe
C:\\WINDOWS\\lsass.exe
C:\\PROGRA~1\\FLLESF~1\\Nokia\\MPAPI\\MPAPI3s.exe
C:\\PROGRA~1\\NORTON~1\\SPEEDD~1\\nopdb.exe
C:\\WINDOWS\\System32\\svchost.exe
C:\\Programmer\\Fælles filer\\PCSuite\\Services\\ServiceLayer.exe
C:\\Documents and Settings\\kim jensen\\Skrivebord\\hjt\\hjt.exe

R1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page_bak = http://www.kandu.dk/dk/last25....
R1 - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings,ProxyOverride = localhost
R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\\Programmer\\Adobe\\Acrobat 5.0\\Reader\\ActiveX\\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\\Programmer\\Spybot - Search & Destroy\\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Programmer\\Java\\jre1.5.0_09\\bin\\ssv.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\\Programmer\\Norton SystemWorks\\Norton AntiVirus\\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\\Programmer\\Norton SystemWorks\\Norton AntiVirus\\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\\WINDOWS\\System32\\msdxm.ocx
O4 - HKLM\\..\\Run: [ccApp] "C:\\Programmer\\Fælles filer\\Symantec Shared\\ccApp.exe"
O4 - HKLM\\..\\Run: [ccRegVfy] "C:\\Programmer\\Fælles filer\\Symantec Shared\\ccRegVfy.exe"
O4 - HKLM\\..\\Run: [GhostStartTrayApp] C:\\Programmer\\Symantec\\Norton Ghost 2003\\GhostStartTrayApp.exe
O4 - HKLM\\..\\Run: [NvCplDaemon] RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup
O4 - HKLM\\..\\Run: [nwiz] nwiz.exe /install
O4 - HKLM\\..\\Run: [Symantec NetDriver Monitor] C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe /Consumer
O4 - HKLM\\..\\Run: [NeroFilterCheck] C:\\WINDOWS\\system32\\NeroCheck.exe
O4 - HKLM\\..\\Run: [SSBkgdUpdate] "C:\\Programmer\\Fælles filer\\Scansoft Shared\\SSBkgdUpdate\\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\\..\\Run: [PaperPort PTD] C:\\Programmer\\ScanSoft\\PaperPort\\pptd40nt.exe
O4 - HKLM\\..\\Run: [IndexSearch] C:\\Programmer\\ScanSoft\\PaperPort\\IndexSearch.exe
O4 - HKLM\\..\\Run: [SetDefPrt] C:\\Programmer\\Brother\\Brmfl04a\\BrStDvPt.exe
O4 - HKLM\\..\\Run: [ControlCenter2.0] C:\\Programmer\\Brother\\ControlCenter2\\brctrcen.exe /autorun
O4 - HKLM\\..\\Run: [TkBellExe] "C:\\Programmer\\Fælles filer\\Real\\Update_OB\\realsched.exe" -osboot
O4 - HKLM\\..\\Run: [DAEMON Tools-1033] "C:\\Programmer\\D-Tools\\daemon.exe" -lang 1033
O4 - HKLM\\..\\Run: [LVCOMSX] C:\\WINDOWS\\system32\\LVCOMSX.EXE
O4 - HKLM\\..\\Run: [LogitechVideoRepair] C:\\Programmer\\Logitech\\Video\\ISStart.exe
O4 - HKLM\\..\\Run: [LogitechVideoTray] C:\\Programmer\\Logitech\\Video\\LogiTray.exe
O4 - HKLM\\..\\Run: [IAAnotif] C:\\Programmer\\Intel\\Intel Matrix Storage Manager\\iaanotif.exe
O4 - HKLM\\..\\Run: [RivaTuner] "C:\\Programmer\\RivaTuner v2.0 RC 15.7\\RivaTuner.exe" /T
O4 - HKLM\\..\\Run: [RivaTunerStatisticsServer] "C:\\Programmer\\RivaTuner v2.0 RC 15.7\\Tools\\RivaTunerStatisticsServer\\RivaTunerStatisticsServer.exe" /s
O4 - HKLM\\..\\Run: [PCSuiteTrayApplication] C:\\PROGRA~1\\Nokia\\NOKIAP~1\\LAUNCH~1.EXE -startup
O4 - HKLM\\..\\Run: [NvMediaCenter] RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\\..\\Run: [Microsoft dll Host Service ] wkssr.exe
O4 - HKLM\\..\\Run: [SunJavaUpdateSched] "C:\\Programmer\\Java\\jre1.5.0_09\\bin\\jusched.exe"
O4 - HKLM\\..\\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\\..\\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\\..\\RunServices: [Microsoft dll Host Service ] wkssr.exe
O4 - HKCU\\..\\Run: [CTFMON.EXE] C:\\WINDOWS\\System32\\ctfmon.exe
O4 - HKCU\\..\\Run: [MsnMsgr] "C:\\Programmer\\MSN Messenger\\MsnMsgr.Exe" /background
O4 - HKCU\\..\\Run: [Tweak-XP Pro] "C:\\Programmer\\Tweak-XP Pro\\Tweak-xp.exe" -ex
O4 - HKCU\\..\\Run: [Steam] "d:\\installerede spil\\hl2\\steam.exe" -silent
O4 - HKCU\\..\\Run: [LogitechSoftwareUpdate] C:\\Programmer\\Logitech\\Video\\ManifestEngine.exe boot
O4 - HKCU\\..\\Run: [Skype] "C:\\Programmer\\Skype\\Phone\\Skype.exe" /nosplash /minimized
O4 - HKCU\\..\\Run: [PcSync] C:\\Programmer\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog
O4 - HKCU\\..\\Run: [Microsoft dll Host Service ] wkssr.exe
O4 - HKCU\\..\\RunServices: [Microsoft dll Host Service ] wkssr.exe
O4 - Startup: MetaCafe.lnk = C:\\Programmer\\Metacafe\\MetacafeAgent.exe
O4 - Startup: Xfire.lnk = C:\\Programmer\\Xfire\\Xfire.exe
O4 - Global Startup: MetaCafe.lnk = C:\\Programmer\\Metacafe\\MetacafeAgent.exe
O4 - Global Startup: Microsoft Office.lnk = C:\\Programmer\\Microsoft Office\\Office10\\OSA.EXE
O4 - Global Startup: QuickTV.lnk = C:\\Programmer\\AVerTV\\QuickTV.exe
O4 - Global Startup: Status Monitor.lnk = C:\\Programmer\\Brother\\Brmfcmon\\BrMfcWnd.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\\PROGRA~1\\MICROS~2\\Office10\\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\\Programmer\\Java\\jre1.5.0_09\\bin\\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\\Programmer\\Java\\jre1.5.0_09\\bin\\ssv.dll
O16 - DPF: {01111C00-3E00-11D2-8470-0060089874ED} (Support.com ActionRunner Class) - http://netsupport2.tdconline.d...
O16 - DPF: {01111E00-3E00-11D2-8470-0060089874ED} (Support.com SmartIssue) - http://netsupport2.tdconline.d...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink...
O16 - DPF: {236F8648-E986-46B2-A3C9-C312CF08B7F8} - http://www.sexdating.dk/messen...
O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) - https://netbank.danskebank.dk/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/mi...
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/...
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\..\\{0BF25923-503C-4E5E-B35F-62748FAFCE65}: NameServer = 62.61.131.0,62.61.131.1
O17 - HKLM\\System\\CS1\\Services\\Tcpip\\..\\{0BF25923-503C-4E5E-B35F-62748FAFCE65}: NameServer = 62.61.131.0,62.61.131.1
O17 - HKLM\\System\\CS2\\Services\\Tcpip\\..\\{0BF25923-503C-4E5E-B35F-62748FAFCE65}: NameServer = 62.61.131.0,62.61.131.1
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\\PROGRA~1\\MSNMES~1\\msgrapp.dll" (file missing)
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - C:\\WINDOWS\\system32\\Brmfrmps.exe" -service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\\WINDOWS\\System32\\brsvc01a.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\\Programmer\\Fælles filer\\Symantec Shared\\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\\Programmer\\Fælles filer\\Symantec Shared\\ccPwdSvc.exe
O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - C:\\Programmer\\Norton Internet Security\\ccPxySvc.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\\PROGRA~1\\Symantec\\NORTON~1\\GHOSTS~2.EXE
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\\Programmer\\Intel\\Intel Matrix Storage Manager\\iaantmon.exe
O23 - Service: LSA Shel (Export Version) - Unknown owner - C:\\WINDOWS\\lsass.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\\Programmer\\Norton SystemWorks\\Norton AntiVirus\\navapsvc.exe
O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - C:\\Programmer\\Norton Internet Security\\NISUM.EXE
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\\Programmer\\Norton SystemWorks\\Norton Utilities\\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\\WINDOWS\\system32\\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\\PROGRA~1\\FLLESF~1\\SYMANT~1\\SCRIPT~1\\SBServ.exe
O23 - Service: ServiceLayer - Nokia. - C:\\Programmer\\Fælles filer\\PCSuite\\Services\\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\\Programmer\\Fælles filer\\Symantec Shared\\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\\PROGRA~1\\NORTON~1\\SPEEDD~1\\nopdb.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\\Programmer\\Fælles filer\\Symantec Shared\\Security Center\\SymWSC.exe



Illuminati
 
Elitebruger
Tilføjet:
19-11-2006 11:51:36
Svar/Indlæg:
10398/435
det havde været smart hvis du lukkede nogle programmer..

udsøg denne: wkssr.exe



foo
 
Elitebruger
Tilføjet:
19-11-2006 16:04:28
Svar/Indlæg:
1685/240
kender ikke lige brss10a.exe, så den ville jeg også lige kigge på...