Hoppa till innehåll

Virus

ArgSnickare

Av ArgSnickare
i Dator

 Dela

Rekommendera inlägg

Gäst wAcko

Gäst wAcko

Skrivet
Skrivet

HijackThis lists the contents of key areas of the Registry and hard drive--areas that are used by both legitimate programmers and hijackers. The program is continually updated to detect and remove new hijacks. It does not target specific programs and URLs, only the methods used by hijackers to force you onto their sites.

 

As a result, false positives are imminent, and unless you're sure about what you're doing, you always should consult with knowledgeable folks before deleting anything. Version 2.0.2 includes unspecified updates.

Länk till kommentar
Dela på andra sajter
ArgSnickare Newbie

ArgSnickare

Skrivet
  • Författare
Skrivet

HijackThis lists the contents of key areas of the Registry and hard drive--areas that are used by both legitimate programmers and hijackers. The program is continually updated to detect and remove new hijacks. It does not target specific programs and URLs, only the methods used by hijackers to force you onto their sites.

 

As a result, false positives are imminent, and unless you're sure about what you're doing, you always should consult with knowledgeable folks before deleting anything. Version 2.0.2 includes unspecified updates.

Ehm... svenska?

Länk till kommentar
Dela på andra sajter
Gäst wAcko

Gäst wAcko

Skrivet
Skrivet (redigerat)

Det visar vad datorn håller på med, och vad som håller på. den skapar en loggfil som vi skulle vilja att du postar här så vi kan söka igenom den för saker som spökar.

 

exempel

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 22:17:04, on 2008-07-21

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\System32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\CTsvcCDA.exe

C:\Program\Delade filer\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\System32\MsPMSPSv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\windows\system\hpsysdrv.exe

C:\Program\USB Storage RW\shwicon.exe

C:\HP\KBD\KBD.EXE

C:\WINDOWS\system32\CTHELPER.EXE

C:\Program\Razer\DeathAdder\razerhid.exe

C:\Program\Logitech\GamePanel Software\LCD Manager\LCDMon.exe

C:\Program\Razer\DeathAdder\razerofa.exe

C:\Program\Logitech\GamePanel Software\G-series Software\LGDCore.exe

C:\Program\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe

C:\Program\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program\Razer\DeathAdder\razertra.exe

C:\Program\Mozilla Firefox\firefox.exe

C:\DOCUME~1\GAREN~1\LOKALA~1\Temp\Blizzard Installer Bootstrap - 007963dd\Installer.exe

C:\Program\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file:///C:/WINDOWS/msagent/intl/erikzuakah/erikzuakkkaa.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll

O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe

O4 - HKLM\..\Run: [KYE_Showicon] "C:\Program\USB Storage RW\shwicon.exe" -t"KYE\USB Storage RW"

O4 - HKLM\..\Run: [storageGuard] "C:\Program\VERITAS Software\Update Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [WCOLOREAL] C:\Program\Coloreal\coloreal.exe

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [Jet Detection] C:\Program\Creative\SBAudigy\PROGRAM\ADGJDet.exe

O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe

O4 - HKLM\..\Run: [ATICCC] "C:\Program\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay

O4 - HKLM\..\Run: [DeathAdder] C:\Program\Razer\DeathAdder\razerhid.exe

O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"

O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE

O4 - HKLM\..\Run: [AVP] "C:\Program\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"

O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [setDefaultMidi] MIDIDEF.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [setDefaultMidi] MIDIDEF.EXE (User 'Default user')

O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O20 - AppInit_DLLs: C:\Program\KASPER~1\KASPER~1\mzvkbd.dll,C:\Program\KASPER~1\KASPER~1\adialhk.dll,C:\Program\KASPER~1\KASPER~1\kloehk.dll

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

 

--

End of file - 4661 bytes

 

Redigerat av wAcko
Länk till kommentar
Dela på andra sajter

Gå med i konversationen

Du kan skriva nu och registrera dig senare. Om du har ett konto, logga in nu för att posta med ditt konto.

Gäst
Svara på det här ämnet...

×   Klistrade in som rich text.   Klistra in som vanlig text istället

  Endast 75 emojis är tillåtet.

×   Din länk har automatiskt inbäddats.   Visa som en länk istället

×   Ditt tidigare innehåll har återställts.   Rensa redigeraren

×   Du kan inte klistra in bilder direkt. Ladda upp eller infoga bilder från URL.

×
 Dela
Gå till ämneslistan
×
×
  • Skapa ny...

Copyright 2000-2024 Crownberry AB | Integritetspolicy