 |  |  |  |  |  |  |  |
My PC is acting strange....
 |
Cant put my finger on it though, but some strange activeX etc has got me suspicious.... Anything you specialists have to say about my hijackthis log?
Logfile of HijackThis v1.99.0
Scan saved at 13:17:14, on 10.10.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programfiler\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Norman\bin\ZLH.EXE
C:\Programfiler\Microsoft AntiSpyware\gcasServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programfiler\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Programfiler\Skyr@cer Pro Utility\WLANPRO.exe
C:\Programfiler\Microsoft Office\OFFICE11\ONENOTEM.EXE
C:\Programfiler\Rainlendar\Rainlendar.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\crypserv.exe
C:\Programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Norman\Bin\Zanda.exe
C:\Programfiler\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Norman\bin\NJEEVES.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\N R\Mine dokumenter\Backup\HijackThis\HijackThis.exe
C:\Norman\Nvc\bin\nvcoas.exe
C:\Norman\Nvc\BIN\NIP.EXE
C:\Norman\Nvc\BIN\nipsvc.exe
C:\Norman\Nvc\BIN\NVCSCHED.EXE
C:\Norman\Nvc\bin\cclaw.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [gcasServ] "C:\Programfiler\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Programfiler\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Startup: Rainlendar.lnk = C:\Programfiler\Rainlendar\Rainlendar.exe
O4 - Global Startup: Picture Package Menu.lnk = C:\Programfiler\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
O4 - Global Startup: Skyr@cer Pro Configuration Utility.lnk = C:\Programfiler\Skyr@cer Pro Utility\WLANPRO.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1125357097234
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Crypkey License - Unknown - crypserv.exe (file missing)
O23 - Service: InCD Helper - Nero AG - C:\Programfiler\Ahead\InCD\InCDsrv.exe
O23 - Service: Norman API-hooking helper - Unknown - C:\Norman\Nvc\BIN\nipsvc.exe
O23 - Service: Norman NJeeves - Unknown - C:\Norman\bin\NJEEVES.EXE
O23 - Service: Norman ZANDA - Unknown - C:\Norman\Bin\Zanda.exe
O23 - Service: Norman Virus Control on-access component - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler - Norman Data Defense Systems - C:\Norman\Nvc\BIN\NVCSCHED.EXE
O23 - Service: SmartLinkService - Unknown - slserv.exe (file missing)
Anyone?
Logfile of HijackThis v1.99.0
Scan saved at 13:17:14, on 10.10.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programfiler\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Norman\bin\ZLH.EXE
C:\Programfiler\Microsoft AntiSpyware\gcasServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programfiler\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Programfiler\Skyr@cer Pro Utility\WLANPRO.exe
C:\Programfiler\Microsoft Office\OFFICE11\ONENOTEM.EXE
C:\Programfiler\Rainlendar\Rainlendar.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\crypserv.exe
C:\Programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Norman\Bin\Zanda.exe
C:\Programfiler\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Norman\bin\NJEEVES.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\N R\Mine dokumenter\Backup\HijackThis\HijackThis.exe
C:\Norman\Nvc\bin\nvcoas.exe
C:\Norman\Nvc\BIN\NIP.EXE
C:\Norman\Nvc\BIN\nipsvc.exe
C:\Norman\Nvc\BIN\NVCSCHED.EXE
C:\Norman\Nvc\bin\cclaw.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [gcasServ] "C:\Programfiler\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Programfiler\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Startup: Rainlendar.lnk = C:\Programfiler\Rainlendar\Rainlendar.exe
O4 - Global Startup: Picture Package Menu.lnk = C:\Programfiler\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
O4 - Global Startup: Skyr@cer Pro Configuration Utility.lnk = C:\Programfiler\Skyr@cer Pro Utility\WLANPRO.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1125357097234
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Crypkey License - Unknown - crypserv.exe (file missing)
O23 - Service: InCD Helper - Nero AG - C:\Programfiler\Ahead\InCD\InCDsrv.exe
O23 - Service: Norman API-hooking helper - Unknown - C:\Norman\Nvc\BIN\nipsvc.exe
O23 - Service: Norman NJeeves - Unknown - C:\Norman\bin\NJEEVES.EXE
O23 - Service: Norman ZANDA - Unknown - C:\Norman\Bin\Zanda.exe
O23 - Service: Norman Virus Control on-access component - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler - Norman Data Defense Systems - C:\Norman\Nvc\BIN\NVCSCHED.EXE
O23 - Service: SmartLinkService - Unknown - slserv.exe (file missing)
Anyone?
|
Similar Threads
- Can anyone help me....Redhat 9 cannot boot...... (*nix Software)
- Cd burners can't read blank cd's (Storage)
- May solve some ie problems! (Windows NT / 2000 / XP)
- "Run time error, do you wish to debug?" (Web Browsers)
- My Pc keeps restarting when connecting to the internet (Troubleshooting Dead Machines)
- Can someone look at my HijackThis Filelog? (Viruses, Spyware and other Nasties)
- KDS Monitor-Degaussing problem (Monitors, Displays and Video Cards)
Other Threads in the Viruses, Spyware and other Nasties Forum
- Previous Thread: I have a problem!
- Next Thread: msdirectx.exe troubles
Views: 2035 | Replies: 1
| Thread Tools | Search this Thread |
Latest Viruses, Spyware and other Nasties Posts
Related Forum Features
Tag cloud for Viruses, Spyware and other Nasties
acrobat adware anti-malware anti-virussitesaccessissue antivirus apple attack avg backtoschoolspeech bar blackhat botnet botnets censorship china combofix commercial conficker control cybercrime cyberwarfare ddos education email europe exam exploit explorer facebook fake fancheckvirus firefox gtaiv halloween herss.exe hijack hosting ie8 internet iphone links logfiles malware mcafee microsoft mobile msn nazi news norton obama onlinethreats paedophile panel parents patch pc pdf policeprovirusmba-mblockedinternetaccess president privacy pro redirect redirecting report research rogueantivirus rootkit samhain sans scareware search security seopoisoning sites software spam spyware spywareexternalwindows7adminstratortrojans symantec system teen threat translate trojan unabletoaccessanti-virussites unwanted update usa virus viruses vista vulnerability war warning windows worm yahoo zero-day zeroday
