Home   News  Product reviews  Website reviews  Forums   Competitions  Subscribe 
Search
Click for the best Google Earth extras
You are not logged in.
Login | New user registration 		Main Index | Search | Active Topics | Who's Online | FAQ / HELP

Security >> HijackThis logs help and analysis
Previous thread Previous   View all threads Index   Next thread Next   Flat Mode Flat  

 |  Print Thread
katysmith
regular


Reg'd: Mon
Posts: 29
Re: ns###.tmp files
      Sat Feb 16 2008 04:38 PM
Reply to this post Reply   Reply to this post Quote  

Here it is. Not a thing about ns .tmp files as far as I can see. However, you are a better judge.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:29:16, on 16.02.2008
Platform: Windows XP SP2 (WinNT

5.01.2600)
MSIE: Internet Explorer v6.00 SP2

(6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\PROGRAMME\WindowBlinds\wbload

.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Grisoft\AVG Anti-Spyware

7.5\guard.exe
C:\Programme\Java\jre1.6.0_03\bin\jusche

d.exe
E:\PROGRA~1\Grisoft\AVG7\avgamsvr.e

xe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EX

E
E:\PROGRA~1\Grisoft\AVG7\avgupsvc.e

xe
E:\PROGRA~1\Grisoft\AVG7\avgemc.ex

e
E:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Programme\Grisoft\AVG Anti-Spyware

7.5\avgas.exe
C:\WINDOWS\system32\cisvc.exe
C:\Programme\Gemeinsame

Dateien\Microsoft

Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\System32\svchost.exe
D:\PROGRAMME\Firefox\firefox.exe
C:\Programme\Outlook

Express\msimn.exe
E:\Program Files\Trend

Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet

Explorer\Main,Start Page =

http://www.google.de/ig?hl=de
R0 - HKCU\Software\Microsoft\Internet

Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet

Explorer\Main,Local Page =
R3 - URLSearchHook: Yahoo! Toolbar

mit Pop-Up-Blocker -

{EF99BD32-C1FB-11D2-892F-0090271D

4F88} - (no file)
O2 - BHO: (no name) -

-{00000000-6CB0-410C-8C3D-8FA8D20

11D0A} - (no file)
O2 - BHO: Yahoo! Toolbar Helper -

{02478D38-C3F9-4EFB-9B51-7695ECA

05670} - (no file)
O2 - BHO: AcroIEHlprObj Class -

{06849E9F-C8D7-4D59-B87D-784B7D6

BE0B3} - (no file)
O2 - BHO: (no name) -

{206E52E0-D52E-11D4-AD54-0000E86

C26F6} -

E:\PROGRAMME\FreshDevices\FreshDo

wnload\FDCatch.dll
O2 - BHO: (no name) -

{53707962-6F74-2D53-2644-206D79424

84F} -

D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class -

{761497BB-D6F0-462C-B6EB-D4DAF1

D92D43} -

C:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper -

{AA58ED58-01DD-4d91-8333-CF105774

73F7} -

c:\programme\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO -

{AF69DE43-7D58-4638-B6FA-CE66B5A

D205D} -

C:\Programme\Google\GoogleToolbarNoti

fier\2.0.301.7164\swg.dll
O3 - Toolbar: Easy-WebPrint -

{327C2873-E90D-4c37-AA9D-10AC9BA

BA46C} - (no file)
O3 - Toolbar: &Google -

{2318C2B1-4965-11d4-9B18-009027A5C

D4F} -

c:\programme\google\googletoolbar4.dll
O3 - Toolbar: FreshDownload Bar -

{ED0E8CA5-42FB-4B18-997B-769E040

8E79D} -

E:\PROGRAMME\FreshDevices\FreshDo

wnload\fdiebar.dll
O3 - Toolbar: Yahoo! Toolbar mit

Pop-Up-Blocker -

{EF99BD32-C1FB-11D2-892F-0090271D

4F88} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon]

RUNDLL32.EXE

C:\WINDOWS\system32\NvCpl.dll,NvSta

rtup
O4 - HKLM\..\Run:

[SunJavaUpdateSched]

"C:\Programme\Java\jre1.6.0_03\bin\jusch

ed.exe"
O4 - HKLM\..\Run: [SoundMan]

SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvMediaCenter]

RUNDLL32.EXE

C:\WINDOWS\system32\NvMcTray.dll,N

vTaskbarInit
O4 - HKLM\..\Run: [AVG7_CC]

E:\PROGRA~1\Grisoft\AVG7\avgcc.exe

/STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware]

"C:\Programme\Grisoft\AVG

Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Red Swoosh]

C:\Programme\RSSoft\RedSwoosh.exe /S
O4 - HKUS\S-1-5-19\..\Run:

[CTFMON.EXE]

C:\WINDOWS\System32\CTFMON.EXE

(User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run]

E:\PROGRA~1\Grisoft\AVG7\avgw.exe

/RUNONCE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run:

[CTFMON.EXE]

C:\WINDOWS\System32\CTFMON.EXE

(User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run:

[CTFMON.EXE]

C:\WINDOWS\system32\ctfmon.exe

(User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run:

[CTFMON.EXE]

C:\WINDOWS\system32\ctfmon.exe

(User 'Default user')
O6 -

HKCU\Software\Policies\Microsoft\Intern

et Explorer\Restrictions present
O6 -

HKCU\Software\Policies\Microsoft\Intern

et Explorer\Control Panel present
O8 - Extra context menu item: Nach

Microsoft &Excel exportieren -

res://C:\PROGRA~1\MICROS~2\OFFICE

11\EXCEL.EXE/3000
O9 - Extra button: (no name) -

{08B0E5C0-4FCB-11CF-AAA5-00401C6

08501} -

C:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java

Konsole -

{08B0E5C0-4FCB-11CF-AAA5-00401C6

08501} -

C:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherchieren -

{92780B25-18CC-41C8-B9BE-3C9C571

A8263} -

C:\PROGRA~1\MICROS~2\OFFICE11\R

EFIEBAR.DLL
O9 - Extra button: FreshDownload -

{9D3A3F1A-732A-42F9-B8E0-6D9EC67

CF8F2} -

E:\PROGRAMME\FreshDevices\FreshDo

wnload\fd.exe
O16 - DPF:

{238F6F83-B8B4-11CF-8771-00A024541

EE3} (Citrix ICA Client) -

http://a516.g.akamai.net/f/516/25175/7d/r

unaware.download.akamai.com/25175/citr

ix/wficat-no-eula.cab
O16 - DPF:

{30528230-99f7-4bb4-88d8-fa1d4f56a2ab

} (YInstStarter Class) -
O16 - DPF:

{67A5F8DC-1A4B-4D66-9F24-A704AD9

29EEE} (System Requirements Lab) -

http://www.nvidia.com/content/DriverDo

wnload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF:

{74DBCB52-F298-4110-951D-AD2FF67

BC8AB} (NVIDIA Smart Scan) -

http://www.nvidia.com/content/DriverDo

wnload/nforce/NvidiaSmartScan.cab
O23 - Service: AVG Anti-Spyware Guard -

GRISOFT s.r.o. -

C:\Programme\Grisoft\AVG Anti-Spyware

7.5\guard.exe
O23 - Service: AVG7 Alert Manager

Server (Avg7Alrt) - GRISOFT, s.r.o. -

E:\PROGRA~1\Grisoft\AVG7\avgamsvr.e

xe
O23 - Service: AVG7 Update Service

(Avg7UpdSvc) - GRISOFT, s.r.o. -

E:\PROGRA~1\Grisoft\AVG7\avgupsvc.e

xe
O23 - Service: AVG E-mail Scanner

(AVGEMS) - GRISOFT, s.r.o. -

E:\PROGRA~1\Grisoft\AVG7\avgemc.ex

e
O23 - Service: Google Updater Service

(gusvc) - Google -

C:\Programme\Google\Common\Google

Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver

Service (NVSvc) - NVIDIA Corporation -

C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture

Protocol v.0 (experimental) (rpcapd) -

CACE Technologies -

C:\Programme\WinPcap\rpcapd.exe
O24 - Desktop Component 0: (no name) -

file:///C:/DOKUME~1/LOKALE~1/Temp/

msohtml1/01/clip_image002.jpg

--
End of file - 6201 bytes


+ Created at: 17:17:25 16.02.2008

+ Scan result:



C:\WINDOWS\system32\b4fm.dll ->

Adware.BurnFree : Cleaned.
:mozilla.65:C:\Dokumente und

Einstellungen\Anwendungsdaten\Mozilla\

Firefox\Profiles\7330air8.default\cookies.t

xt -> TrackingCookie.Safer-networking :

Cleaned.
C:\Dokumente und

Einstellungen\Cookies\riebach@m.webtr

ends[2].txt -> TrackingCookie.Webtrends

: Cleaned.


::Report end

Post Extras Print Post   Remind Me!     Notify Moderator
Rate this thread

Jump to


Entire topic
Subject Posted by Posted on
* ns###.tmp files katysmith Fri Feb 15 2008 05:37 PM
. * * Re: ns###.tmp files katysmith   Sat Feb 16 2008 04:38 PM
. * * Re: ns###.tmp files bricatModerator   Sat Feb 16 2008 04:55 PM
. * * Re: ns###.tmp files katysmith   Sun Feb 17 2008 09:36 AM
. * * Re: ns###.tmp files katysmith   Sun Feb 17 2008 03:31 PM
. * * Re: ns###.tmp files bricatModerator   Sun Feb 17 2008 03:33 PM
. * * Re: ns###.tmp files katysmith   Sun Feb 17 2008 05:28 PM
. * * Re: ns###.tmp files bricatModerator   Sun Feb 17 2008 07:10 PM
. * * Re: ns###.tmp files bricatModerator   Sun Feb 17 2008 09:50 AM
. * * Re: ns###.tmp files bricatModerator   Fri Feb 15 2008 06:49 PM
. * * Re: ns###.tmp files katysmith   Sat Feb 16 2008 12:51 PM
. * * Re: ns###.tmp files bricatModerator   Sat Feb 16 2008 01:28 PM
. * * Re: ns###.tmp files katysmith   Sat Feb 16 2008 02:18 PM

Extra information
1 registered and 21 anonymous users are browsing this forum.

Moderator:  putasolutions, greysts, bricat, AndrewC, Joe_London, John_McKenna, Mouse, Hello_There, TheFatControlleR, Nanook, Noviciate 


Print Thread
Forum Permissions
      You cannot start new topics
      You cannot reply to topics
      HTML is disabled
      Mark-up is enabled

Rating:
Thread views: 0

Contact Us | Privacy statement Main website
Hitwise Top 10 Award Winner - Jan-Mar 2005

About us | Contact us | Link to us | Terms & Conditions | Privacy Policy
© Copyright IPC Media Limited, All rights reserved