Søg
Avatar billede sprucemoose Nybegynder
23. april 2004 - 09:12 Der er 1 løsning

Hjælp til logfil fra Adaware+Hijackthis!!

Har brug for en der kan se om der er mere spyware eller lign. i nedenstående logfil. Har fået bugt med en del, men der er stadig 9 ting der bliver ved med at komme igen i reg. databasen.
Log fra Adaware:
Windows RegData Vulnerability HKEY_CURRENT_USER:Software\Microsoft\Windows\CurrentVersion\Policies\Explorer"SpecifyDefaultButtons" () Possible unwanted enabling of browser button restriction ability
Windows RegData Vulnerability HKEY_CURRENT_USER:Software\Microsoft\Windows\CurrentVersion\Policies\Explorer"Btn_Search" () Possible unwanted block of search button
Windows RegData Vulnerability HKEY_CURRENT_USER:Software\Microsoft\Windows\CurrentVersion\Policies\Explorer"Btn_Back" () Possible unwanted block of back button
Windows RegData Vulnerability HKEY_CURRENT_USER:Software\Microsoft\Windows\CurrentVersion\Policies\Explorer"Btn_Forward" () Possible unwanted block of forward button
Windows RegData Vulnerability HKEY_CURRENT_USER:Software\Microsoft\Windows\CurrentVersion\Policies\Explorer"Btn_Stop" () Possible unwanted block of stop button
Windows RegData Vulnerability HKEY_CURRENT_USER:Software\Microsoft\Windows\CurrentVersion\Policies\Explorer"Btn_Refresh" () Possible unwanted block of refresh button
Windows RegData Vulnerability HKEY_CURRENT_USER:Software\Microsoft\Windows\CurrentVersion\Policies\Explorer"Btn_Home" () Possible unwanted block of home button
Windows RegData Vulnerability HKEY_CURRENT_USER:Software\Microsoft\Windows\CurrentVersion\Policies\Explorer"Btn_History" () Possible unwanted block of history button
Windows RegData Vulnerability HKEY_CURRENT_USER:Software\Microsoft\Windows\CurrentVersion\Policies\Explorer"Btn_Favorites" ()

Log fra Hijakthis:

Logfile of HijackThis v1.97.7
Scan saved at 09:06:03, on 23-04-2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\Program Files\IBM\Client Access\Emulator\PCSCM.EXE
C:\Program Files\IBM\Client Access\Emulator\PCSCM.EXE
C:\Program Files\IBM\Client Access\Emulator\PCSCM.EXE
C:\Program Files\IBM\Client Access\Emulator\PCSCM.EXE
C:\Program Files\IBM\Client Access\Emulator\PCSCM.EXE
C:\Program Files\IBM\Client Access\Emulator\PCSCM.EXE
C:\Program Files\IBM\Client Access\Emulator\PCSCM.EXE
C:\Program Files\IBM\Client Access\Emulator\PCSCM.EXE
C:\Program Files\IBM\Client Access\Emulator\PCSCM.EXE
C:\Program Files\IBM\Client Access\Emulator\PCSCM.EXE
C:\Program Files\IBM\Client Access\Emulator\PCSCM.EXE
C:\Program Files\IBM\Client Access\Emulator\PCSCM.EXE
C:\Program Files\IBM\Client Access\Emulator\PCSCM.EXE
C:\Program Files\IBM\Client Access\Emulator\PCSCM.EXE
C:\Program Files\IBM\Client Access\Emulator\PCSCM.EXE
C:\WINNT\system32\rdpclip.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Microsoft Office\Office\OUTLOOK.EXE
C:\Program Files\mltarc\StrJwSrv.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Common Files\System\MAPI\1030\nt\MAPISP32.EXE
c:\program files\ibm\client access\emulator\pcsws.exe
C:\Program Files\IBM\Client Access\Emulator\PCSCM.EXE
c:\program files\ibm\client access\emulator\pcsws.exe
C:\Program Files\IBM\Client Access\cwblmsrv.exe
C:\Program Files\IBM\Client Access\Emulator\PCSCM.EXE
C:\Program Files\IBM\Client Access\Emulator\PCSCM.EXE
C:\WINNT\system32\rdpclip.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\mltarc\StrJwSrv.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Lavasoft\Ad-aware 6\Ad-aware.exe
C:\Program Files\IBM\Client Access\Emulator\PCSCM.EXE
C:\Documents and Settings\tf\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://intranet
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://intranet
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\System32\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
F2 - REG:system.ini: UserInit=C:\WINNT\system32\userinit.exe,
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [CPQTEAM] CPQTEAM.EXE
O4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [Client Access Service] "C:\Program Files\IBM\Client Access\cwbsvstr.exe"
O4 - HKLM\..\Run: [Client Access Help Update] "C:\Program Files\IBM\Client Access\cwbinhlp.exe"
O4 - HKLM\..\Run: [Client Access Check Version] "C:\Program Files\IBM\Client Access\cwbckver.exe" LOGIN
O4 - HKLM\..\Run: [Client Access Express Welcome] "C:\Program Files\IBM\Client Access\cwbwlwiz.exe"
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe"
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Internet Explorer.lnk = C:\Program Files\Internet Explorer\IEXPLORE.EXE
O4 - Global Startup: Microsoft Outlook.lnk = C:\Program Files\Microsoft Office\Office\OUTLOOK.EXE
O4 - Global Startup: Start Java Server.lnk = C:\Program Files\mltarc\StrJwSrv.exe
O10 - Broken Internet access because of LSP provider 'c:\documents and settings\tf\windows\system32\rnr20.dll' missing
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template and Media Control) - http://office.microsoft.com/templates/ieawsdc.cab
O16 - DPF: {02BED220-FBC7-4392-93A2-3A50B056F78E} - http://down.plaxo.com/down/release/instub.cab
O16 - DPF: {0D06CDB2-163D-46FD-94B7-BD3B1D69F846} (WDX.WDX_Main) - https://www.web-direct.dk/WDX.CAB
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {1FB464C8-09BB-4017-A2F5-EB742F04392F} (Microsoft Terminal Services Control (redist)) - http://2000-terminal/myconsole/mstscax.cab
O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) - https://business.bgbank.dk/html/activex/BG/Menu.cab
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://ledningsinfo.esbjergkommune.dk/Esbjerg/viewer63/mgaxctrl.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://213.229.27.222/activex/AxisCamControl.ocx
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37868.0183796296
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F6A56D95-A3A3-11D2-AC26-400000058481} (Danske e-Sec) - https://business.bgbank.dk/businessbg/activex/DanskeSikker.cab
O16 - DPF: {FF2ED99D-13F1-460A-9A8F-C1A876B62D37} (WDX.WDX_Main) - https://www.web-direct.dk/WDX.CAB
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = lauri.dk
O17 - HKLM\System\CCS\Services\Tcpip\..\{19737F23-CAB8-49B2-9A09-420722A4C158}: NameServer = 10.10.11.15,10.10.11.14
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = lauri.dk
O17 - HKLM\System\CS1\Services\Tcpip\..\{19737F23-CAB8-49B2-9A09-420722A4C158}: NameServer = 10.10.11.15,10.10.11.14
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = lauri.dk
O17 - HKLM\System\CS2\Services\Tcpip\..\{19737F23-CAB8-49B2-9A09-420722A4C158}: NameServer = 10.10.11.15,10.10.11.14
Avatar billede sprucemoose Nybegynder
23. april 2004 - 16:19 #1
SLet
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Andet sikkerhed kategorien

Titel Indlæg Oprettet Seneste aktivitet
hvilken afløser kan I anbefale? Af jcr18 i Andet sikkerhed 5 17/03/202610:32 18/03/202615:36
Advarsler om datalæk for nogle apps Af nu_igen i Andet sikkerhed 6 02/02/202614:54 03/02/202613:45
Mail fra Yousee ? Svindel? Af nu_igen i Andet sikkerhed 4 13/01/202617:27 14/01/202609:36
Er det sandsynligt, at jeg har været udsat for phishing Af Slettet bruger i Andet sikkerhed 4 13/11/202515:09 14/11/202510:45
Google fake Af johp i Andet sikkerhed 3 27/10/202516:31 28/10/202506:52
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
I dag 17:32 Jeg kan ikke opdatere min iPad til ios 26.4.1. Af Bettina i Apps til iOS
I dag 08:32 Office pakke LTSC vs Retail? Af Don G i Office & Kontorpakker
I går 21:19 Lydindstilling Prosonic TV Af TageArent i Fjernsyn & projektorer
I går 15:37 Sort skærm Af mort1 i Windows
09/0412:32 iPadOS 26.4.1 kan ikke opdatere Af claes57 i Apps til iOS
White papers
Flere white papers »