Notifikationer

Markér alle som læst Log ud

dallezuper Nybegynder

25. januar 2005 - 19:42 Der er 27 kommentarer og
2 løsninger

Trojan der blir ved at poppe op?

Hejsa,

Jeg er ved at fixe en computer for en anden der har fået en eller flere trojaner der bliver fanget af norton antivirus, men som ikke kan slettes eller gøres noget ved.
Har fået hjælp herinde før nogle gange så håber nogen er klar til at hjælpe.

Logfile of HijackThis v1.99.0
Scan saved at 19:42:27, on 25/01/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Canon\BJCard\Bjmcmng.exe
C:\WINDOWS\System32\gearsec.exe
C:\Programmer\Norton AntiVirus\navapsvc.exe
C:\Programmer\Norton Utilities\NPROTECT.EXE
C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe
C:\Programmer\Speed Disk\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Programmer\Fælles filer\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\alg.exe
C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe
C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
C:\Programmer\USB Product Driver v1.20r037\shwicon.exe
C:\Programmer\HP\HP Share-to-Web\hpgs2wnd.exe
C:\Programmer\QuickTime\qttask.exe
C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Programmer\HP\HP Share-to-Web\hpgs2wnf.exe
C:\Programmer\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Programmer\HPQ\Quick Launch Buttons\EabServr.exe
C:\PROGRA~1\FLLESF~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\Programmer\HP\Digital Imaging\Unload\hpqcmon.exe
C:\Programmer\Canon\BJPV\TVMon.exe
C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\FLLESF~1\PCSuite\Services\SERVIC~1.EXE
C:\Programmer\Apoint2K\Apoint.exe
C:\WINDOWS\wefrwok.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Apoint2K\Apntex.exe
C:\Programmer\Avaya_Wireless\Client Manager\CMAVA.EXE
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmer\Norton Utilities\SYSDOC32.EXE
C:\Programmer\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Timmi Gaye\Skrivebord\hijackthis\hjt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.formatureaudiencesonly.com/search.php?a=1025542&type=direct&aff_id=272&keywords=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.formatureaudiencesonly.com/search.php?a=1025542&type=direct&aff_id=272&keywords=
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmer\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programmer\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmer\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [UpdateManager] "C:\Programmer\Fælles filer\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [ShowIcon_Zynet_USB Product Driver v1.20r037] "C:\Programmer\USB Product Driver v1.20r037\shwicon.exe" -t"Zynet\USB Product Driver v1.20r037"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programmer\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Programmer\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Programmer\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\FLLESF~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [Cpqset] C:\Programmer\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Programmer\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [BJPD HID Control] C:\Programmer\Canon\BJPV\TVMon.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [Apoint] C:\Programmer\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [akajM] C:\WINDOWS\wefrwok.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THGuard] "C:\Programmer\TrojanHunter 4.1\THGuard.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Avaya Wireless Client Manager.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Norton System Doctor.lnk = C:\Programmer\Norton Utilities\SYSDOC32.EXE
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Expekt.com Poker - {3852AC86-965F-4abe-A75F-3DCB7E81A4B2} - C:\Programmer\expektMPP\MPPoker.exe
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/027d26d2a3c4e066c205/netzip/RdxIE601.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {99802379-7362-40E2-9D28-8A3B9AF880B7} - http://hotsearchbar.com/toolbar2/winhot32.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O23 - Service: Adobe LM Service - Unknown - C:\Programmer\Fælles filer\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Canon BJ Memory Card Manager - CANON INC. - C:\Programmer\Canon\BJCard\Bjmcmng.exe
O23 - Service: Sikkerhedsservice til udstyr - GEAR Software - C:\WINDOWS\System32\gearsec.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect - Symantec Corporation - C:\Programmer\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection - Symantec Corporation - C:\Programmer\Norton Utilities\NPROTECT.EXE
O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\FLLESF~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service - Analog Devices, Inc. - C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\Programmer\Speed Disk\nopdb.exe
O23 - Service: SymWMI Service - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\Security Center\SymWSC.exe

Der var den.

På forhånd tak.

Mvh
Dallezuper

Synes godt om

johnstigers Seniormester

25. januar 2005 - 19:49 #1

Kigger på den med det samme.

Synes godt om

dallezuper Nybegynder

25. januar 2005 - 19:53 #2

takker. lyder godt.
Håber du finder det skidt.

Synes godt om

johnstigers Seniormester

25. januar 2005 - 20:01 #3

Disse skal fixes - efter fix genstarter du pc og smider en ny log til gennemtjek.

C:\WINDOWS\wefrwok.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.formatureaudiencesonly.com/search.php?a=1025542&type=direct&aff_id=272&keywords=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.formatureaudiencesonly.com/search.php?a=1025542&type=direct&aff_id=272&keywords=
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - (no file)
O4 - HKLM\..\Run: [akajM] C:\WINDOWS\wefrwok.exe
O16 - DPF: {99802379-7362-40E2-9D28-8A3B9AF880B7} - http://hotsearchbar.com/toolbar2/winhot32.cab

Hvis ikke du har installeret dette selv (poker program fra expekt.com skal du også fixe dette: O9 - Extra button: Expekt.com Poker - {3852AC86-965F-4abe-A75F-3DCB7E81A4B2} - C:\Programmer\expektMPP\MPPoker.exe

Synes godt om

dallezuper Nybegynder

25. januar 2005 - 20:14 #4

så fixede jeg dem. den eneste jeg ikke ku finde og fixe var: C:\WINDOWS\wefrwok.exe

En ny hijack this log:
Logfile of HijackThis v1.99.0
Scan saved at 20:14:39, on 25/01/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Canon\BJCard\Bjmcmng.exe
C:\WINDOWS\System32\gearsec.exe
C:\Programmer\Norton AntiVirus\navapsvc.exe
C:\Programmer\Norton Utilities\NPROTECT.EXE
C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe
C:\Programmer\Speed Disk\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Programmer\Fælles filer\Symantec Shared\Security Center\SymWSC.exe
C:\Programmer\Fælles filer\Sonic\Update Manager\sgtray.exe
C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe
C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
C:\Programmer\USB Product Driver v1.20r037\shwicon.exe
C:\Programmer\HP\HP Share-to-Web\hpgs2wnd.exe
C:\Programmer\QuickTime\qttask.exe
C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Programmer\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Programmer\HP\HP Share-to-Web\hpgs2wnf.exe
C:\Programmer\HPQ\Quick Launch Buttons\EabServr.exe
C:\PROGRA~1\FLLESF~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\Programmer\HP\Digital Imaging\Unload\hpqcmon.exe
C:\Programmer\Canon\BJPV\TVMon.exe
C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\FLLESF~1\PCSuite\Services\SERVIC~1.EXE
C:\Programmer\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programmer\ISTsvc\istsvc.exe
C:\Programmer\Apoint2K\Apntex.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Programmer\Avaya_Wireless\Client Manager\CMAVA.EXE
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Norton Utilities\SYSDOC32.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Documents and Settings\Timmi Gaye\Skrivebord\hijackthis\hjt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.search.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmer\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programmer\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmer\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [UpdateManager] "C:\Programmer\Fælles filer\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [ShowIcon_Zynet_USB Product Driver v1.20r037] "C:\Programmer\USB Product Driver v1.20r037\shwicon.exe" -t"Zynet\USB Product Driver v1.20r037"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programmer\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Programmer\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Programmer\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\FLLESF~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [Cpqset] C:\Programmer\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Programmer\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [BJPD HID Control] C:\Programmer\Canon\BJPV\TVMon.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [Apoint] C:\Programmer\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THGuard] "C:\Programmer\TrojanHunter 4.1\THGuard.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [IST Service] C:\Programmer\ISTsvc\istsvc.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Avaya Wireless Client Manager.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Norton System Doctor.lnk = C:\Programmer\Norton Utilities\SYSDOC32.EXE
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Expekt.com Poker - {3852AC86-965F-4abe-A75F-3DCB7E81A4B2} - C:\Programmer\expektMPP\MPPoker.exe
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/027d26d2a3c4e066c205/netzip/RdxIE601.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O23 - Service: Adobe LM Service - Unknown - C:\Programmer\Fælles filer\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Canon BJ Memory Card Manager - CANON INC. - C:\Programmer\Canon\BJCard\Bjmcmng.exe
O23 - Service: Sikkerhedsservice til udstyr - GEAR Software - C:\WINDOWS\System32\gearsec.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect - Symantec Corporation - C:\Programmer\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection - Symantec Corporation - C:\Programmer\Norton Utilities\NPROTECT.EXE
O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\FLLESF~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service - Analog Devices, Inc. - C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\Programmer\Speed Disk\nopdb.exe
O23 - Service: SymWMI Service - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\Security Center\SymWSC.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmer\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programmer\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmer\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [UpdateManager] "C:\Programmer\Fælles filer\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [ShowIcon_Zynet_USB Product Driver v1.20r037] "C:\Programmer\USB Product Driver v1.20r037\shwicon.exe" -t"Zynet\USB Product Driver v1.20r037"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programmer\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Programmer\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Programmer\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\FLLESF~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [Cpqset] C:\Programmer\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Programmer\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [BJPD HID Control] C:\Programmer\Canon\BJPV\TVMon.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [Apoint] C:\Programmer\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THGuard] "C:\Programmer\TrojanHunter 4.1\THGuard.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [IST Service] C:\Programmer\ISTsvc\istsvc.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Avaya Wireless Client Manager.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Norton System Doctor.lnk = C:\Programmer\Norton Utilities\SYSDOC32.EXE
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Expekt.com Poker - {3852AC86-965F-4abe-A75F-3DCB7E81A4B2} - C:\Programmer\expektMPP\MPPoker.exe
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/027d26d2a3c4e066c205/netzip/RdxIE601.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O23 - Service: Adobe LM Service - Unknown - C:\Programmer\Fælles filer\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Canon BJ Memory Card Manager - CANON INC. - C:\Programmer\Canon\BJCard\Bjmcmng.exe
O23 - Service: Sikkerhedsservice til udstyr - GEAR Software - C:\WINDOWS\System32\gearsec.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect - Symantec Corporation - C:\Programmer\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection - Symantec Corporation - C:\Programmer\Norton Utilities\NPROTECT.EXE
O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\FLLESF~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service - Analog Devices, Inc. - C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\Programmer\Speed Disk\nopdb.exe
O23 - Service: SymWMI Service - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\Security Center\SymWSC.exe

Er der stadig noget?

Synes godt om

johnstigers Seniormester

25. januar 2005 - 20:16 #5

genstart i fejlsikker tilstand og fix C:\WINDOWS\wefrwok.exe den vej

Synes godt om

dallezuper Nybegynder

25. januar 2005 - 20:19 #6

okay tak.. det gør og sender en ny log ind.

Synes godt om

tonnybrandt Nybegynder

25. januar 2005 - 20:23 #7

John > O4 - HKLM\..\Run: [IST Service] C:\Programmer\ISTsvc\istsvc.exe

Synes godt om

dallezuper Nybegynder

25. januar 2005 - 20:30 #8

sådan en ny log kommer her:
Logfile of HijackThis v1.99.0
Scan saved at 20:29:42, on 25/01/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Canon\BJCard\Bjmcmng.exe
C:\WINDOWS\System32\gearsec.exe
C:\Programmer\Norton AntiVirus\navapsvc.exe
C:\Programmer\Norton Utilities\NPROTECT.EXE
C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe
C:\Programmer\Speed Disk\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Programmer\Fælles filer\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Programmer\Fælles filer\Sonic\Update Manager\sgtray.exe
C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe
C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
C:\Programmer\USB Product Driver v1.20r037\shwicon.exe
C:\Programmer\HP\HP Share-to-Web\hpgs2wnd.exe
C:\Programmer\QuickTime\qttask.exe
C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Programmer\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Programmer\HPQ\Quick Launch Buttons\EabServr.exe
C:\PROGRA~1\FLLESF~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\Programmer\HP\Digital Imaging\Unload\hpqcmon.exe
C:\Programmer\Canon\BJPV\TVMon.exe
C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmer\HP\HP Share-to-Web\hpgs2wnf.exe
C:\Programmer\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\FLLESF~1\PCSuite\Services\SERVIC~1.EXE
C:\Programmer\ISTsvc\istsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Programmer\Apoint2K\Apntex.exe
C:\Programmer\Avaya_Wireless\Client Manager\CMAVA.EXE
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmer\Norton Utilities\SYSDOC32.EXE
C:\Documents and Settings\Timmi Gaye\Skrivebord\hijackthis\hjt.exe
C:\Programmer\Internet Explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmer\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programmer\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmer\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [UpdateManager] "C:\Programmer\Fælles filer\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [ShowIcon_Zynet_USB Product Driver v1.20r037] "C:\Programmer\USB Product Driver v1.20r037\shwicon.exe" -t"Zynet\USB Product Driver v1.20r037"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programmer\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Programmer\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Programmer\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\FLLESF~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [Cpqset] C:\Programmer\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Programmer\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [BJPD HID Control] C:\Programmer\Canon\BJPV\TVMon.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [Apoint] C:\Programmer\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THGuard] "C:\Programmer\TrojanHunter 4.1\THGuard.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [IST Service] C:\Programmer\ISTsvc\istsvc.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Avaya Wireless Client Manager.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Norton System Doctor.lnk = C:\Programmer\Norton Utilities\SYSDOC32.EXE
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Expekt.com Poker - {3852AC86-965F-4abe-A75F-3DCB7E81A4B2} - C:\Programmer\expektMPP\MPPoker.exe
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/027d26d2a3c4e066c205/netzip/RdxIE601.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O23 - Service: Adobe LM Service - Unknown - C:\Programmer\Fælles filer\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Canon BJ Memory Card Manager - CANON INC. - C:\Programmer\Canon\BJCard\Bjmcmng.exe
O23 - Service: Sikkerhedsservice til udstyr - GEAR Software - C:\WINDOWS\System32\gearsec.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect - Symantec Corporation - C:\Programmer\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection - Symantec Corporation - C:\Programmer\Norton Utilities\NPROTECT.EXE
O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\FLLESF~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service - Analog Devices, Inc. - C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\Programmer\Speed Disk\nopdb.exe
O23 - Service: SymWMI Service - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\Security Center\SymWSC.exe

mere skidt der skal væk?

Synes godt om

dallezuper Nybegynder

25. januar 2005 - 20:38 #9

tonnybrandt: den du henviser til skal den også slettes?

Synes godt om

johnstigers Seniormester

25. januar 2005 - 20:46 #10

dalle> jep

Synes godt om

johnstigers Seniormester

25. januar 2005 - 20:46 #11

tonny min væææn - tak ;)

Synes godt om

tonnybrandt Nybegynder

25. januar 2005 - 20:47 #12

John > Velbekomme :)

Synes godt om

dallezuper Nybegynder

25. januar 2005 - 20:53 #13

sådan , så kommer den ny log her:
Logfile of HijackThis v1.99.0
Scan saved at 20:51:55, on 25/01/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Canon\BJCard\Bjmcmng.exe
C:\WINDOWS\System32\gearsec.exe
C:\Programmer\Norton AntiVirus\navapsvc.exe
C:\Programmer\Norton Utilities\NPROTECT.EXE
C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe
C:\Programmer\Speed Disk\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fælles filer\Symantec Shared\Security Center\SymWSC.exe
C:\Programmer\Fælles filer\Sonic\Update Manager\sgtray.exe
C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe
C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
C:\Programmer\USB Product Driver v1.20r037\shwicon.exe
C:\Programmer\HP\HP Share-to-Web\hpgs2wnd.exe
C:\Programmer\QuickTime\qttask.exe
C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Programmer\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Programmer\HP\HP Share-to-Web\hpgs2wnf.exe
C:\Programmer\HPQ\Quick Launch Buttons\EabServr.exe
C:\PROGRA~1\FLLESF~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\Programmer\HP\Digital Imaging\Unload\hpqcmon.exe
C:\Programmer\Canon\BJPV\TVMon.exe
C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmer\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\FLLESF~1\PCSuite\Services\SERVIC~1.EXE
C:\Programmer\ISTsvc\istsvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Apoint2K\Apntex.exe
C:\Programmer\Avaya_Wireless\Client Manager\CMAVA.EXE
C:\Programmer\Norton Utilities\SYSDOC32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Timmi Gaye\Skrivebord\hijackthis\hjt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\Internet Explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmer\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programmer\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmer\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [UpdateManager] "C:\Programmer\Fælles filer\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [ShowIcon_Zynet_USB Product Driver v1.20r037] "C:\Programmer\USB Product Driver v1.20r037\shwicon.exe" -t"Zynet\USB Product Driver v1.20r037"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programmer\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Programmer\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Programmer\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\FLLESF~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [Cpqset] C:\Programmer\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Programmer\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [BJPD HID Control] C:\Programmer\Canon\BJPV\TVMon.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [Apoint] C:\Programmer\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [IST Service] C:\Programmer\ISTsvc\istsvc.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Avaya Wireless Client Manager.lnk = ?
O4 - Global Startup: Norton System Doctor.lnk = C:\Programmer\Norton Utilities\SYSDOC32.EXE
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Expekt.com Poker - {3852AC86-965F-4abe-A75F-3DCB7E81A4B2} - C:\Programmer\expektMPP\MPPoker.exe
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/027d26d2a3c4e066c205/netzip/RdxIE601.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O23 - Service: Adobe LM Service - Unknown - C:\Programmer\Fælles filer\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Canon BJ Memory Card Manager - CANON INC. - C:\Programmer\Canon\BJCard\Bjmcmng.exe
O23 - Service: Sikkerhedsservice til udstyr - GEAR Software - C:\WINDOWS\System32\gearsec.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect - Symantec Corporation - C:\Programmer\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection - Symantec Corporation - C:\Programmer\Norton Utilities\NPROTECT.EXE
O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\FLLESF~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service - Analog Devices, Inc. - C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\Programmer\Speed Disk\nopdb.exe
O23 - Service: SymWMI Service - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\Security Center\SymWSC.exe

er den fri for alt nu?

Synes godt om

johnstigers Seniormester

25. januar 2005 - 21:19 #14

Nej - ´prøvede du at fixe C:\Programmer\ISTsvc\istsvc.exe i fejlsikker tilstand?
Den kan nemlig være lidt genstridig...
Se her hvad det er: http://www.liutilities.com/products/wintaskspro/processlibrary/istsvc/

Synes godt om

johnstigers Seniormester

25. januar 2005 - 21:21 #15

Tonny> hvis du har den gyldne løsning til at fjerne den - hvis altså den ikke kan slettes umiddelbart - må du gerne bryde ind :)

Jeg ved man kan bruge reglite: http://www.resplendence.com/download/reglite.exe
Men har ikke erfaring i det program :(

Synes godt om

tonnybrandt Nybegynder

25. januar 2005 - 21:34 #16

Det nemmeste er hvis den simeplthen kan afinstalleres i tilføj/fjern programmer.
Den der skal afinstalleres er: istbar

Ellers skal jeg nok hjælpe med at få den væk vha værktøjer.

Synes godt om

dallezuper Nybegynder

25. januar 2005 - 21:38 #17

Okay. jeg prøvede ikke i fejlsikret tilstand.
Jeg ser imorgen om den kan slettes fra tilføj/fjern programmer.
Jeg er taget hjem og har ikke computeren ved mig nu. men har det igen imorgen.

Håber I er friske på at hjælpe mig af med den sidste istsvc.exe imorgen?

på forhånd tak.

Synes godt om

dallezuper Nybegynder

26. januar 2005 - 17:33 #18

Hej igen.

Den ligger ikke inde i tilføj/fjern.
KAn du hjælpe med at få det fjerne via værktøjer?

Synes godt om

tonnybrandt Nybegynder

26. januar 2005 - 18:26 #19

Vi prøver da *s*

Tryk start - > kør og skriv "regedit"

Naviger hen til:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

I højre side find og slet:

"IST Service" = "C:\Program Files\ISTsvc\ISTsvc.exe"

Naviger nu hen til:

HKEY_LOCAL_MACHINE\Software\ISTsvc

Slet ISTsvc også..

Luk regedit

Find og slet mappen
C:\Program Files\ISTsvc
i stifinderen.

Genstart i normal tilstand og kom med en ny log.

Synes godt om

dallezuper Nybegynder

26. januar 2005 - 18:40 #20

Gjort. Ny log kommer her:

Logfile of HijackThis v1.99.0
Scan saved at 18:39:16, on 26/01/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Canon\BJCard\Bjmcmng.exe
C:\WINDOWS\System32\gearsec.exe
C:\Programmer\Norton AntiVirus\navapsvc.exe
C:\Programmer\Norton Utilities\NPROTECT.EXE
C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe
C:\Programmer\Speed Disk\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fælles filer\Symantec Shared\Security Center\SymWSC.exe
C:\Programmer\Fælles filer\Sonic\Update Manager\sgtray.exe
C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe
C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
C:\Programmer\USB Product Driver v1.20r037\shwicon.exe
C:\Programmer\HP\HP Share-to-Web\hpgs2wnd.exe
C:\Programmer\QuickTime\qttask.exe
C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Programmer\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Programmer\HPQ\Quick Launch Buttons\EabServr.exe
C:\PROGRA~1\FLLESF~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\Programmer\HP\HP Share-to-Web\hpgs2wnf.exe
C:\Programmer\HP\Digital Imaging\Unload\hpqcmon.exe
C:\Programmer\Canon\BJPV\TVMon.exe
C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\FLLESF~1\PCSuite\Services\SERVIC~1.EXE
C:\Programmer\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Avaya_Wireless\Client Manager\CMAVA.EXE
C:\Programmer\Norton Utilities\SYSDOC32.EXE
C:\Programmer\Apoint2K\Apntex.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Timmi Gaye\Skrivebord\hijackthis\hjt.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmer\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programmer\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmer\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [UpdateManager] "C:\Programmer\Fælles filer\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [ShowIcon_Zynet_USB Product Driver v1.20r037] "C:\Programmer\USB Product Driver v1.20r037\shwicon.exe" -t"Zynet\USB Product Driver v1.20r037"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programmer\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Programmer\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Programmer\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\FLLESF~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [Cpqset] C:\Programmer\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Programmer\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [BJPD HID Control] C:\Programmer\Canon\BJPV\TVMon.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [Apoint] C:\Programmer\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Avaya Wireless Client Manager.lnk = ?
O4 - Global Startup: Norton System Doctor.lnk = C:\Programmer\Norton Utilities\SYSDOC32.EXE
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Expekt.com Poker - {3852AC86-965F-4abe-A75F-3DCB7E81A4B2} - C:\Programmer\expektMPP\MPPoker.exe
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/027d26d2a3c4e066c205/netzip/RdxIE601.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O23 - Service: Adobe LM Service - Unknown - C:\Programmer\Fælles filer\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Canon BJ Memory Card Manager - CANON INC. - C:\Programmer\Canon\BJCard\Bjmcmng.exe
O23 - Service: Sikkerhedsservice til udstyr - GEAR Software - C:\WINDOWS\System32\gearsec.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect - Symantec Corporation - C:\Programmer\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection - Symantec Corporation - C:\Programmer\Norton Utilities\NPROTECT.EXE
O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\FLLESF~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service - Analog Devices, Inc. - C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\Programmer\Speed Disk\nopdb.exe
O23 - Service: SymWMI Service - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\Security Center\SymWSC.exe

er den færdig gjort nu?

Synes godt om

tonnybrandt Nybegynder

26. januar 2005 - 19:16 #21

Ja, det er den faktisk, men vent lige på at John også lige kigger den igennem.

Synes godt om

dallezuper Nybegynder

26. januar 2005 - 19:28 #22

okay. takker. kan jeg slå systemgendannelse til igen?

Synes godt om

tonnybrandt Nybegynder

26. januar 2005 - 19:34 #23

Nu vidste jeg ikke du havde slået den fra, men det må du gerne.

Synes godt om

johnstigers Seniormester

26. januar 2005 - 19:53 #24

Kan heller ikke få øje på mere snavs.
Tonny du skal også have points syntes jeg - svar :)

Synes godt om

tonnybrandt Nybegynder

26. januar 2005 - 19:58 #25

Ok, så kommer her et svar.

dallezuper >> Du kan evt installere nogle af programmerne i spywarefri pakken..de er alle små, konflikter ikke og er meget effektive mod snavs af den slags du lige har været angrebet af.

Specielt anbefaler vi Spybot,spywareblaster, IE-Spyad og spywareguard.
Se mere i "pakken" her
http://www.spywarefri.dk/pakken.htm

Synes godt om

dallezuper Nybegynder

27. januar 2005 - 07:54 #26

okay. takker.

Jeg vil lige installere noget spyware fjerner. takker for linksene.

hvordan skal jeg dele pointene mellem jer?

Synes godt om

tonnybrandt Nybegynder

27. januar 2005 - 08:45 #27

Du kan trykke knappen avanceret og kan så dele pointene op imellem svarene. Det bruges hvis man selv vil fordele pointstørrelsen imellem flere svar.

Hvis du vil dele ligeligt imellem os, kan du markere begge navne på samme tid nede til venstre og trykke accepter knappen.

Synes godt om

dallezuper Nybegynder

27. januar 2005 - 20:03 #28

Håber at det er rimeligt fordelt. mange tak for hjælpen begge to

Synes godt om

tonnybrandt Nybegynder

27. januar 2005 - 22:20 #29

Helt iorden :)

Velbekomme og takker for point *s*

Synes godt om

Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Følg dette spørgsmål

Opret Preview

Se alle it-kurser fra Computerworld Kurser

IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.

Se alle it-kurser

Flere spørgsmål fra Andet sikkerhed kategorien

Titel	Indlæg	Oprettet	Seneste aktivitet
hvilken afløser kan I anbefale? Af jcr18 i Andet sikkerhed	5	17/03/202610:32	18/03/202615:36
Advarsler om datalæk for nogle apps Af nu_igen i Andet sikkerhed	6	02/02/202614:54	03/02/202613:45
Mail fra Yousee ? Svindel? Af nu_igen i Andet sikkerhed	4	13/01/202617:27	14/01/202609:36
Er det sandsynligt, at jeg har været udsat for phishing Af Slettet bruger i Andet sikkerhed	4	13/11/202515:09	14/11/202510:45
Google fake Af johp i Andet sikkerhed	3	27/10/202516:31	28/10/202506:52

Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten

Seneste artiklerRSS

03/04

Podcasten Hard Fork giver et skarpt blik på ugens vigtigste tech-historier

03/04

Nørgaard: Læs skideballen fra en ukrainer til Rheinmetal - og derfor trender #MadeByHousewives

03/04

Læs hele Computerworlds løn-magasin: Så meget får danske it-folk i løn

02/04

Sådan kan du implementere ansvarlig AI i din organisation

01/04

Vi tester to udgaver af Denons Home-højttalere - og vi er ikke i tvivl om dommen

01/04

Som slagterlærling traf Rasmus et livsændrende valg: Nu er han udviklingschef i kæmpe energivirksomhed

01/04

Hård kritik efter tirsdagens stor-nedbrud: MitID er som en stor hullet ost og kan udvikle sig til en national katastrofe

01/04

OpenAI får kæmpemæssig kapitaltilførsel: Bliver værdisat til 5.500 milliarder kroner

01/04

Anthropic-medarbejder har ved et uheld lækket hele Claude Codes kildekode: 500.000 linier kode sluppet fri

01/04

Mørklægger årsag til tirsdagens timelange MitID-nedbrud: Vil intet fortælle af 'sikkerhedsmæssige årsager'

01/04

Hver fjerde forventer nul kroner i lønforhøjelse: It-testerne er blandt branchens mest pessimistiske for tredje år i træk

Vis flere artikler

IT-JOB

Aller Media A/S

IT Operations Engineer

SOS International

Cloud Native Architect

Forsvarsministeriets Materiel- og Indkøbsstyrelse

Cyberdivisionen søger IT-supporter til Lokal IT Servicecenter i Karup

Forsikrings- og pensionsakademiet A/S

IT-teknisk profil

Evida

Løsningsarkitekt

Vis flere jobs

Seneste spørgsmål Seneste aktivitet

I går 09:43	AI google.com Af Peter Olsen i Andre onlineløsninger
31/0310:22	Makro der gemmer vedhæftet fil fra Msg og omdøber filen Af lokesa i Excel
30/0313:45	Kablet forbindelse mellem android telefon og windows 11 pc Af 1Dorte i Android
30/0312:04	Elementtype vises - og ikke billedet? Af hkprofil i Billedbehandling
29/0312:08	Problemer med replay af købte kursusvideoer Af annam i Browsere

White papers

Undgå at printeren bliver svageste led i sikkerheden
Konica Minolta
Erfaringer fra frontlinjen: Sådan ændrer trusselsbilledet sig
Arctic Wolf
Samarbejde mellem AI og mennesker styrker sikkerheden
Konica Minolta
Arctic Wolf Threat Report 2026: Sådan ændrer ransomware-landskabet sig
Arctic Wolf

Flere white papers »