Startside kan ikke skiftes.

Download hijackthis herfra og gem det i en folder for sig selv på dit skrivebord

http://downloadportal.dk/showdownload.asp?rid=3967&sp=Hijackthis%201.91
eller et direkte download link herfra www.arlet.dk/hjt.exe

Start programmet og vælge, at udføre en scan samt gemme en log fil.
Når hijackthis er færdig med, at scanne vil den bede dig om en placering hvor du vil gemme "hijackthis" en tekst fil.
Gem den i samme folder som hijackthis. Når du har sagt okay hopper der et nyt vindue frem nemlig notepad med en masse tekst linjer. Marker alle linjerne og kopir dem herind så jeg kan kigge på dem. Du må ikke selv begynde, at fikse noget i hijackthis.

Logfile of HijackThis v1.99.1
Scan saved at 23:30:33, on 09-04-2005
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Programmer\MessengerPlus! 3\MsgPlus.exe
C:\Programmer\Java\jre1.5.0_01\bin\jusched.exe
C:\WINDOWS\System32\atidrvxx.exe
C:\WINDOWS\System32\atiupdxx.exe
C:\WINDOWS\System32\MSOICONS.EXE
C:\Programmer\Messenger\msmsgs.exe
C:\WINDOWS\System32\WebSyncSvc.exe
C:\Programmer\VIA\RAID\raid_tool.exe
C:\Programmer\WinZip\WZQKPICK.EXE
C:\Programmer\Eyetide Media\Eyetide Viewer\EyetideController.exe
C:\Programmer\Fælles filer\Microsoft Shared\Works Shared\WkCalRem.exe
C:\WINDOWS\System32\devldr32.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Programmer\Persits Software\AspEmail\BIN\EmailAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\tcpcheck.exe
C:\WINDOWS\system32\udpcheck.exe
c:\windows\csrss.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\rundll32.exe
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\r?gedit.exe
C:\Documents and Settings\Soerensen\Application Data\eels.exe
C:\WINDOWS\System32\wuauclt.exe
C:\PROGRA~1\DAP\DAP.EXE
C:\Documents and Settings\Soerensen\Skrivebord\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\SOEREN~1\LOKALE~1\Temp\se.dll/spage.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\SOEREN~1\LOKALE~1\Temp\se.dll/spage.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: ShowBarObj Class - {43AE45CB-DDA7-454B-9650-93A4C090BDB8} - C:\Programmer\Eyetide Media\Eyetide Viewer\Toolbar\ETBar.dll
O2 - BHO: (no name) - {4CE2F424-6CA9-41C2-B391-50A91F749019} - C:\WINDOWS\System32\hoda.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {91E81055-F7E0-AA3B-9A78-D8C86B8F2AEB} - C:\WINDOWS\System32\eymjg.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &EyeTideBar - {987D027C-F0EF-40fa-9A1A-C45007F1F36F} - C:\Programmer\Eyetide Media\Eyetide Viewer\Toolbar\ETBar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programmer\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [tcp checker] tcpcheck.exe
O4 - HKLM\..\Run: [AtiDisplayDrv] atidrvxx.exe
O4 - HKLM\..\Run: [ATIUpdater] atiupdxx.exe
O4 - HKLM\..\Run: [HPWebSync] WebSyncSvc.exe
O4 - HKLM\..\Run: [sp] rundll32 C:\DOCUME~1\SOEREN~1\LOKALE~1\Temp\se.dll,DllInstall
O4 - HKLM\..\Run: [Microsoft Update Machine] MSOICONS.EXE
O4 - HKLM\..\RunServices: [AtiDisplayDrv] atidrvxx.exe
O4 - HKLM\..\RunServices: [ATIUpdater] atiupdxx.exe
O4 - HKLM\..\RunServices: [HPWebSync] WebSyncSvc.exe
O4 - HKLM\..\RunServices: [Microsoft Update Machine] MSOICONS.EXE
O4 - HKLM\..\RunServices: [tcp checker] tcpcheck.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programmer\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AtiDisplayDrv] atidrvxx.exe
O4 - HKCU\..\Run: [HPWebSync] WebSyncSvc.exe
O4 - HKCU\..\Run: [ATIUpdater] atiupdxx.exe
O4 - HKCU\..\Run: [Microsoft Update Machine] MSOICONS.EXE
O4 - HKCU\..\Run: [Wbns] C:\Documents and Settings\Soerensen\Application Data\eels.exe
O4 - HKCU\..\RunServices: [AtiDisplayDrv] atidrvxx.exe
O4 - HKCU\..\RunServices: [ATIUpdater] atiupdxx.exe
O4 - HKCU\..\RunServices: [HPWebSync] WebSyncSvc.exe
O4 - Startup: Eyetide Launcher.lnk = C:\Programmer\Eyetide Media\Eyetide Viewer\EyetideController.exe
O4 - Startup: wkcalrem.LNK = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: raid_tool.exe.lnk = C:\Programmer\VIA\RAID\raid_tool.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmer\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programmer\Fælles filer\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\MSMSGS.EXE
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971CanadaInc/ie/bridge-c7.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1110212496952
O16 - DPF: {79849612-A98F-45B8-95E9-4D13C7B6B35C} (Loader2 Control) - http://static.topconverting.com/activex/website.ocx
O16 - DPF: {7C559105-9ECF-42B8-B3F7-832E75EDD959} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_regular.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9E98E84C-79E1-49C3-82EB-798FCD552EFB} (VacPro.internazionale_ver4) - http://advnt01.com/dialer/internazionale_ver4.CAB
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller Control) - http://www.mt-download.com/MediaTicketsInstaller.cab?refid=3655
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O18 - Filter: text/html - {6DB6B10B-FF88-4AC6-AA96-D0164170E1BE} - C:\WINDOWS\System32\hoda.dll
O18 - Filter: text/plain - {6DB6B10B-FF88-4AC6-AA96-D0164170E1BE} - C:\WINDOWS\System32\hoda.dll
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Persits Software EmailAgent - Unknown owner - C:\Programmer\Persits Software\AspEmail\BIN\EmailAgent.exe" /run (file missing)
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Programmer\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Programmer\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcSandraSrv.exe
O23 - Service: TCPIP Managing Service (TCPIPManagingService) - Brought to you by the Bandwidth Bandits - C:\WINDOWS\SYSTEM32\tcpcheck.exe
O23 - Service: ZESOFT - Unknown owner - C:\WINDOWS\zeta.exe (file missing)



Min com køre meget dårligt mit net fryser hele tiden så hvad end du kan finde så vil det være mega nice.

Mit Ad-Aware vil ikke køre og mit S&D finder ikke noget

DD

Tror den er gået helt amok.
Den ligger også en masse mærkelige ting ind i mit fortrukne bla en masse porno.
Det er pisse træls.

DDD

Mon ikke du bare skal smide den log i stedet - vi har alle prøvet en træls maskine :)

Forkert spørgsmål - sorry.

hehe

kalp> venter du også på at han opdaterer til SP1?

Har jeg prøvet men det vil den heler ikke.

DDD

jeg er i gang med en procedure:)

Det er utroligt at folk stadig bruger IE til surfing når Firefox er 100 gange mere sikkert. - Held og lykke dog :)

Du er heldig DDD - du kører UDEN SP1 el. SP2. Det vil sige at din XP er så hullet at en rens faktisk ikke kan betale sig. Du BURDE opdatere til en servicepack før du får din log renset....

Download CWShredder (Vi skal bruge den senere)
http://www.mdegn.dk/download/CWShredder.exe

Download og gem denne scanner på skrivebordet. (Vi skal bruge den senere)
http://www.spywareinfo.dk/download/mwav.exe

Genstart i Fejlsikret tilstand ved at taste F8 under opstart. Kør HijackThis, scan og sæt et flueben ud for disse linjer - luk øvrige programvinduer. Dobbelttjeck alt kom med!. Klik herefter "Fix checked" i hijackthis:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\SOEREN~1\LOKALE~1\Temp\se.dll/spage.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\SOEREN~1\LOKALE~1\Temp\se.dll/spage.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {4CE2F424-6CA9-41C2-B391-50A91F749019} - C:\WINDOWS\System32\hoda.dll
O2 - BHO: (no name) - {91E81055-F7E0-AA3B-9A78-D8C86B8F2AEB} - C:\WINDOWS\System32\eymjg.dll
O4 - HKLM\..\Run: [tcp checker] tcpcheck.exe
O4 - HKLM\..\Run: [AtiDisplayDrv] atidrvxx.exe
O4 - HKLM\..\Run: [ATIUpdater] atiupdxx.exe
O4 - HKLM\..\Run: [HPWebSync] WebSyncSvc.exe
O4 - HKLM\..\Run: [sp] rundll32 C:\DOCUME~1\SOEREN~1\LOKALE~1\Temp\se.dll,DllInstall
O4 - HKLM\..\Run: [Microsoft Update Machine] MSOICONS.EXE
O4 - HKLM\..\RunServices: [AtiDisplayDrv] atidrvxx.exe
O4 - HKLM\..\RunServices: [ATIUpdater] atiupdxx.exe
O4 - HKLM\..\RunServices: [HPWebSync] WebSyncSvc.exe
O4 - HKLM\..\RunServices: [Microsoft Update Machine] MSOICONS.EXE
O4 - HKLM\..\RunServices: [tcp checker] tcpcheck.exe
O4 - HKCU\..\Run: [AtiDisplayDrv] atidrvxx.exe
O4 - HKCU\..\Run: [HPWebSync] WebSyncSvc.exe
O4 - HKCU\..\Run: [ATIUpdater] atiupdxx.exe
O4 - HKCU\..\Run: [Microsoft Update Machine] MSOICONS.EXE
O4 - HKCU\..\Run: [Wbns] C:\Documents and Settings\Soerensen\Application Data\eels.exe
O4 - HKCU\..\RunServices: [AtiDisplayDrv] atidrvxx.exe
O4 - HKCU\..\RunServices: [ATIUpdater] atiupdxx.exe
O4 - HKCU\..\RunServices: [HPWebSync] WebSyncSvc.exe
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971CanadaInc/ie/bridge-c7.cab
O16 - DPF: {79849612-A98F-45B8-95E9-4D13C7B6B35C} (Loader2 Control) - http://static.topconverting.com/activex/website.ocx
O16 - DPF: {7C559105-9ECF-42B8-B3F7-832E75EDD959} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_regular.cab
O16 - DPF: {9E98E84C-79E1-49C3-82EB-798FCD552EFB} (VacPro.internazionale_ver4) - http://advnt01.com/dialer/internazionale_ver4.CAB
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller Control) - http://www.mt-download.com/MediaTicketsInstaller.cab?refid=3655
O18 - Filter: text/html - {6DB6B10B-FF88-4AC6-AA96-D0164170E1BE} - C:\WINDOWS\System32\hoda.dll
O18 - Filter: text/plain - {6DB6B10B-FF88-4AC6-AA96-D0164170E1BE} - C:\WINDOWS\System32\hoda.dll
O23 - Service: TCPIP Managing Service (TCPIPManagingService) - Brought to you by the Bandwidth Bandits - C:\WINDOWS\SYSTEM32\tcpcheck.exe
O23 - Service: ZESOFT - Unknown owner - C:\WINDOWS\zeta.exe (file missing)

Åbn Stifinder, klik på Funktioner=>Mappeindstillinger=>Vis.
Fjern flueben ved "Skjul beskyttede operativsystemfiler".
Fjern flueben ved "Skjul filtypenavne for kendte filtyper".
Sæt prik i "Vis skjulte filer og mapper".

Find og slet (Kig godt efter!!.. Det du ikke finder har hijackthis nok fjernet!)

Filerne

C:\WINDOWS\System32\atidrvxx.exe
C:\WINDOWS\System32\atiupdxx.exe
C:\WINDOWS\System32\MSOICONS.EXE
C:\WINDOWS\System32\WebSyncSvc.exe
C:\WINDOWS\System32\eymjg.dll
C:\WINDOWS\system32\tcpcheck.exe
C:\WINDOWS\system32\udpcheck.exe
C:\DOCUME~1\SOEREN~1\LOKALE~1\Temp\se.dll
c:\windows\csrss.exe
C:\WINDOWS\system32\r?gedit.exe
C:\WINDOWS\System32\hoda.dll
C:\Documents and Settings\Soerensen\Application Data\eels.exe

Gå herefter i Start -> Programmer -> Tilbehør -> Systemværktøjer -> Diskoprydning og slet temp-filer, temporary internet files og papirkurv.

Kør CWShredder, afbryd din internetforbindelse fysisk (stikket ud), luk alle vinduer undtaget cwshredder
Klik på Fix, den scanner nu, når den er færdigt klik på Next, klik på Exit.

Klik på mwav.exe som du hentede, programmet pakker sig selv ud og starter.
Sæt flueben i følgende:
Memory, Startup folders, drive, Registry, System folders og Services.
Sæt prik i følgende:
All local drives og Scan all files

Genstart normalt og kopir en ny log herind så jeg kan se om vi fik ramt på det hele eller om noget er blevet overset:)

wickedd> Tjah... den er så også 1000 gange mindre kompatibel - ihvert fald er mine erfaringer ikke særligt gode - specielt Java kan den slet ikke kapere.

Javascript går an, Java bruger jeg slet ikke - Har det heller ikke installeret :P
Nå nok spam for en aften..

Angående at brugeren mangler SP så siger han, at det ikke muligt at installere

Kommentar: ddd_dendummedreng
09/04-2005 23:48:46

men det siger sig selv med alt det der ligger på den maskine.

DDD hvorfor kan du ikke installere til SP1? Hvad fejlmelding får du?

Jeg tror nu ikke han får lov til det før en første omgangsrensning mindst. Kender ikke denne, men den kunne være årsag til det.

O4 - HKLM\..\Run: [Microsoft Update Machine] MSOICONS.EXE

Logfile of HijackThis v1.99.1
Scan saved at 01:21:06, on 10-04-2005
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Programmer\Persits Software\AspEmail\BIN\EmailAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Programmer\MessengerPlus! 3\MsgPlus.exe
C:\Programmer\Java\jre1.5.0_01\bin\jusched.exe
C:\Programmer\Messenger\msmsgs.exe
C:\Documents and Settings\Soerensen\Application Data\eels.exe
C:\Programmer\VIA\RAID\raid_tool.exe
C:\Programmer\WinZip\WZQKPICK.EXE
C:\Programmer\Eyetide Media\Eyetide Viewer\EyetideController.exe
C:\Programmer\Fælles filer\Microsoft Shared\Works Shared\WkCalRem.exe
C:\WINDOWS\System32\devldr32.exe
C:\Documents and Settings\Soerensen\Skrivebord\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\SOEREN~1\LOKALE~1\Temp\se.dll/spage.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\SOEREN~1\LOKALE~1\Temp\se.dll/spage.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: ShowBarObj Class - {43AE45CB-DDA7-454B-9650-93A4C090BDB8} - C:\Programmer\Eyetide Media\Eyetide Viewer\Toolbar\ETBar.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {91E81055-F7E0-AA3B-9A78-D8C86B8F2AEB} - C:\WINDOWS\System32\eymjg.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &EyeTideBar - {987D027C-F0EF-40fa-9A1A-C45007F1F36F} - C:\Programmer\Eyetide Media\Eyetide Viewer\Toolbar\ETBar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programmer\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [HPWebSync] WebSyncSvc.exe
O4 - HKLM\..\Run: [Microsoft Update Machine] MSOICONS.EXE
O4 - HKLM\..\Run: [sp] rundll32 C:\DOCUME~1\SOEREN~1\LOKALE~1\Temp\se.dll,DllInstall
O4 - HKLM\..\RunServices: [ATIUpdater] atiupdxx.exe
O4 - HKLM\..\RunServices: [Microsoft Update Machine] MSOICONS.EXE
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programmer\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [HPWebSync] WebSyncSvc.exe
O4 - HKCU\..\Run: [Microsoft Update Machine] MSOICONS.EXE
O4 - HKCU\..\Run: [Wbns] C:\Documents and Settings\Soerensen\Application Data\eels.exe
O4 - HKCU\..\RunServices: [ATIUpdater] atiupdxx.exe
O4 - Startup: Eyetide Launcher.lnk = C:\Programmer\Eyetide Media\Eyetide Viewer\EyetideController.exe
O4 - Startup: wkcalrem.LNK = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: raid_tool.exe.lnk = C:\Programmer\VIA\RAID\raid_tool.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmer\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programmer\Fælles filer\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\MSMSGS.EXE
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971CanadaInc/ie/bridge-c7.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1110212496952
O16 - DPF: {79849612-A98F-45B8-95E9-4D13C7B6B35C} (Loader2 Control) - http://static.topconverting.com/activex/website.ocx
O16 - DPF: {7C559105-9ECF-42B8-B3F7-832E75EDD959} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_regular.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9E98E84C-79E1-49C3-82EB-798FCD552EFB} (VacPro.internazionale_ver4) - http://advnt01.com/dialer/internazionale_ver4.CAB
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller Control) - http://www.mt-download.com/MediaTicketsInstaller.cab?refid=3655
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O18 - Filter: text/html - {6BD1454C-4EC0-4AFE-A6F4-A4BF9743AEF2} - C:\WINDOWS\System32\hoda.dll
O18 - Filter: text/plain - {6BD1454C-4EC0-4AFE-A6F4-A4BF9743AEF2} - C:\WINDOWS\System32\hoda.dll
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Persits Software EmailAgent - Unknown owner - C:\Programmer\Persits Software\AspEmail\BIN\EmailAgent.exe" /run (file missing)
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Programmer\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Programmer\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcSandraSrv.exe
O23 - Service: TCPIP Managing Service (TCPIPManagingService) - Unknown owner - tcpcheck.exe (file missing)
O23 - Service: ZESOFT - Unknown owner - C:\WINDOWS\zeta.exe (file missing)



Den siger ikke noget den låser bare når jeg installere det.
Og jeg har prøvet det alle de gange jeg har installeret windows. så det er før at al det der kom ind i min com.

DDD

For katten den tog lang tid om det sidste punkt.

Rettelse


Logfile of HijackThis v1.99.1
Scan saved at 01:36:10, on 10-04-2005
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Programmer\MessengerPlus! 3\MsgPlus.exe
C:\Programmer\Java\jre1.5.0_01\bin\jusched.exe
C:\Programmer\Messenger\msmsgs.exe
C:\Documents and Settings\Soerensen\Application Data\eels.exe
C:\Programmer\VIA\RAID\raid_tool.exe
C:\Programmer\WinZip\WZQKPICK.EXE
C:\Programmer\Eyetide Media\Eyetide Viewer\EyetideController.exe
C:\Programmer\Fælles filer\Microsoft Shared\Works Shared\WkCalRem.exe
C:\WINDOWS\System32\devldr32.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Programmer\Persits Software\AspEmail\BIN\EmailAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Soerensen\Skrivebord\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\SOEREN~1\LOKALE~1\Temp\se.dll/spage.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.signon.stofanet.dk/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: ShowBarObj Class - {43AE45CB-DDA7-454B-9650-93A4C090BDB8} - C:\Programmer\Eyetide Media\Eyetide Viewer\Toolbar\ETBar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &EyeTideBar - {987D027C-F0EF-40fa-9A1A-C45007F1F36F} - C:\Programmer\Eyetide Media\Eyetide Viewer\Toolbar\ETBar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programmer\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programmer\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [HPWebSync] WebSyncSvc.exe
O4 - HKCU\..\Run: [Microsoft Update Machine] MSOICONS.EXE
O4 - HKCU\..\Run: [Wbns] C:\Documents and Settings\Soerensen\Application Data\eels.exe
O4 - HKCU\..\RunServices: [ATIUpdater] atiupdxx.exe
O4 - Startup: Eyetide Launcher.lnk = C:\Programmer\Eyetide Media\Eyetide Viewer\EyetideController.exe
O4 - Startup: wkcalrem.LNK = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: raid_tool.exe.lnk = C:\Programmer\VIA\RAID\raid_tool.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmer\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programmer\Fælles filer\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\MSMSGS.EXE
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1110212496952
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Persits Software EmailAgent - Unknown owner - C:\Programmer\Persits Software\AspEmail\BIN\EmailAgent.exe" /run (file missing)
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Programmer\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Programmer\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcSandraSrv.exe
O23 - Service: TCPIP Managing Service (TCPIPManagingService) - Unknown owner - tcpcheck.exe (file missing)

Genstart i Fejlsikret tilstand ved at taste F8 under opstart. Kør HijackThis, scan og sæt et flueben ud for disse linjer - luk øvrige programvinduer. Dobbelttjeck alt kom med!. Klik herefter "Fix checked" i hijackthis:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\SOEREN~1\LOKALE~1\Temp\se.dll/spage.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O4 - HKCU\..\Run: [HPWebSync] WebSyncSvc.exe
O4 - HKCU\..\Run: [Microsoft Update Machine] MSOICONS.EXE
O4 - HKCU\..\Run: [Wbns] C:\Documents and Settings\Soerensen\Application Data\eels.exe
O4 - HKCU\..\RunServices: [ATIUpdater] atiupdxx.exe
O23 - Service: TCPIP Managing Service (TCPIPManagingService) - Unknown owner - tcpcheck.exe (file missing)

slet filen

C:\Documents and Settings\Soerensen\Application Data\eels.exe

I windows tryk nu på
Start->Kør, skriv-> "regedit" og klik OK.

Klik dig frem til følgende punkt
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
Tjek om der en nøgle/tekst der hedder "About:blank", hvis ja, så slet den
Klik på "Denne Computer", i regedit vinduet, klik-> rediger->søg, skriv: "About:blank" og tryk på Enter. Slet den, tryk F3 ->slet -> F3 ->slet indtil

søgningen er færdig.
Samme gør præcis det samme med "HomeOldSP"

genstart og ny log

DDD> Kommentar: john_stigers
10/04-2005 00:10:18 DDD hvorfor kan du ikke installere til SP1? Hvad fejlmelding får du?

Prøv lige at følge med i dit eget spørgsmål...

John stigers hvsi du følger med har jeg svaret ;)

Kommentar: ddd_dendummedreng
10/04-2005 01:24:58
Den siger ikke noget den låser bare når jeg installere det.
Og jeg har prøvet det alle de gange jeg har installeret windows. så det er før at al det der kom ind i min com.

kalp det pørver jeg lige.

Undskyld, det var vist mig der ikke følger med :)

Hehe det er helt ok det er heler ikke nemt at følge med i hehe.

Logfile of HijackThis v1.99.1
Scan saved at 12:54:01, on 10-04-2005
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Programmer\MessengerPlus! 3\MsgPlus.exe
C:\Programmer\Java\jre1.5.0_01\bin\jusched.exe
C:\Programmer\Messenger\msmsgs.exe
C:\Programmer\VIA\RAID\raid_tool.exe
C:\Programmer\WinZip\WZQKPICK.EXE
C:\Programmer\Eyetide Media\Eyetide Viewer\EyetideController.exe
C:\Programmer\Fælles filer\Microsoft Shared\Works Shared\WkCalRem.exe
C:\WINDOWS\System32\devldr32.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Programmer\Persits Software\AspEmail\BIN\EmailAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Soerensen\Skrivebord\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.signon.stofanet.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: ShowBarObj Class - {43AE45CB-DDA7-454B-9650-93A4C090BDB8} - C:\Programmer\Eyetide Media\Eyetide Viewer\Toolbar\ETBar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &EyeTideBar - {987D027C-F0EF-40fa-9A1A-C45007F1F36F} - C:\Programmer\Eyetide Media\Eyetide Viewer\Toolbar\ETBar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programmer\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programmer\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - Startup: Eyetide Launcher.lnk = C:\Programmer\Eyetide Media\Eyetide Viewer\EyetideController.exe
O4 - Startup: wkcalrem.LNK = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: raid_tool.exe.lnk = C:\Programmer\VIA\RAID\raid_tool.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmer\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programmer\Fælles filer\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\MSMSGS.EXE
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1110212496952
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Persits Software EmailAgent - Unknown owner - C:\Programmer\Persits Software\AspEmail\BIN\EmailAgent.exe" /run (file missing)
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Programmer\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Programmer\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcSandraSrv.exe
O23 - Service: TCPIP Managing Service (TCPIPManagingService) - Unknown owner - tcpcheck.exe (file missing)  <----- Vi ikke fjernes.



DDD

Jeg prøver liget at installere Updateringerne igen.
Nu der er så meget der er væk.

DDD

tryk start->kør og skriv  "regedit"

søg på

tcpcheck.exe

og slet alt du finder..

fix denne

O23 - Service: TCPIP Managing Service (TCPIPManagingService) - Unknown owner - tcpcheck.exe (file missing

genstart og ny log.

WindowsUpdate har kørt og hentet:
Q323255: Sikkerhedsopdatering
Q329390: Sikkerhedsopdatering
Q329115: Sikkerhedsopdatering (Windows XP)
Microsoft GDI+-registreringsværktøj (KB873374)
329170: Sikkerhedsopdatering
817606: Sikkerhedsopdatering (Windows XP)
Q329441: Vigtige opdateringer
Windows Værktøj til fjernelse af skadelig software - marts 2005 (KB890830)
Sikkerhedsopdatering til Windows XP (KB841356)
811630: Vigtige opdateringer (Windows XP)
810833: Sikkerhedsopdatering (Windows XP)
Sikkerhedsopdatering til Windows XP (KB833987)
810577: Sikkerhedsopdatering
Samlet sikkerhedsopdatering til Internet Explorer 6 (KB834707)
Q329048: Sikkerhedsopdatering
823559: Sikkerhedsopdatering til Microsoft Windows
Sikkerhedsopdatering til Windows XP (329834))
Sikkerhedsopdatering til Windows XP (KB835732)
Sikkerhedsopdatering til Windows XP (KB828741)

Men ingen ville installeres
Og den giver ingen grund.

Det gør jeg lige kalp

DDD

Nu installere den det pludseligt.
Først siger den at den ikke kan og så gør den det :0S

DDD

Logfile of HijackThis v1.99.1
Scan saved at 13:39:42, on 10-04-2005
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Programmer\MessengerPlus! 3\MsgPlus.exe
C:\Programmer\Java\jre1.5.0_01\bin\jusched.exe
C:\Programmer\VIA\RAID\raid_tool.exe
C:\Programmer\WinZip\WZQKPICK.EXE
C:\Programmer\Eyetide Media\Eyetide Viewer\EyetideController.exe
C:\Programmer\Fælles filer\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Documents and Settings\Soerensen\Skrivebord\hijackthis.exe
C:\WINDOWS\System32\devldr32.exe
C:\Programmer\Messenger\msmsgs.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Programmer\Persits Software\AspEmail\BIN\EmailAgent.exe
C:\WINDOWS\System32\svchost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.signon.stofanet.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: ShowBarObj Class - {43AE45CB-DDA7-454B-9650-93A4C090BDB8} - C:\Programmer\Eyetide Media\Eyetide Viewer\Toolbar\ETBar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &EyeTideBar - {987D027C-F0EF-40fa-9A1A-C45007F1F36F} - C:\Programmer\Eyetide Media\Eyetide Viewer\Toolbar\ETBar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programmer\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programmer\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - Startup: Eyetide Launcher.lnk = C:\Programmer\Eyetide Media\Eyetide Viewer\EyetideController.exe
O4 - Startup: wkcalrem.LNK = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: raid_tool.exe.lnk = C:\Programmer\VIA\RAID\raid_tool.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmer\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programmer\Fælles filer\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\MSMSGS.EXE
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1110212496952
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Persits Software EmailAgent - Unknown owner - C:\Programmer\Persits Software\AspEmail\BIN\EmailAgent.exe" /run (file missing)
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Programmer\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Programmer\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcSandraSrv.exe

Den er ren:) se så at få installeret SP1 eller SP2

Er i gang med at prøve 2'eren

Det er fandme nice men du havde meget arbejde og Min com har aldrig kørt så godt.

Du kan få disse point som er ikke er det halve af det du burde have og så kan du få nogle extra hvs du vil. Der var meget mere i det end jeg troede.

DDD

Har i nogle programmer der er gode og nemme at bruge til at sikre sin com med?

http://www.spywarefri.dk/pakken.htm

med beskrivelse og det hele:)

og 15point er fint... blot husk dine opdateringer så vi ikke ses i virus katagorien for hurtigt igen:o)

Hehe det må jeg.

1.000 1.000.000 tak

DDD

Selv tak:))

Hmm der er lige en ting.
Den siger at min nøgle er ugyldigt men jeg sidder her og har testet at alle de der sikkerheds ting der er i klistermærket er der og det er de men hvordan kan jeg om reg. den så det er den key tror ham fjolset der gav mig commen har smidt hans væk. Jeg havde en orginal CD og en orginal bog men han sagde at hans klisttermærke var væk så han havde skrevet hans produktnøgle og den har jeg brugt. Men Nu vil jeg da heler bruge min egen CD-ky som jeg fik med min XP cd i sin tid.

Hvordan kan jeg skifte. Så jeg kan få SP ind?
fandt en engelsk side om det men fatter ikke meget af det:
(mit engelsk er ikke for godt)

http://support.microsoft.com/default.aspx?scid=kb;EN-US;883254

DDD

bruger du windows update?

Ja.

okay.. jeg installerede også selv via. live update så skulle ikke skrive noget, men måske kan du skrive et regkey hvis du henter en løsfil jeg har ikke selv prøvet.. hvis ja kan du bruge den du selv har nu du ejer en lovlig kopi

http://intern.sdu.dk/enheder/it-service/tjenester/ftphotel/ftpindhold/

Nåå jamen den henter dem fint den vil bare ikke installere.

Det vil ikke lykkes at installere SP1/SP2 før du har fået indtastet en gyldig produkt-nøgle. Heller ikke selvom du henter SP som løs fil.

Her er et link til hvordan du får skiftet din produkt-nøgle. Den er dog desværre også på engelsk. Jeg har ikke kunnet finde en dansk version.
http://techrepublic.com.com/5100-6270-5034890.html

Her finder du dog en tilsvarende beskrivelse fra Microsoft. Her kan du ude til højre vælge forskellige sprogversioner (dog heller ikke dk):
http://support.microsoft.com/default.aspx?scid=kb;en-us;328874