Notifikationer

Markér alle som læst Log ud

havmaage Juniormester

20. april 2005 - 09:35 Der er 9 kommentarer og
1 løsning

spyware og lop menu problemer efter install ag messengerplus 3.0

Ja så kom jeg til at ionstallere messenger 3 plus og det skulle jeg aldrig have gjort.
Min browser er sovset ind i en lop.com menu (tror jeg det er) og min browser er blevet rigtig langsomt.

jeg har kørt spybot, miscrosoft antispyware beta og ad-aware, det løser også nogle problemer men de opstår igen efter reboot.

jeg har lavet en hijackthis log håber der er nogend er vil kigge på den og komme med en anbefaling.

Logfile of HijackThis v1.99.1
Scan saved at 09:28:05, on 20-04-2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\CCM\CLICOMP\RemCtrl\Wuser32.exe
C:\WINNT\system32\CCM\CcmExec.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\igfxtray.exe
C:\WINNT\system32\hkcmd.exe
C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\HP DVD\Umbrella\DVDTray.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Compaq\Easy Access Button Support\CPQEAKSYSTEMTRAY.EXE
C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE
C:\Compaq\EAKDRV\EAUSBKBD.EXE
C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
C:\Program Files\Microsoft AntiSpyware\GIANTAntiSpywareMain.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://medarbejderportalen.tdk.dk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://medarbejderportalen.tdk.dk/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://tdintra.tdb.dk/tdintra/Default.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by TDC
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http://sltarray01.tdk.dk:80
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.tdk.dk;*.tdb.dk;<local>
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7EDA4EB0-3C6B-47EA-2433-647093187519} - C:\DOCUME~1\m01348\APPLIC~1\OKAYSH~1\RegsSend.exe (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [DelTemp] C:\WINNT\system32\DelTemp.Exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [DrvLsnr] C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [DVDTray] C:\Program Files\HP DVD\Umbrella\DVDTray.exe
O4 - HKLM\..\Run: [DVDBitSet] C:\Program Files\HP DVD\Umbrella\DVDBitSet.exe /NOUI
O4 - HKLM\..\Run: [Udskudt systemvedligeholdelse] C:\WINNT\system32\WIPDom.exe tdk.dk start "" C:\WINNT\system32\auexntde.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: AdwareFilter Background Protection.lnk = C:\Program Files\AdwareFilter\adwarefilter.exe
O4 - Global Startup: Firewall Client Connectivity Monitor.LNK = C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .rx: C:\Program Files\Internet Explorer\Plugins\iewrqxrx.dll
O12 - Plugin for .rxc: C:\Program Files\Internet Explorer\Plugins\iewrqxrx.dll
O15 - Trusted Zone: http://*.dcsymsrv01 (HKLM)
O15 - Trusted Zone: http://*.mapinfosrv02 (HKLM)
O15 - Trusted Zone: http://*.pacmobsrv01 (HKLM)
O15 - Trusted Zone: http://*.pacmobtst01 (HKLM)
O15 - Trusted Zone: http://mobiltjek.tdb.dk (HKLM)
O15 - Trusted Zone: http://redning.tdb.dk (HKLM)
O15 - Trusted Zone: http://cdm-e.tdk.dk (HKLM)
O15 - Trusted Zone: http://cdm-eedu.tdk.dk (HKLM)
O15 - Trusted Zone: http://cdm-etst.tdk.dk (HKLM)
O15 - Trusted Zone: http://cdm-eudv.tdk.dk (HKLM)
O15 - Trusted Zone: http://chatten.tdk.dk (HKLM)
O15 - Trusted Zone: http://cmsprodsrv02.tdk.dk (HKLM)
O15 - Trusted Zone: http://cmstestsrv02.tdk.dk (HKLM)
O15 - Trusted Zone: http://dawissolutions.tdk.dk (HKLM)
O15 - Trusted Zone: http://dawissolutionstst.tdk.dk (HKLM)
O15 - Trusted Zone: http://dawissolutionsudv.tdk.dk (HKLM)
O15 - Trusted Zone: http://dcsymsrv01.tdk.dk (HKLM)
O15 - Trusted Zone: http://erppdsrv01.tdk.dk (HKLM)
O15 - Trusted Zone: http://erpsrv01.tdk.dk (HKLM)
O15 - Trusted Zone: http://mapinfosrv02.tdk.dk (HKLM)
O15 - Trusted Zone: http://markedsunivers.tdk.dk (HKLM)
O15 - Trusted Zone: http://mobiltjek.tdk.dk (HKLM)
O15 - Trusted Zone: http://mobiltjektst.tdk.dk (HKLM)
O15 - Trusted Zone: http://mpskolestaging.tdk.dk (HKLM)
O15 - Trusted Zone: http://mpstaging.tdk.dk (HKLM)
O15 - Trusted Zone: http://oek.tdk.dk (HKLM)
O15 - Trusted Zone: http://partnersalg.tdk.dk (HKLM)
O15 - Trusted Zone: http://partnersalgtst.tdk.dk (HKLM)
O15 - Trusted Zone: http://partnersalgudv.tdk.dk (HKLM)
O15 - Trusted Zone: http://redning.tdk.dk (HKLM)
O15 - Trusted Zone: http://redningstst.tdk.dk (HKLM)
O15 - Trusted Zone: http://skoll.tdk.dk (HKLM)
O15 - Trusted Zone: http://sox.tdk.dk (HKLM)
O15 - Trusted Zone: http://surt.tdk.dk (HKLM)
O15 - Trusted Zone: http://sympweb01.tdk.dk (HKLM)
O15 - Trusted Zone: http://tdintra.tdk.dk (HKLM)
O15 - Trusted Zone: http://tridevwebstaging.tdk.dk (HKLM)
O16 - DPF: {039397C0-46DF-11D0-99CB-00C04FD64497} (MsChatPr Class) - http://chatten.tdk.dk/webchatit/CABs/BIKChat.CAB
O16 - DPF: {1533A74E-B073-11D2-8F7E-0080C7852DA3} (ExConf Class) - http://confsrv01/ConferencingBin/xipcctl.cab
O16 - DPF: {18D9C485-7EEC-4395-95DA-DC3875B10E81} (TEInstallPlugIn) - http://www.skylinesoft.com/interactive/TerraExplorer/Install/TEInstallPlugIn.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.3.1_01) -
O16 - DPF: {9A04E3F0-3BB2-11D2-91E2-00C04FAEC46B} (NMClient Class) - http://confsrv01/ConferencingBin/xcliacc.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.3.1_01) -
O16 - DPF: {CDD9447C-AA77-4A06-B002-6A34C3C90145} (FileManMain Control) - http://orbit.tdk.dk/web/ocx/fileman.cab
O16 - DPF: {EA97933E-CF1E-11D3-A297-00104BDBF2F5} (ClearLogonCredentials.LogOff) - http://chatten.tdk.dk/webchatit/CABs/ClearLogonCredentials.CAB
O16 - DPF: {ED324F9E-715D-4BE2-B6DF-44FCB674AADF} (DDSC Class) - http://itdrift.tdk.dk/SBD/Portal/resources/msddsc.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = tdk.dk
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = tdk.dk
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = tdk.dk
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O23 - Service: AutoExNT - Unknown owner - C:\WINNT\system32\AutoExNT.Exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

Synes godt om

kalp Novice

20. april 2005 - 09:42 #1

ser på den

Synes godt om

majsmarken Nybegynder

20. april 2005 - 10:32 #2

GENERELT:
Brug aldrig denne [MessengerPlus 3.0] - sponser ting eller ej...
http://www.eksperten.dk/spm/528544

Så afinstall den først...

Men <kalp> kommer med en 'procedure' ...

Synes godt om

majsmarken Nybegynder

20. april 2005 - 10:33 #3

Imens ka' du evt. check op på disse gamle spm:
http://www.eksperten.dk/list.phtml?sort=&order=DESC&status_2=on&spm_creator=havmaage&spm_part=&spm_answer=&find=&engine=exp

Synes godt om

kalp Novice

20. april 2005 - 10:37 #4

undskyld forsinkelsen.. problemer med pc'en hehe

Genstart i fejlsikret tilstand.

Fix disse i hijackthis

O2 - BHO: (no name) - {7EDA4EB0-3C6B-47EA-2433-647093187519} - C:\DOCUME~1\m01348\APPLIC~1\OKAYSH~1\RegsSend.exe (file missing)
O4 - HKLM\..\Run: [DelTemp] C:\WINNT\system32\DelTemp.Exe

Dem du ikke kender her (skader ikke at fixe noget du er usikker på)

O15 - Trusted Zone: http://*.dcsymsrv01 (HKLM)
O15 - Trusted Zone: http://*.mapinfosrv02 (HKLM)
O15 - Trusted Zone: http://*.pacmobsrv01 (HKLM)
O15 - Trusted Zone: http://*.pacmobtst01 (HKLM)
O15 - Trusted Zone: http://mobiltjek.tdb.dk (HKLM)
O15 - Trusted Zone: http://redning.tdb.dk (HKLM)
O15 - Trusted Zone: http://cdm-e.tdk.dk (HKLM)
O15 - Trusted Zone: http://cdm-eedu.tdk.dk (HKLM)
O15 - Trusted Zone: http://cdm-etst.tdk.dk (HKLM)
O15 - Trusted Zone: http://cdm-eudv.tdk.dk (HKLM)
O15 - Trusted Zone: http://chatten.tdk.dk (HKLM)
O15 - Trusted Zone: http://cmsprodsrv02.tdk.dk (HKLM)
O15 - Trusted Zone: http://cmstestsrv02.tdk.dk (HKLM)
O15 - Trusted Zone: http://dawissolutions.tdk.dk (HKLM)
O15 - Trusted Zone: http://dawissolutionstst.tdk.dk (HKLM)
O15 - Trusted Zone: http://dawissolutionsudv.tdk.dk (HKLM)
O15 - Trusted Zone: http://dcsymsrv01.tdk.dk (HKLM)
O15 - Trusted Zone: http://erppdsrv01.tdk.dk (HKLM)
O15 - Trusted Zone: http://erpsrv01.tdk.dk (HKLM)
O15 - Trusted Zone: http://mapinfosrv02.tdk.dk (HKLM)
O15 - Trusted Zone: http://markedsunivers.tdk.dk (HKLM)
O15 - Trusted Zone: http://mobiltjek.tdk.dk (HKLM)
O15 - Trusted Zone: http://mobiltjektst.tdk.dk (HKLM)
O15 - Trusted Zone: http://mpskolestaging.tdk.dk (HKLM)
O15 - Trusted Zone: http://mpstaging.tdk.dk (HKLM)
O15 - Trusted Zone: http://oek.tdk.dk (HKLM)
O15 - Trusted Zone: http://partnersalg.tdk.dk (HKLM)
O15 - Trusted Zone: http://partnersalgtst.tdk.dk (HKLM)
O15 - Trusted Zone: http://partnersalgudv.tdk.dk (HKLM)
O15 - Trusted Zone: http://redning.tdk.dk (HKLM)
O15 - Trusted Zone: http://redningstst.tdk.dk (HKLM)
O15 - Trusted Zone: http://skoll.tdk.dk (HKLM)
O15 - Trusted Zone: http://sox.tdk.dk (HKLM)
O15 - Trusted Zone: http://surt.tdk.dk (HKLM)
O15 - Trusted Zone: http://sympweb01.tdk.dk (HKLM)
O15 - Trusted Zone: http://tdintra.tdk.dk (HKLM)
O15 - Trusted Zone: http://tridevwebstaging.tdk.dk (HKLM)
O16 - DPF: {1533A74E-B073-11D2-8F7E-0080C7852DA3} (ExConf Class) - http://confsrv01/ConferencingBin/xipcctl.cab
O16 - DPF: {18D9C485-7EEC-4395-95DA-DC3875B10E81} (TEInstallPlugIn) - http://www.skylinesoft.com/interactive/TerraExplorer/Install/TEInstallPlugIn.cab
O16 - DPF: {9A04E3F0-3BB2-11D2-91E2-00C04FAEC46B} (NMClient Class) - http://confsrv01/ConferencingBin/xcliacc.cab

genstart normalt og ny log

Synes godt om

havmaage Juniormester

20. april 2005 - 11:05 #5

hej nu har jeg udført det og dannet en ny log, jeg for statdi den ene af de 2 menuer op i min browser

her er ny log

Logfile of HijackThis v1.99.1
Scan saved at 11:03:39, on 20-04-2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\Explorer.EXE
C:\WINNT\system32\igfxtray.exe
C:\WINNT\system32\hkcmd.exe
C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\HP DVD\Umbrella\DVDTray.exe
C:\Program Files\Compaq\Easy Access Button Support\CPQEAKSYSTEMTRAY.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Compaq\EAKDRV\EAUSBKBD.EXE
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\WINNT\system32\ctfmon.exe
C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\hijackthis.exe
C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
C:\WINNT\system32\CCM\SMSCliUI.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://medarbejderportalen.tdk.dk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://medarbejderportalen.tdk.dk/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://tdintra.tdb.dk/tdintra/Default.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by TDC
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = sltarray03.tdk.dk:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.tdk.dk;<local>
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [DrvLsnr] C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [DVDTray] C:\Program Files\HP DVD\Umbrella\DVDTray.exe
O4 - HKLM\..\Run: [DVDBitSet] C:\Program Files\HP DVD\Umbrella\DVDBitSet.exe /NOUI
O4 - HKLM\..\Run: [Udskudt systemvedligeholdelse] C:\WINNT\system32\WIPDom.exe tdk.dk start "" C:\WINNT\system32\auexntde.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BiasHold] C:\DOCUME~1\m01348\APPLIC~1\OWNSDE~1\bendbait.exe
O4 - HKCU\..\Run: [DashOneFragAnti] C:\Documents and Settings\All Users\Application Data\Beep Axis Dash One\BatDrive.exe
O4 - HKCU\..\Run: [MessengerPlus3] "\" /WinStart
O4 - Global Startup: AdwareFilter Background Protection.lnk = C:\Program Files\AdwareFilter\adwarefilter.exe
O4 - Global Startup: Firewall Client Connectivity Monitor.LNK = C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .rx: C:\Program Files\Internet Explorer\Plugins\iewrqxrx.dll
O12 - Plugin for .rxc: C:\Program Files\Internet Explorer\Plugins\iewrqxrx.dll
O15 - Trusted Zone: http://*.dcsymsrv01
O15 - Trusted Zone: http://*.mapinfosrv02
O15 - Trusted Zone: http://*.pacmobsrv01
O15 - Trusted Zone: http://*.pacmobtst01
O15 - Trusted Zone: http://mobiltjek.tdb.dk
O15 - Trusted Zone: http://redning.tdb.dk
O15 - Trusted Zone: http://artemis.tdk.dk
O15 - Trusted Zone: http://cdm-e.tdk.dk
O15 - Trusted Zone: http://cdm-eedu.tdk.dk
O15 - Trusted Zone: http://cdm-etst.tdk.dk
O15 - Trusted Zone: http://cdm-eudv.tdk.dk
O15 - Trusted Zone: http://chatten.tdk.dk
O15 - Trusted Zone: http://cmsprodsrv02.tdk.dk
O15 - Trusted Zone: http://cmstestsrv02.tdk.dk
O15 - Trusted Zone: http://dawissolutions.tdk.dk
O15 - Trusted Zone: http://dawissolutionstst.tdk.dk
O15 - Trusted Zone: http://dawissolutionsudv.tdk.dk
O15 - Trusted Zone: http://dcsymsrv01.tdk.dk
O15 - Trusted Zone: http://erppdsrv01.tdk.dk
O15 - Trusted Zone: http://erpsrv01.tdk.dk
O15 - Trusted Zone: http://mapinfosrv02.tdk.dk
O15 - Trusted Zone: http://markedsunivers.tdk.dk
O15 - Trusted Zone: http://mobiltjek.tdk.dk
O15 - Trusted Zone: http://mobiltjektst.tdk.dk
O15 - Trusted Zone: http://mpskolestaging.tdk.dk
O15 - Trusted Zone: mpstaging.tdk.dk
O15 - Trusted Zone: http://mpstaging.tdk.dk
O15 - Trusted Zone: http://netartemis.tdk.dk
O15 - Trusted Zone: http://oek.tdk.dk
O15 - Trusted Zone: http://partnersalg.tdk.dk
O15 - Trusted Zone: http://partnersalgtst.tdk.dk
O15 - Trusted Zone: http://partnersalgudv.tdk.dk
O15 - Trusted Zone: http://redning.tdk.dk
O15 - Trusted Zone: http://redningstst.tdk.dk
O15 - Trusted Zone: http://skoll.tdk.dk
O15 - Trusted Zone: http://sox.tdk.dk
O15 - Trusted Zone: http://surt.tdk.dk
O15 - Trusted Zone: http://sympweb01.tdk.dk
O15 - Trusted Zone: http://tdintra.tdk.dk
O15 - Trusted Zone: http://tolartemis.tdk.dk
O15 - Trusted Zone: http://tridevwebstaging.tdk.dk
O15 - Trusted Zone: http://*.dcsymsrv01 (HKLM)
O15 - Trusted Zone: http://*.mapinfosrv02 (HKLM)
O15 - Trusted Zone: http://*.pacmobsrv01 (HKLM)
O15 - Trusted Zone: http://*.pacmobtst01 (HKLM)
O15 - Trusted Zone: http://mobiltjek.tdb.dk (HKLM)
O15 - Trusted Zone: http://redning.tdb.dk (HKLM)
O15 - Trusted Zone: http://cdm-e.tdk.dk (HKLM)
O15 - Trusted Zone: http://cdm-eedu.tdk.dk (HKLM)
O15 - Trusted Zone: http://cdm-etst.tdk.dk (HKLM)
O15 - Trusted Zone: http://cdm-eudv.tdk.dk (HKLM)
O15 - Trusted Zone: http://chatten.tdk.dk (HKLM)
O15 - Trusted Zone: http://cmsprodsrv02.tdk.dk (HKLM)
O15 - Trusted Zone: http://cmstestsrv02.tdk.dk (HKLM)
O15 - Trusted Zone: http://dawissolutions.tdk.dk (HKLM)
O15 - Trusted Zone: http://dawissolutionstst.tdk.dk (HKLM)
O15 - Trusted Zone: http://dawissolutionsudv.tdk.dk (HKLM)
O15 - Trusted Zone: http://dcsymsrv01.tdk.dk (HKLM)
O15 - Trusted Zone: http://erppdsrv01.tdk.dk (HKLM)
O15 - Trusted Zone: http://erpsrv01.tdk.dk (HKLM)
O15 - Trusted Zone: http://mapinfosrv02.tdk.dk (HKLM)
O15 - Trusted Zone: http://markedsunivers.tdk.dk (HKLM)
O15 - Trusted Zone: http://mobiltjek.tdk.dk (HKLM)
O15 - Trusted Zone: http://mobiltjektst.tdk.dk (HKLM)
O15 - Trusted Zone: http://mpskolestaging.tdk.dk (HKLM)
O15 - Trusted Zone: http://mpstaging.tdk.dk (HKLM)
O15 - Trusted Zone: http://oek.tdk.dk (HKLM)
O15 - Trusted Zone: http://partnersalg.tdk.dk (HKLM)
O15 - Trusted Zone: http://partnersalgtst.tdk.dk (HKLM)
O15 - Trusted Zone: http://partnersalgudv.tdk.dk (HKLM)
O15 - Trusted Zone: http://redning.tdk.dk (HKLM)
O15 - Trusted Zone: http://redningstst.tdk.dk (HKLM)
O15 - Trusted Zone: http://skoll.tdk.dk (HKLM)
O15 - Trusted Zone: http://sox.tdk.dk (HKLM)
O15 - Trusted Zone: http://surt.tdk.dk (HKLM)
O15 - Trusted Zone: http://sympweb01.tdk.dk (HKLM)
O15 - Trusted Zone: http://tdintra.tdk.dk (HKLM)
O15 - Trusted Zone: http://tridevwebstaging.tdk.dk (HKLM)
O16 - DPF: {039397C0-46DF-11D0-99CB-00C04FD64497} (MsChatPr Class) - http://chatten.tdk.dk/webchatit/CABs/BIKChat.CAB
O16 - DPF: {1533A74E-B073-11D2-8F7E-0080C7852DA3} (ExConf Class) - http://confsrv01/ConferencingBin/xipcctl.cab
O16 - DPF: {18D9C485-7EEC-4395-95DA-DC3875B10E81} (TEInstallPlugIn) - http://www.skylinesoft.com/interactive/TerraExplorer/Install/TEInstallPlugIn.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.3.1_01) -
O16 - DPF: {9A04E3F0-3BB2-11D2-91E2-00C04FAEC46B} (NMClient Class) - http://confsrv01/ConferencingBin/xcliacc.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.3.1_01) -
O16 - DPF: {CDD9447C-AA77-4A06-B002-6A34C3C90145} (FileManMain Control) - http://orbit.tdk.dk/web/ocx/fileman.cab
O16 - DPF: {EA97933E-CF1E-11D3-A297-00104BDBF2F5} (ClearLogonCredentials.LogOff) - http://chatten.tdk.dk/webchatit/CABs/ClearLogonCredentials.CAB
O16 - DPF: {ED324F9E-715D-4BE2-B6DF-44FCB674AADF} (DDSC Class) - http://itdrift.tdk.dk/SBD/Portal/resources/msddsc.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = tdk.dk
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = tdk.dk
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = tdk.dk
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O23 - Service: AutoExNT - Unknown owner - C:\WINNT\system32\AutoExNT.Exe
O23 - Service: SMS Agent Host (CcmExec) - Unknown owner - C:\WINNT\system32\CCM\CcmExec.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

Synes godt om

kalp Novice

20. april 2005 - 14:52 #6

Genstart i fejlsikret tilstand

Kør HijackThis, scan og sæt et flueben ud for disse linjer - luk øvrige programvinduer. Dobbelt tjeck alt kom med!. Klik herefter "Fix checked" i hijackthis:

O4 - HKCU\..\Run: [BiasHold] C:\DOCUME~1\m01348\APPLIC~1\OWNSDE~1\bendbait.exe
O4 - HKCU\..\Run: [DashOneFragAnti] C:\Documents and Settings\All Users\Application Data\Beep Axis Dash One\BatDrive.exe
O4 - HKCU\..\Run: [MessengerPlus3] "\" /WinStart
O4 - Global Startup: AdwareFilter Background Protection.lnk = C:\Program Files\AdwareFilter\adwarefilter.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1

Åbn Stifinder, klik på Funktioner=>Mappeindstillinger=>Vis.
Fjern flueben ved "Skjul beskyttede operativsystemfiler".
Fjern flueben ved "Skjul filtypenavne for kendte filtyper".
Sæt prik i "Vis skjulte filer og mapper".

Find og slet (Kig godt efter!!.. Det du ikke finder har hijackthis nok fjernet!)

Mapperne

C:\DOCUME~1\m01348\APPLIC~1\OWNSDE~1\
C:\Documents and Settings\All Users\Application Data\Beep Axis Dash One\

eller filerne

C:\Documents and Settings\All Users\Application Data\Beep Axis Dash One\BatDrive.exe
C:\DOCUME~1\m01348\APPLIC~1\OWNSDE~1\bendbait.exe

Denne mappe skal slettes

C:\Program Files\AdwareFilter\

Gå herefter i Start -> Programmer -> Tilbehør -> Systemværktøjer -> Diskoprydning og slet temp-filer, temporary internet files og papirkurv.

Genstart normalt og kopir en ny log herind så jeg kan se om vi fik ramt på det hele eller om noget er blevet overset:)

Synes godt om

havmaage Juniormester

21. april 2005 - 09:53 #7

hej så forsvandt sympomerne på at der er noget galt..

Logfile of HijackThis v1.99.1
Scan saved at 09:52:34, on 21-04-2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\Explorer.EXE
C:\WINNT\system32\igfxtray.exe
C:\WINNT\system32\hkcmd.exe
C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\HP DVD\Umbrella\DVDTray.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Compaq\Easy Access Button Support\CPQEAKSYSTEMTRAY.EXE
C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE
C:\Compaq\EAKDRV\EAUSBKBD.EXE
C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://medarbejderportalen.tdk.dk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://medarbejderportalen.tdk.dk/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://tdintra.tdb.dk/tdintra/Default.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by TDC
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = sltarray03.tdk.dk:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.tdk.dk;<local>
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [DrvLsnr] C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [DVDTray] C:\Program Files\HP DVD\Umbrella\DVDTray.exe
O4 - HKLM\..\Run: [DVDBitSet] C:\Program Files\HP DVD\Umbrella\DVDBitSet.exe /NOUI
O4 - HKLM\..\Run: [Udskudt systemvedligeholdelse] C:\WINNT\system32\WIPDom.exe tdk.dk start "" C:\WINNT\system32\auexntde.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Firewall Client Connectivity Monitor.LNK = C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .rx: C:\Program Files\Internet Explorer\Plugins\iewrqxrx.dll
O12 - Plugin for .rxc: C:\Program Files\Internet Explorer\Plugins\iewrqxrx.dll
O15 - Trusted Zone: http://*.dcsymsrv01
O15 - Trusted Zone: http://*.mapinfosrv02
O15 - Trusted Zone: http://*.pacmobsrv01
O15 - Trusted Zone: http://*.pacmobtst01
O15 - Trusted Zone: http://mobiltjek.tdb.dk
O15 - Trusted Zone: http://redning.tdb.dk
O15 - Trusted Zone: http://artemis.tdk.dk
O15 - Trusted Zone: http://cdm-e.tdk.dk
O15 - Trusted Zone: http://cdm-eedu.tdk.dk
O15 - Trusted Zone: http://cdm-etst.tdk.dk
O15 - Trusted Zone: http://cdm-eudv.tdk.dk
O15 - Trusted Zone: http://chatten.tdk.dk
O15 - Trusted Zone: http://cmsprodsrv02.tdk.dk
O15 - Trusted Zone: http://cmstestsrv02.tdk.dk
O15 - Trusted Zone: http://dawissolutions.tdk.dk
O15 - Trusted Zone: http://dawissolutionstst.tdk.dk
O15 - Trusted Zone: http://dawissolutionsudv.tdk.dk
O15 - Trusted Zone: http://dcsymsrv01.tdk.dk
O15 - Trusted Zone: http://erppdsrv01.tdk.dk
O15 - Trusted Zone: http://erpsrv01.tdk.dk
O15 - Trusted Zone: http://mapinfosrv02.tdk.dk
O15 - Trusted Zone: http://markedsunivers.tdk.dk
O15 - Trusted Zone: http://mobiltjek.tdk.dk
O15 - Trusted Zone: http://mobiltjektst.tdk.dk
O15 - Trusted Zone: http://mpskolestaging.tdk.dk
O15 - Trusted Zone: mpstaging.tdk.dk
O15 - Trusted Zone: http://mpstaging.tdk.dk
O15 - Trusted Zone: http://netartemis.tdk.dk
O15 - Trusted Zone: http://oek.tdk.dk
O15 - Trusted Zone: http://partnersalg.tdk.dk
O15 - Trusted Zone: http://partnersalgtst.tdk.dk
O15 - Trusted Zone: http://partnersalgudv.tdk.dk
O15 - Trusted Zone: http://redning.tdk.dk
O15 - Trusted Zone: http://redningstst.tdk.dk
O15 - Trusted Zone: http://skoll.tdk.dk
O15 - Trusted Zone: http://sox.tdk.dk
O15 - Trusted Zone: http://surt.tdk.dk
O15 - Trusted Zone: http://sympweb01.tdk.dk
O15 - Trusted Zone: http://tdintra.tdk.dk
O15 - Trusted Zone: http://tolartemis.tdk.dk
O15 - Trusted Zone: http://tridevwebstaging.tdk.dk
O15 - Trusted Zone: http://*.dcsymsrv01 (HKLM)
O15 - Trusted Zone: http://*.mapinfosrv02 (HKLM)
O15 - Trusted Zone: http://*.pacmobsrv01 (HKLM)
O15 - Trusted Zone: http://*.pacmobtst01 (HKLM)
O15 - Trusted Zone: http://mobiltjek.tdb.dk (HKLM)
O15 - Trusted Zone: http://redning.tdb.dk (HKLM)
O15 - Trusted Zone: http://cdm-e.tdk.dk (HKLM)
O15 - Trusted Zone: http://cdm-eedu.tdk.dk (HKLM)
O15 - Trusted Zone: http://cdm-etst.tdk.dk (HKLM)
O15 - Trusted Zone: http://cdm-eudv.tdk.dk (HKLM)
O15 - Trusted Zone: http://chatten.tdk.dk (HKLM)
O15 - Trusted Zone: http://cmsprodsrv02.tdk.dk (HKLM)
O15 - Trusted Zone: http://cmstestsrv02.tdk.dk (HKLM)
O15 - Trusted Zone: http://dawissolutions.tdk.dk (HKLM)
O15 - Trusted Zone: http://dawissolutionstst.tdk.dk (HKLM)
O15 - Trusted Zone: http://dawissolutionsudv.tdk.dk (HKLM)
O15 - Trusted Zone: http://dcsymsrv01.tdk.dk (HKLM)
O15 - Trusted Zone: http://erppdsrv01.tdk.dk (HKLM)
O15 - Trusted Zone: http://erpsrv01.tdk.dk (HKLM)
O15 - Trusted Zone: http://mapinfosrv02.tdk.dk (HKLM)
O15 - Trusted Zone: http://markedsunivers.tdk.dk (HKLM)
O15 - Trusted Zone: http://mobiltjek.tdk.dk (HKLM)
O15 - Trusted Zone: http://mobiltjektst.tdk.dk (HKLM)
O15 - Trusted Zone: http://mpskolestaging.tdk.dk (HKLM)
O15 - Trusted Zone: http://mpstaging.tdk.dk (HKLM)
O15 - Trusted Zone: http://oek.tdk.dk (HKLM)
O15 - Trusted Zone: http://partnersalg.tdk.dk (HKLM)
O15 - Trusted Zone: http://partnersalgtst.tdk.dk (HKLM)
O15 - Trusted Zone: http://partnersalgudv.tdk.dk (HKLM)
O15 - Trusted Zone: http://redning.tdk.dk (HKLM)
O15 - Trusted Zone: http://redningstst.tdk.dk (HKLM)
O15 - Trusted Zone: http://skoll.tdk.dk (HKLM)
O15 - Trusted Zone: http://sox.tdk.dk (HKLM)
O15 - Trusted Zone: http://surt.tdk.dk (HKLM)
O15 - Trusted Zone: http://sympweb01.tdk.dk (HKLM)
O15 - Trusted Zone: http://tdintra.tdk.dk (HKLM)
O15 - Trusted Zone: http://tridevwebstaging.tdk.dk (HKLM)
O16 - DPF: {039397C0-46DF-11D0-99CB-00C04FD64497} (MsChatPr Class) - http://chatten.tdk.dk/webchatit/CABs/BIKChat.CAB
O16 - DPF: {1533A74E-B073-11D2-8F7E-0080C7852DA3} (ExConf Class) - http://confsrv01/ConferencingBin/xipcctl.cab
O16 - DPF: {18D9C485-7EEC-4395-95DA-DC3875B10E81} (TEInstallPlugIn) - http://www.skylinesoft.com/interactive/TerraExplorer/Install/TEInstallPlugIn.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.3.1_01) -
O16 - DPF: {9A04E3F0-3BB2-11D2-91E2-00C04FAEC46B} (NMClient Class) - http://confsrv01/ConferencingBin/xcliacc.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.3.1_01) -
O16 - DPF: {CDD9447C-AA77-4A06-B002-6A34C3C90145} (FileManMain Control) - http://orbit.tdk.dk/web/ocx/fileman.cab
O16 - DPF: {EA97933E-CF1E-11D3-A297-00104BDBF2F5} (ClearLogonCredentials.LogOff) - http://chatten.tdk.dk/webchatit/CABs/ClearLogonCredentials.CAB
O16 - DPF: {ED324F9E-715D-4BE2-B6DF-44FCB674AADF} (DDSC Class) - http://itdrift.tdk.dk/SBD/Portal/resources/msddsc.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = tdk.dk
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = tdk.dk
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = tdk.dk
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O23 - Service: AutoExNT - Unknown owner - C:\WINNT\system32\AutoExNT.Exe
O23 - Service: SMS Agent Host (CcmExec) - Unknown owner - C:\WINNT\system32\CCM\CcmExec.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

Synes godt om

kalp Novice

21. april 2005 - 11:20 #8

Den er ren.. disse kan fixes hvis ikke du selv har lavet dem

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1

Synes godt om

havmaage Juniormester

21. april 2005 - 14:38 #9

tusind tak for din hjælp..

Synes godt om

kalp Novice

21. april 2005 - 15:43 #10

selv tak:)

Synes godt om

Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Følg dette spørgsmål

Opret Preview

Se alle it-kurser fra Computerworld Kurser

IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.

Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel	Indlæg	Oprettet	Seneste aktivitet
Vil skrifte antivirusprogram. Af ErikHg i Virus	22	26/11/202510:42	23/12/202514:29
Er gratis Bitdefender værd at installere ? Af Ikke-ekspert i Virus	8	31/08/202519:08	01/09/202514:18
Ukendte filer på min Pc Af jonpet i Virus	10	03/02/202514:20	04/02/202511:05
mulig ukendt virus Af jackie18 i Virus	3	18/01/202514:07	18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus	13	18/01/202511:40	20/01/202517:53

Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten

Seneste artiklerRSS

01/05

Test: Kan danske Jabra egentlig hamle op med tech-giganterne med sin nye topmodel? Svaret er ja

01/05

Efter mange års tilbagegang i Danmark - nu vokser CGI's omsætning igen

01/05

Nørgaard: En marxistisk analyse af milliardærskat i dagens anledning - fik Marx egentlig ikke ret?

01/05

Rykker tættere på fælles it-drift: 19 kommuner siger ja til hinanden - Aarhus får central rolle

01/05

Den danske datacenter-branche efter kritik: Der skal bygges meget mere. Det haster

01/05

Emagine buldrer frem: Sætter ny omsætningsrekord og har vild vækst på jobfronten

01/05

En særlig ting får vores samfund til at fungere

01/05

It-selskab fra Fyn rejser 261 millioner kroner og gør klar til at købe op i Danmark

01/05

Netcompany bliver eneejer af kæmpe lufthavns-satsning: Københavns Lufthavn forlader ejerkredsen

01/05

Danske Bank satser stort på AI og forventer produktivitets-gevinster i milliardklassen: Her er planerne

01/05

Prosas 1. maj-tale: Den næste store arbejderkamp handler om AI

Vis flere artikler

IT-JOB

Capgemini Danmark A/S

IGNITE Graduate Program 2026

Forsvarsministeriets Materiel- og Indkøbsstyrelse

Bliv IT-overvågningsspecialist i Forsvarsministeriets IT-organisation, Cyberdivisionen i Hvidovre

Jyske Bank

Analytiker til Modelafdeling

Jyske Bank

Forretningsudvikler til erhvervsområdet

Statens IT

Systemadministratorer til Intune/SCCM-drift i Statens It

Vis flere jobs

Seneste spørgsmål Seneste aktivitet

I dag 00:59	Mobilepay app virker ikke mere på Xiaomi Redmi Note 13 Pro Af henrixx i Apps til Android
I går 19:09	Download Win 11 - 25H2 Af ErikHg i Windows
30/0410:42	Access Import af csv fil - forkerte datatyper Af Henrik Berg Hansen i Andet software
29/0419:37	Hente CSV fil, indsætte CSV data i TABEL for JAVASCRIPT Af snestrup2000 i Programmeringsværktøjer
29/0412:23	Facebook Af hkv i Sociale medier

White papers

Arctic Wolf Security Operations Report 2025: Indblik i moderne sikkerhedsdrift
Arctic Wolf
Undgå at printeren bliver svageste led i sikkerheden
Konica Minolta
Samarbejde mellem AI og mennesker styrker sikkerheden
Konica Minolta
Find den SOC-model, der virker i praksis
SecureDevice

Flere white papers »