Søg
Avatar billede EIHP Juniormester
29. juni 2005 - 19:09 Der er 6 kommentarer og
1 løsning

HiJackThis logfil

Logfile of HijackThis v1.99.1
Scan saved at 19:06:50, on 29-06-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\Programmer\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\System32\svchost.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmer\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Programmer\MessengerPlus! 3\MsgPlus.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Programmer\D-Tools\daemon.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Programmer\Logitech\Video\LogiTray.exe
C:\Programmer\Java\jre1.5.0_02\bin\jusched.exe
C:\Programmer\NetLimiter\NetLimiter.exe
C:\Programmer\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Palm\HOTSYNC.EXE
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Programmer\Logitech\Video\FxSvr2.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Programmer\Messenger\msmsgs.exe
C:\DOCUME~1\Lennert\LOKALE~1\Temp\Rar$EX00.344\WoW!Radar.exe
C:\DOCUME~1\Lennert\LOKALE~1\Temp\Rar$EX00.844\WoW!Fisher.exe
C:\PROGRA~1\DVDREG~1\DVDRegionFree.exe
C:\WINDOWS\explorer.exe
C:\Programmer\MSN Messenger\msnmsgr.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Documents and Settings\Lennert\Skrivebord\kk\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Programmer\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programmer\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programmer\D-Tools\daemon.exe"  -lang 1033
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programmer\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programmer\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [NetLimiter] C:\Programmer\NetLimiter\NetLimiter.exe /s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [McRegWiz] c:\PROGRA~1\mcafee.com\agent\mcregwiz.exe /autorun
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [iolo System Mechanic Utility Bar] "C:\Programmer\iolo\System Mechanic 4\SMUtilityBar.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programmer\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programmer\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [AutoUpdate] C:\Programmer\Serials3k\s3k_autoupdate.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: HotSync Manager.lnk = C:\Programmer\Palm\HOTSYNC.EXE
O4 - Global Startup: 54 Mbps Wireless Configuration Utility.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Adgangforalle.dk fjernbetjening - {0AD5A451-967F-46BD-9F5E-39247D7FC77F} - c:\AdgangForAlle\adgangforalle.exe
O9 - Extra 'Tools' menuitem: Adgangforalle.dk fjernbetjening - {0AD5A451-967F-46BD-9F5E-39247D7FC77F} - c:\AdgangForAlle\adgangforalle.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,84/mcinsctl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1113218638389
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,21/mcgdmgr.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmer\Fælles filer\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmer\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: SmartLinkService (SLService) -  - C:\WINDOWS\SYSTEM32\slserv.exe

Siden min computer er begyndt at stop nogen gange
Avatar billede arlet Juniormester
29. juni 2005 - 19:19 #1
tjekker den nu
Avatar billede arlet Juniormester
29. juni 2005 - 19:23 #2
start hijackthis og sæt vinge ud for denne her og fix:
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

Hent denne scanner:
Ewido kan du downloade her: http://www.ewido.net/en/download/
Klik på Download now. Installer og kør Ewido. Opdater straks efter installationen programmet, (men lad være med at scanne endnu).
Genstart i fejlsikret tilstand. Du skal klikke på f8 tasten under genstarten (ca. lige når der er talt ram), og så vælge fejlsikret tilstand. Er du i tvivl, så klik bare på f8 flere gange. Kør nu en fuld scanning med Ewido. Når den er færdig trykker du save report og kopier den report herind sammen med en hijackthis log taget efter du har kørt Ewido
Avatar billede majsmarken Nybegynder
29. juni 2005 - 19:48 #3
Delte meninger om [MessengerPlus! 3]:
http://www.eksperten.dk/spm/528544
Avatar billede EIHP Juniormester
29. juni 2005 - 22:16 #4
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on:            22:08:11, 29-06-2005
+ Report-Checksum:        528CA509

+ Date of database:        29-06-2005
+ Version of scan engine:    v3.0

+ Duration:                50 min
+ Scanned Files:            134792
+ Speed:                44.73 Files/Second
+ Infected files:            41
+ Removed files:            1
+ Files put in quarantine:        1
+ Files that could not be opened:    0
+ Files that could not be cleaned:    0

+ Binder:        Yes
+ Crypter:        Yes
+ Archives:        Yes

+ Scanned items:
    C:\
    D:\
    E:\

+ Scan result:
    C:\Documents and Settings\Lennert\Cookies\lennert@35487201[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
    C:\Documents and Settings\Lennert\Cookies\lennert@adknowledge[1].txt -> Spyware.Tracking-Cookie -> Ignored
    C:\Documents and Settings\Lennert\Cookies\lennert@advertising[2].txt -> Spyware.Tracking-Cookie -> Ignored
    C:\Documents and Settings\Lennert\Cookies\lennert@as1.falkag[2].txt -> Spyware.Tracking-Cookie -> Ignored
    C:\Documents and Settings\Lennert\Cookies\lennert@atdmt[2].txt -> Spyware.Tracking-Cookie -> Ignored
    C:\Documents and Settings\Lennert\Cookies\lennert@bfast[1].txt -> Spyware.Tracking-Cookie -> Ignored
    C:\Documents and Settings\Lennert\Cookies\lennert@burstnet[2].txt -> Spyware.Tracking-Cookie -> Ignored
    C:\Documents and Settings\Lennert\Cookies\lennert@cgi-bin[1].txt -> Spyware.Tracking-Cookie -> Ignored
    C:\Documents and Settings\Lennert\Cookies\lennert@commission-junction[2].txt -> Spyware.Tracking-Cookie -> Ignored
    C:\Documents and Settings\Lennert\Cookies\lennert@com[2].txt -> Spyware.Tracking-Cookie -> Ignored
    C:\Documents and Settings\Lennert\Cookies\lennert@dcsgcxwngpifwznfzlmv83o6w_5w4m[1].txt -> Spyware.Tracking-Cookie -> Ignored
    C:\Documents and Settings\Lennert\Cookies\lennert@doubleclick[1].txt -> Spyware.Tracking-Cookie -> Ignored
    C:\Documents and Settings\Lennert\Cookies\lennert@ehg-sonyesolutions.hitbox[2].txt -> Spyware.Tracking-Cookie -> Ignored
    C:\Documents and Settings\Lennert\Cookies\lennert@ehg-totaltraining.hitbox[2].txt -> Spyware.Tracking-Cookie -> Ignored
    C:\Documents and Settings\Lennert\Cookies\lennert@ehg.hitbox[2].txt -> Spyware.Tracking-Cookie -> Ignored
    C:\Documents and Settings\Lennert\Cookies\lennert@fastclick[1].txt -> Spyware.Tracking-Cookie -> Ignored
    C:\Documents and Settings\Lennert\Cookies\lennert@geocities[1].txt -> Spyware.Tracking-Cookie -> Ignored
    C:\Documents and Settings\Lennert\Cookies\lennert@hitbox[1].txt -> Spyware.Tracking-Cookie -> Ignored
    C:\Documents and Settings\Lennert\Cookies\lennert@image.masterstats[1].txt -> Spyware.Tracking-Cookie -> Ignored
    C:\Documents and Settings\Lennert\Cookies\lennert@mediaplex[1].txt -> Spyware.Tracking-Cookie -> Ignored
    C:\Documents and Settings\Lennert\Cookies\lennert@nucom[1].txt -> Spyware.Tracking-Cookie -> Ignored
    C:\Documents and Settings\Lennert\Cookies\lennert@realmedia[2].txt -> Spyware.Tracking-Cookie -> Ignored
    C:\Documents and Settings\Lennert\Cookies\lennert@servedby.advertising[1].txt -> Spyware.Tracking-Cookie -> Ignored
    C:\Documents and Settings\Lennert\Cookies\lennert@server.iad.liveperson[1].txt -> Spyware.Tracking-Cookie -> Ignored
    C:\Documents and Settings\Lennert\Cookies\lennert@spylog[2].txt -> Spyware.Tracking-Cookie -> Ignored
    C:\Documents and Settings\Lennert\Cookies\lennert@statse.webtrendslive[2].txt -> Spyware.Tracking-Cookie -> Ignored
    C:\Documents and Settings\Lennert\Cookies\lennert@targetnet[1].txt -> Spyware.Tracking-Cookie -> Ignored
    C:\Documents and Settings\Lennert\Cookies\lennert@tribalfusion[1].txt -> Spyware.Tracking-Cookie -> Ignored
    C:\Documents and Settings\Lennert\Cookies\lennert@valueclick[1].txt -> Spyware.Tracking-Cookie -> Ignored
    C:\Documents and Settings\Lennert\Cookies\lennert@yantis[2].txt -> Spyware.Tracking-Cookie -> Ignored
    C:\Documents and Settings\Lennert\Cookies\lennert@z1.adserver[1].txt -> Spyware.Tracking-Cookie -> Ignored
    C:\Documents and Settings\Lennert\Lokale indstillinger\Temp\bb.exe -> TrojanDownloader.Adload.a -> Ignored
    D:\Documents and Settings\Lennert\Cookies\lennert@atdmt[1].txt -> Spyware.Tracking-Cookie -> Ignored
    D:\Documents and Settings\Lennert\Cookies\lennert@commission-junction[2].txt -> Spyware.Tracking-Cookie -> Ignored
    D:\Documents and Settings\Lennert\Cookies\lennert@com[1].txt -> Spyware.Tracking-Cookie -> Ignored
    D:\Documents and Settings\Lennert\Cookies\lennert@doubleclick[1].txt -> Spyware.Tracking-Cookie -> Ignored
    D:\Documents and Settings\Lennert\Cookies\lennert@fastclick[1].txt -> Spyware.Tracking-Cookie -> Ignored
    D:\Documents and Settings\Lennert\Cookies\lennert@mediaplex[1].txt -> Spyware.Tracking-Cookie -> Ignored
    D:\Documents and Settings\Lennert\Cookies\lennert@tradedoubler[1].txt -> Spyware.Tracking-Cookie -> Ignored
    D:\Documents and Settings\Lennert\Cookies\lennert@tribalfusion[2].txt -> Spyware.Tracking-Cookie -> Ignored
    D:\WINDOWS\system32\wservice.exe -> Trojan.Pakes -> Ignored


::Report End
Avatar billede arlet Juniormester
30. juni 2005 - 19:27 #5
Du skal lige køre den ewido scanner igen og denne gang skal du ikke ignored, når den finder noget, men clean alle de ting den finder..

Ny log bagefter
Avatar billede EIHP Juniormester
01. juli 2005 - 17:08 #6
sådan, lukkede for hurtigt, så jeg fik ik nogen log :( men det har ik rigtig hjulpet
Avatar billede arlet Juniormester
01. juli 2005 - 20:53 #7
Hmm..

Loggen er ren nu, så det er ikke der problemet ligger..

Prøv dette:
klik på Start=>Kør skriv: SFC /scannow  (husk mellemrum mellem SFC og /scannow)
Din windows skive skal sidde i drevet.

Den tjekker og reparer dine systemfiler
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel Indlæg Oprettet Seneste aktivitet
Vil skrifte antivirusprogram. Af ErikHg i Virus 22 26/11/202510:42 23/12/202514:29
Er gratis Bitdefender værd at installere ? Af Ikke-ekspert i Virus 8 31/08/202519:08 01/09/202514:18
Ukendte filer på min Pc Af jonpet i Virus 10 03/02/202514:20 04/02/202511:05
mulig ukendt virus Af jackie18 i Virus 3 18/01/202514:07 18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus 13 18/01/202511:40 20/01/202517:53
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
I går 10:42 Access Import af csv fil - forkerte datatyper Af Henrik Berg Hansen i Andet software
29/0419:37 Hente CSV fil, indsætte CSV data i TABEL for JAVASCRIPT Af snestrup2000 i Programmeringsværktøjer
29/0412:23 Facebook Af hkv i Sociale medier
29/0411:38 JAVASCRIPT omdan ekstern variabel til søjleværdi .. Af snestrup2000 i Programmeringsværktøjer
29/0409:50 jeg mangler hjælp til opsætning af shop og Google ADS Af Hightech i Webhotel
White papers
Flere white papers »