Søg
Avatar billede lasse1978 Nybegynder
25. marts 2006 - 16:22 Der er 12 kommentarer og
2 løsninger

hijackthis og kan ikke logge ind

okay.. jeg har haft et problem med min computer i flere måneder med at jeg ikke har kunne logge ind. den loggede ud af sig selv igen efter cirka 2 sek. nu har jeg endeligt fundet en løsning takket være jer herinde.
nu er problemet så bare at hver gang jeg prøver at starte kontrolpanelet lukker det ned af sig selv og jeg får en besked om at 
der er en fejl i explorer.exe
paster logfilen fra hijackthis: håber i kan hjælpe mig
Logfile of HijackThis v1.99.1
Scan saved at 16:18:58, on 25-03-2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Programmer\Fælles filer\Microsoft Shared\VS7Debug\mdm.exe
C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\CAP3RSK.EXE
C:\windows\system32\tdpmx.exe
C:\Programmer\Analog Devices\SoundMAX\Smtray.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\MSN Messenger\msnmsgr.exe
C:\Programmer\TBONBin\tbon.exe
C:\Programmer\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP3LAK.EXE
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\CAP3SWK.EXE
C:\Programmer\MailSkinner\MailSkinner.exe
C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe
c:\progra~1\intern~1\iexplore.exe
c:\progra~1\intern~1\iexplore.exe
C:\ircN\SYSTEM\mirc.exe
C:\Programmer\TBONBin\TBONWnd.EXE
C:\Programmer\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Programmer\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\DOCUMENTS AND SETTINGS\LASSE\SKRIVEBORD\hjt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.iquicksearch.net/search.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mtsuzvucezsla.net/ykd4MZ68gXtRtGa6wW6HrOPV7rii6t/Vx4k28Wj2YqDZLPSqKux6Gc0INp7Zq39j.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aveaeekjrxmydlwgmnos.com/ykd4MZ68gXuH64mfeetIqfsoF/qPmT_Y34PCkVAXkic.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: (no name) - _{00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Programmer\Need2Find\bar\1.bin\ND2FNBAR.DLL
O2 - BHO: (no name) - {91425536-E9AD-9552-D059-C93EC12372BD} - C:\WINDOWS\system32\bxosf.dll (file missing)
O2 - BHO: (no name) - {96CF0AA2-B84B-ADBD-CED1-BED6789AA6DF} - C:\DOCUME~1\Freddy2\APPLIC~1\SURFME~1\OKAYFAST.exe
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\downloaded program files\googletoolbar1.dll
O2 - BHO: (no name) - {CD0CFF04-2595-A9E5-98E8-A530BC4F3E13} - C:\DOCUME~1\Lasse\APPLIC~1\SURFME~1\OKAYFAST.exe
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\MSN Apps\MSN Toolbar\01.02.4000.1001\da\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\downloaded program files\googletoolbar1.dll
O4 - HKLM\..\Run: [YMUOPCGI] c:\windows\system32\ymuopcgi.exe /install
O4 - HKLM\..\Run: [XusFsiwLe] C:\WINDOWS\uutfboxc.exe
O4 - HKLM\..\Run: [wxxvdgeu] C:\WINDOWS\System32\rzlgicsa.exe
O4 - HKLM\..\Run: [webHancer Survey Companion] "C:\Program Files\webHancer\Programs\whSurvey.exe"
O4 - HKLM\..\Run: [WeatherOnTray] C:\Programmer\Hotbar\bin\4.5.0.0\WeatherOnTray.exe
O4 - HKLM\..\Run: [Userinit] C:\Programmer\Fælles filer\system\lsass.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [tdpmx] c:\windows\system32\tdpmx.exe /nocomm
O4 - HKLM\..\Run: [SpySpotter System Defender] C:\Programmer\SpySpotter3\Defender.exe -startup
O4 - HKLM\..\Run: [spolanyb] C:\WINDOWS\spolanyb.exe
O4 - HKLM\..\Run: [Smapp] C:\Programmer\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [salm] c:\temp\salm.exe
O4 - HKLM\..\Run: [sais] c:\programmer\180solutions\sais.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Pwr32ctr] c:\windows\system32\pwr32ctr.exe
O4 - HKLM\..\Run: [PROMon.exe] PROMon.exe
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [nvsv32.exe] asr_fnt.exe
O4 - HKLM\..\Run: [kbanwb] C:\WINDOWS\kbanwb.exe
O4 - HKLM\..\Run: [IST Service] C:\Programmer\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [irodtas] c:\windows\system32\irodtas.exe -start
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [Infomp3sixthflaw] C:\Documents and Settings\All Users\Application Data\WipeThisInfoMp3\AIM MORE.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [Hot_Tarts_mc] C:\Program Files\Video1\Dialers\Hot_Tarts_mc\Hot_Tarts_mc.exe /dontdial
O4 - HKLM\..\Run: [Hot_Tarts_dk] C:\Program Files\Video1\Dialers\Hot_Tarts_dk\Hot_Tarts_dk.exe /dontdial
O4 - HKLM\..\Run: [Hot_Tarts_de] C:\Program Files\Video1\Dialers\Hot_Tarts_de\Hot_Tarts_de.exe /dontdial
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [hkaiyuovtumz] C:\WINDOWS\System32\rzlgicsa.exe
O4 - HKLM\..\Run: [Helpex32] c:\windows\system32\helpex32.exe
O4 - HKLM\..\Run: [gah95on6] C:\WINDOWS\system32\gah95on6.exe
O4 - HKLM\..\Run: [Flpycntl] c:\windows\system32\flpycntl.exe
O4 - HKLM\..\Run: [Error Safe] C:\Programmer\Error Safe Free\ers.exe /scan
O4 - HKLM\..\Run: [DLuxde] c:\program files\dialers\dluxde\dluxde.exe /nocomm
O4 - HKLM\..\Run: [CAP3ON] C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP3ONN.EXE
O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points manager\points manager.exe -s
O4 - HKLM\..\Run: [AdTools Service] C:\Program Files\AdTools Service\AdTools.exe
O4 - HKLM\..\Run: [Admanager Controller] C:\Program Files\Admanager Controller\AdManCtl.exe
O4 - HKLM\..\Run: [-
] C:\WINDOWS\uutfboxc.exe
O4 - HKLM\..\Run: [BARB COPY EXIT ONLINE] C:\Documents and Settings\All Users\Application Data\Refdrawbarbcopy\Encstupid.exe
O4 - HKLM\..\RunServices: [nvsv32.exe] asr_fnt.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [xp_system] C:\WINDOWS\inet20003\winlogon.exe
O4 - HKCU\..\Run: [Vid32cntl] c:\windows\system32\vid32cntl.exe
O4 - HKCU\..\Run: [tbon] C:\Programmer\TBONBin\tbon.exe /r
O4 - HKCU\..\Run: [Steam] C:\Valve\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [SpySheriff] C:\Program Files\SpySheriff\SpySheriff.exe
O4 - HKCU\..\Run: [SNInstall] C:\WINDOWS\system32\vxh8jkdq2.exe
O4 - HKCU\..\Run: [Skype] "C:\Programmer\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Netdllex] c:\windows\system32\netdllex.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Mousecntl32] c:\windows\system32\mousecntl32.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programmer\Messenger Plus! 3\MsgPlus1.exe" /WinStart
O4 - HKCU\..\Run: [Mdmdll32] c:\windows\system32\mdmdll32.exe
O4 - HKCU\..\Run: [MailSkinner] c:\programmer\mailskinner\mailskinner.exe
O4 - HKCU\..\Run: [Instant Access] rundll32.exe EGDACCESS_1072.dll,InstantAccess
O4 - HKCU\..\Run: [drivemail] C:\DOCUME~1\Lasse\APPLIC~1\UPLOAD~1\GREAT DOWNLOAD.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Audiodrv] c:\windows\system32\audiodrv.exe
O4 - HKCU\..\Run: [RealPlayer] "C:\Programmer\Real\RealOne Player\realplay.exe" /RunUPGToolCommandReBoot
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Canon LASER SHOT LBP-1120 ª¬ºAµøµ¡.LNK = C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP3LAK.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Programmer\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O8 - Extra context menu item: &Google-søgning - res://c:\windows\downloaded program files\GoogleToolbar_da_3.0.128-big.dll/cmsearch.html
O8 - Extra context menu item: &Oversæt engelsk ord - res://c:\windows\downloaded program files\GoogleToolbar_da_3.0.128-big.dll/cmwordtrans.html
O8 - Extra context menu item: &Search - http://kw.bar.need2find.com/KW/menusearch.html?p=KW
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Lignende sider - res://c:\windows\downloaded program files\GoogleToolbar_da_3.0.128-big.dll/cmsimilar.html
O8 - Extra context menu item: Tilbage via links - res://c:\windows\downloaded program files\GoogleToolbar_da_3.0.128-big.dll/cmbacklinks.html
O8 - Extra context menu item: Øjebliksbillede af side i cache - res://c:\windows\downloaded program files\GoogleToolbar_da_3.0.128-big.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Expekt.com Poker - {3852AC86-965F-4abe-A75F-3DCB7E81A4B2} - C:\Programmer\expektMPP\MPPoker.exe
O9 - Extra button: Erotik - {95347D30-555E-4534-A05F-2229074E0A88} - http://www.porno.dk (file missing)
O9 - Extra 'Tools' menuitem: Erotik... - {95347D30-555E-4534-A05F-2229074E0A88} - http://www.porno.dk (file missing)
O9 - Extra button: bet365 Poker - {B1BA4A3F-1C95-497b-9F82-F8DA4A5C89DD} - C:\Programmer\bet365MPP\MPPoker.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Opdatér ThinkPad-programmer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Programmer\Lenovo\PkgMgr\\PkgMgr.exe
O9 - Extra button: Sol Dating - {D5721FC7-8FBE-4d71-9C65-9718CFA078A8} - http://www.soldating.dk (file missing)
O9 - Extra 'Tools' menuitem: Sol Dating... - {D5721FC7-8FBE-4d71-9C65-9718CFA078A8} - http://www.soldating.dk (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) - http://www.drivershq.com/DD_v4.CAB
O16 - DPF: {04CCFF26-7D52-4E42-BF6A-F8ECE0896EB7} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACCESS_1071_XP.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {0594AF7E-573B-40DF-8165-E47AB2EAEFE8} - http://akamai.downloadv3.com/binaries/P2EClient/EGAUTH_1023_EN_XP.cab
O16 - DPF: {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} - http://akamai.downloadv3.com/binaries/IA/dtc32_EN_XP.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.8.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {1EB17D1C-141D-4D9D-91CB-24D99215851D} - http://akamai.downloadv3.com/binaries/IA/netia32_EN_XP.cab
O16 - DPF: {3616F4B5-F6AD-4E67-966A-C218673648A0} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACCESS_1070_ASPIV4_XP.cab
O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) - https://netbank.danskebank.dk/html/activex/DB/Menu.cab
O16 - DPF: {3DAD912E-D2B9-4323-B7C9-7F2C5CC0C57B} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACCESS_1070_XP.cab
O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - http://akamai.downloadv3.com/binaries/IA/nethv32_EN_XP.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by110fd.bay110.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/20549df3cb075635e402/netzip/RdxIE601.cab
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/da/big/1.1.62-big/GoogleNav.cab
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {76E5AF9D-2B3E-4FEB-A31F-A9E63A27FA29} (IASRunner Class) - https://www.ibm.com/pc/support/access/aslibmain/content/AcpIR.cab
O16 - DPF: {78F584DF-BBF5-4296-839C-31DE60914DBC} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACCESS_1071_ASPIV4_XP.cab
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} - http://www.edipole.fr/kits/en/WebInstall.dll
O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebAAS.cab
O16 - DPF: {B2B0AEDF-7CDF-4792-BB67-7654AD1E1B13} - http://scripts.downloadv3.com/binaries/IA/sysinetsvc32_EN_XP.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B3A5878E-5B4C-4D12-9156-4D7FD8D0AF6C} - http://akamai.downloadv3.com/binaries/one2one/one2oneSvcEN.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {C1C2AC28-5E4B-4228-B7A0-05E986FFCE14} - http://ultimateplugin.com/tl4000.dll
O16 - DPF: {C6760A07-A574-4705-B113-7856315922C3} - http://akamai.downloadv3.com/binaries/IA/sysnetsvc32_EN_XP.cab
O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} - http://scanner.virus112.com/cabs/cssweb.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {D8B94E9A-A34B-4253-BF48-C7CB7F2CFDB0} - http://akamai.downloadv3.com/binaries/P2EClient/EGAUTH_1046_EN_XP.cab
O16 - DPF: {DC765522-D5BE-49C9-AF5F-8C715A44BA28} (MS Investor Ticker) - http://fdl.msn.com/public/investor/v9.5/ticker.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {EFB23983-5803-4914-ADA3-C0EA2CFBDC37} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACCESS_1072_XP.cab
O16 - DPF: {F57D17AE-CE37-4BC8-B232-EA57747BE5E7} - http://66.230.146.53/1-2-3-AWM002.exe
O16 - DPF: {F72BC3F0-6C20-4793-9DDA-258589D8A907} - http://akamai.downloadv3.com/binaries/IA/netslv32_EN_XP.cab
O16 - DPF: {FF521631-31DA-48AC-B4E9-390A7694C906} - http://akamai.downloadv3.com/binaries/P2EClient/1030/EGAUTH_1030_1_53_EN_XP.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: ComPlusSetup - C:\WINDOWS\System32\catsrvut.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: mcfG7A - mcfG7A.dll (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe
Avatar billede fromsej Praktikant
26. marts 2006 - 11:32 #1
Hold da k.ft, samler du på snavs?
Kør lige de to scannere fra denne artikel, det burde tage, bare lidt af det.
http://www.eksperten.dk/artikler/755
Genstart bagefter og kom med en frisk Hijackthis.

Var det min, hed det formatering og forfra.
Avatar billede lasse1978 Nybegynder
26. marts 2006 - 14:11 #2
jeg er ikke den eneste der bruger computeren.. min far har en væmmelig vane med at se for meget porno tror jeg. og han siger vist ja til alt han falder over
Avatar billede fromsej Praktikant
26. marts 2006 - 14:41 #3
Det lyder sandsynligt, kør scannerne efter vejledningen, lad os så se en frisk Hijackthislog bagefter.
Avatar billede var Nybegynder
26. marts 2006 - 16:40 #4
holy s***
Ja det kalder jeg snavs..
Avatar billede lasse1978 Nybegynder
26. marts 2006 - 19:55 #5
Logfile of HijackThis v1.99.1
Scan saved at 19:53:47, on 26-03-2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Programmer\ewido anti-malware\ewidoctrl.exe
C:\Programmer\ewido anti-malware\ewidoguard.exe
C:\Programmer\Fælles filer\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\NMSSvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\CAP3RSK.EXE
C:\WINDOWS\Explorer.EXE
C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe
C:\Programmer\Analog Devices\SoundMAX\Smtray.exe
C:\Programmer\QuickTime\qttask.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Programmer\MSN Messenger\msnmsgr.exe
C:\Programmer\Messenger\msmsgs.exe
C:\programmer\mailskinner\mailskinner.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP3LAK.EXE
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\CAP3SWK.EXE
C:\WINDOWS\System32\cifweaz.exe
C:\ircN\SYSTEM\mirc.exe
C:\Programmer\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Lasse\Skrivebord\hjt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://web.mrsgyedkqvdlcspef.com/ykd4MZ68gXtRtGa6wW6HrOPV7rii6t/Vx4k28Wj2YqDx4tmX/6CcWs0INp7Zq39j.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: (no name) - _{00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Programmer\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing)
O2 - BHO: (no name) - {91425536-E9AD-9552-D059-C93EC12372BD} - C:\WINDOWS\system32\bxosf.dll (file missing)
O2 - BHO: (no name) - {96CF0AA2-B84B-ADBD-CED1-BED6789AA6DF} - C:\DOCUME~1\Freddy2\APPLIC~1\SURFME~1\OKAYFAST.exe (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\downloaded program files\googletoolbar1.dll
O2 - BHO: (no name) - {CD0CFF04-2595-A9E5-98E8-A530BC4F3E13} - C:\DOCUME~1\Lasse\APPLIC~1\SURFME~1\OKAYFAST.exe (file missing)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\MSN Apps\MSN Toolbar\01.02.4000.1001\da\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\downloaded program files\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [YMUOPCGI] c:\windows\system32\ymuopcgi.exe /install
O4 - HKLM\..\Run: [XusFsiwLe] C:\WINDOWS\uutfboxc.exe
O4 - HKLM\..\Run: [wxxvdgeu] C:\WINDOWS\System32\rzlgicsa.exe
O4 - HKLM\..\Run: [webHancer Survey Companion] "C:\Program Files\webHancer\Programs\whSurvey.exe"
O4 - HKLM\..\Run: [WeatherOnTray] C:\Programmer\Hotbar\bin\4.5.0.0\WeatherOnTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [SpySpotter System Defender] C:\Programmer\SpySpotter3\Defender.exe -startup
O4 - HKLM\..\Run: [spolanyb] C:\WINDOWS\spolanyb.exe
O4 - HKLM\..\Run: [Smapp] C:\Programmer\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [salm] c:\temp\salm.exe
O4 - HKLM\..\Run: [sais] c:\programmer\180solutions\sais.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Pwr32ctr] c:\windows\system32\pwr32ctr.exe
O4 - HKLM\..\Run: [PROMon.exe] PROMon.exe
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [nvsv32.exe] asr_fnt.exe
O4 - HKLM\..\Run: [kbanwb] C:\WINDOWS\kbanwb.exe
O4 - HKLM\..\Run: [IST Service] C:\Programmer\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [Infomp3sixthflaw] C:\Documents and Settings\All Users\Application Data\WipeThisInfoMp3\AIM MORE.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [hkaiyuovtumz] C:\WINDOWS\System32\rzlgicsa.exe
O4 - HKLM\..\Run: [Helpex32] c:\windows\system32\helpex32.exe
O4 - HKLM\..\Run: [gah95on6] C:\WINDOWS\system32\gah95on6.exe
O4 - HKLM\..\Run: [Flpycntl] c:\windows\system32\flpycntl.exe
O4 - HKLM\..\Run: [Error Safe] C:\Programmer\Error Safe Free\ers.exe /scan
O4 - HKLM\..\Run: [DLuxde] c:\program files\dialers\dluxde\dluxde.exe /nocomm
O4 - HKLM\..\Run: [CAP3ON] C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP3ONN.EXE
O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points manager\points manager.exe -s
O4 - HKLM\..\Run: [AdTools Service] C:\Program Files\AdTools Service\AdTools.exe
O4 - HKLM\..\Run: [Admanager Controller] C:\Program Files\Admanager Controller\AdManCtl.exe
O4 - HKLM\..\Run: [-
] C:\WINDOWS\uutfboxc.exe
O4 - HKLM\..\Run: [BARB COPY EXIT ONLINE] C:\Documents and Settings\All Users\Application Data\Refdrawbarbcopy\Encstupid.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [cifweaz] c:\windows\system32\cifweaz.exe cifweaz
O4 - HKLM\..\RunServices: [nvsv32.exe] asr_fnt.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [xp_system] C:\WINDOWS\inet20003\winlogon.exe
O4 - HKCU\..\Run: [Vid32cntl] c:\windows\system32\vid32cntl.exe
O4 - HKCU\..\Run: [tbon] C:\Programmer\TBONBin\tbon.exe /r
O4 - HKCU\..\Run: [Steam] C:\Valve\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [SpySheriff] C:\Program Files\SpySheriff\SpySheriff.exe
O4 - HKCU\..\Run: [SNInstall] C:\WINDOWS\system32\vxh8jkdq2.exe
O4 - HKCU\..\Run: [Skype] "C:\Programmer\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Netdllex] c:\windows\system32\netdllex.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Mousecntl32] c:\windows\system32\mousecntl32.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programmer\Messenger Plus! 3\MsgPlus1.exe" /WinStart
O4 - HKCU\..\Run: [Mdmdll32] c:\windows\system32\mdmdll32.exe
O4 - HKCU\..\Run: [MailSkinner] c:\programmer\mailskinner\mailskinner.exe
O4 - HKCU\..\Run: [Instant Access] rundll32.exe EGDACCESS_1072.dll,InstantAccess
O4 - HKCU\..\Run: [drivemail] C:\DOCUME~1\Lasse\APPLIC~1\UPLOAD~1\GREAT DOWNLOAD.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Audiodrv] c:\windows\system32\audiodrv.exe
O4 - HKCU\..\Run: [RealPlayer] "C:\Programmer\Real\RealOne Player\realplay.exe" /RunUPGToolCommandReBoot
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Canon LASER SHOT LBP-1120 ª¬ºAµøµ¡.LNK = C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP3LAK.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Programmer\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O8 - Extra context menu item: &Google-søgning - res://c:\windows\downloaded program files\GoogleToolbar_da_3.0.128-big.dll/cmsearch.html
O8 - Extra context menu item: &Oversæt engelsk ord - res://c:\windows\downloaded program files\GoogleToolbar_da_3.0.128-big.dll/cmwordtrans.html
O8 - Extra context menu item: &Search - http://kw.bar.need2find.com/KW/menusearch.html?p=KW
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Lignende sider - res://c:\windows\downloaded program files\GoogleToolbar_da_3.0.128-big.dll/cmsimilar.html
O8 - Extra context menu item: Tilbage via links - res://c:\windows\downloaded program files\GoogleToolbar_da_3.0.128-big.dll/cmbacklinks.html
O8 - Extra context menu item: Øjebliksbillede af side i cache - res://c:\windows\downloaded program files\GoogleToolbar_da_3.0.128-big.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Expekt.com Poker - {3852AC86-965F-4abe-A75F-3DCB7E81A4B2} - C:\Programmer\expektMPP\MPPoker.exe
O9 - Extra button: Erotik - {95347D30-555E-4534-A05F-2229074E0A88} - http://www.porno.dk (file missing)
O9 - Extra 'Tools' menuitem: Erotik... - {95347D30-555E-4534-A05F-2229074E0A88} - http://www.porno.dk (file missing)
O9 - Extra button: bet365 Poker - {B1BA4A3F-1C95-497b-9F82-F8DA4A5C89DD} - C:\Programmer\bet365MPP\MPPoker.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Opdatér ThinkPad-programmer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Programmer\Lenovo\PkgMgr\\PkgMgr.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) - http://www.drivershq.com/DD_v4.CAB
O16 - DPF: {04CCFF26-7D52-4E42-BF6A-F8ECE0896EB7} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACCESS_1071_XP.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {0594AF7E-573B-40DF-8165-E47AB2EAEFE8} - http://akamai.downloadv3.com/binaries/P2EClient/EGAUTH_1023_EN_XP.cab
O16 - DPF: {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} - http://akamai.downloadv3.com/binaries/IA/dtc32_EN_XP.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.8.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {1EB17D1C-141D-4D9D-91CB-24D99215851D} - http://akamai.downloadv3.com/binaries/IA/netia32_EN_XP.cab
O16 - DPF: {3616F4B5-F6AD-4E67-966A-C218673648A0} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACCESS_1070_ASPIV4_XP.cab
O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) - https://netbank.danskebank.dk/html/activex/DB/Menu.cab
O16 - DPF: {3DAD912E-D2B9-4323-B7C9-7F2C5CC0C57B} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACCESS_1070_XP.cab
O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - http://akamai.downloadv3.com/binaries/IA/nethv32_EN_XP.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by110fd.bay110.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/20549df3cb075635e402/netzip/RdxIE601.cab
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/da/big/1.1.62-big/GoogleNav.cab
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {76E5AF9D-2B3E-4FEB-A31F-A9E63A27FA29} (IASRunner Class) - https://www.ibm.com/pc/support/access/aslibmain/content/AcpIR.cab
O16 - DPF: {78F584DF-BBF5-4296-839C-31DE60914DBC} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACCESS_1071_ASPIV4_XP.cab
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} - http://www.edipole.fr/kits/en/WebInstall.dll
O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebAAS.cab
O16 - DPF: {B2B0AEDF-7CDF-4792-BB67-7654AD1E1B13} - http://scripts.downloadv3.com/binaries/IA/sysinetsvc32_EN_XP.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B3A5878E-5B4C-4D12-9156-4D7FD8D0AF6C} - http://akamai.downloadv3.com/binaries/one2one/one2oneSvcEN.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {C1C2AC28-5E4B-4228-B7A0-05E986FFCE14} - http://ultimateplugin.com/tl4000.dll
O16 - DPF: {C6760A07-A574-4705-B113-7856315922C3} - http://akamai.downloadv3.com/binaries/IA/sysnetsvc32_EN_XP.cab
O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} - http://scanner.virus112.com/cabs/cssweb.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {DC765522-D5BE-49C9-AF5F-8C715A44BA28} (MS Investor Ticker) - http://fdl.msn.com/public/investor/v9.5/ticker.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: ComPlusSetup - C:\WINDOWS\System32\catsrvut.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: mcfG7A - mcfG7A.dll (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Programmer\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Programmer\ewido anti-malware\ewidoguard.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe


håber det hjalp ildt :/
Avatar billede fromsej Praktikant
26. marts 2006 - 20:44 #6
Ikke meget, men mens jeg får det hele gået igennem så se at få ændret jeres netbankkoder, der ligger virkelig grimme ting i den log.

Der går mindst en time endnu, det er en af de værste logs jeg nogensinde har set!
Avatar billede fromsej Praktikant
26. marts 2006 - 21:21 #7
Afinstaller følgende i Tilføj/Fjern programmer, hvis du kan:
MessengerPlus << Dette er ultimativt, ellers gider jeg ikke røre ved resten.
webHancer
Hotbar
SpySpotter3
180solutions
P2P Networking
Istbar
Internet Optimizer
Error Safe Free
altnet
AdTools Service
Admanager Controller
SpySheriff
mailskinner
MyWebSearch

---------------------------------------
Kør Hijackthis, scan, sæt flueben ved linierne listet her, luk alle vinduer undtaget Hijackthis, klik på fix checked, genstart i fejlsikret (tryk på <F8> under opstarten), slet mapper og filer listet længere nede.

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://web.mrsgyedkqvdlcspef.com/ykd4MZ68gXtRtGa6wW6HrOPV7rii6t/Vx4k28Wj2YqDx4tmX/6CcWs0INp7Zq39j.asp
R3 - URLSearchHook: (no name) - _{00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Programmer\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing)
O2 - BHO: (no name) - {91425536-E9AD-9552-D059-C93EC12372BD} - C:\WINDOWS\system32\bxosf.dll (file missing)
O2 - BHO: (no name) - {96CF0AA2-B84B-ADBD-CED1-BED6789AA6DF} - C:\DOCUME~1\Freddy2\APPLIC~1\SURFME~1\OKAYFAST.exe (file missing)
O2 - BHO: (no name) - {CD0CFF04-2595-A9E5-98E8-A530BC4F3E13} - C:\DOCUME~1\Lasse\APPLIC~1\SURFME~1\OKAYFAST.exe (file missing)
O4 - HKLM\..\Run: [YMUOPCGI] c:\windows\system32\ymuopcgi.exe /install
O4 - HKLM\..\Run: [XusFsiwLe] C:\WINDOWS\uutfboxc.exe
O4 - HKLM\..\Run: [wxxvdgeu] C:\WINDOWS\System32\rzlgicsa.exe
O4 - HKLM\..\Run: [webHancer Survey Companion] "C:\Program Files\webHancer\Programs\whSurvey.exe"
O4 - HKLM\..\Run: [WeatherOnTray] C:\Programmer\Hotbar\bin\4.5.0.0\WeatherOnTray.exe
O4 - HKLM\..\Run: [SpySpotter System Defender] C:\Programmer\SpySpotter3\Defender.exe -startup
O4 - HKLM\..\Run: [spolanyb] C:\WINDOWS\spolanyb.exe
O4 - HKLM\..\Run: [salm] c:\temp\salm.exe
O4 - HKLM\..\Run: [sais] c:\programmer\180solutions\sais.exe
O4 - HKLM\..\Run: [Pwr32ctr] c:\windows\system32\pwr32ctr.exe
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [nvsv32.exe] asr_fnt.exe
O4 - HKLM\..\Run: [kbanwb] C:\WINDOWS\kbanwb.exe
O4 - HKLM\..\Run: [IST Service] C:\Programmer\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [Infomp3sixthflaw] C:\Documents and Settings\All Users\Application Data\WipeThisInfoMp3\AIM MORE.exe
O4 - HKLM\..\Run: [hkaiyuovtumz] C:\WINDOWS\System32\rzlgicsa.exe
O4 - HKLM\..\Run: [Helpex32] c:\windows\system32\helpex32.exe
O4 - HKLM\..\Run: [gah95on6] C:\WINDOWS\system32\gah95on6.exe
O4 - HKLM\..\Run: [Flpycntl] c:\windows\system32\flpycntl.exe
O4 - HKLM\..\Run: [Error Safe] C:\Programmer\Error Safe Free\ers.exe /scan
O4 - HKLM\..\Run: [DLuxde] c:\program files\dialers\dluxde\dluxde.exe /nocomm
O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points manager\points manager.exe -s
O4 - HKLM\..\Run: [AdTools Service] C:\Program Files\AdTools Service\AdTools.exe
O4 - HKLM\..\Run: [Admanager Controller] C:\Program Files\Admanager Controller\AdManCtl.exe
O4 - HKLM\..\Run: [-
] C:\WINDOWS\uutfboxc.exe
O4 - HKLM\..\Run: [BARB COPY EXIT ONLINE] C:\Documents and Settings\All Users\Application Data\Refdrawbarbcopy\Encstupid.exe
O4 - HKLM\..\RunServices: [nvsv32.exe] asr_fnt.exe
O4 - HKCU\..\Run: [xp_system] C:\WINDOWS\inet20003\winlogon.exe
O4 - HKCU\..\Run: [Vid32cntl] c:\windows\system32\vid32cntl.exe
O4 - HKCU\..\Run: [tbon] C:\Programmer\TBONBin\tbon.exe /r
O4 - HKCU\..\Run: [SpySheriff] C:\Program Files\SpySheriff\SpySheriff.exe
O4 - HKCU\..\Run: [SNInstall] C:\WINDOWS\system32\vxh8jkdq2.exe
O4 - HKCU\..\Run: [Netdllex] c:\windows\system32\netdllex.exe
O4 - HKCU\..\Run: [Mousecntl32] c:\windows\system32\mousecntl32.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programmer\Messenger Plus! 3\MsgPlus1.exe" /WinStart
O4 - HKCU\..\Run: [Mdmdll32] c:\windows\system32\mdmdll32.exe
O4 - HKCU\..\Run: [MailSkinner] c:\programmer\mailskinner\mailskinner.exe
O4 - HKCU\..\Run: [Instant Access] rundll32.exe EGDACCESS_1072.dll,InstantAccess
O4 - HKCU\..\Run: [drivemail] C:\DOCUME~1\Lasse\APPLIC~1\UPLOAD~1\GREAT DOWNLOAD.exe
O4 - HKCU\..\Run: [Audiodrv] c:\windows\system32\audiodrv.exe
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Programmer\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O8 - Extra context menu item: &Search - http://kw.bar.need2find.com/KW/menusearch.html?p=KW
O9 - Extra button: Erotik - {95347D30-555E-4534-A05F-2229074E0A88} - http://www.porno.dk (file missing)
O9 - Extra 'Tools' menuitem: Erotik... - {95347D30-555E-4534-A05F-2229074E0A88} - http://www.porno.dk (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {04CCFF26-7D52-4E42-BF6A-F8ECE0896EB7} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACCESS_1071_XP.cab
O16 - DPF: {0594AF7E-573B-40DF-8165-E47AB2EAEFE8} - http://akamai.downloadv3.com/binaries/P2EClient/EGAUTH_1023_EN_XP.cab
O16 - DPF: {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} - http://akamai.downloadv3.com/binaries/IA/dtc32_EN_XP.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.8.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {1EB17D1C-141D-4D9D-91CB-24D99215851D} - http://akamai.downloadv3.com/binaries/IA/netia32_EN_XP.cab
O16 - DPF: {3616F4B5-F6AD-4E67-966A-C218673648A0} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACCESS_1070_ASPIV4_XP.cab
O16 - DPF: {3DAD912E-D2B9-4323-B7C9-7F2C5CC0C57B} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACCESS_1070_XP.cab
O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - http://akamai.downloadv3.com/binaries/IA/nethv32_EN_XP.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/20549df3cb075635e402/netzip/RdxIE601.cab
O16 - DPF: {78F584DF-BBF5-4296-839C-31DE60914DBC} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACCESS_1071_ASPIV4_XP.cab
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} - http://www.edipole.fr/kits/en/WebInstall.dll
O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebAAS.cab
O16 - DPF: {B2B0AEDF-7CDF-4792-BB67-7654AD1E1B13} - http://scripts.downloadv3.com/binaries/IA/sysinetsvc32_EN_XP.cab
O16 - DPF: {B3A5878E-5B4C-4D12-9156-4D7FD8D0AF6C} - http://akamai.downloadv3.com/binaries/one2one/one2oneSvcEN.cab
O16 - DPF: {C1C2AC28-5E4B-4228-B7A0-05E986FFCE14} - http://ultimateplugin.com/tl4000.dll
O16 - DPF: {C6760A07-A574-4705-B113-7856315922C3} - http://akamai.downloadv3.com/binaries/IA/sysnetsvc32_EN_XP.cab
O20 - Winlogon Notify: mcfG7A - mcfG7A.dll (file missing)

---------------------------------------
Sletning af \mapper\ og filer:
Åbn Stifinder, klik på Funktioner=>Mappeindstillinger=>Vis.
Fjern flueben ved "Skjul beskyttede operativsystemfiler".
Fjern flueben ved "Skjul filtypenavne for kendte filtyper".
Sæt prik i "Vis skjulte filer og mapper".

Brug af Start->Søg.
Klik på "Skift søgefunktioner for filer og mapper"
Sæt prik i "Avanceret" og klik OK.
Klik på "Alle filer og mapper"
Klik på "Flere avancerede indstillinger"
Sæt flueben i de tre øverste.
-------------------
Mapper:
C:\Programmer\Need2Find\
C:\Programmer\Hotbar\
C:\Programmer\SpySpotter3\
c:\programmer\180solutions\
C:\Programmer\ISTsvc\
C:\Programmer\Error Safe Free\
C:\Programmer\TBONBin\
C:\Programmer\Messenger Plus! 3\
c:\programmer\mailskinner\
C:\Programmer\MyWebSearch\
C:\Program Files\webHancer\
C:\Program Files\Internet Optimizer\
c:\program files\dialers\
c:\program files\altnet\
C:\Program Files\AdTools Service\
C:\Program Files\Admanager Controller\
C:\Program Files\SpySheriff\
C:\WINDOWS\inet20003\
C:\WINDOWS\system32\P2P Networking\
C:\Documents and Settings\All Users\Application Data\WipeThisInfoMp3\
C:\Documents and Settings\All Users\Application Data\Refdrawbarbcopy\
C:\Documents and Settings\Lasse\Application Data\UPLOAD~1\
-------------------
Filer:
c:\temp\salm.exe
C:\WINDOWS\spolanyb.exe
C:\WINDOWS\uutfboxc.exe
C:\WINDOWS\kbanwb.exe
c:\windows\system32\ymuopcgi.exe
C:\WINDOWS\System32\rzlgicsa.exe
c:\windows\system32\pwr32ctr.exe
C:\WINDOWS\System32\rzlgicsa.exe
c:\windows\system32\helpex32.exe
C:\WINDOWS\system32\gah95on6.exe
c:\windows\system32\flpycntl.exe
c:\windows\system32\vid32cntl.exe
C:\WINDOWS\system32\vxh8jkdq2.exe
c:\windows\system32\netdllex.exe
c:\windows\system32\mousecntl32.exe
c:\windows\system32\mdmdll32.exe
c:\windows\system32\audiodrv.exe
asr_fnt.exe
EGDACCESS_1072.dll
---------------------------------------
Genstart normalt og kom med en frisk Hijackthislog.

Hvis det her lykkes i et hug, hedder det DE og HR Fromsej i en hel måned. ;-)
Avatar billede lasse1978 Nybegynder
27. marts 2006 - 15:53 #8
Logfile of HijackThis v1.99.1
Scan saved at 15:52:09, on 27-03-2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Programmer\ewido anti-malware\ewidoctrl.exe
C:\Programmer\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\System32\CAP3RSK.EXE
C:\Programmer\Fælles filer\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\NMSSvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe
C:\Programmer\Analog Devices\SoundMAX\Smtray.exe
C:\Programmer\QuickTime\qttask.exe
C:\Documents and Settings\Lasse\Skrivebord\hjt.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Programmer\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Programmer\Messenger\msmsgs.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP3LAK.EXE
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\CAP3SWK.EXE
C:\WINDOWS\System32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\downloaded program files\googletoolbar1.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\MSN Apps\MSN Toolbar\01.02.4000.1001\da\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\downloaded program files\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [Smapp] C:\Programmer\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PROMon.exe] PROMon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CAP3ON] C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP3ONN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Steam] C:\Valve\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [Skype] "C:\Programmer\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [RealPlayer] "C:\Programmer\Real\RealOne Player\realplay.exe" /RunUPGToolCommandReBoot
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Canon LASER SHOT LBP-1120 ª¬ºAµøµ¡.LNK = C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP3LAK.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google-søgning - res://c:\windows\downloaded program files\GoogleToolbar_da_3.0.128-big.dll/cmsearch.html
O8 - Extra context menu item: &Oversæt engelsk ord - res://c:\windows\downloaded program files\GoogleToolbar_da_3.0.128-big.dll/cmwordtrans.html
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Lignende sider - res://c:\windows\downloaded program files\GoogleToolbar_da_3.0.128-big.dll/cmsimilar.html
O8 - Extra context menu item: Tilbage via links - res://c:\windows\downloaded program files\GoogleToolbar_da_3.0.128-big.dll/cmbacklinks.html
O8 - Extra context menu item: Øjebliksbillede af side i cache - res://c:\windows\downloaded program files\GoogleToolbar_da_3.0.128-big.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Expekt.com Poker - {3852AC86-965F-4abe-A75F-3DCB7E81A4B2} - C:\Programmer\expektMPP\MPPoker.exe
O9 - Extra button: bet365 Poker - {B1BA4A3F-1C95-497b-9F82-F8DA4A5C89DD} - C:\Programmer\bet365MPP\MPPoker.exe
O9 - Extra button: Opdatér ThinkPad-programmer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Programmer\Lenovo\PkgMgr\\PkgMgr.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) - http://www.drivershq.com/DD_v4.CAB
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) - https://netbank.danskebank.dk/html/activex/DB/Menu.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by110fd.bay110.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/da/big/1.1.62-big/GoogleNav.cab
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {76E5AF9D-2B3E-4FEB-A31F-A9E63A27FA29} (IASRunner Class) - https://www.ibm.com/pc/support/access/aslibmain/content/AcpIR.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} - http://scanner.virus112.com/cabs/cssweb.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {DC765522-D5BE-49C9-AF5F-8C715A44BA28} (MS Investor Ticker) - http://fdl.msn.com/public/investor/v9.5/ticker.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: ComPlusSetup - C:\WINDOWS\System32\catsrvut.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Programmer\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Programmer\ewido anti-malware\ewidoguard.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe
Avatar billede lasse1978 Nybegynder
27. marts 2006 - 15:54 #9
bedre? HR. Fromsej ;)
Avatar billede lasse1978 Nybegynder
27. marts 2006 - 16:03 #10
jeg fik bare ikke fjernet noget i tilføj/fjen programmer, for jeg kan ikke åbne kontrolpanelet.. det lukker ned af sig selv hver gang
Avatar billede fromsej Praktikant
27. marts 2006 - 20:07 #11
Meget.;-)

Så er din log ren, vi behøver ikke at se flere.
Du bør lige deaktivere systemgendannelse, genstarte og genaktivere samt sætte filvisning til normal.
http://spywarefri.dk/virusscannere.htm#alle - Systemgendannelse.
Åbn en mappe, klik på Funktioner >Mappeindstillinger >Vis.
Sæt flueben ved "Skjul beskyttede operativsystemfiler".
Sæt flueben ved "Skjul filtypenavne for kendte filtyper".
Sæt prik i "Vis ikke skjulte filer og mapper".

For at holde den ren kan du kigge på vores pakke til formålet.
http://www.spywarefri.dk/manualer/sikkerhedspakke.htm
Som minimum anbefaler jeg Spywareguard, Spywareblaster, IE-Spyad og IE Privacy Keeper.
Et par artikler om sikker surfing finder du her:
http://www.spywarefri.dk/forum/topic.asp?TOPIC_ID=14414
http://fromsej.dk/html/avoid.html

Hvad angår jobliste, prøv lige følgende:
Gå i Start -> Kør (eller tast Windowstast + R) og skriv regedit.
Find denne nøgle:
HKEY_Current_User\Software\Microsoft\Windows\Currentversion\Policies\System
Hvis disse to er til stede, så slet dem.
"DisableRegistryTools"=hex(4):31,00,00
"DisableTaskMgr"=hex(4):31,00,00
Genstart.
Så burde jobliste virke igen.

Sæt din XP-CD i drevet, klik på Start->Kør og skriv SFC /scannow ( husk mellemrum)
Det vil rette evt. korrupte systemfiler.

Mvh:
Fromsej/Team Spywarefri.
Avatar billede lasse1978 Nybegynder
28. marts 2006 - 13:44 #12
ville gerne acceptere dit svar.. syntes bare ikke rigtigt den gider når jeg trykker på accept
Avatar billede fromsej Praktikant
28. marts 2006 - 16:08 #13
Du skal markere mit navn i boksen først, så vil den.
Avatar billede fromsej Praktikant
28. marts 2006 - 23:04 #14
Tak for point.*S*
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel Indlæg Oprettet Seneste aktivitet
Vil skrifte antivirusprogram. Af ErikHg i Virus 22 26/11/202510:42 23/12/202514:29
Er gratis Bitdefender værd at installere ? Af Ikke-ekspert i Virus 8 31/08/202519:08 01/09/202514:18
Ukendte filer på min Pc Af jonpet i Virus 10 03/02/202514:20 04/02/202511:05
mulig ukendt virus Af jackie18 i Virus 3 18/01/202514:07 18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus 13 18/01/202511:40 20/01/202517:53
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
I går 19:38 Netkort finder 5 forbindelser,bare ikke min, Af valby i Internetforbindelser
I går 12:52 Installation af Outlook Classic Af mort1 i E-mail programmer
I går 12:08 Alt ender i skyen Af mort1 i Windows
I går 11:38 Væk fra Microsoft Launcher på min Android Af mort1 i Apps til Android
I går 09:20 TEMU vil installeres på min Samsung S10 Af mort1 i Apps til Android
White papers
Flere white papers »