virus deaktiveret jobliste
Øv Øv og nej nej nejHar tit siddet og læst om diverse virus problemer herinde og prist mig lykkelig over at jeg ikke var ramt men ak og ve nu skete det..... En administrator(Hvilket burde være mig)har deaktiveret jobliste.....Hmm var jeg stiv da jeg gjorde det eller var det slet ikke mig ?? :-) Jeg ved det løsningen indebærer noget med HiJackThis så det har jeg downloadet installeret det i sin egen mappe på skrivebordet og kørt en scanning og fået en log...
Denne ser således ud:
Logfile of HijackThis v1.99.1
Scan saved at 19:03:15, on 03-10-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe
C:\Programmer\Fælles filer\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Programmer\Fælles filer\Symantec Shared\ccProxy.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fælles filer\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE
C:\WINDOWS\system32\Rundll32.exe
C:\Programmer\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Creative\MediaSource\Detector\CTDetect.exe
C:\Programmer\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Programmer\ACD Systems\ImageFox\ImageFox.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Documents and Settings\CJ\Skrivebord\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.sportenkort.dk/live/ishockey/
R0 - HKCU\Software\Microsoft\Internet
Explorer\Toolbar,LinksFolderName = Hyperlinks
O1 - Hosts: 66.98.148.65 auto.search.msn.com
O1 - Hosts: 66.98.148.65 auto.search.msn.es
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} -
C:\Programmer\Fælles filer\Symantec
Shared\coShared\Browser\1.0\NppBho.dll
O3 - Toolbar: EPSON Web-To-Page -
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmer\EPSON\EPSON
Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Norton-værktøjslinjen -
{90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Programmer\Fælles
filer\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O4 - HKLM\..\Run: [ccApp] "C:\Programmer\Fælles filer\Symantec
Shared\ccApp.exe"
O4 - HKLM\..\Run: [QuickTime Task]
"C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus DX4200 Series]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE /P26
"EPSON Stylus DX4200 Series" /O6 "USB001" /M "Stylus DX4200"
O4 - HKLM\..\Run: [osCheck] "C:\Programmer\Norton Internet
Security\osCheck.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication]
C:\Programmer\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE
C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CTSysVol]
C:\Programmer\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative Detector]
"C:\Programmer\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [NBJ] "C:\Programmer\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [EPSON Stylus DX4200 Series]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE /P26
"EPSON Stylus DX4200 Series" /M "Stylus DX4200" /EF "HKCU"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programmer\Microsoft
ActiveSync\wcescomm.exe"
O4 - Startup: Adobe Gamma.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk =
C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: ImageFox.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft
Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Save with Download Manager... -
C:\Programmer\J River\Media Jukebox\DMDownload.htm
O9 - Extra button: (no name) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Create Mobile Favorite -
{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} -
C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) -
{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -
C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Opret Foretrukken på den mobile
enhed... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -
C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: PartyGammon.com -
{59A861EE-32B3-42cd-8CCA-FC130EDF3A44} -
C:\Programmer\PartyGaming\PartyGammon\RunBackGammon.exe (file
missing)
O9 - Extra 'Tools' menuitem: PartyGammon.com -
{59A861EE-32B3-42cd-8CCA-FC130EDF3A44} -
C:\Programmer\PartyGaming\PartyGammon\RunBackGammon.exe (file
missing)
O9 - Extra button: (no name) -
{B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - (no file)
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD
Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {1221EA33-878F-4672-B799-05DAAF1298CF} (sysinfo1 Class)
- http://resources.tele2.dk/privat/internet/pctest/systeminfo1.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl
Class) -
http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/clie
nt/wuweb_site.cab?1133010601244
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper
Class) -
http://www.tele2mail.com/static/apps/utils/AccountHelper.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) -
https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.c
ab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj -
{AAA288BA-9A4C-45B0-95D7-94D524869DB5} -
C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems -
C:\Programmer\Fælles filer\Adobe Systems
Shared\Service\Adobelmsvc.exe
O23 - Service: Automatisk LiveUpdate-planlægning - Symantec
Corporation - C:\Programmer\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner -
C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe" /h
ccCommon (file missing)
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec
Corporation - C:\Programmer\Fælles filer\Symantec
Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec
Corporation - C:\Programmer\Fælles filer\Symantec
Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner
- C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe" /h
ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) -
Unknown owner - C:\Programmer\Fælles filer\Symantec
Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation -
C:\Programmer\Fælles filer\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative
Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Symantec IS – Godkendelse af adgangskoder (ISPwdSvc)
- Symantec Corporation - C:\Programmer\Norton Internet
Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation -
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP -
C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmer\PC
Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Core LC - Unknown owner -
C:\Programmer\Fælles filer\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec
Corporation - C:\Programmer\Fælles filer\Symantec
Shared\AppCore\AppSvc32.exe
Så er det så jeg er låst ja altså Lost...fordi herfra aner jeg ikke hvad jeg skal sætte flueben ud for og hvad jeg ikke skal..... Må nok hellere lige også huske at nævne at jeg i ren irritation kom til at køre xp_taskmgrenab hvilket også hjalp men jeg har bare en anelse om at problemet er der igen næste gang jeg så starter min pc.... Så hvis der er noger der har lyst til at hjælpe blev jeg så glad så glad....
mvh
Casper J
