/ Forside/ Teknologi / Internet / Sikkerhed / Spørgsmål
Login
Glemt dit kodeord? 		Brugernavn

Kodeord


Reklame
Top 10 brugere
Sikkerhed
#NavnPoint
stl_s 37026
arlet 26827
miritdk 20260
o.v.n. 12167
als 8951
refi 8694
tedd 8272
BjarneD 7338
Klaudi 7257
10  molokyle 6481
Hjælp til HijackThis log
Fra : rosekamp 		Vist : 431 gange
300 point
Dato : 19-02-08 07:48
Jeg har fået et eller andet nasty på min pc. Fandt 21.388 backdoors!!! i går men kan ikke rigtig komme af med skidtet.

Håber en eller anden kn hjælpe med denne log, da jeg ikke så gerne vil fjerne noget selv.

Det er først når jeg åbner explorer at problemet opstår. Så kommer der popups med antivirusreklamer og et enkelt poker-popup i ny og næ + explorer bliver usabilt.


Logfile of HijackThis v1.99.1
Scan saved at 07:39:57, on 19-02-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\AntiVirusSpywarefri\AVGuard\AVGUARD.EXE
C:\Programmer\AntiVirusSpywarefri\Ewido\AVG Anti-Spyware 7.5\guard.exe
C:\Programmer\AntiVirusSpywarefri\AVGuard\AVWUPSRV.EXE
C:\Programmer\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Programmer\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Nero\Nero 7\InCD\InCDsrv.exe
C:\Programmer\Fælles filer\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Nero\Nero 7\InCD\InCD.exe
C:\Programmer\ASUS\ASUS Remote\RemoteControlAppl.exe
C:\Programmer\Ami270\KeyMon.exe
C:\Programmer\AntiVirusSpywarefri\AVGuard\AVGNT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\VM_STI.EXE
C:\Programmer\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Programmer\Trust\Ami Mouse 250S Cordless\Amoumain.exe
C:\Programmer\Java\jre1.6.0_03\bin\jusched.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
C:\Programmer\SAMSUNG\FW LiveUpdate\FWManager.exe
C:\Programmer\AntiVirusSpywarefri\Ewido\AVG Anti-Spyware 7.5\avgas.exe
C:\Programmer\CyberLink\PowerCinema\PCMService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Fælles filer\Ahead\Lib\NMBgMonitor.exe
C:\Programmer\Fælles filer\Ahead\Lib\NMIndexStoreSvr.exe
C:\Programmer\OLYMPUS\OLYMPUS Master\Monitor.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Programmer\SETI\boincmgr.exe
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmer\SETI\boinc.exe
C:\Programmer\SETI\projects\setiathome.berkeley.edu\setiathome_5.27_windows_intelx86.exe
C:\Programmer\SETI\projects\setiathome.berkeley.edu\setiathome_5.27_windows_intelx86.exe
C:\Programmer\HP\Digital Imaging\bin\hpqimzone.exe
C:\Programmer\MSN Messenger\usnsvc.exe
C:\Programmer\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\msiexec.exe
C:\PROGRA~1\INCRED~1\bin\IncMail.exe
H:\Programmer\Spywarefri\HiJackThis\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.king.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O3 - Toolbar: RefresherBand Class - {B24BA06E-FB7B-4757-95C2-DC01125F750E} - C:\PROGRA~1\Refresh\YREFRE~1\YREFRE~1.DLL
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmer\Fælles filer\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Programmer\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Programmer\ASUS\ASUS Remote\RemoteControlAppl.exe
O4 - HKLM\..\Run: [MMKey] C:\Programmer\Ami270\KeyMon.exe
O4 - HKLM\..\Run: [AVGCtrl] C:\Programmer\AntiVirusSpywarefri\AVGuard\AVGNT.EXE /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [WheelMouse] Amoumain.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [OM_Monitor] C:\Programmer\OLYMPUS\OLYMPUS Master\FirstStart.exe
O4 - HKLM\..\Run: [Name of App] C:\Programmer\SAMSUNG\FW LiveUpdate\FWManager.exe r
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmer\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programmer\AntiVirusSpywarefri\Ewido\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [PCMService] "C:\Programmer\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [505a4222] rundll32.exe "C:\WINDOWS\system32\npedfhcf.dll",b
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmer\Fælles filer\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [IncrediMail] C:\Programmer\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [OM_Monitor] C:\Programmer\OLYMPUS\OLYMPUS Master\Monitor.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: BOINC Manager.lnk = C:\Programmer\SETI\boincmgr.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Hurtig start.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} (Snapfish Drag and Drop upload plugin) - http://www.pixaco.dk/static/download/pixacodndupload.cab
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Programmer\AntiVirusSpywarefri\AVGuard\AVGUARD.EXE
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Programmer\AntiVirusSpywarefri\Ewido\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programmer\AntiVirusSpywarefri\AVGuard\AVWUPSRV.EXE
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Programmer\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programmer\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\TnkgcGM\command.exe (file missing)
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Programmer\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Programmer\EPSON\ESM2\eEBSVC.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Programmer\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmer\Fælles filer\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Programmer\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Network Monitor - Unknown owner - C:\Programmer\Network Monitor\netmon.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmer\CyberLink\Shared Files\RichVideo.exe


 
 
Kommentar
Fra : Sunowich

Dato : 19-02-08 08:06
sæt den ind hos www.arlet.dk eller www.spywarefri.dk så hjælper de dig

Kommentar
Fra : refi

Dato : 19-02-08 08:12
Som Sune siger - du har ikke mange andre muligheder i øjeblikket.....

"Vores" loglæser læser ikke mere logs på Kandu.....

Kommentar
Fra : rosekamp

Dato : 19-02-08 09:00
Nå, øv det havde jeg ikke lige observeret. Det vil jeg gøre - tak.

Annuller spørgsmålet
Fra : rosekamp

Dato : 19-02-08 09:00
Jeg har desværre ikke modtaget et gyldigt svar, og annullerer derfor dette spørgsmål

Du har følgende muligheder
Dette spørgsmål er blevet annulleret, det er derfor ikke muligt for at tilføje flere kommentarer.
Søg
Reklame
Statistik
Spørgsmål : 177439
Tips : 31962
Nyheder : 719565
Indlæg : 6408075
Brugere : 218879
Månedens bedste
Årets bedste
Sidste års bedste
Copyright © 2000-2024 kandu.dk. Alle rettigheder forbeholdes.