Seneste forumindlæg
-
læst email? (22)
-
H: Nyt ITX build (Fractal Design Terra) (16)
-
Ny til Homeservers (8)
-
Subnetting låne bits (3)
-
Det koster det at eje en Tesla Model 3 i 4 år (50)
-
Stifinder i windows - Stien i toppen er væk (5)
-
refurbish mobiltelefon (8)
-
Vmax og M-Blade, værdiløs eller rent guld? (3)
-
Mobil Tilbudstråd 2024 - Value for money (37)
-
Tilbud i power dreame L10s ultra (26)
-
Artic Cooler får "CPU Fan Error" (9)
-
65" tv til ca. 7000 kr. (26)
-
Køb af hardware i USA (8)
-
Apple wstch e-sim fungere ikke, andre ? (10)
-
DBA Perler, de gode tilbud :-) (426)
-
Opgradere eller ej? (15)
-
Spil på Mac? (11)
-
DDR4 eller DDR5 til gaming? (16)
-
LG NAS er ikke længere synligt på netværket (10)
-
Fallout 4 - Max 200 personer i spillet, men har st... (9)
-
Nyt webhotel, men hvor ? (14)
-
Gratis spil-tråden (25)
-
+165 hz 1440p skærm 27" (2)
-
Specs anbefalinger til ny pc (6)
-
Hjælp til køb af ur (18)
-
Skift waoo wifi til 2,4ghz (3)
-
Det koster det at eje en Tesla Model 3 i 4 år (5)
-
PoE til Norlys/Nokia fiberboks (19)
-
Aircondition uden rør? (18)
-
Bedste robotplæneklipper? (96)
-
Unboxing Video af Enermax Revolution D.F.X 1200 Watt Psu (6)
-
Frostpunk 2 Edition: SAPPHIRE PURE AMD Radeon™ RX 7700 XT Graphics Card Emerges from the Frost (0)
-
spørgsmål ang batteritid på tlf (4)
-
Linux flere gange på samme pc (10)
Køb / Salg
 * Uofficiel Black/White liste V3
-
V: Hvad er min gamer-PC værd? (1)
-
S: blandet hardware XFX R9 390X, i5-6600, i5-2500K... (0)
-
S: Sound Blaster X3 USB-C lydkort (3)
-
S: Logitech G502 X Plus mus (6)
-
S: DELL Alienware AW3420DW (2)
-
S: Dell R610 (1)
-
S: 8TB H7280A520SUN8.0T SAS DISKE (2)
-
K: R9 280x (7)
-
S: RTX 3070 Inno3D (3)
-
K: Server (HP/Dell) (10)
-
V: Star Citizen Sabre Raven koder (12)
-
S: ASUS TUF 4070 TI (6)
-
S: Blandet HW - Samsung, Lenovo, Logitech og Steel... (9)
-
V: Lenovo Legion Pro 5i - i7/4070 (3)
-
K: Thinkpad T14s (evt. T490s) (5)
-
K: sort Thermaltake P3/5 (0)
-
S: Seagate Firecuda 530 4TB NVMe (Heatsink) (2)
-
S: Intel 12400F (5)
-
V: 7600x 3060ti gamer (0)
-
K: RTX 4070 Super og andet lir! (8)
Login / opret bruger
Forum \ Software \ Sikkerhed
Denne tråd er over 6 måneder gammel

Er du sikker på, at du har noget relevant at tilføje?

Hijackthis Log !

Af Maxibruger Khalif | 28-07-2004 17:02 | 1251 visninger | 20 svar, hop til seneste
Vil du være så sød at kigge på denne log R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = file://C:DOCUME~1FRANKB~1LOKALE~1Tempsp.html R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = file://C:DOCUME~1FRANKB~1LOKALE~1Tempsp.html R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = file://C:DOCUME~1FRANKB~1LOKALE~1Tempsp.html R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = file://C:DOCUME~1FRANKB~1LOKALE~1Tempsp.html R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = file://C:DOCUME~1FRANKB~1LOKALE~1Tempsp.html R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = file://C:DOCUME~1FRANKB~1LOKALE~1Tempsp.html R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page = R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,HomeOldSP = about:blank R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Hyperlinks O2 - BHO: (no name) - {0000607D-D204-42C7-8E46-216055BF9918} - C:WINDOWSmxTarget.dll O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:ProgrammerMyWebSearchSrchAstt1.binMWSSRCAS.DLL O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:ProgrammerMyWebSearchar1.binMWSBAR.DLL O2 - BHO: (no name) - {1BDD55B8-3985-4E59-B906-5E0AD56D6710} - (no file) O2 - BHO: (no name) - {2979BD20-1365-4D1E-9F39-2D16E8A9C9F3} - C:WINDOWSmadopew.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:ProgrammerSpybot - Search & DestroySDHelper.dll O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:programmergooglegoogletoolbar1.dll O2 - BHO: (no name) - {E8EBCFED-EBAA-F7EF-8225-22B38A0B1E09} - C:PROGRA~1MPEGMA~1LocksNew.exe O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx O3 - Toolbar: (no name) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - (no file) O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:ProgrammerMSN Toolbar1.01.1629.0damsntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:programmergooglegoogletoolbar1.dll O4 - HKLM..Run: [TkBellExe] "C:ProgrammerFælles filerRealUpdate_OB ealsched.exe" -osboot O4 - HKLM..Run: [QuickTime Task] "C:ProgrammerQuickTimeqttask.exe" -atboottime O4 - HKLM..Run: [axis bias] C:PROGRA~1ITCHBO~1fork window one.exe O4 - HKLM..Run: [MyWebSearch Email Plugin] C:PROGRA~1MYWEBS~1ar1.binmwsoemon.exe O4 - HKLM..Run: [ATIPTA] C:ProgrammerATI TechnologiesATI Control Panelatiptaxx.exe O4 - HKLM..Run: [MessengerPlus3] "C:ProgrammerMessenger Plus! 3MsgPlus.exe" O4 - HKLM..Run: [qkhieb] C:WINDOWSSystem32qkgcof.exe O4 - HKLM..Run: [Bindbluecake2] C:Documents and SettingsAll UsersApplication DataClosepingbindblueLongbold.exe O4 - HKLM..Run: [Cryptographic Service] C:WINDOWSSystem32 zugpfy.exe O4 - HKCU..Run: [MyWebSearch Email Plugin] C:PROGRA~1MYWEBS~1ar1.binmwsoemon.exe O4 - HKCU..Run: [MessengerPlus3] "C:ProgrammerMessenger Plus! 3MsgPlus.exe" /WinStart O4 - HKCU..Run: [msnmsgr] "C:ProgrammerMSN Messengermsnmsgr.exe" /background O8 - Extra context menu item: &Google Search - res://C:ProgrammerGooglegoogletoolbar.dll/cmsearch.html O8 - Extra context menu item: &Search - http://bar.mywebsearch.com[...] O8 - Extra context menu item: Backward &Links - res://C:ProgrammerGooglegoogletoolbar.dll/cmbacklinks.html O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:ProgrammerGooglegoogletoolbar.dll/cmcache.html O8 - Extra context menu item: Si&milar Pages - res://C:ProgrammerGooglegoogletoolbar.dll/cmsimilar.html O8 - Extra context menu item: Translate into English - res://C:ProgrammerGooglegoogletoolbar.dll/cmtrans.html O9 - Extra button: Erotik (HKLM) O9 - Extra 'Tools' menuitem: Erotik... (HKLM) O9 - Extra button: ICQ Lite (HKLM) O9 - Extra 'Tools' menuitem: ICQ Lite (HKLM) O9 - Extra button: Sol Dating (HKLM) O9 - Extra 'Tools' menuitem: Sol Dating... (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Messenger (HKLM) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com[...] O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com[...] O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com[...] O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com[...] O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com[...] O16 - DPF: {53B3ABEA-4445-44D9-A01E-088144CAABD9} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com[...] O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com[...] O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com[...] O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com[...] O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com[...]
--
Chieftec DX-01BD * P4 [email protected] * Asus P4P800 Deluxe * 1024mb Samsung 3200 DDR * 2 x 120GB Maxtor Fluid 8mb (RAID 0) * 200GB Maxtor Fluid 8mb * Saphire 9700pro Ultimate.
#1
Gordon Gekko
Ny på siden
28-07-2004 17:04

Rapporter til Admin
Du mangler den første del af loggen, før der er nogen der kan analysere den.
--
#2
Khalif
Maxibruger
28-07-2004 17:04

Rapporter til Admin
1.01.1629.0damsntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:programmergooglegoogletoolbar1.dll O4 - HKLM..Run: [TkBellExe] "C:ProgrammerFælles filerRealUpdate_OB ealsched.exe" -osboot O4 - HKLM..Run: [QuickTime Task] "C:ProgrammerQuickTimeqttask.exe" -atboottime O4 - HKLM..Run: [axis bias] C:PROGRA~1ITCHBO~1fork window one.exe O4 - HKLM..Run: [MyWebSearch Email Plugin] C:PROGRA~1MYWEBS~1ar1.binmwsoemon.exe O4 - HKLM..Run: [ATIPTA] C:ProgrammerATI TechnologiesATI Control Panelatiptaxx.exe O4 - HKLM..Run: [MessengerPlus3] "C:ProgrammerMessenger Plus! 3MsgPlus.exe" O4 - HKLM..Run: [qkhieb] C:WINDOWSSystem32qkgcof.exe O4 - HKLM..Run: [Bindbluecake2] C:Documents and SettingsAll UsersApplication DataClosepingbindblueLongbold.exe O4 - HKLM..Run: [Cryptographic Service] C:WINDOWSSystem32 zugpfy.exe O4 - HKCU..Run: [MyWebSearch Email Plugin] C:PROGRA~1MYWEBS~1ar1.binmwsoemon.exe O4 - HKCU..Run: [MessengerPlus3] "C:ProgrammerMessenger Plus! 3MsgPlus.exe" /WinStart O4 - HKCU..Run: [msnmsgr] "C:ProgrammerMSN Messengermsnmsgr.exe" /background O8 - Extra context menu item: &Google Search - res://C:ProgrammerGooglegoogletoolbar.dll/cmsearch.html O8 - Extra context menu item: &Search - http://bar.mywebsearch.com[...] O8 - Extra context menu item: Backward &Links - res://C:ProgrammerGooglegoogletoolbar.dll/cmbacklinks.html O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:ProgrammerGooglegoogletoolbar.dll/cmcache.html O8 - Extra context menu item: Si&milar Pages - res://C:ProgrammerGooglegoogletoolbar.dll/cmsimilar.html O8 - Extra context menu item: Translate into English - res://C:ProgrammerGooglegoogletoolbar.dll/cmtrans.html O9 - Extra button: Erotik (HKLM) O9 - Extra 'Tools' menuitem: Erotik... (HKLM) O9 - Extra button: ICQ Lite (HKLM) O9 - Extra 'Tools' menuitem: ICQ Lite (HKLM) O9 - Extra button: Sol Dating (HKLM) O9 - Extra 'Tools' menuitem: Sol Dating... (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Messenger (HKLM) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com[...] O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com[...] O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com[...] O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com[...] O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com[...] O16 - DPF: {53B3ABEA-4445-44D9-A01E-088144CAABD9} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com[...] O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com[...] O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com[...] O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com[...] O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com[...]
--
Chieftec DX-01BD * P4 [email protected] * Asus P4P800 Deluxe * 1024mb Samsung 3200 DDR * 2 x 120GB Maxtor Fluid 8mb (RAID 0) * 200GB Maxtor Fluid 8mb * Saphire 9700pro Ultimate.
#3
Khalif
Maxibruger
28-07-2004 17:05

Rapporter til Admin
Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSSystem32Ati2evxx.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSsystem32Ati2evxx.exe C:WINDOWSExplorer.EXE C:WINDOWSsystem32spoolsv.exe C:ProgrammerFælles filerRealUpdate_OB ealsched.exe C:PROGRA~1MYWEBS~1ar1.binmwsoemon.exe C:ProgrammerATI TechnologiesATI Control Panelatiptaxx.exe C:ProgrammerMessenger Plus! 3MsgPlus.exe C:WINDOWSSystem32qkgcof.exe c:progra~1intern~1iexplore.exe c:progra~1intern~1iexplore.exe C:ProgrammerMSN Messengermsnmsgr.exe C:ProgrammerFælles filerEPSONEBAPISAgent2.exe C:WINDOWSsystem32scagent.exe C:WINDOWSsystem32xcommsvr.exe C:WINDOWSSystem32 svp.exe E:HijackThis.exe
--
Chieftec DX-01BD * P4 [email protected] * Asus P4P800 Deluxe * 1024mb Samsung 3200 DDR * 2 x 120GB Maxtor Fluid 8mb (RAID 0) * 200GB Maxtor Fluid 8mb * Saphire 9700pro Ultimate.
#4
Khalif
Maxibruger
28-07-2004 17:05

Rapporter til Admin
C:ProgrammerMSN Toolbar1.01.1629.0damsntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:programmergooglegoogletoolbar1.dll O4 - HKLM..Run: [TkBellExe] "C:ProgrammerFælles filerRealUpdate_OB ealsched.exe" -osboot O4 - HKLM..Run: [QuickTime Task] "C:ProgrammerQuickTimeqttask.exe" -atboottime O4 - HKLM..Run: [axis bias] C:PROGRA~1ITCHBO~1fork window one.exe O4 - HKLM..Run: [MyWebSearch Email Plugin] C:PROGRA~1MYWEBS~1ar1.binmwsoemon.exe O4 - HKLM..Run: [ATIPTA] C:ProgrammerATI TechnologiesATI Control Panelatiptaxx.exe O4 - HKLM..Run: [MessengerPlus3] "C:ProgrammerMessenger Plus! 3MsgPlus.exe" O4 - HKLM..Run: [qkhieb] C:WINDOWSSystem32qkgcof.exe O4 - HKLM..Run: [Bindbluecake2] C:Documents and SettingsAll UsersApplication DataClosepingbindblueLongbold.exe O4 - HKLM..Run: [Cryptographic Service] C:WINDOWSSystem32 zugpfy.exe O4 - HKCU..Run: [MyWebSearch Email Plugin] C:PROGRA~1MYWEBS~1ar1.binmwsoemon.exe O4 - HKCU..Run: [MessengerPlus3] "C:ProgrammerMessenger Plus! 3MsgPlus.exe" /WinStart O4 - HKCU..Run: [msnmsgr] "C:ProgrammerMSN Messengermsnmsgr.exe" /background O8 - Extra context menu item: &Google Search - res://C:ProgrammerGooglegoogletoolbar.dll/cmsearch.html O8 - Extra context menu item: &Search - http://bar.mywebsearch.com[...] O8 - Extra context menu item: Backward &Links - res://C:ProgrammerGooglegoogletoolbar.dll/cmbacklinks.html O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:ProgrammerGooglegoogletoolbar.dll/cmcache.html O8 - Extra context menu item: Si&milar Pages - res://C:ProgrammerGooglegoogletoolbar.dll/cmsimilar.html O8 - Extra context menu item: Translate into English - res://C:ProgrammerGooglegoogletoolbar.dll/cmtrans.html O9 - Extra button: Erotik (HKLM) O9 - Extra 'Tools' menuitem: Erotik... (HKLM) O9 - Extra button: ICQ Lite (HKLM) O9 - Extra 'Tools' menuitem: ICQ Lite (HKLM) O9 - Extra button: Sol Dating (HKLM) O9 - Extra 'Tools' menuitem: Sol Dating... (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Messenger (HKLM) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com[...] O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com[...] O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com[...] O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com[...] O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com[...] O16 - DPF: {53B3ABEA-4445-44D9-A01E-088144CAABD9} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com[...] O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com[...] O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com[...] O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com[...] O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com[...]
--
Chieftec DX-01BD * P4 [email protected] * Asus P4P800 Deluxe * 1024mb Samsung 3200 DDR * 2 x 120GB Maxtor Fluid 8mb (RAID 0) * 200GB Maxtor Fluid 8mb * Saphire 9700pro Ultimate.
#5
Khalif
Maxibruger
28-07-2004 17:06

Rapporter til Admin
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:programmergooglegoogletoolbar1.dll O4 - HKLM..Run: [TkBellExe] "C:ProgrammerFælles filerRealUpdate_OB ealsched.exe" -osboot O4 - HKLM..Run: [QuickTime Task] "C:ProgrammerQuickTimeqttask.exe" -atboottime O4 - HKLM..Run: [axis bias] C:PROGRA~1ITCHBO~1fork window one.exe O4 - HKLM..Run: [MyWebSearch Email Plugin] C:PROGRA~1MYWEBS~1ar1.binmwsoemon.exe O4 - HKLM..Run: [ATIPTA] C:ProgrammerATI TechnologiesATI Control Panelatiptaxx.exe O4 - HKLM..Run: [MessengerPlus3] "C:ProgrammerMessenger Plus! 3MsgPlus.exe" O4 - HKLM..Run: [qkhieb] C:WINDOWSSystem32qkgcof.exe O4 - HKLM..Run: [Bindbluecake2] C:Documents and SettingsAll UsersApplication DataClosepingbindblueLongbold.exe O4 - HKLM..Run: [Cryptographic Service] C:WINDOWSSystem32 zugpfy.exe O4 - HKCU..Run: [MyWebSearch Email Plugin] C:PROGRA~1MYWEBS~1ar1.binmwsoemon.exe O4 - HKCU..Run: [MessengerPlus3] "C:ProgrammerMessenger Plus! 3MsgPlus.exe" /WinStart O4 - HKCU..Run: [msnmsgr] "C:ProgrammerMSN Messengermsnmsgr.exe" /background O8 - Extra context menu item: &Google Search - res://C:ProgrammerGooglegoogletoolbar.dll/cmsearch.html O8 - Extra context menu item: &Search - http://bar.mywebsearch.com[...] O8 - Extra context menu item: Backward &Links - res://C:ProgrammerGooglegoogletoolbar.dll/cmbacklinks.html O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:ProgrammerGooglegoogletoolbar.dll/cmcache.html O8 - Extra context menu item: Si&milar Pages - res://C:ProgrammerGooglegoogletoolbar.dll/cmsimilar.html O8 - Extra context menu item: Translate into English - res://C:ProgrammerGooglegoogletoolbar.dll/cmtrans.html O9 - Extra button: Erotik (HKLM) O9 - Extra 'Tools' menuitem: Erotik... (HKLM) O9 - Extra button: ICQ Lite (HKLM) O9 - Extra 'Tools' menuitem: ICQ Lite (HKLM) O9 - Extra button: Sol Dating (HKLM) O9 - Extra 'Tools' menuitem: Sol Dating... (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Messenger (HKLM) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com[...] O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com[...] O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com[...] O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com[...] O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com[...] O16 - DPF: {53B3ABEA-4445-44D9-A01E-088144CAABD9} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com[...] O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com[...] O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com[...] O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com[...] O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com[...]
--
Chieftec DX-01BD * P4 [email protected] * Asus P4P800 Deluxe * 1024mb Samsung 3200 DDR * 2 x 120GB Maxtor Fluid 8mb (RAID 0) * 200GB Maxtor Fluid 8mb * Saphire 9700pro Ultimate.
#6
ch|nch|lla
Supporter Aspirant
28-07-2004 17:07

Rapporter til Admin
#0 Også lige en anden ting; Der er blevet oprettet et forum til denne form for tråde, nemlig Sikkerhed. Det står dog ikke under forum quickjump, men det kan ses hvis du går ind på selve forumsoversigten http://www.hol.dk[...] ;)
--
http://www.hol.dk[...] Så brug den da!
#7
Khalif
Maxibruger
28-07-2004 17:08

Rapporter til Admin
Ahh ok fattede jeg ikke lige :=) en der kan flytte den så.
--
Chieftec DX-01BD * P4 [email protected] * Asus P4P800 Deluxe * 1024mb Samsung 3200 DDR * 2 x 120GB Maxtor Fluid 8mb (RAID 0) * 200GB Maxtor Fluid 8mb * Saphire 9700pro Ultimate.
#8
Kim In Chul
Junior Supporter
28-07-2004 17:18

Rapporter til Admin
Okay, det er en meget forvirrende log du har der... Men jeg regner med at den skal se nogenlunde sådan ud: Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSSystem32Ati2evxx.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSsystem32Ati2evxx.exe C:WINDOWSExplorer.EXE C:WINDOWSsystem32spoolsv.exe C:ProgrammerFælles filerRealUpdate_OB ealsched.exe C:PROGRA~1MYWEBS~1ar1.binmwsoemon.exe C:ProgrammerATI TechnologiesATI Control Panelatiptaxx.exe C:ProgrammerMessenger Plus! 3MsgPlus.exe C:WINDOWSSystem32qkgcof.exe c:progra~1intern~1iexplore.exe c:progra~1intern~1iexplore.exe C:ProgrammerMSN Messengermsnmsgr.exe C:ProgrammerFælles filerEPSONEBAPISAgent2.exe C:WINDOWSsystem32scagent.exe C:WINDOWSsystem32xcommsvr.exe C:WINDOWSSystem32 svp.exe E:HijackThis.exe R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = file://C:DOCUME~1FRANKB~1LOKALE~1Tempsp.html R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = file://C:DOCUME~1FRANKB~1LOKALE~1Tempsp.html R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = file://C:DOCUME~1FRANKB~1LOKALE~1Tempsp.html R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = file://C:DOCUME~1FRANKB~1LOKALE~1Tempsp.html R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = file://C:DOCUME~1FRANKB~1LOKALE~1Tempsp.html R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = file://C:DOCUME~1FRANKB~1LOKALE~1Tempsp.html R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page = R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,HomeOldSP = about:blank R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Hyperlinks O2 - BHO: (no name) - {0000607D-D204-42C7-8E46-216055BF9918} - C:WINDOWSmxTarget.dll O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:ProgrammerMyWebSearchSrchAstt1.binMWSSRCAS.DLL O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:ProgrammerMyWebSearchar1.binMWSBAR.DLL O2 - BHO: (no name) - {1BDD55B8-3985-4E59-B906-5E0AD56D6710} - (no file) O2 - BHO: (no name) - {2979BD20-1365-4D1E-9F39-2D16E8A9C9F3} - C:WINDOWSmadopew.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:ProgrammerSpybot - Search & DestroySDHelper.dll O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:programmergooglegoogletoolbar1.dll O2 - BHO: (no name) - {E8EBCFED-EBAA-F7EF-8225-22B38A0B1E09} - C:PROGRA~1MPEGMA~1LocksNew.exe O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx O3 - Toolbar: (no name) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - (no file) O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:ProgrammerMSN Toolbar O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:programmergooglegoogletoolbar1.dll O4 - HKLM..Run: [TkBellExe] "C:ProgrammerFælles filerRealUpdate_OB ealsched.exe" -osboot O4 - HKLM..Run: [QuickTime Task] "C:ProgrammerQuickTimeqttask.exe" -atboottime O4 - HKLM..Run: [axis bias] C:PROGRA~1ITCHBO~1fork window one.exe O4 - HKLM..Run: [MyWebSearch Email Plugin] C:PROGRA~1MYWEBS~1ar1.binmwsoemon.exe O4 - HKLM..Run: [ATIPTA] C:ProgrammerATI TechnologiesATI Control Panelatiptaxx.exe O4 - HKLM..Run: [MessengerPlus3] "C:ProgrammerMessenger Plus! 3MsgPlus.exe" O4 - HKLM..Run: [qkhieb] C:WINDOWSSystem32qkgcof.exe O4 - HKLM..Run: [Bindbluecake2] C:Documents and SettingsAll UsersApplication DataClosepingbindblueLongbold.exe O4 - HKLM..Run: [Cryptographic Service] C:WINDOWSSystem32 zugpfy.exe O4 - HKCU..Run: [MyWebSearch Email Plugin] C:PROGRA~1MYWEBS~1ar1.binmwsoemon.exe O4 - HKCU..Run: [MessengerPlus3] "C:ProgrammerMessenger Plus! 3MsgPlus.exe" /WinStart O4 - HKCU..Run: [msnmsgr] "C:ProgrammerMSN Messengermsnmsgr.exe" /background O8 - Extra context menu item: &Google Search - res://C:ProgrammerGooglegoogletoolbar.dll/cmsearch.html O8 - Extra context menu item: &Search - http://bar.mywebsearch.com[...] O8 - Extra context menu item: Backward &Links - res://C:ProgrammerGooglegoogletoolbar.dll/cmbacklinks.html O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:ProgrammerGooglegoogletoolbar.dll/cmcache.html O8 - Extra context menu item: Si&milar Pages - res://C:ProgrammerGooglegoogletoolbar.dll/cmsimilar.html O8 - Extra context menu item: Translate into English - res://C:ProgrammerGooglegoogletoolbar.dll/cmtrans.html O9 - Extra button: Erotik (HKLM) O9 - Extra 'Tools' menuitem: Erotik... (HKLM) O9 - Extra button: ICQ Lite (HKLM) O9 - Extra 'Tools' menuitem: ICQ Lite (HKLM) O9 - Extra button: Sol Dating (HKLM) O9 - Extra 'Tools' menuitem: Sol Dating... (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Messenger (HKLM) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com[...] O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com[...] O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com[...] O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com[...] O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com[...] O16 - DPF: {53B3ABEA-4445-44D9-A01E-088144CAABD9} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com[...] O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com[...] O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com[...] O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com[...] O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com[...] Problemet er at jeg ikke kan se om hvilket OS og om du har installeret SP1, da du ikke fik det allerførste med... Informer venligst om det, så skal vi se hva vi kan gøre... //Kim In Chul
--
#9
Khalif
Maxibruger
28-07-2004 17:25

Rapporter til Admin
ok takker ser om jeg kan få det hele til at stå her :=)
--
Chieftec DX-01BD * P4 [email protected] * Asus P4P800 Deluxe * 1024mb Samsung 3200 DDR * 2 x 120GB Maxtor Fluid 8mb (RAID 0) * 200GB Maxtor Fluid 8mb * Saphire 9700pro Ultimate.
#10
Khalif
Maxibruger
28-07-2004 17:26

Rapporter til Admin
Logfile of HijackThis v1.97.7 Scan saved at 17:25:53, on 28-07-2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSSystem32Ati2evxx.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSsystem32Ati2evxx.exe C:WINDOWSExplorer.EXE C:WINDOWSsystem32spoolsv.exe C:ProgrammerFælles filerRealUpdate_OB ealsched.exe C:PROGRA~1MYWEBS~1ar1.binmwsoemon.exe C:ProgrammerATI TechnologiesATI Control Panelatiptaxx.exe C:ProgrammerMessenger Plus! 3MsgPlus.exe C:WINDOWSSystem32qkgcof.exe c:progra~1intern~1iexplore.exe c:progra~1intern~1iexplore.exe C:ProgrammerMSN Messengermsnmsgr.exe C:ProgrammerFælles filerEPSONEBAPISAgent2.exe C:WINDOWSsystem32scagent.exe C:WINDOWSsystem32xcommsvr.exe C:WINDOWSSystem32 svp.exe C:ProgrammerInternet Exploreriexplore.exe c:programmersoftwindprofavxgui.exe c:programmerfælles filersoftwinliveavxlive.exe E:HijackThis.exe R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = file://C:DOCUME~1FRANKB~1LOKALE~1Tempsp.html R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = file://C:DOCUME~1FRANKB~1LOKALE~1Tempsp.html R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = file://C:DOCUME~1FRANKB~1LOKALE~1Tempsp.html R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = file://C:DOCUME~1FRANKB~1LOKALE~1Tempsp.html R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = file://C:DOCUME~1FRANKB~1LOKALE~1Tempsp.html R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page = R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,HomeOldSP = about:blank R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Hyperlinks O2 - BHO: (no name) - {0000607D-D204-42C7-8E46-216055BF9918} - C:WINDOWSmxTarget.dll O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:ProgrammerMyWebSearchSrchAstt1.binMWSSRCAS.DLL O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:ProgrammerMyWebSearchar1.binMWSBAR.DLL O2 - BHO: (no name) - {1BDD55B8-3985-4E59-B906-5E0AD56D6710} - (no file) O2 - BHO: (no name) - {2979BD20-1365-4D1E-9F39-2D16E8A9C9F3} - C:WINDOWSmadopew.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:ProgrammerSpybot - Search & DestroySDHelper.dll O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:programmergooglegoogletoolbar1.dll O2 - BHO: (no name) - {E8EBCFED-EBAA-F7EF-8225-22B38A0B1E09} - C:PROGRA~1MPEGMA~1LocksNew.exe O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx O3 - Toolbar: (no name) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - (no file) O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:ProgrammerMSN Toolbar1.01.1629.0damsntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:programmergooglegoogletoolbar1.dll O4 - HKLM..Run: [TkBellExe] "C:ProgrammerFælles filerRealUpdate_OB ealsched.exe" -osboot O4 - HKLM..Run: [QuickTime Task] "C:ProgrammerQuickTimeqttask.exe" -atboottime O4 - HKLM..Run: [axis bias] C:PROGRA~1ITCHBO~1fork window one.exe O4 - HKLM..Run: [MyWebSearch Email Plugin] C:PROGRA~1MYWEBS~1ar1.binmwsoemon.exe O4 - HKLM..Run: [ATIPTA] C:ProgrammerATI TechnologiesATI Control Panelatiptaxx.exe O4 - HKLM..Run: [MessengerPlus3] "C:ProgrammerMessenger Plus! 3MsgPlus.exe" O4 - HKLM..Run: [qkhieb] C:WINDOWSSystem32qkgcof.exe O4 - HKLM..Run: [Bindbluecake2] C:Documents and SettingsAll UsersApplication DataClosepingbindblueLongbold.exe O4 - HKLM..Run: [Cryptographic Service] C:WINDOWSSystem32 zugpfy.exe O4 - HKCU..Run: [MyWebSearch Email Plugin] C:PROGRA~1MYWEBS~1ar1.binmwsoemon.exe O4 - HKCU..Run: [MessengerPlus3] "C:ProgrammerMessenger Plus! 3MsgPlus.exe" /WinStart O4 - HKCU..Run: [msnmsgr] "C:ProgrammerMSN Messengermsnmsgr.exe" /background O8 - Extra context menu item: &Google Search - res://C:ProgrammerGooglegoogletoolbar.dll/cmsearch.html O8 - Extra context menu item: &Search - http://bar.mywebsearch.com[...] O8 - Extra context menu item: Backward &Links - res://C:ProgrammerGooglegoogletoolbar.dll/cmbacklinks.html O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:ProgrammerGooglegoogletoolbar.dll/cmcache.html O8 - Extra context menu item: Si&milar Pages - res://C:ProgrammerGooglegoogletoolbar.dll/cmsimilar.html O8 - Extra context menu item: Translate into English - res://C:ProgrammerGooglegoogletoolbar.dll/cmtrans.html O9 - Extra button: Erotik (HKLM) O9 - Extra 'Tools' menuitem: Erotik... (HKLM) O9 - Extra button: ICQ Lite (HKLM) O9 - Extra 'Tools' menuitem: ICQ Lite (HKLM) O9 - Extra button: Sol Dating (HKLM) O9 - Extra 'Tools' menuitem: Sol Dating... (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Messenger (HKLM) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com[...] O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com[...] O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com[...] O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com[...] O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com[...] O16 - DPF: {53B3ABEA-4445-44D9-A01E-088144CAABD9} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com[...] O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com[...] O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com[...] O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com[...] O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com[...]
--
Chieftec DX-01BD * P4 [email protected] * Asus P4P800 Deluxe * 1024mb Samsung 3200 DDR * 2 x 120GB Maxtor Fluid 8mb (RAID 0) * 200GB Maxtor Fluid 8mb * Saphire 9700pro Ultimate.
#11
Khalif
Maxibruger
28-07-2004 17:27

Rapporter til Admin
Hvordan får man det hele teksten til at stå i en besked?
--
Chieftec DX-01BD * P4 [email protected] * Asus P4P800 Deluxe * 1024mb Samsung 3200 DDR * 2 x 120GB Maxtor Fluid 8mb (RAID 0) * 200GB Maxtor Fluid 8mb * Saphire 9700pro Ultimate.
#12
Kim In Chul
Junior Supporter
28-07-2004 17:27

Rapporter til Admin
Hej du har lidt som skal fikses... Start med at deaktivere systemgendannelse, kør en ny hijackthis og sæt flueben ud for: R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = file://C:DOCUME~1FRANKB~1LOKALE~1Tempsp.html R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = file://C:DOCUME~1FRANKB~1LOKALE~1Tempsp.html R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = file://C:DOCUME~1FRANKB~1LOKALE~1Tempsp.html R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = file://C:DOCUME~1FRANKB~1LOKALE~1Tempsp.html R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = file://C:DOCUME~1FRANKB~1LOKALE~1Tempsp.html R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = file://C:DOCUME~1FRANKB~1LOKALE~1Tempsp.html R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page = R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,HomeOldSP = about:blank O2 - BHO: (no name) - {0000607D-D204-42C7-8E46-216055BF9918} - C:WINDOWSmxTarget.dll O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:ProgrammerMyWebSearchSrchAstt1.binMWSSRCAS.DLL O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:ProgrammerMyWebSearchar1.binMWSBAR.DLL O2 - BHO: (no name) - {1BDD55B8-3985-4E59-B906-5E0AD56D6710} - (no file) O2 - BHO: (no name) - {2979BD20-1365-4D1E-9F39-2D16E8A9C9F3} - C:WINDOWSmadopew.dll O2 - BHO: (no name) - {E8EBCFED-EBAA-F7EF-8225-22B38A0B1E09} - C:PROGRA~1MPEGMA~1LocksNew.exe O3 - Toolbar: (no name) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - (no file) O4 - HKLM..Run: [TkBellExe] "C:ProgrammerFælles filerRealUpdate_OB ealsched.exe" -osboot O4 - HKLM..Run: [QuickTime Task] "C:ProgrammerQuickTimeqttask.exe" -atboottime O4 - HKLM..Run: [axis bias] C:PROGRA~1ITCHBO~1fork window one.exe O4 - HKLM..Run: [qkhieb] C:WINDOWSSystem32qkgcof.exe O4 - HKLM..Run: [Bindbluecake2] C:Documents and SettingsAll UsersApplication DataClosepingbindblueLongbold.exe O4 - HKLM..Run: [Cryptographic Service] C:WINDOWSSystem32 zugpfy.exe O4 - HKCU..Run: [MyWebSearch Email Plugin] C:PROGRA~1MYWEBS~1ar1.binmwsoemon.exe O8 - Extra context menu item: &Search - http://bar.mywebsearch.com[...] O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com[...] Luk alle browservinduer og klik på "fix checked" start så op i fejlskret tilstand(F8 under opstart) og find og slet: C:WINDOWSmxTarget.dll C:ProgrammerMyWebSearchSrchAstt1.binMWSSRCAS.DLL (Slet Myweb mappen, HELE rodmappen skal væk) C:WINDOWSmadopew.dll C:PROGRA~1MPEGMA~1LocksNew.exe (Nu kan jeg ikke se den korrekte sti, men hele rodmappen skal også væk!) C:WINDOWSSystem32 zugpfy.exe Start så op i normal tilstand og smid en ny log herind til kontrol... //Kim In Chul PS. Hvis du ikke har XP eller win2k(som hvis nok er det eneste udover XP, som har systemgendannelse) skal du springe det med systemgendannelsen over...
--
#13
kixza
Elitebruger
28-07-2004 17:29

Rapporter til Admin

--
MSN :[email protected] Mail :[email protected] Se specs for min spand i profil :) http://Kixza.spymac.net[...] Ta` da lige og kig forbi og skriv i forummet
#14
Khalif
Maxibruger
28-07-2004 17:29

Rapporter til Admin
hehe ok takker mange gange :=)
--
Chieftec DX-01BD * P4 [email protected] * Asus P4P800 Deluxe * 1024mb Samsung 3200 DDR * 2 x 120GB Maxtor Fluid 8mb (RAID 0) * 200GB Maxtor Fluid 8mb * Saphire 9700pro Ultimate.
#15
Kim In Chul
Junior Supporter
28-07-2004 17:30

Rapporter til Admin
Var lige lidt for hurtig... De her skal også slettes i fejlsikret tilstand! C:PROGRA~1ITCHBO~1fork window one.exe C:WINDOWSSystem32qkgcof.exe C:Documents and SettingsAll UsersApplication DataClosepingbindblueLongbold.exe (Rodmappen ska væk!) Sry for dobbelpost! //Kim In Chul PS. da jeg kan se at du har XP med SP1 skal du huske at deaktivere systemgendannelsen
--
#16
Khalif
Gæst
28-07-2004 17:50

Rapporter til Admin
Nu ser den sådan ud har ikke lige fixet det sidste :=) Logfile of HijackThis v1.97.7 Scan saved at 17:50:06, on 28-07-2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSSystem32Ati2evxx.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSsystem32Ati2evxx.exe C:WINDOWSExplorer.EXE C:WINDOWSsystem32spoolsv.exe C:ProgrammerATI TechnologiesATI Control Panelatiptaxx.exe C:ProgrammerMessenger Plus! 3MsgPlus.exe C:ProgrammerMSN Messengermsnmsgr.exe C:ProgrammerFælles filerEPSONEBAPISAgent2.exe C:WINDOWSsystem32scagent.exe C:WINDOWSsystem32xcommsvr.exe c:progra~1intern~1iexplore.exe c:progra~1intern~1iexplore.exe C:ProgrammerInternet Exploreriexplore.exe E:HijackThis.exe
--
Gæstebruger, opret dit eget login og få din egen signatur.
#17
Khalif
Gæst
28-07-2004 17:51

Rapporter til Admin
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = file://C:DOCUME~1FRANKB~1LOKALE~1Tempsp.html R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://searchweb2.com[...] R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = file://C:DOCUME~1FRANKB~1LOKALE~1Tempsp.html R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = file://C:DOCUME~1FRANKB~1LOKALE~1Tempsp.html R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = file://C:DOCUME~1FRANKB~1LOKALE~1Tempsp.html R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = file://C:DOCUME~1FRANKB~1LOKALE~1Tempsp.html R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,HomeOldSP = about:blank R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Hyperlinks O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:ProgrammerSpybot - Search & DestroySDHelper.dll O2 - BHO: (no name) - {944C5479-F80D-4C6D-90DE-F1F954861B62} - C:WINDOWSmadopew.dll (file missing) O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:programmergooglegoogletoolbar1.dll O2 - BHO: (no name) - {E8EBCFED-EBAA-F7EF-8225-22B38A0B1E09} - C:PROGRA~1MPEGMA~1LocksNew.exe O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:ProgrammerMSN Toolbar1.01.1629.0damsntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:programmergooglegoogletoolbar1.dll O4 - HKLM..Run: [MyWebSearch Email Plugin] C:PROGRA~1MYWEBS~1ar1.binmwsoemon.exe O4 - HKLM..Run: [ATIPTA] C:ProgrammerATI TechnologiesATI Control Panelatiptaxx.exe O4 - HKLM..Run: [MessengerPlus3] "C:ProgrammerMessenger Plus! 3MsgPlus.exe" O4 - HKCU..Run: [MessengerPlus3] "C:ProgrammerMessenger Plus! 3MsgPlus.exe" /WinStart O4 - HKCU..Run: [msnmsgr] "C:ProgrammerMSN Messengermsnmsgr.exe" /background O8 - Extra context menu item: &Google Search - res://C:ProgrammerGooglegoogletoolbar.dll/cmsearch.html O8 - Extra context menu item: Backward &Links - res://C:ProgrammerGooglegoogletoolbar.dll/cmbacklinks.html O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:ProgrammerGooglegoogletoolbar.dll/cmcache.html O8 - Extra context menu item: Si&milar Pages - res://C:ProgrammerGooglegoogletoolbar.dll/cmsimilar.html O8 - Extra context menu item: Translate into English - res://C:ProgrammerGooglegoogletoolbar.dll/cmtrans.html O9 - Extra button: Erotik (HKLM) O9 - Extra 'Tools' menuitem: Erotik... (HKLM) O9 - Extra button: ICQ Lite (HKLM) O9 - Extra 'Tools' menuitem: ICQ Lite (HKLM) O9 - Extra button: Sol Dating (HKLM) O9 - Extra 'Tools' menuitem: Sol Dating... (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Messenger (HKLM) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com[...] O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com[...] O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com[...] O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com[...] O16 - DPF: {53B3ABEA-4445-44D9-A01E-088144CAABD9} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com[...] O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com[...] O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com[...] O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com[...] O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com[...]
--
Gæstebruger, opret dit eget login og få din egen signatur.
#18
Khalif
Gæst
28-07-2004 17:51

Rapporter til Admin
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:programmergooglegoogletoolbar1.dll O4 - HKLM..Run: [MyWebSearch Email Plugin] C:PROGRA~1MYWEBS~1ar1.binmwsoemon.exe O4 - HKLM..Run: [ATIPTA] C:ProgrammerATI TechnologiesATI Control Panelatiptaxx.exe O4 - HKLM..Run: [MessengerPlus3] "C:ProgrammerMessenger Plus! 3MsgPlus.exe" O4 - HKCU..Run: [MessengerPlus3] "C:ProgrammerMessenger Plus! 3MsgPlus.exe" /WinStart O4 - HKCU..Run: [msnmsgr] "C:ProgrammerMSN Messengermsnmsgr.exe" /background O8 - Extra context menu item: &Google Search - res://C:ProgrammerGooglegoogletoolbar.dll/cmsearch.html O8 - Extra context menu item: Backward &Links - res://C:ProgrammerGooglegoogletoolbar.dll/cmbacklinks.html O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:ProgrammerGooglegoogletoolbar.dll/cmcache.html O8 - Extra context menu item: Si&milar Pages - res://C:ProgrammerGooglegoogletoolbar.dll/cmsimilar.html O8 - Extra context menu item: Translate into English - res://C:ProgrammerGooglegoogletoolbar.dll/cmtrans.html O9 - Extra button: Erotik (HKLM) O9 - Extra 'Tools' menuitem: Erotik... (HKLM) O9 - Extra button: ICQ Lite (HKLM) O9 - Extra 'Tools' menuitem: ICQ Lite (HKLM) O9 - Extra button: Sol Dating (HKLM) O9 - Extra 'Tools' menuitem: Sol Dating... (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Messenger (HKLM) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com[...] O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com[...] O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com[...] O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com[...] O16 - DPF: {53B3ABEA-4445-44D9-A01E-088144CAABD9} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com[...] O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com[...] O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com[...] O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com[...] O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com[...]
--
Gæstebruger, opret dit eget login og få din egen signatur.
#19
Khalif
Gæst
28-07-2004 17:55

Rapporter til Admin
Mange tak på forhånd sidder med en vens comp egenlig ville jeg bare have installeret en ny win og format c:=) men gider ikke :)
--
Gæstebruger, opret dit eget login og få din egen signatur.
#20
Kim In Chul
Junior Supporter
28-07-2004 18:14

Rapporter til Admin
Hej, du mangler stadig lidt som skal fikses... Fiks disse i hijackthis: R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = file://C:DOCUME~1FRANKB~1LOKALE~1Tempsp.html R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://searchweb2.com[...] R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = file://C:DOCUME~1FRANKB~1LOKALE~1Tempsp.html R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = file://C:DOCUME~1FRANKB~1LOKALE~1Tempsp.html R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = file://C:DOCUME~1FRANKB~1LOKALE~1Tempsp.html R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = file://C:DOCUME~1FRANKB~1LOKALE~1Tempsp.html R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,HomeOldSP = about:blank O2 - BHO: (no name) - {944C5479-F80D-4C6D-90DE-F1F954861B62} - C:WINDOWSmadopew.dll (file missing) O2 - BHO: (no name) - {E8EBCFED-EBAA-F7EF-8225-22B38A0B1E09} - C:PROGRA~1MPEGMA~1LocksNew.exe O4 - HKLM..Run: [MyWebSearch Email Plugin] C:PROGRA~1MYWEBS~1ar1.binmwsoemon.exe O9 - Extra button: Erotik (HKLM) O9 - Extra 'Tools' menuitem: Erotik... (HKLM) Luk alle programvinduer og klik på "fix checked" og start så op i fejlsikret tilstand og find og slet: C:PROGRA~1MYWEBS~1ar1.binmwsoemon.exe (Rodmappen ska væk ) Også lige dem fra sidste gang... Det kan godt være at de allerede er blevet slettet, men tjek hellere for en sikkerhedskyld: C:PROGRA~1ITCHBO~1fork window one.exe C:WINDOWSSystem32qkgcof.exe C:Documents and SettingsAll UsersApplication DataClosepingbindblueLongbold.exe (Rodmappen ska væk!) Prøv at tømme din Temporary internet files, det skulle gerne hjælpe på det... Start så op normalt og smid en log herind til kontrol... //Kim In Chul
--

Opret svar til indlægget: Hijackthis Log !

Grundet øget spam aktivitet fra gæstebrugere, er det desværre ikke længere muligt, at oprette svar som gæst.

Hvis du ønsker at deltage i debatten, skal du oprette en brugerprofil.

Opret bruger | Login
NYHEDSBREV
Du skal være logget ind for at tilmelde dig nyhedsbrev.
Afstemning

Hvilken udbyder har du til internet?

254 personer har stemt
-
Mit energiselskab (Ewii f.eks)
12%
-
Fastspeed
11%
-
Kviknet
4%
-
Boligforening
7%
-
Norlys
15%
-
Hiper
12%
-
Fibia
3%
-
Telenor
4%
-
YouSee
10%
-
Andet
22%