Her er loggen fra den bærbare pc, den ser ud som følger. Den rensede version af log 1 kommer lige straks.
Logfile of HijackThis v1.98.2
Scan saved at 15:27:08, on 13-10-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:ProgrammerFælles filerSymantec SharedccSetMgr.exe
C:ProgrammerFælles filerSymantec SharedccEvtMgr.exe
C:WINDOWSSystem32rsvc01a.exe
C:WINDOWSSystem32rss01a.exe
C:WINDOWSsystem32spoolsv.exe
C:ProgrammerFælles filerSymantec SharedccProxy.exe
C:ProgrammerNorton Internet SecurityNorton AntiVirus
avapsvc.exe
C:ProgrammerNorton Internet SecurityNorton AntiVirusSAVScan.exe
C:WINDOWSsystem32slserv.exe
C:ProgrammerFælles filerSymantec SharedSNDSrvc.exe
C:WINDOWSsystem32fxssvc.exe
C:WINDOWSExplorer.EXE
C:WINDOWSSystem32STDSB.exe
C:ProgrammerSynapticsSynTPSynTPLpr.exe
C:ProgrammerSynapticsSynTPSynTPEnh.exe
C:WINDOWSSOUNDMAN.EXE
C:ProgrammerFælles filerSymantec SharedccApp.exe
C:ProgrammerMessengermsmsgs.exe
C:ProgrammerSpybot - Search & DestroyTeaTimer.exe
C:ProgrammerHewlett-PackardDigital Imaginginhpobnz08.exe
C:ProgrammerHewlett-PackardDigital Imaginginhpotdd01.exe
C:ProgrammerHewlett-PackardDigital Imaginginhpoevm08.exe
C:WINDOWSSystem32HPZipm12.exe
C:ProgrammerHewlett-PackardDigital ImagingBinhpoSTS08.exe
C:Documents and Settingssusanne schleissSkrivebordHijackThis.exe
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =
http://format.packardbell.com[...]
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://www.dr.dk[...]
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = file://C:APPSIEofflinedan.htm
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Packard Bell
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:ProgrammerAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:ProgrammerSpybot - Search & DestroySDHelper.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:ProgrammerFælles filerSymantec SharedAdBlockingNISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:ProgrammerNorton Internet SecurityNorton AntiVirusNavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:ProgrammerFælles filerSymantec SharedAdBlockingNISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:ProgrammerNorton Internet SecurityNorton AntiVirusNavShExt.dll
O4 - HKLM..Run: [STDSB] C:WINDOWSSystem32STDSB.exe
O4 - HKLM..Run: [SynTPLpr] C:ProgrammerSynapticsSynTPSynTPLpr.exe
O4 - HKLM..Run: [SynTPEnh] C:ProgrammerSynapticsSynTPSynTPEnh.exe
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [UpdateManager] "c:ProgrammerFælles filerSonicUpdate Managersgtray.exe" /r
O4 - HKLM..Run: [JA Cfg Util v2] jacfg2.exe
O4 - HKLM..Run: [TkBellExe] "C:ProgrammerFælles filerRealUpdate_OB
ealsched.exe" -osboot
O4 - HKLM..Run: [ClickMe] C:appsClickMeClickMe.exe
O4 - HKLM..Run: [ccApp] "C:ProgrammerFælles filerSymantec SharedccApp.exe"
O4 - HKLM..RunServices: [JA Cfg Util v2] jacfg2.exe
O4 - HKCU..Run: [MSMSGS] "C:ProgrammerMessengermsmsgs.exe" /background
O4 - HKCU..Run: [JA Cfg Util v2] jacfg2.exe
O4 - HKCU..Run: [Symantec NetDriver Monitor] C:PROGRA~1SYMNET~1SNDMon.exe
O4 - HKCU..Run: [SpybotSD TeaTimer] C:ProgrammerSpybot - Search & DestroyTeaTimer.exe
O4 - Global Startup: hp psc 2000 Series.lnk = C:ProgrammerHewlett-PackardDigital Imaginginhpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:ProgrammerMicrosoft OfficeOffice10OSA.EXE
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgrammerMessengerMSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgrammerMessengerMSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=file://C:APPSIEofflinedan.htm
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupdate.microsoft.com[...]
O17 - HKLMSystemCS1ServicesTcpipParameters: SearchList = staff.kvl.dk
O17 - HKLMSystemCCSServicesTcpipParameters: SearchList = staff.kvl.dk
--
Gæstebruger, opret dit eget login og få din egen signatur.