hjt log..

Af Ultrabruger knudsen69 | 14-10-2004 22:02 | 1026 visninger | 4 svar, hop til seneste

hey.. ville lige have tjekket min hjt log og se om der var lidt "snavs" i den da det er et stykke tid siden den sidst er tjekket.. Logfile of HijackThis v1.97.7 Scan saved at 22:07:28, on 14-10-2004 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSsystem32spoolsv.exe C:WINDOWSExplorer.EXE C:WINDOWSsystem32LVCOMSX.EXE C:ProgrammerLogitechVideoLogiTray.exe C:WINDOWSsystem32RUNDLL32.EXE C:PROGRA~1NORTON~1 avapw32.exe C:ProgrammerLogitechMouseWaresystemem_exec.exe C:ProgrammerD-Toolsdaemon.exe C:ProgrammerMotherboard Monitor 5MBM5.EXE C:ProgrammerWinampwinampa.exe C:ProgrammerJavaj2re1.4.2_05injusched.exe C:ProgrammerLogitechiTouchiTouch.exe C:WINDOWSSOUNDMAN.EXE C:WINDOWSsystem32ctfmon.exe C:ProgrammerNorton AntiVirus avapsvc.exe C:WINDOWSSystem32 vsvc32.exe C:Documents and SettingsThomas KnudsenApplication Dataiat.exe C:ProgrammerMSN Messengermsnmsgr.exe C:WINDOWSSystem32svchost.exe C:ProgrammerLogitechVideoFxSvr2.exe C:Documents and SettingsThomas KnudsenSkrivebordHijackThis.exe R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.games-fusion.net[...] R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page_bak = about:blank R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Hyperlinks O2 - BHO: (no name) - {00320615-B6C2-40A6-8F99-F1C52D674FAD} - C:WINDOWSlocalNRD.dll O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:ProgrammerAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:ProgrammerSpybot - Search & DestroySDHelper.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:ProgrammerNorton AntiVirusNavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:ProgrammerNorton AntiVirusNavShExt.dll O4 - HKLM..Run: [LVCOMSX] C:WINDOWSsystem32LVCOMSX.EXE O4 - HKLM..Run: [LogitechVideoRepair] C:ProgrammerLogitechVideoISStart.exe O4 - HKLM..Run: [LogitechVideoTray] C:ProgrammerLogitechVideoLogiTray.exe O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup O4 - HKLM..Run: [nwiz] nwiz.exe /install O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSSystem32NvMcTray.dll,NvTaskbarInit O4 - HKLM..Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM..Run: [NAV Agent] C:PROGRA~1NORTON~1 avapw32.exe O4 - HKLM..Run: [DAEMON Tools-1033] "C:ProgrammerD-Toolsdaemon.exe" -lang 1033 O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe O4 - HKLM..Run: [MBM 5] "C:ProgrammerMotherboard Monitor 5MBM5.EXE" O4 - HKLM..Run: [WinampAgent] C:ProgrammerWinampwinampa.exe O4 - HKLM..Run: [SunJavaUpdateSched] C:ProgrammerJavaj2re1.4.2_05injusched.exe O4 - HKLM..Run: [zBrowser Launcher] C:ProgrammerLogitechiTouchiTouch.exe O4 - HKLM..Run: [sais] c:programmer180solutionssais.exe O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe O4 - HKCU..Run: [Symantec NetDriver Monitor] C:PROGRA~1SYMNET~1SNDMon.exe O4 - HKCU..Run: [LogitechSoftwareUpdate] C:ProgrammerLogitechVideoManifestEngine.exe boot O4 - HKCU..Run: [Uhpe] C:Documents and SettingsThomas KnudsenApplication Dataiat.exe O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000 O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM) O9 - Extra button: Opslag (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM) O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com[...] O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com[...] O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com[...] O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com[...] O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com[...] O16 - DPF: {A8658086-E6AC-4957-BC8E-8D54A7E8A790} (GDIChk Object) - http://www.microsoft.com[...] O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com[...] O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com[...] O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com[...] O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com[...]
--

P4 2.4c @ 3.12, Thermalright SP-94, Abit IC7-G, Hitachi Deskstar 7K250 120GB SATA, Raptor 74GB, Geforce4 TI4200 128mb, 2*256mb Corsair pc3200 2-5-2-2, Plextor PX-712A, Logitech MX510..

#1
Mr.Jabb
Maxibruger
14-10-2004 22:12

Rapporter til Admin

Smid den ind på http://www.spywarefri.dk[...] - De er Skide gode til sådan noget :)
--
Life Is Calling - Get Out ¿¿Hvor var det nu Væk var??

#2
knudsen69
Ultrabruger
14-10-2004 22:15

Rapporter til Admin

#1 ja jaab men nu har jeg lagt den her og gider ikk lægge den derind selvom de er så "professionelle"...
--
P4 2.4c @ 3.12, Thermalright SP-94, Abit IC7-G, Hitachi Deskstar 7K250 120GB SATA, Raptor 74GB, Geforce4 TI4200 128mb, 2*256mb Corsair pc3200 2-5-2-2, Plextor PX-712A, Logitech MX510..

#3
knudsen69
Ultrabruger
15-10-2004 09:21

Rapporter til Admin

op'er lige engang...
--
P4 2.4c @ 3.12, Thermalright SP-94, Abit IC7-G, Hitachi Deskstar 7K250 120GB SATA, Raptor 74GB, Geforce4 TI4200 128mb, 2*256mb Corsair pc3200 2-5-2-2, Plextor PX-712A, Logitech MX510..

#4
Armageddon
Moderator
15-10-2004 12:16

Rapporter til Admin

Hejsa, Der er et par småting som lige skal fixes. Start med at deaktivere systemgendannelse. Højreklik på "Denne Computer" på skrivebordet, vælg egenskaber og fanebladet "Systemgendannelse" og sæt flueben i "Deaktiver systemgendannelse". Klik ok og genstart. Kør en ny scanning med HJT og sæt flueben ved disse: R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page_bak = about:blank O2 - BHO: (no name) - {00320615-B6C2-40A6-8F99-F1C52D674FAD} - C:WINDOWSlocalNRD.dll O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe O4 - HKLM..Run: [SunJavaUpdateSched] C:ProgrammerJavaj2re1.4.2_05 injusched.exe O4 - HKLM..Run: [sais] c:programmer180solutionssais.exe O4 - HKCU..Run: [Uhpe] C:Documents and SettingsThomas KnudsenApplication Data iat.exe O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com[...] Luk alle øvrige programvinduer så kun HJT er åben. Klik på ”Fix checked”. Luk programmet og genstart i fejlsikret tilstand (tryk F8 efter POST skærmen). Find og slet disse (husk at ændre mappeindstillinger så du kan se skjulte filer samt systemfiler): C:\WINDOWS\localNRD.dll c:\programmer\180solutions\ C:\Documents and Settings\Thomas Knudsen\Application Data\ iat.exe Genstart normalt. Kør en ny scanning med HJT og smid loggen herind til kontrol.
--
/Armageddon - [email protected] http://www.mdegn.dk[...]