Logfile of HijackThis v1.97.7 Scan saved at 20:30:03, on 10-12-2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSsystem32spoolsv.exe C:WINDOWSExplorer.EXE C:ProgrammerJavaj2re1.4.2_01injusched.exe C:WINDOWSSystem32RUNDLL32.EXE C:ProgrammerD-Toolsdaemon.exe C:ProgrammerMSN MessengerMsnMsgr.Exe C:ProgrammerLogitechDesktop Messenger8876480ProgramBackWeb-8876480.exe F:ProgrammerValveSteamSteam.exe C:ProgrammerSkypePhoneSkype.exe C:ProgrammerRealVNCWinVNCwinvnc.exe C:WINDOWSSystem32 vsvc32.exe C:WINDOWSSystem32svchost.exe C:ProgrammerInternet Exploreriexplore.exe C:Documents and SettingsHenriksenLokale indstillingerTemporary Internet FilesContent.IE5WPAFSPU3HijackThis[1].exe R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.dk[...] R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = localhost R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Hyperlinks O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:ProgrammerAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx O4 - HKLM..Run: [Soltek] C:WINDOWSSystem32autorun.exe O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup O4 - HKLM..Run: [nwiz] nwiz.exe /install O4 - HKLM..Run: [anvshell] anvshell.exe O4 - HKLM..Run: [LiveNote] livenote.exe O4 - HKLM..Run: [QuickTime Task] "C:ProgrammerQuickTimeqttask.exe" -atboottime O4 - HKLM..Run: [SunJavaUpdateSched] C:ProgrammerJavaj2re1.4.2_01injusched.exe O4 - HKLM..Run: [NeroCheck] C:WINDOWSsystem32NeroCheck.exe O4 - HKLM..Run: [VaCtrl] C:ProgrammerVoiceAgeCommonVaCtrl.exe O4 - HKLM..Run: [LogitechVideoTray] C:ProgrammerLogitechVideoLogiTray.exe O4 - HKLM..Run: [LogitechGalleryRepair] C:ProgrammerLogitechVideoISStart.exe O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSSystem32NvMcTray.dll,NvTaskbarInit O4 - HKLM..Run: [DAEMON Tools-1033] "C:ProgrammerD-Toolsdaemon.exe" -lang 1033 O4 - HKCU..Run: [MsnMsgr] "C:ProgrammerMSN MessengerMsnMsgr.Exe" /background O4 - HKCU..Run: [STYLEXP] C:ProgrammerTGTSoftStyleXPStyleXP.exe -Hide O4 - HKCU..Run: [LDM] C:ProgrammerLogitechDesktop Messenger8876480ProgramBackWeb-8876480.exe O4 - HKCU..Run: [Steam] F:ProgrammerValveSteam\Steam.exe -silent O4 - HKCU..Run: [Skype] "C:ProgrammerSkypePhoneSkype.exe" /nosplash /minimized O4 - Global Startup: AutoCAD Startup Accelerator.lnk = ? O4 - Global Startup: Logitech Desktop Messenger.lnk = C:ProgrammerLogitechDesktop Messenger8876480ProgramLDMConf.exe O4 - Global Startup: Run VNC Server.lnk = C:ProgrammerRealVNCWinVNCwinvnc.exe O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://F:MICROS~1OFFICE11EXCEL.EXE/3000 O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM) O9 - Extra button: Opslag (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Messenger (HKLM) O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com[...] O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com[...] O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com[...] O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com[...] O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - https://www.gamespyid.com[...] O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com[...] O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com[...] O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey®) - https://netbank.danskebank.dk[...] O17 - HKLMSystemCCSServicesTcpip..{B879ED9F-35A6-4044-AAE1-66E0750CE82C}: NameServer = 212.242.40.3,212.242.40.51 er der noget jeg skal fjerne?
--

#1
Kim In Chul
Mega Supporter
10-12-2004 23:48

Rapporter til Admin

Der er ikke decideret noget snavs i din log... men der kan godt renses lidt ud for at optimere din computer bare en smule:) Start med at deaktivere systemgendannelsen: Højreklik på "Denne Computer" på skrivebordet, vælg egenskaber og fanebladet "Systemgendannelse" og sæt flueben i "Deaktiver systemgendannelse". Klik ok og genstart. Åbn Hijackthis => Scan og så sæt flueben ud foran: O4 - HKLM..Run: [QuickTime Task] "C:ProgrammerQuickTimeqttask.exe" -atboottime O4 - HKLM..Run: [SunJavaUpdateSched] C:ProgrammerJavaj2re1.4.2_01injusched.exe O4 - HKLM..Run: [NeroCheck] C:WINDOWSsystem32NeroCheck.exe O4 - HKCU..Run: [LDM] C:ProgrammerLogitechDesktop Messenger8876480ProgramBackWeb-8876480.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:ProgrammerLogitechDesktop Messenger8876480ProgramLDMConf.exe Luk derefter alle browservinduer og klik på "Fix Checked" Nu skal du til at slette så du skal kunne se dine skjulte filer for at finde snavs, der skal slettes manuelt. Det er en del af processen. Åbn en tilfældig mappe, klik på Funktioner=>Mappeindstillinger=>Vis. Fjern flueben ved "Skjul beskyttede operativsystemfiler". Fjern flueben ved "Skjul filtypenavne for kendte filtyper". Sæt prik i "Vis skjulte filer og mapper". Start derefter op i fejlsikret tilstand (F8 eller F5 under opstart) Find og slet: C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe <<< Slet filen C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe <<< Slet filen Start derefter op normalt, kom med en ny hijackthis til kontrol... //Kim In Chul
--
MSN: [email protected]