HJT-Log

Af Semibruger smxlf | 05-02-2005 23:28 | 1323 visninger | 3 svar, hop til seneste

Hejsa, håber der er en, der vil hjælpe mig med denne her, på forhånd tak: Logfile of HijackThis v1.98.2 Scan saved at 23:24:07, on 05-02-2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:Program FilesTGTSoftStyleXPStyleXPService.exe C:Program FilesCommon FilesSymantec SharedccSetMgr.exe C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe C:WINDOWSsystem32spoolsv.exe C:WINDOWSExplorer.EXE C:WINDOWSSystem32ctfmon.exe C:WINDOWSSystem32AEIWLSTA.EXE C:Program FilesD-Toolsdaemon.exe C:Program FilesCommon FilesSymantec SharedccApp.exe C:WINDOWSSystem32spooldriversw32x863hpztsb07.exe C:Program FilesLogitechiTouchiTouch.exe C:Program FilesNokiaNokia PC Suite 5DataLayer.exe C:Program FilesCommon FilesNokiaNCLToolsNclTray.exe C:Program FilesWinampwinampa.exe C:Program FilesCommon FilesSymantec SharedSecurity CenterUsrPrmpt.exe C:Program FilesQuickTimeqttask.exe C:Program FilesCommon FilesRealUpdate_OB ealsched.exe C:WINDOWSSystem32RUNDLL32.EXE C:Program FilesHewlett-PackardDigital ImagingUnloadhpqcmon.exe C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnd.exe C:Program FilesCommon FilesNokiaServicesServiceLayer.exe C:Program FilesJavaj2re1.4.2_05injusched.exe C:Program FilesJavaj2re1.4.2_05injucheck.exe C:Program FilesLogitechMouseWaresystemem_exec.exe C:Program FilesCwiyvPlueyou.exe C:WINDOWS etbn32.exe C:Program FilesAdStatus ServiceAdStatServ.exe C:Program FilesJavaj2re1.4.2_05injavaw.exe C:Program FilesMSN Messengermsnmsgr.exe C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnf.exe C:Program FilesAdStatus ServiceAdStatKeep.exe C:Documents and SettingsBrianApplication Datadrut.exe C:WINDOWSSystem32??anregw.exe C:Program FilesNorton AntiVirus avapsvc.exe C:Program FilesMSIMedia Center Deluxe IIWinIRXHelper.exe C:Program FilesNorton AntiVirusAdvToolsNPROTECT.EXE C:Program FilesMessengermsmsgs.exe C:WINDOWSSystem32 vsvc32.exe C:WINDOWSSystem32svchost.exe C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe C:WINDOWSaddss.exe C:Program FilesNorton AntiVirusSAVScan.exe C:WINDOWSSystem32wuauclt.exe C:Program FilesInternet ExplorerIEXPLORE.EXE C:Documents and SettingsBrianMy DocumentsBackupHijackThis.exe R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = res://C:WINDOWSsystem32lnrez.dll/sp.html#44768 R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = res://C:WINDOWSsystem32lnrez.dll/sp.html#44768 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = about:blank R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = res://C:WINDOWSsystem32lnrez.dll/sp.html#44768 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = res://C:WINDOWSsystem32lnrez.dll/sp.html#44768 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = res://C:WINDOWSsystem32lnrez.dll/sp.html#44768 R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = res://C:WINDOWSsystem32lnrez.dll/sp.html#44768 R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = res://C:WINDOWSsystem32lnrez.dll/sp.html#44768 R3 - Default URLSearchHook is missing O2 - BHO: (no name) - {8F9D9D9C-9CCD-9854-E15E-1EE63F21E720} - C:WINDOWSiebl.dll O4 - HKLM..Run: [AEIWLSTA.EXE] AEIWLSTA.EXE START O4 - HKLM..Run: [DAEMON Tools-1033] "C:Program FilesD-Toolsdaemon.exe" -lang 1033 O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe" O4 - HKLM..Run: [Advanced Tools Check] C:PROGRA~1NORTON~1AdvToolsADVCHK.EXE O4 - HKLM..Run: [HPDJ Taskbar Utility] C:WINDOWSSystem32spooldriversw32x863hpztsb07.exe O4 - HKLM..Run: [zBrowser Launcher] C:Program FilesLogitechiTouchiTouch.exe O4 - HKLM..Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM..Run: [DataLayer] C:Program FilesNokiaNokia PC Suite 5DataLayer.exe O4 - HKLM..Run: [Nokia Tray Application] C:Program FilesCommon FilesNokiaNCLToolsNclTray.exe O4 - HKLM..Run: [WinampAgent] "C:Program FilesWinampwinampa.exe" O4 - HKLM..Run: [SSC_UserPrompt] C:Program FilesCommon FilesSymantec SharedSecurity CenterUsrPrmpt.exe O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OB ealsched.exe" -osboot O4 - HKLM..Run: [nwiz] nwiz.exe /install O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSSystem32NvMcTray.dll,NvTaskbarInit O4 - HKLM..Run: [CamMonitor] C:Program FilesHewlett-PackardDigital Imaging\Unloadhpqcmon.exe O4 - HKLM..Run: [Share-to-Web Namespace Daemon] C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnd.exe O4 - HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavaj2re1.4.2_05injusched.exe O4 - HKLM..Run: [FKOLogin] C:Documents and SettingsBrian.indexFKO.jnlp O4 - HKLM..Run: [Tnhnqwqs] C:Program FilesCwiyvPlueyou.exe O4 - HKLM..Run: [netbn32.exe] C:WINDOWS etbn32.exe O4 - HKLM..Run: [AdStatus Service] C:Program FilesAdStatus ServiceAdStatServ.exe O4 - HKLM..Run: [Symantec NetDriver Monitor] C:PROGRA~1SYMNET~1SNDMon.exe O4 - HKCU..Run: [msnmsgr] "C:Program FilesMSN Messengermsnmsgr.exe" /background O4 - HKCU..Run: [STYLEXP] C:Program FilesTGTSoftStyleXPStyleXP.exe -Hide O4 - HKCU..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSSystem32NVMCTRAY.DLL,NvTaskbarInit O4 - HKCU..Run: [Caio] C:Documents and SettingsBrianApplication Datadrut.exe O4 - HKCU..Run: [Ncb] C:WINDOWSSystem32??anregw.exe O4 - Global Startup: WinIRXHelper.lnk = C:Program FilesMSIMedia Center Deluxe IIWinIRXHelper.exe O8 - Extra context menu item: Download all by Net Transport - C:Program FilesXiNetTransport 2NTAddList.html O8 - Extra context menu item: Download by Net Transport - C:Program FilesXiNetTransport 2NTAddLink.html O8 - Extra context menu item: Download with GetRight - C:Program FilesGetRightGRdownload.htm O8 - Extra context menu item: Open with GetRight Browser - C:Program FilesGetRightGRbrowse.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSystem32msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSystem32msjava.dll O9 - Extra button: Ladbrokes Poker - {C2A80015-C447-4dc4-82DD-AED83D6ED57E} - C:Program FilesladbrokesMPPMPPoker.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengerMSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengerMSMSGS.EXE O12 - Plugin for .m3u: C:Program FilesInternet ExplorerPLUGINS pqtplugin6.dll O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com[...] O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk[...] O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com[...] O16 - DPF: {22A88341-AFCB-45F0-A856-C2BAE74F878E} (InstallX Class) - http://www.20x2p.com[...] O16 - DPF: {5852F5ED-8BF4-11D4-A245-0080C6F74284} (isInstalled Class) - https://login.kollegienet.dk[...] O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com[...] O16 - DPF: {771A1334-6B08-4A6B-AEDC-CF994BA2CEBE} - http://www.ysbweb.com[...] O16 - DPF: {79849612-A98F-45B8-95E9-4D13C7B6B35C} - http://static.topconverting.com[...] O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com[...] O16 - DPF: {9E98E84C-79E1-49C3-82EB-798FCD552EFB} (VacPro.internazionale_ver4) - http://advnt01.com[...] O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com[...] O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://register3.valueactive.com[...] O16 - DPF: {E0CE16CB-741C-4B24-8D04-A817856E07F4} - http://cabs.media-motor.net[...] O17 - HKLMSystemCCSServicesTcpip..{86FD3966-27F6-4252-80AE-50456CB04C01}: NameServer = 172.16.1.2,130.225.130.6
--

Deyr fé, deyja frændr, deyr sjálfr et sama; ek veit einn, at aldri deyr: dómr of dauðan hvern.

#1
Theking2
Mega Supporter
05-02-2005 23:50

Rapporter til Admin

#0 Jeg skal da gøre mit bedste. Du skal lige besvare disse 2 spørgsmål 1. Spiller du Poker med din PC? 2. Jeg kan se du har 2 downloadings programmer som hedder "GetRight" og "Net Transport" Bruger du dem? Deaktiver systemgendannelse. (Højreklik på "Denne Computer" på skrivebordet, vælg egenskaber og fanebladet "Systemgendannelse" og sæt flueben i "Deaktiver systemgendannelse". Klik OK.) Genstart i fejlsikret tilstand. (Tryk F8 gentagne gange ved opstart) Kør så en ny scanning med HJT og sæt flueben ved disse: R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = res://C:WINDOWSsystem32lnrez.dll/sp.html#44768 R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = res://C:WINDOWSsystem32lnrez.dll/sp.html#44768 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = about:blank R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = res://C:WINDOWSsystem32lnrez.dll/sp.html#44768 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = res://C:WINDOWSsystem32lnrez.dll/sp.html#44768 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = res://C:WINDOWSsystem32lnrez.dll/sp.html#44768 R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = res://C:WINDOWSsystem32lnrez.dll/sp.html#44768 R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = res://C:WINDOWSsystem32lnrez.dll/sp.html#44768 R3 - Default URLSearchHook is missing O2 - BHO: (no name) - {8F9D9D9C-9CCD-9854-E15E-1EE63F21E720} - C:WINDOWSiebl.dll O4 - HKLM..Run: [DAEMON Tools-1033] "C:Program FilesD-Toolsdaemon.exe" -lang 1033 O4 - HKLM..Run: [zBrowser Launcher] C:Program FilesLogitechiTouchiTouch.exe O4 - HKLM..Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM..Run: [DataLayer] C:Program FilesNokiaNokia PC Suite 5DataLayer.exe O4 - HKLM..Run: [Nokia Tray Application] C:Program FilesCommon FilesNokiaNCLToolsNclTray.exe O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OB ealsched.exe" -osboot O4 - HKLM..Run: [nwiz] nwiz.exe /install O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSSystem32NvMcTray.dll,NvTaskbarInit O4 - HKLM..Run: [Share-to-Web Namespace Daemon] C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnd.exe O4 - HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavaj2re1.4.2_05injusched.exe O4 - HKLM..Run: [Tnhnqwqs] C:Program FilesCwiyvPlueyou.exe O4 - HKLM..Run: [netbn32.exe] C:WINDOWS etbn32.exe O4 - HKLM..Run: [AdStatus Service] C:Program FilesAdStatus ServiceAdStatServ.exe O4 - HKCU..Run: [Caio] C:Documents and SettingsBrianApplication Datadrut.exe O4 - HKCU..Run: [Ncb] C:WINDOWSSystem32??anregw.exe O12 - Plugin for .m3u: C:Program FilesInternet ExplorerPLUGINS pqtplugin6.dll O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com[...] O16 - DPF: {22A88341-AFCB-45F0-A856-C2BAE74F878E} (InstallX Class) - http://www.20x2p.com[...] O16 - DPF: {771A1334-6B08-4A6B-AEDC-CF994BA2CEBE} - http://www.ysbweb.com[...] O16 - DPF: {79849612-A98F-45B8-95E9-4D13C7B6B35C} - http://static.topconverting.com[...] O16 - DPF: {9E98E84C-79E1-49C3-82EB-798FCD552EFB} (VacPro.internazionale_ver4) - http://advnt01.com[...] O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://register3.valueactive.com[...] O16 - DPF: {E0CE16CB-741C-4B24-8D04-A817856E07F4} - http://cabs.media-motor.net[...] O17 - HKLMSystemCCSServicesTcpip..{86FD3966-27F6-4252-80AE-50456CB04C01}: NameServer = 172.16.1.2,130.225.130.6 Luk alle øvrige programvinduer så kun HJT er åben. Klik på ”Fix checked”. Søg og slet nedenstående filer/mapper, hvis de stadig er der. Husk at ændre mappeindstillinger så du kan se skjulte filer samt systemfiler. (Åbn en mappe, klik på Funktioner=>Mappeindstillinger=>Vis. Fjern flueben ved "Skjul beskyttede operativsystemfiler". Fjern flueben ved "Skjul filtypenavne for kendte filtyper". Sæt prik i "Vis skjulte filer og mapper".) C:/WINDOWS/system32/lnrez.dll >> Slet Filen C:/Program Files/CwiyvPlueyou.exe >> Slet Filen C:/WINDOWS/etbn32.exe >> Slet Filen C:/Program Files/AdStatus Service/ >> Slet Mappen C:/Documents and Settings/Brian/Application/Datadrut.exe >> Slet Filen C:/WINDOWS/System32/??anregw.exe >> Slet Filen (Måske står ?? for 2 bogstaver) C:/Program Files/Internet Explorer/PLUGINS/pqtplugin6.dll >> Slet Filen Ændr derefter mappeindstillinger tilbage til ikke at vise skjulte filer og skjulte systemfiler. Du må først aktivere din systemgendannelse igen, når jeg siger til. Genstart i normal tilstand. Kør en ny scanning med HJT og smid loggen herind til kontrol. Læg evt. også et par ord, om du har problemer med din PC, eller om det bare var et tjek
--
Dell XPS 3||3.2 Ghz P4 540||i925X ICH6-R||2x512 PC4200 Dual DDR2 533 Mhz||Radeon X800 SE PCI-E||Creative Audigy 2||160GB SATA Seagate||DVD+RW NEC 2100AD 8x||460W PFC||M993 19" Ultrascan

#2
smxlf
Semibruger
06-02-2005 04:19

Rapporter til Admin

Hejsa, min comp lavede lige en sidste krampetrækning inden den gik helt død. Har nu formateret skidtet. Men ellers tak for hjælpen.
--
Deyr fé, deyja frændr, deyr sjálfr et sama; ek veit einn, at aldri deyr: dómr of dauðan hvern.

#3
Theking2
Mega Supporter
06-02-2005 11:11

Rapporter til Admin

#2 Helt i orden
--
Dell XPS 3||3.2 Ghz P4 540||i925X ICH6-R||2x512 PC4200 Dual DDR2 533 Mhz||Radeon X800 SE PCI-E||Creative Audigy 2||160GB SATA Seagate||DVD+RW NEC 2100AD 8x||460W PFC||M993 19" Ultrascan