Seneste forumindlæg
Køb / Salg
 * Uofficiel Black/White liste V3
Login / opret bruger

Forum \ Software \ Sikkerhed
Denne tråd er over 6 måneder gammel

Er du sikker på, at du har noget relevant at tilføje?

HJT log

Af Ny på siden WonderMoose | 16-04-2006 17:39 | 960 visninger | 5 svar, hop til seneste
HALLØJ! Jeg har nu hele dagen prøvet at få fjernet en ting der blinker nede i højre hjørne, Den skifter fra en kørestol til "parkering forbudt" tegn :) Skannede med HJT og fik denne fil. Nogen der kan se hvad der skal fjernes? Logfile of HijackThis v1.99.1 Scan saved at 17:32:27, on 16-04-2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:Program FilesCommon FilesSymantec SharedccSetMgr.exe C:Program FilesCommon FilesSymantec SharedSNDSrvc.exe C:Program FilesCommon FilesSymantec SharedSPBBCSPBBCSvc.exe C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe C:WINDOWSsystem32spoolsv.exe C:WINDOWSExplorer.EXE C:WINDOWSsystem32ctfmon.exe C:WINDOWSehomeehtray.exe C:Program FilesCommon FilesSymantec SharedccApp.exe C:WINDOWSsystem32RUNDLL32.EXE C:Program FilesSOUNDGRAPHiMONiMON.exe C:Program FilesJavajre1.5.0_06injusched.exe C:Program FilesMessengermsmsgs.exe C:Program FilesInterVideoCommonBinWinCinemaMgr.exe C:Program FilesWavexpressTVTonicWXMediaPlayer.exe C:Program FilescbuengercbServercbServer.exe C:WINDOWSeHomeehRecvr.exe C:WINDOWSeHomeehSched.exe C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE C:Program FilesNorton AntiVirus avapsvc.exe C:Program FilesNorton AntiVirusIWPNPFMntor.exe C:Program FilesSOUNDGRAPHiMONiMON VFD.exe C:WINDOWSsystem32 vsvc32.exe C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe C:Program FilesWavexpressTVTonicWXCC.exe C:Program FilesWavexpressTVTonicWXHostSvc.exe C:WINDOWSsystem32dllhost.exe C:WINDOWSeHomeehmsas.exe C:WINDOWSSystem32svchost.exe C:Documents and SettingsArneDesktophijackthisHijackThis.exe O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.5.0_06inssv.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:Program FilesNorton AntiVirusNavShExt.dll (file missing) O4 - HKLM..Run: [ehTray] C:WINDOWSehomeehtray.exe O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe" O4 - HKLM..Run: [Symantec NetDriver Monitor] C:PROGRA~1SYMNET~1SNDMon.exe /Consumer O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit O4 - HKLM..Run: [iMON] C:Program FilesSOUNDGRAPHiMONiMON.exe /startup O4 - HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavajre1.5.0_06injusched.exe O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background O4 - Startup: cbServer (mceWeather).lnk = C:Program FilescbuengercbServercbServer.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:Program FilesInterVideoCommonBinWinCinemaMgr.exe O4 - Global Startup: TVTonic Media Player.lnk = C:Program FilesWavexpressTVTonicWXMediaPlayer.exe O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_06inssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_06inssv.dll O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengerMSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengerMSMSGS.EXE O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk[...] O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com[...] O16 - DPF: {402EE96E-2CE8-482D-ADA5-CECEEA07E16D} (TurnTool Scene) - http://www.turntool.com[...] O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com[...] O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com[...] O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk[...] O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSetMgr.exe O23 - Service: Norton AntiVirus Auto-Protect-tjeneste (navapsvc) - Symantec Corporation - C:Program FilesNorton AntiVirus avapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:Program FilesNorton AntiVirusIWPNPFMntor.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32 vsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:Program FilesNorton AntiVirusSAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:PROGRA~1COMMON~1SYMANT~1SCRIPT~1SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSPBBCSPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe O23 - Service: TVTonic Cache Controller (WXCC) - Wavexpress - C:Program FilesWavexpressTVTonicWXCC.exe O23 - Service: TVTonic RSS (WXRSS) - Unknown owner - C:Program FilesWavexpressTVTonicWXHostSvc.exe" /RunAsService /ObjectStore=WXObjectStore /Name=WXRSS (file missing)
--
#1
Theking2
Super Nørd
16-04-2006 22:11

Rapporter til Admin
Hej I følge din log kan jeg ikke se du har noget, men du kan prøve at hente disse programmer og følge anvisningerne. - Kaspersky Scanner http://www.spywareinfo.dk[...] - Ewido Security Suite http://www.ewido.net[...] Installer Ewido SS, åben det og Update det og luk det igen. Gør følgende: ----------------------- Kør en diskoprydning. (Start=> Programmer=> Tilbehør=> Systemværktøjer=> Diskoprydning. Sæt flueben ved temp-filer, temporary internet files og papirkurv). ----------------------- Installer og scan så med Kaspersky scanneren. Sæt flueben i følgende: Memory, Startup folders, drive, Registry, System folders og Services. - og prik i følgende: All local drives og Scan all files. Klik på scan. Du skal ikke klikke på Add to Startup folders, for så scannes din PC, hver gang du starter Windows op ----------------------- Ewido Security Suite Åben programmet Gå i "Scanner" og vælg "Complete System Scan" Vælg Remove til alt hvad den finder. ----------------------- Genstart pc'en, ingen ny log behøves.
--
http://www.hattrick.org[...] Alliancen (570540) Hol.dk HJT Supporter
#2
WonderMoose
Ny på siden
17-04-2006 13:56

Rapporter til Admin
jeg har nu kørt diverse scanninger.. og nu ser den sådan ud: Logfile of HijackThis v1.99.1 Scan saved at 13:53:42, on 17-04-2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:Program FilesCommon FilesSymantec SharedccSetMgr.exe C:Program FilesCommon FilesSymantec SharedSNDSrvc.exe C:Program FilesCommon FilesSymantec SharedSPBBCSPBBCSvc.exe C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe C:WINDOWSsystem32spoolsv.exe C:WINDOWSeHomeehRecvr.exe C:WINDOWSeHomeehSched.exe C:Program Filesewido anti-malwareewidoctrl.exe C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE C:Program FilesNorton AntiVirus avapsvc.exe C:Program FilesNorton AntiVirusIWPNPFMntor.exe C:WINDOWSsystem32 vsvc32.exe C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe C:Program FilesWavexpressTVTonicWXCC.exe C:Program FilesWavexpressTVTonicWXHostSvc.exe C:WINDOWSsystem32dllhost.exe C:WINDOWSExplorer.EXE C:WINDOWSsystem32ctfmon.exe C:WINDOWSehomeehtray.exe C:Program FilesCommon FilesSymantec SharedccApp.exe C:WINDOWSsystem32RUNDLL32.EXE C:Program FilesSOUNDGRAPHiMONiMON.exe C:Program FilesJavajre1.5.0_06injusched.exe C:Program FilesMessengermsmsgs.exe C:WINDOWSeHomeehmsas.exe C:Program FilesInterVideoCommonBinWinCinemaMgr.exe C:Program FilesWavexpressTVTonicWXMediaPlayer.exe C:Program FilescbuengercbServercbServer.exe C:Program FilesSOUNDGRAPHiMONiMON VFD.exe C:WINDOWSSystem32svchost.exe C:Documents and SettingsArneDesktophijackthisHijackThis.exe O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.5.0_06inssv.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:Program FilesNorton AntiVirusNavShExt.dll (file missing) O4 - HKLM..Run: [ehTray] C:WINDOWSehomeehtray.exe O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe" O4 - HKLM..Run: [Symantec NetDriver Monitor] C:PROGRA~1SYMNET~1SNDMon.exe /Consumer O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit O4 - HKLM..Run: [iMON] C:Program FilesSOUNDGRAPHiMONiMON.exe /startup O4 - HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavajre1.5.0_06injusched.exe O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background O4 - Startup: cbServer (mceWeather).lnk = C:Program FilescbuengercbServercbServer.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:Program FilesInterVideoCommonBinWinCinemaMgr.exe O4 - Global Startup: TVTonic Media Player.lnk = C:Program FilesWavexpressTVTonicWXMediaPlayer.exe O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_06inssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_06inssv.dll O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengerMSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengerMSMSGS.EXE O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk[...] O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com[...] O16 - DPF: {402EE96E-2CE8-482D-ADA5-CECEEA07E16D} (TurnTool Scene) - http://www.turntool.com[...] O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com[...] O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com[...] O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk[...] O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSetMgr.exe O23 - Service: ewido security suite control - ewido networks - C:Program Filesewido anti-malwareewidoctrl.exe O23 - Service: Norton AntiVirus Auto-Protect-tjeneste (navapsvc) - Symantec Corporation - C:Program FilesNorton AntiVirus avapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:Program FilesNorton AntiVirusIWPNPFMntor.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32 vsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:Program FilesNorton AntiVirusSAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:PROGRA~1COMMON~1SYMANT~1SCRIPT~1SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSPBBCSPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe O23 - Service: TVTonic Cache Controller (WXCC) - Wavexpress - C:Program FilesWavexpressTVTonicWXCC.exe O23 - Service: TVTonic RSS (WXRSS) - Unknown owner - C:Program FilesWavexpressTVTonicWXHostSvc.exe" /RunAsService /ObjectStore=WXObjectStore /Name=WXRSS (file missing)
--
#3
WonderMoose
Ny på siden
17-04-2006 13:57

Rapporter til Admin
Den kører stadigvæk forresten. jeg kan ikke finde noget navn på den. den står ikke på joblisten og heller ikke inde i msconfig :S
--
#4
WonderMoose
Ny på siden
17-04-2006 13:58

Rapporter til Admin
Den kører stadigvæk forresten. jeg kan ikke finde noget navn på den. den står ikke på joblisten og heller ikke inde i msconfig :S
--
#5
Theking2
Super Nørd
17-04-2006 14:17

Rapporter til Admin
Well.. som jeg skrev til sidst i indlægget så skulle jeg ikke bruge flere HJT Logs da loggen i forvejen var ren. Jeg ved ikke hvad det er for noget du har kørende, desværre.
--
http://www.hattrick.org[...] Alliancen (570540) Hol.dk HJT Supporter

Opret svar til indlægget: HJT log

Grundet øget spam aktivitet fra gæstebrugere, er det desværre ikke længere muligt, at oprette svar som gæst.

Hvis du ønsker at deltage i debatten, skal du oprette en brugerprofil.

Opret bruger | Login
NYHEDSBREV
Afstemning