Jonnar Skrevet 14. august 2004 Del Skrevet 14. august 2004 Har vaert i USA i tre uker naa, og familien jeg bor hos har problemer med pc'en. Store problemer. Noen har vaert litt sloev naar det gjelder antivirus og brannmur og saann, saa jeg har vel fjernet ca 50 virus med Norton, i tillegg til mye med Ad-Aware. Men pc'en er fortsatt treig, saa jeg kjoerte en scan med Hijackthis. Hva er trygt aa fjerne av dette? Logfile of HijackThis v1.98.2 Scan saved at 4:23:17 PM, on 8/14/2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\cisvc.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE C:\WINDOWS\System32\hkcmd.exe C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe C:\Program Files\Common Files\Dell\EUSW\Support.exe C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\Dell AIO Printer A940\dlbabmon.exe C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe C:\Program Files\Norton AntiVirus\SAVScan.exe C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe C:\WINDOWS\System32\msnmsg.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\SpoonProxy\spserv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\windowsu.exe C:\WINDOWS\System32\svchosts.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\SpoonProxy\proxy.exe C:\WINDOWS\System32\ccApp.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Documents and Settings\All Users\Start Menu\Programs\Startup\rs.exe C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe C:\WINDOWS\System32\wuauclt.exe C:\WINDOWS\system32\cidaemon.exe C:\WINDOWS\system32\cidaemon.exe C:\Documents and Settings\Shana\Desktop\New Folder\Setups\hijackthis1982.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dellnet.com/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://clinic.mcafee.com/clinic/root/cd.as...=force&cid=5575 (obfuscated) R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O1 - Hosts: comments (such as these) may be inserted on individual O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - (no file) O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL O2 - BHO: BPK IE Plugin - {1E1B2879-88FF-11D3-8D96-D7ACAC95951F} - C:\WINDOWS\System32\web.dll (file missing) O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll O2 - BHO: OpenSite.CBrowserHelper - {30A56549-9D5B-4D34-AFA7-440A7F0538A9} - C:\Program Files\Open Site\opnste.dll (file missing) O2 - BHO: (no name) - {34896053-EB6A-71C0-8021-675509A17B48} - C:\WINDOWS\System32\eucodj.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {6189350C-EB32-7EC6-D121-675509A17D43} - C:\WINDOWS\System32\juzed.dll O2 - BHO: (no name) - {64883253-B132-2AC9-8021-675509A17F42} - C:\WINDOWS\System32\imwbxudh.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file) O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [Dell AIO Printer A940] "C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe" O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [sr1exe] "C:\Documents and Settings\All Users\Application Data\Dell\Alert\252\updtSup3.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe O4 - HKLM\..\Run: [Microsoft Update] muamgrd.exe O4 - HKLM\..\Run: [lfphuob] C:\WINDOWS\System32\woltdv.exe O4 - HKLM\..\Run: [NaviSearch] C:\Program Files\NaviSearch\bin\nls.exe O4 - HKLM\..\Run: [Windows SA] C:\Program Files\WindowsSA\omniscient.exe O4 - HKLM\..\Run: [Win32 USB2 Driver] svchosting.exe O4 - HKLM\..\Run: [lsasss.exe] C:\WINDOWS\lsasss.exe O4 - HKLM\..\Run: [Microsoft Update Debugger] wincfg32.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe O4 - HKLM\..\Run: [Microsoft Restore] scrgrd.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Common Files\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT" O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE O4 - HKLM\..\Run: [alchem] C:\WINDOWS\alchem.exe O4 - HKLM\..\Run: [Microsoft Update Machine] windowsu.exe O4 - HKLM\..\Run: [Microsoft WinUpdate] svchosts.exe O4 - HKLM\..\Run: [bPK] C:\WINDOWS\System32\bpk.exe O4 - HKLM\..\Run: [ccApp.exe] ccApp.exe O4 - HKLM\..\Run: [msn] msnmsg.exe O4 - HKLM\..\RunServices: [Microsoft Update] muamgrd.exe O4 - HKLM\..\RunServices: [Win32 USB2 Driver] svchosting.exe O4 - HKLM\..\RunServices: [Microsoft Update Debugger] wincfg32.exe O4 - HKLM\..\RunServices: [Microsoft Restore] scrgrd.exe O4 - HKLM\..\RunServices: [Microsoft Update Machine] windowsu.exe O4 - HKLM\..\RunServices: [Microsoft WinUpdate] svchosts.exe O4 - HKLM\..\RunServices: [ccApp.exe] ccApp.exe O4 - HKLM\..\RunServices: [msn] msnmsg.exe O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Win32 USB2 Driver] svchosting.exe O4 - HKCU\..\Run: [Microsoft Update] wudmate.exe O4 - HKCU\..\Run: [Microsoft Update Debugger] wincfg32.exe O4 - HKCU\..\Run: [Microsoft Update Machine] windowsu.exe O4 - HKCU\..\Run: [Microsoft WinUpdate] svchosts.exe O4 - HKCU\..\Run: [ccApp.exe] ccApp.exe O4 - HKCU\..\Run: [msn] msnmsg.exe O4 - HKCU\..\RunServices: [msn] msnmsg.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: rs.exe O4 - Global Startup: Verizon Online Support Center.lnk = C:\Program Files\Verizon Online\SupportCenter\bin\matcli.exe O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://imgfarm.com/images/nocache/funwebpr...etup1.0.0.5.cab O16 - DPF: {2AEEAC34-FD74-4142-B891-4B05C0C03C87} - http://akamai.downloadv3.com/binaries/Dial...040_pack_XP.cab O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab O16 - DPF: {94F5DCB7-816C-4B94-A2C1-856C6E323C5B} - http://akamai.downloadv3.com/binaries/Live...ice_4_EN_XP.cab O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller Control) - http://www.mt-download.com/MediaTicketsInstaller.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...322/mcfscan.cab Lenke til kommentar
olejohnny Skrevet 15. august 2004 Del Skrevet 15. august 2004 Hei, anbefaler deg og poste den i forumet hos spywarefri.dk de er flinke med og hjelpe til med akkurat de tingene der, lykke til Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå