mboost-dp1
problemer med sikkerheden og hijackthislog
Hej eksperter..
Jeg har installeret et nyt trådløst netværk og kan pludselig ikke finde mit sikkerhedssystem(zonealarm security suite) efterfølgende.
når jeg forsøger at geninstallere dette får jeg beskeden error får jeg beskeden Error c:windowssystem32Zonelabsvsmon.exe could not be opened..
har forsøgt at installere andre sikkerhedsprogrammer (bl.a Avg antivirus, forgæves med lignende error besked.
mistænker en virus men er ikke sikker på om jeg bare ikke kan finde mit sikkerhedssystem som måske gemmer sig et eller andet sted.
Her er en hijackthislog.. håber der er nogle der kan hjælpe
Logfile of HijackThis v1.99.1
Scan saved at 19:01:34, on 08/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Documents and SettingsEjerDokumenterInCDInCDsrv.exe
C:WINDOWSsystem32spoolsv.exe
C:ProgrammerWIDCOMMBluetooth Softwarebinbtwdins.exe
C:WINDOWSSystem32driversCDAC11BA.EXE
C:WINDOWSSystem32imapi.exe
C:WINDOWSSystem32nvsvc32.exe
C:ProgrammerAlcohol SoftAlcohol 120StarWindStarWindService.exe
C:WINDOWSSystem32svchost.exe
C:ProgrammerLinksys Wireless-G PCI Wireless Network MonitorWLService.exe
C:ProgrammerLinksys Wireless-G PCI Wireless Network MonitorWMP54Gv4.exe
C:WINDOWSexplorer.exe
C:WINDOWSsystem32ctfmon.exe
C:ProgrammerMultimedia Card Readershwicon2k.exe
C:HPKBDKBD.EXE
C:windowssystemhpsysdrv.exe
C:WINDOWSSystem32hphmon05.exe
C:WINDOWSsystem32rundll32.exe
C:ProgrammerHPhpcoretechhpcmpmgr.exe
C:ProgrammerHP DVDUmbrellaDVDTray.exe
C:WINDOWSsystem32hldrrr.exe
c:progra~1intern~1iexplore.exe
C:ProgrammerInternet Exploreriexplore.exe
C:ProgrammerInternet Exploreriexplore.exe
C:Documents and SettingsEjerSkrivebordspywarefri.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.hotmail.com/
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigURL = http://wpad.iha.dk/wpad.dat
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
F2 - REG:system.ini: Shell=explorer.exe "C:ProgrammerFælles filerMicrosoft SharedWeb Foldersibm00001.exe"
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:ProgrammerAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx
O2 - BHO: (no name) - {1D4C7057-EAD2-44C6-AD18-9092905F28F1} - (no file)
O2 - BHO: (no name) - {385066e0-23f3-11db-a98b-0800200c9a66} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:ProgrammerJavajre1.5.0_10binssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:ProgrammerMSN AppsST�1.03.0000.1005en-xustmain.dll
O2 - BHO: (no name) - {a62d2213-2d9b-4d25-b52d-0bc282501d5b} - (no file)
O2 - BHO: Clicker Class - {A97B5EF1-CA64-466F-AC40-F770ED52DB92} - C:WINDOWSsystem32mscoriezz.dll (file missing)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:ProgrammerMSN AppsMSN ToolbarMSN Toolbar�1.02.5000.1021damsntb.dll
O2 - BHO: (no name) - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE50} - (no file)
O4 - HKLM..Run: [UserFaultCheck] %systemroot%system32dumprep 0 -u
O4 - HKLM..Run: [UpdateManager] "C:ProgrammerFælles filerSonicUpdate Managersgtray.exe" /r
O4 - HKLM..Run: [Sunkist2k] C:ProgrammerMultimedia Card Readershwicon2k.exe
O4 - HKLM..Run: [Recguard] C:WINDOWSSMINSTRECGUARD.EXE
O4 - HKLM..Run: [PS2] C:WINDOWSsystem32ps2.exe
O4 - HKLM..Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [KBD] C:HPKBDKBD.EXE
O4 - HKLM..Run: [hpsysdrv] c:windowssystemhpsysdrv.exe
O4 - HKLM..Run: [HPHmon05] C:WINDOWSSystem32hphmon05.exe
O4 - HKLM..Run: [HP Component Manager] "C:ProgrammerHPhpcoretechhpcmpmgr.exe"
O4 - HKLM..Run: [DVDTray] "C:ProgrammerHP DVDUmbrellaDVDTray.exe"
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [ViewJoy] C:DOCUME~1EjerAPPLIC~1THISDE~164 proxy body.exe
O4 - Global Startup: GStartup.lnk = ?
O8 - Extra context menu item: Send To &Bluetooth - C:ProgrammerWIDCOMMBluetooth Softwarebtsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgrammerJavajre1.5.0_10binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgrammerJavajre1.5.0_10binssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:ProgrammerWIDCOMMBluetooth Softwarebtsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:ProgrammerWIDCOMMBluetooth Softwarebtsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgrammerMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgrammerMessengermsmsgs.exe
O15 - Trusted Zone: *.sputnik.dk
O15 - Trusted Zone: *.tv2.dk
O16 - DPF: {0B682CC1-FB40-4006-A5DD-99EDD3C9095D} - http://www.thepaymentcentre.com/build/vbiewer.cab
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://fyssrv02.udd.sembsc.dk/iNotes6W.cab
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - http://promo.dollarrevenue.com/activex/promocache/...
O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} - http://ip.sponsoradulto.com/cab/3/fr/SysWebTelecom...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetu...
O16 - DPF: {D62B5127-8D03-4175-BA71-E0041595DA4B} - http://03.sharedsource.org/html/TriacomUD_1.0.0.3i...
O16 - DPF: {D7BF3304-138B-4DD5-86EE-491BB6A2286C} - http://www.azebar.com/install/1.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safek...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:PROGRA~1MSNMES~1msgrapp.dll" (file missing)
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:WINDOWSsystem32btxppanel.dll
O20 - Winlogon Notify: igfxcui - C:WINDOWSSYSTEM32igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:WINDOWSSYSTEM32WgaLogon.dll
O23 - Service: Adobe LM Service - Unknown owner - C:ProgrammerFælles filerAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:ProgrammerWIDCOMMBluetooth Softwarebinbtwdins.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:WINDOWSSystem32driversCDAC11BA.EXE
O23 - Service: ewido anti-spyware 4.0 guard - Unknown owner - C:Documents and SettingsAdministratorSkrivebordewido anti-spyware 4.0guard.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:ProgrammerFælles filerInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:Documents and SettingsEjerDokumenterInCDInCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:ProgrammerAheadInCDInCDsrv.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:ProgrammeriPodiPod Updater 2005-09-06iPodbiniPodService.exe
O23 - Service: Alias Maya 5.0 PLE Help Server (Maya5PLEHelpServer) - Unknown owner - C:ProgrammerAliasWavefrontMaya 5.0 Personal Learning EditiondocsWrapper.exe" -s "C:ProgrammerAliasWavefrontMaya 5.0 Personal Learning Editiondocs/Wrapper.conf (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSSystem32nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:ProgrammerAlcohol SoftAlcohol 120StarWindStarWindService.exe
O23 - Service: WMP54Gv4SVC - Unknown owner - C:ProgrammerLinksys Wireless-G PCI Wireless Network MonitorWLService.exe" "WMP54Gv4.exe (file missing)
Jeg har installeret et nyt trådløst netværk og kan pludselig ikke finde mit sikkerhedssystem(zonealarm security suite) efterfølgende.
når jeg forsøger at geninstallere dette får jeg beskeden error får jeg beskeden Error c:windowssystem32Zonelabsvsmon.exe could not be opened..
har forsøgt at installere andre sikkerhedsprogrammer (bl.a Avg antivirus, forgæves med lignende error besked.
mistænker en virus men er ikke sikker på om jeg bare ikke kan finde mit sikkerhedssystem som måske gemmer sig et eller andet sted.
Her er en hijackthislog.. håber der er nogle der kan hjælpe
Logfile of HijackThis v1.99.1
Scan saved at 19:01:34, on 08/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Documents and SettingsEjerDokumenterInCDInCDsrv.exe
C:WINDOWSsystem32spoolsv.exe
C:ProgrammerWIDCOMMBluetooth Softwarebinbtwdins.exe
C:WINDOWSSystem32driversCDAC11BA.EXE
C:WINDOWSSystem32imapi.exe
C:WINDOWSSystem32nvsvc32.exe
C:ProgrammerAlcohol SoftAlcohol 120StarWindStarWindService.exe
C:WINDOWSSystem32svchost.exe
C:ProgrammerLinksys Wireless-G PCI Wireless Network MonitorWLService.exe
C:ProgrammerLinksys Wireless-G PCI Wireless Network MonitorWMP54Gv4.exe
C:WINDOWSexplorer.exe
C:WINDOWSsystem32ctfmon.exe
C:ProgrammerMultimedia Card Readershwicon2k.exe
C:HPKBDKBD.EXE
C:windowssystemhpsysdrv.exe
C:WINDOWSSystem32hphmon05.exe
C:WINDOWSsystem32rundll32.exe
C:ProgrammerHPhpcoretechhpcmpmgr.exe
C:ProgrammerHP DVDUmbrellaDVDTray.exe
C:WINDOWSsystem32hldrrr.exe
c:progra~1intern~1iexplore.exe
C:ProgrammerInternet Exploreriexplore.exe
C:ProgrammerInternet Exploreriexplore.exe
C:Documents and SettingsEjerSkrivebordspywarefri.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.hotmail.com/
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigURL = http://wpad.iha.dk/wpad.dat
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
F2 - REG:system.ini: Shell=explorer.exe "C:ProgrammerFælles filerMicrosoft SharedWeb Foldersibm00001.exe"
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:ProgrammerAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx
O2 - BHO: (no name) - {1D4C7057-EAD2-44C6-AD18-9092905F28F1} - (no file)
O2 - BHO: (no name) - {385066e0-23f3-11db-a98b-0800200c9a66} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:ProgrammerJavajre1.5.0_10binssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:ProgrammerMSN AppsST�1.03.0000.1005en-xustmain.dll
O2 - BHO: (no name) - {a62d2213-2d9b-4d25-b52d-0bc282501d5b} - (no file)
O2 - BHO: Clicker Class - {A97B5EF1-CA64-466F-AC40-F770ED52DB92} - C:WINDOWSsystem32mscoriezz.dll (file missing)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:ProgrammerMSN AppsMSN ToolbarMSN Toolbar�1.02.5000.1021damsntb.dll
O2 - BHO: (no name) - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE50} - (no file)
O4 - HKLM..Run: [UserFaultCheck] %systemroot%system32dumprep 0 -u
O4 - HKLM..Run: [UpdateManager] "C:ProgrammerFælles filerSonicUpdate Managersgtray.exe" /r
O4 - HKLM..Run: [Sunkist2k] C:ProgrammerMultimedia Card Readershwicon2k.exe
O4 - HKLM..Run: [Recguard] C:WINDOWSSMINSTRECGUARD.EXE
O4 - HKLM..Run: [PS2] C:WINDOWSsystem32ps2.exe
O4 - HKLM..Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [KBD] C:HPKBDKBD.EXE
O4 - HKLM..Run: [hpsysdrv] c:windowssystemhpsysdrv.exe
O4 - HKLM..Run: [HPHmon05] C:WINDOWSSystem32hphmon05.exe
O4 - HKLM..Run: [HP Component Manager] "C:ProgrammerHPhpcoretechhpcmpmgr.exe"
O4 - HKLM..Run: [DVDTray] "C:ProgrammerHP DVDUmbrellaDVDTray.exe"
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [ViewJoy] C:DOCUME~1EjerAPPLIC~1THISDE~164 proxy body.exe
O4 - Global Startup: GStartup.lnk = ?
O8 - Extra context menu item: Send To &Bluetooth - C:ProgrammerWIDCOMMBluetooth Softwarebtsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgrammerJavajre1.5.0_10binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgrammerJavajre1.5.0_10binssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:ProgrammerWIDCOMMBluetooth Softwarebtsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:ProgrammerWIDCOMMBluetooth Softwarebtsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgrammerMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgrammerMessengermsmsgs.exe
O15 - Trusted Zone: *.sputnik.dk
O15 - Trusted Zone: *.tv2.dk
O16 - DPF: {0B682CC1-FB40-4006-A5DD-99EDD3C9095D} - http://www.thepaymentcentre.com/build/vbiewer.cab
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://fyssrv02.udd.sembsc.dk/iNotes6W.cab
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - http://promo.dollarrevenue.com/activex/promocache/...
O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} - http://ip.sponsoradulto.com/cab/3/fr/SysWebTelecom...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetu...
O16 - DPF: {D62B5127-8D03-4175-BA71-E0041595DA4B} - http://03.sharedsource.org/html/TriacomUD_1.0.0.3i...
O16 - DPF: {D7BF3304-138B-4DD5-86EE-491BB6A2286C} - http://www.azebar.com/install/1.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safek...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:PROGRA~1MSNMES~1msgrapp.dll" (file missing)
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:WINDOWSsystem32btxppanel.dll
O20 - Winlogon Notify: igfxcui - C:WINDOWSSYSTEM32igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:WINDOWSSYSTEM32WgaLogon.dll
O23 - Service: Adobe LM Service - Unknown owner - C:ProgrammerFælles filerAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:ProgrammerWIDCOMMBluetooth Softwarebinbtwdins.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:WINDOWSSystem32driversCDAC11BA.EXE
O23 - Service: ewido anti-spyware 4.0 guard - Unknown owner - C:Documents and SettingsAdministratorSkrivebordewido anti-spyware 4.0guard.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:ProgrammerFælles filerInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:Documents and SettingsEjerDokumenterInCDInCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:ProgrammerAheadInCDInCDsrv.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:ProgrammeriPodiPod Updater 2005-09-06iPodbiniPodService.exe
O23 - Service: Alias Maya 5.0 PLE Help Server (Maya5PLEHelpServer) - Unknown owner - C:ProgrammerAliasWavefrontMaya 5.0 Personal Learning EditiondocsWrapper.exe" -s "C:ProgrammerAliasWavefrontMaya 5.0 Personal Learning Editiondocs/Wrapper.conf (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSSystem32nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:ProgrammerAlcohol SoftAlcohol 120StarWindStarWindService.exe
O23 - Service: WMP54Gv4SVC - Unknown owner - C:ProgrammerLinksys Wireless-G PCI Wireless Network MonitorWLService.exe" "WMP54Gv4.exe (file missing)
Kan vi ikke få en log MED backslashes!! :D
Så er det meget nemmere at tyde navnene :)
Men umiddelbart ser denne her ikke god ud:
C:HPKBDKBD.EXE
Så er det meget nemmere at tyde navnene :)
Men umiddelbart ser denne her ikke god ud:
C:HPKBDKBD.EXE
jeg sætter log ind med backslash... kopierede den fra skrivebordet.. og ja , så forsvandt backslash.
Ja, jeg prøvede også at lave en i min post, men det ser ud til at foraet æder dem.
hvis det er, så send loggen til zehnox[at]gmail[dot]com - så kigger jeg på den.
hvis det er, så send loggen til zehnox[at]gmail[dot]com - så kigger jeg på den.
undskyld ventetiden,,, havde lige nogle forelæsninger
Logfile of HijackThis v1.99.1
Scan saved at 19:01:34, on 08/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Documents and SettingsEjerDokumenterInCDInCDsrv.exe
C:WINDOWSsystem32spoolsv.exe
C:ProgrammerWIDCOMMBluetooth Softwarebinbtwdins.exe
C:WINDOWSSystem32driversCDAC11BA.EXE
C:WINDOWSSystem32imapi.exe
C:WINDOWSSystem32nvsvc32.exe
C:ProgrammerAlcohol SoftAlcohol 120StarWindStarWindService.exe
C:WINDOWSSystem32svchost.exe
C:ProgrammerLinksys Wireless-G PCI Wireless Network MonitorWLService.exe
C:ProgrammerLinksys Wireless-G PCI Wireless Network MonitorWMP54Gv4.exe
C:WINDOWSexplorer.exe
C:WINDOWSsystem32ctfmon.exe
C:ProgrammerMultimedia Card Readershwicon2k.exe
C:HPKBDKBD.EXE
C:windowssystemhpsysdrv.exe
C:WINDOWSSystem32hphmon05.exe
C:WINDOWSsystem32rundll32.exe
C:ProgrammerHPhpcoretechhpcmpmgr.exe
C:ProgrammerHP DVDUmbrellaDVDTray.exe
C:WINDOWSsystem32hldrrr.exe
c:progra~1intern~1iexplore.exe
C:ProgrammerInternet Exploreriexplore.exe
C:ProgrammerInternet Exploreriexplore.exe
C:Documents and SettingsEjerSkrivebordspywarefri.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.hotmail.com/
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigURL = http://wpad.iha.dk/wpad.dat
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
F2 - REG:system.ini: Shell=explorer.exe "C:ProgrammerFælles filerMicrosoft SharedWeb Foldersibm00001.exe"
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:ProgrammerAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx
O2 - BHO: (no name) - {1D4C7057-EAD2-44C6-AD18-9092905F28F1} - (no file)
O2 - BHO: (no name) - {385066e0-23f3-11db-a98b-0800200c9a66} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:ProgrammerJavajre1.5.0_10binssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:ProgrammerMSN AppsST�1.03.0000.1005en-xustmain.dll
O2 - BHO: (no name) - {a62d2213-2d9b-4d25-b52d-0bc282501d5b} - (no file)
O2 - BHO: Clicker Class - {A97B5EF1-CA64-466F-AC40-F770ED52DB92} - C:WINDOWSsystem32mscoriezz.dll (file missing)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:ProgrammerMSN AppsMSN ToolbarMSN Toolbar�1.02.5000.1021damsntb.dll
O2 - BHO: (no name) - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE50} - (no file)
O4 - HKLM..Run: [UserFaultCheck] %systemroot%system32dumprep 0 -u
O4 - HKLM..Run: [UpdateManager] "C:ProgrammerFælles filerSonicUpdate Managersgtray.exe" /r
O4 - HKLM..Run: [Sunkist2k] C:ProgrammerMultimedia Card Readershwicon2k.exe
O4 - HKLM..Run: [Recguard] C:WINDOWSSMINSTRECGUARD.EXE
O4 - HKLM..Run: [PS2] C:WINDOWSsystem32ps2.exe
O4 - HKLM..Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [KBD] C:HPKBDKBD.EXE
O4 - HKLM..Run: [hpsysdrv] c:windowssystemhpsysdrv.exe
O4 - HKLM..Run: [HPHmon05] C:WINDOWSSystem32hphmon05.exe
O4 - HKLM..Run: [HP Component Manager] "C:ProgrammerHPhpcoretechhpcmpmgr.exe"
O4 - HKLM..Run: [DVDTray] "C:ProgrammerHP DVDUmbrellaDVDTray.exe"
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [ViewJoy] C:DOCUME~1EjerAPPLIC~1THISDE~164 proxy body.exe
O4 - Global Startup: GStartup.lnk = ?
O8 - Extra context menu item: Send To &Bluetooth - C:ProgrammerWIDCOMMBluetooth Softwarebtsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgrammerJavajre1.5.0_10binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgrammerJavajre1.5.0_10binssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:ProgrammerWIDCOMMBluetooth Softwarebtsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:ProgrammerWIDCOMMBluetooth Softwarebtsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgrammerMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgrammerMessengermsmsgs.exe
O15 - Trusted Zone: *.sputnik.dk
O15 - Trusted Zone: *.tv2.dk
O16 - DPF: {0B682CC1-FB40-4006-A5DD-99EDD3C9095D} - http://www.thepaymentcentre.com/build/vbiewer.cab
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://fyssrv02.udd.sembsc.dk/iNotes6W.cab
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - http://promo.dollarrevenue.com/activex/promocache/...
O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} - http://ip.sponsoradulto.com/cab/3/fr/SysWebTelecom...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetu...
O16 - DPF: {D62B5127-8D03-4175-BA71-E0041595DA4B} - http://03.sharedsource.org/html/TriacomUD_1.0.0.3i...
O16 - DPF: {D7BF3304-138B-4DD5-86EE-491BB6A2286C} - http://www.azebar.com/install/1.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safek...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:PROGRA~1MSNMES~1msgrapp.dll" (file missing)
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:WINDOWSsystem32btxppanel.dll
O20 - Winlogon Notify: igfxcui - C:WINDOWSSYSTEM32igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:WINDOWSSYSTEM32WgaLogon.dll
O23 - Service: Adobe LM Service - Unknown owner - C:ProgrammerFælles filerAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:ProgrammerWIDCOMMBluetooth Softwarebinbtwdins.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:WINDOWSSystem32driversCDAC11BA.EXE
O23 - Service: ewido anti-spyware 4.0 guard - Unknown owner - C:Documents and SettingsAdministratorSkrivebordewido anti-spyware 4.0guard.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:ProgrammerFælles filerInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:Documents and SettingsEjerDokumenterInCDInCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:ProgrammerAheadInCDInCDsrv.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:ProgrammeriPodiPod Updater 2005-09-06iPodbiniPodService.exe
O23 - Service: Alias Maya 5.0 PLE Help Server (Maya5PLEHelpServer) - Unknown owner - C:ProgrammerAliasWavefrontMaya 5.0 Personal Learning EditiondocsWrapper.exe" -s "C:ProgrammerAliasWavefrontMaya 5.0 Personal Learning Editiondocs/Wrapper.conf (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSSystem32nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:ProgrammerAlcohol SoftAlcohol 120StarWindStarWindService.exe
O23 - Service: WMP54Gv4SVC - Unknown owner - C:ProgrammerLinksys Wireless-G PCI Wireless Network MonitorWLService.exe" "WMP54Gv4.exe (file missing)
Logfile of HijackThis v1.99.1
Scan saved at 19:01:34, on 08/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Documents and SettingsEjerDokumenterInCDInCDsrv.exe
C:WINDOWSsystem32spoolsv.exe
C:ProgrammerWIDCOMMBluetooth Softwarebinbtwdins.exe
C:WINDOWSSystem32driversCDAC11BA.EXE
C:WINDOWSSystem32imapi.exe
C:WINDOWSSystem32nvsvc32.exe
C:ProgrammerAlcohol SoftAlcohol 120StarWindStarWindService.exe
C:WINDOWSSystem32svchost.exe
C:ProgrammerLinksys Wireless-G PCI Wireless Network MonitorWLService.exe
C:ProgrammerLinksys Wireless-G PCI Wireless Network MonitorWMP54Gv4.exe
C:WINDOWSexplorer.exe
C:WINDOWSsystem32ctfmon.exe
C:ProgrammerMultimedia Card Readershwicon2k.exe
C:HPKBDKBD.EXE
C:windowssystemhpsysdrv.exe
C:WINDOWSSystem32hphmon05.exe
C:WINDOWSsystem32rundll32.exe
C:ProgrammerHPhpcoretechhpcmpmgr.exe
C:ProgrammerHP DVDUmbrellaDVDTray.exe
C:WINDOWSsystem32hldrrr.exe
c:progra~1intern~1iexplore.exe
C:ProgrammerInternet Exploreriexplore.exe
C:ProgrammerInternet Exploreriexplore.exe
C:Documents and SettingsEjerSkrivebordspywarefri.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.hotmail.com/
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigURL = http://wpad.iha.dk/wpad.dat
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
F2 - REG:system.ini: Shell=explorer.exe "C:ProgrammerFælles filerMicrosoft SharedWeb Foldersibm00001.exe"
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:ProgrammerAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx
O2 - BHO: (no name) - {1D4C7057-EAD2-44C6-AD18-9092905F28F1} - (no file)
O2 - BHO: (no name) - {385066e0-23f3-11db-a98b-0800200c9a66} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:ProgrammerJavajre1.5.0_10binssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:ProgrammerMSN AppsST�1.03.0000.1005en-xustmain.dll
O2 - BHO: (no name) - {a62d2213-2d9b-4d25-b52d-0bc282501d5b} - (no file)
O2 - BHO: Clicker Class - {A97B5EF1-CA64-466F-AC40-F770ED52DB92} - C:WINDOWSsystem32mscoriezz.dll (file missing)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:ProgrammerMSN AppsMSN ToolbarMSN Toolbar�1.02.5000.1021damsntb.dll
O2 - BHO: (no name) - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE50} - (no file)
O4 - HKLM..Run: [UserFaultCheck] %systemroot%system32dumprep 0 -u
O4 - HKLM..Run: [UpdateManager] "C:ProgrammerFælles filerSonicUpdate Managersgtray.exe" /r
O4 - HKLM..Run: [Sunkist2k] C:ProgrammerMultimedia Card Readershwicon2k.exe
O4 - HKLM..Run: [Recguard] C:WINDOWSSMINSTRECGUARD.EXE
O4 - HKLM..Run: [PS2] C:WINDOWSsystem32ps2.exe
O4 - HKLM..Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [KBD] C:HPKBDKBD.EXE
O4 - HKLM..Run: [hpsysdrv] c:windowssystemhpsysdrv.exe
O4 - HKLM..Run: [HPHmon05] C:WINDOWSSystem32hphmon05.exe
O4 - HKLM..Run: [HP Component Manager] "C:ProgrammerHPhpcoretechhpcmpmgr.exe"
O4 - HKLM..Run: [DVDTray] "C:ProgrammerHP DVDUmbrellaDVDTray.exe"
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [ViewJoy] C:DOCUME~1EjerAPPLIC~1THISDE~164 proxy body.exe
O4 - Global Startup: GStartup.lnk = ?
O8 - Extra context menu item: Send To &Bluetooth - C:ProgrammerWIDCOMMBluetooth Softwarebtsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgrammerJavajre1.5.0_10binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgrammerJavajre1.5.0_10binssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:ProgrammerWIDCOMMBluetooth Softwarebtsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:ProgrammerWIDCOMMBluetooth Softwarebtsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgrammerMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgrammerMessengermsmsgs.exe
O15 - Trusted Zone: *.sputnik.dk
O15 - Trusted Zone: *.tv2.dk
O16 - DPF: {0B682CC1-FB40-4006-A5DD-99EDD3C9095D} - http://www.thepaymentcentre.com/build/vbiewer.cab
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://fyssrv02.udd.sembsc.dk/iNotes6W.cab
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - http://promo.dollarrevenue.com/activex/promocache/...
O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} - http://ip.sponsoradulto.com/cab/3/fr/SysWebTelecom...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetu...
O16 - DPF: {D62B5127-8D03-4175-BA71-E0041595DA4B} - http://03.sharedsource.org/html/TriacomUD_1.0.0.3i...
O16 - DPF: {D7BF3304-138B-4DD5-86EE-491BB6A2286C} - http://www.azebar.com/install/1.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safek...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:PROGRA~1MSNMES~1msgrapp.dll" (file missing)
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:WINDOWSsystem32btxppanel.dll
O20 - Winlogon Notify: igfxcui - C:WINDOWSSYSTEM32igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:WINDOWSSYSTEM32WgaLogon.dll
O23 - Service: Adobe LM Service - Unknown owner - C:ProgrammerFælles filerAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:ProgrammerWIDCOMMBluetooth Softwarebinbtwdins.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:WINDOWSSystem32driversCDAC11BA.EXE
O23 - Service: ewido anti-spyware 4.0 guard - Unknown owner - C:Documents and SettingsAdministratorSkrivebordewido anti-spyware 4.0guard.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:ProgrammerFælles filerInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:Documents and SettingsEjerDokumenterInCDInCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:ProgrammerAheadInCDInCDsrv.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:ProgrammeriPodiPod Updater 2005-09-06iPodbiniPodService.exe
O23 - Service: Alias Maya 5.0 PLE Help Server (Maya5PLEHelpServer) - Unknown owner - C:ProgrammerAliasWavefrontMaya 5.0 Personal Learning EditiondocsWrapper.exe" -s "C:ProgrammerAliasWavefrontMaya 5.0 Personal Learning Editiondocs/Wrapper.conf (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSSystem32nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:ProgrammerAlcohol SoftAlcohol 120StarWindStarWindService.exe
O23 - Service: WMP54Gv4SVC - Unknown owner - C:ProgrammerLinksys Wireless-G PCI Wireless Network MonitorWLService.exe" "WMP54Gv4.exe (file missing)
Opret dig som bruger i dag
Det er gratis, og du binder dig ikke til noget.
Når du er oprettet som bruger, får du adgang til en lang række af sidens andre muligheder, såsom at udforme siden efter eget ønske og deltage i diskussionerne.
- Forside
- ⟨
- Forum
- ⟨
- Software
Gå til bund