Kan ikke åbne Jobliste

**ImSoLost** · #1 23 December 2007, 17:38

Okay, så jeg har læst omkring en bit, og det lader til, at der findes forskellige løsninger. I'm running regula Windows Vista. Ctrl Alt Del ikke virker ... højreklik fungerer ikke. når jeg søger efter Taskmgr.exe den siger det er blevet deaktiveret af administratoren. Hvad kan jeg gøre?

**Hybr! D** · #2 23 December 2007, 17:41

Vista er anderledes end XP.

Højreklik på proceslinjen, klik derefter på Jobliste.

**ImSoLost** · #3 23 december 2007, 18:11

Jeg højre klikkede opgaven bar og det er nedtonede. Men jeg søgte omkring en bit, og jeg fandt et websted med et direkte link til min Reged og det gav mig advarsler og så skal jeg bare ud, fordi jeg ikke havde nogen idé om, hvad jeg gjorde. Bagefter ud af nysgerrighed jeg cheked opgaven bar og det var ikke nedtonede. Jeg genstartet min computer (for at sikre, at det ikke var en midlertidig ting) og for nogle mærkelige grund, når skærmen for at logge ind, vil komme frem ... det sagde trykke Ctrl Alt Del for at logge ind, jeg ikke forstår, hvad der skete .

**ImSoLost** · #4 23 December 2007, 19:11

Her er min Hijackthis log

C: \ Windows \ system32 \ taskeng.exe
C: \ Windows \ system32 \ Dwm.exe
C: \ Windows \ Explorer.EXE
C: \ Programmer \ Synaptics \ SynTP \ SynTPEnh.exe
C: \ Programmer \ HP \ QuickPlay \ QPService.exe
C: \ Programmer \ HP \ HP Software Update \ hpwuSchd2.exe
C: \ Programmer \ Hewlett-Packard \ HP Quick Launch Buttons \ QLBCTRL.exe
C: \ Programmer \ Hewlett-Packard \ HP Wireless Assistant \ WiFiMsg.exe
C: \ Programmer \ Hewlett-Packard \ HP Wireless Assistant \ HPWAMain.exe
C: \ Programmer \ Java \ jre1.6.0 \ bin \ jusched.exe
C: \ Programmer \ Common Files \ Real \ Update_OB \ realsched.exe
C: \ Programmer \ Common Files \ Symantec Shared \ ccApp.exe
C: \ Programmer \ Comcast \ Desktop Doctor \ bin \ sprtcmd.exe
C: \ Programmer \ Windows Sidebar \ sidebar.exe
C: \ Programmer \ Hewlett-Packard \ HP Advisor \ HPAdvisor.exe
C: \ WINDOWS \ System32 \ rundll32.exe
C: \ WINDOWS \ ehome \ ehtray.exe
C: \ Windows \ ehome \ ehmsas.exe
C: \ Users \ Yasmany \ Desktop \ Veoh \ VeohClient.exe
C: \ Programmer \ Google \ GoogleToolbarNotifier \ 1.2.1128.5462 \ G oogleToolbarNotifier.exe
C: \ Programmer \ Common Files \ Adobe \ Updater5 \ AdobeUpdater.exe
C: \ Programmer \ HP Tilslutninger \ 6811507 \ Programmer \ HP Connections.exe
C: \ Windows \ System32 \ Wbem \ Unsecapp.exe
C: \ PROGRA ~ 1 \ HEWLET ~ 1 \ Shared \ HPQTOA ~ 1.EXE
C: \ Programmer \ Hewlett-Packard \ HP Advisor \ SSDK04.exe
C: \ Programmer \ Internet Explorer \ ieuser.exe
C: \ Programmer \ Internet Explorer \ iexplore.exe
C: \ Programmer \ Common Files \ Microsoft Shared \ Windows Live \ WLLoginProxy.exe
C: \ Windows \ system32 \ SearchFilterHost.exe
C: \ Programmer \ Trend Micro \ HijackThis \ HijackThis.exe
C: \ Windows \ system32 \ Macromed \ Flash \ FlashUtil9b.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.comcast.net/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.comcast.net/
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, SearchAssistant =
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, CustomizeSearch =
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Window title = Windows Internet Explorer, som Comcast
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Settings, ProxyServer =: 0
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName =
R3 - URLSearchHook: AOLTBSearch Class - (EA756889-2338-43DB-8F07-D1CA6FB9C90D) - C: \ Programmer \ AOL \ AIM Toolbar 5.0 \ aoltb.dll
O1 - Hosts::: 1 localhost
O2 - BHO: My Search BHO - (014DA6C1-189F-421a-88CD-07CFE51CFF10) - C: \ Programmer \ MySearch \ bar \ 1.bin \ S4BAR.DLL
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Programmer \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: RealPlayer Download og Record Plugin for Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Programmer \ Real \ RealPlayer \ rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Programmer \ Java \ jre1.6.0 \ bin \ ssv.dll
O2 - BHO: AOL Toolbar Launcher - (7C554162-8CB7-45A4-B8F4-8EA1C75885F9) - C: \ Programmer \ AOL \ AIM Toolbar 5.0 \ aoltb.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Programmer \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: BDEX System - (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126) - C: \ Windows \ blopenvxdt.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - c: \ program files \ google \ googletoolbar1.dll
O2 - BHO: FastRX - (E09962E7-A39E-4F60-8003-66D57BED27B7) - C: \ Windows \ system32 \ fastRX.dll (filen mangler)
O3 - Toolbar: My Search Bar - (014DA6C9-189F-421a-88CD-07CFE51CFF10) - C: \ Programmer \ MySearch \ bar \ 1.bin \ S4BAR.DLL
O3 - Toolbar: Veoh Browser Plug-in - (D0943516-5076-4020-A3B5-AEFAF26AB263) - C: \ Users \ Yasmany \ Desktop \ Veoh \ Plugins \ reg \ VeohTool bar.dll
O3 - Toolbar: & Google - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - c: \ program files \ google \ googletoolbar1.dll
O3 - Toolbar: AIM Toolbar - (DE9C389F-3316-41A7-809B-AA305ED9D922) - C: \ Programmer \ AOL \ AIM Toolbar 5.0 \ aoltb.dll
O3 - Toolbar: The retnsrp - (CC304A4D-FC79-4CD3-9A67-46E3AF59319D) - C: \ Windows \ retnsrp.dll
O4 - HKLM \ .. \ Run: [Windows Defender]% ProgramFiles% \ Windows Defender \ MSASCui.exe-hide
O4 - HKLM \ .. \ Run: [SynTPEnh] C: \ Programmer \ Synaptics \ SynTP \ SynTPEnh.exe
O4 - HKLM \ .. \ Run: [QPService] "C: \ Programmer \ HP \ QuickPlay \ QPService.exe"
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Programmer \ Hp \ HP Software Update \ HPWuSchd2.exe
O4 - HKLM \ .. \ Run: [QlbCtrl]% ProgramFiles% \ Hewlett-Packard \ HP Quick Launch Buttons \ QlbCtrl.exe / Start
O4 - HKLM \ .. \ Run: [HP Health Check Scheduler] C: \ Programmer \ Hewlett-Packard \ HP Health Check \ HPHC_Scheduler.exe
O4 - HKLM \ .. \ Run: [WAWifiMessage]% ProgramFiles% \ Hewlett-Packard \ HP Wireless Assistant \ WiFiMsg.exe
O4 - HKLM \ .. \ Run: [hpWirelessAssistant]% ProgramFiles% \ Hewlett-Packard \ HP Wireless Assistant \ HPWAMain.exe
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Programmer \ Java \ jre1.6.0 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [kpx] C: \ Windows \ system32 \ rundll32.exe C: \ Windows \ system32 \ fastRX.dll DllInitApp
O4 - HKLM \ .. \ Run: [NvSvc] rundll32.exe C: \ Windows \ system32 \ nvsvc.dll, nvsvcStart
O4 - HKLM \ .. \ Run: [NvCplDaemon] rundll32.exe C: \ Windows \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [NvMediaCenter] rundll32.exe C: \ Windows \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Programmer \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKLM \ .. \ Run: [SeekmoOE] C: \ Programmer \ Seekmo \ bin \ 10.0.341.0 \ OEAddOn.exe
O4 - HKLM \ .. \ Run: [SeekmoSA] "C: \ Programmer \ Seekmo \ bin \ 10.0.341.0 \ SeekmoSA.exe"
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Programmer \ QuickTime \ QTTask.exe"-atboottime
O4 - HKLM \ .. \ Run: [ccApp] "C: \ Programmer \ Common Files \ Symantec Shared \ ccApp.exe"
O4 - HKLM \ .. \ Run: [Symantec PIF AlertEng] "C: \ Programmer \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe" / a / m " C: \ Programmer \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ AlertEng.dll "
O4 - HKLM \ .. \ Run: [ddoctorv2] "C: \ Programmer \ Comcast \ Desktop Doctor \ bin \ sprtcmd.exe" / P ddoctorv2
O4 - HKLM \ .. \ RunOnce: [Launcher]% WINDIR% \ SMINST \ Launcher.exe
O4 - HKCU \ .. \ Run: [Sidebar] C: \ Programmer \ Windows Sidebar \ sidebar.exe / autorun
O4 - HKCU \ .. \ Run: [HPAdvisor] C: \ Programmer \ Hewlett-Packard \ HP Advisor \ HPAdvisor.exe
O4 - HKCU \ .. \ Run: [Aim6] "C: \ Programmer \ AIM6 \ aim6.exe" / d locale = en-US ee: / / AOL / imApp
O4 - HKCU \ .. \ Run: [ehTray.exe] C: \ Windows \ ehome \ ehTray.exe
O4 - HKCU \ .. \ Run: [Veoh] "C: \ Users \ Yasmany \ Desktop \ Veoh \ VeohClient.exe" / VeohHide
O4 - HKCU \ .. \ Run: [MsnMsgr] "C: \ Programmer \ MSN Messenger \ MsnMsgr.Exe" / baggrund
O4 - HKCU \ .. \ Run: [SWG] C: \ Programmer \ Google \ GoogleToolbarNotifier \ 1.2.1128.5462 \ G oogleToolbarNotifier.exe
O4 - HKCU \ .. \ Run: [AdobeUpdater] C: \ Programmer \ Common Files \ Adobe \ Updater5 \ AdobeUpdater.exe
O4 - HKCU \ .. \ Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll, ShowWelcomeCenter
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-19 \ .. \ Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll, ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User 'NETWORK SERVICE')
O4 - Startup: LimeWire On Startup.lnk = C: \ Programmer \ LimeWire \ LimeWire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Programmer \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C: \ Programmer \ Adobe \ Reader 8.0 \ Reader \ AdobeCollabSync.exe
O4 - Global Startup: HP Connections.lnk = C: \ Programmer \ HP Tilslutninger \ 6811507 \ Programmer \ HP Connections.exe
O8 - Extra sammenhæng menupunktet: & AOL Toolbar Search - C: \ Programmer \ AOL \ Målet værktøjslinjen 5.0 \ ressourcer \ da-DK \ lokale \ search.html
O8 - Extra sammenhæng menupunktet: E & ksporter til Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ mikroer ~ 3 \ Office12 \ EXCEL.EXE/3000
O9 - Extra knappen: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programmer \ Java \ jre1.6.0 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programmer \ Java \ jre1.6.0 \ bin \ ssv.dll
O9 - Ekstra knap: Send til OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ mikroer ~ 3 \ Office12 \ ONBttnIE.dll
O9 - Extra 'Tools' MENUITEM: S & ende til OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ mikroer ~ 3 \ Office12 \ ONBttnIE.dll
O9 - Ekstra knap: AIM Toolbar - (3369AF0D-62E9-4bda-8103-B4C75499B578) - C: \ Programmer \ AOL \ AIM Toolbar 5.0 \ aoltb.dll
O9 - Ekstra knap: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ mikroer ~ 3 \ Office12 \ REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: (48DD0448-9209-4F81-9F6D-D83562940134) (MySpace Uploader Control) -- http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: (5D6F45B3-9043-443D-A792-115447494D24) (UnoCtrl klasse) -- http://messenger.zone.msn.com/EN-US/.../GAME_UNO1.cab
O16 - DPF: (67DABFBF-D0AB-41FA-9C46-CC0F21721616) (DivXBrowserPlugin Object) -- http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: (B8BE5E93-A60C-4D26-A2DC-220313175592) (MSN Games - Installer) -- http://messenger.zone.msn.com/binary...o.cab56649.cab
O16 - DPF: (BD393C14-72AD-4790-A095-76522973D6B8) (CBreakshotControl klasse) -- http://messenger.zone.msn.com/binary...t.cab57213.cab
O16 - DPF: (C3F79A2B-B9B4-4A66-B012-3EE46475B072) (MessengerStatsClient Class) -- http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: (DA758BB1-5F89-4465-975F-8D7179A4BCF3) (WheelofFortune Object) -- http://messenger.zone.msn.com/binary/WoF.cab57176.cab
O21 - SSODL: leorop - (38CA8AE4-A78E-4111-8D0E-BDDF145A5040) - C: \ Windows \ leorop.dll
O21 - SSODL: nopzet - (9543D4D7-3E5B-4B70-BB93-83AC9865627C) - C: \ Windows \ nopzet.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, LP - C: \ Programmer \ Hewlett-Packard \ HP Quick Launch Buttons \ AddFiltr.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C: \ Programmer \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C: \ Programmer \ Common Files \ Symantec Shared \ ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C: \ Programmer \ Common Files \ Symantec Shared \ ccSvcHst.exe
O23 - Service: Cyberlink Background Capture Service (CBCS) (CLCapSvc) - Unknown ejer - C: \ Programmer \ HP \ QuickPlay \ Kernel \ TV \ CLCapSvc.exe
O23 - Service: Cyberlink Task Scheduler (CTS) (CLSched) - Unknown ejer - C: \ Programmer \ HP \ QuickPlay \ Kernel \ TV \ CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C: \ Programmer \ Common Files \ Symantec Shared \ ccSvcHst.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Programmer \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C: \ Programmer \ Hewlett-Packard \ HP Health Check \ hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, LP - C: \ Programmer \ Hewlett-Packard \ Shared \ hpqwmiex.exe
O23 - Service: InstallDriver Tabel Manager (IDriverT) - Macrovision Corporation - C: \ Programmer \ Roxio \ Roxio MyDVD Basic v9 \ InstallShield \ Driver \ 1050 \ Intel 32 \ IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C: \ Programmer \ Norton AntiVirus \ isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C: \ Programmer \ Common Files \ LightScribe \ LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C: \ PROGRA ~ 1 \ Symantec \ LIVEUP ~ 1 \ LUCOMS ~ 1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C: \ Programmer \ Common Files \ Symantec Shared \ ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C: \ Programmer \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C: \ Programmer \ Common Files \ Roxio Shared \ 9.0 \ SharedCOM \ RoxMediaDB9.exe
O23 - Service: SupportSoft kædehjul Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C: \ Programmer \ Comcast \ Desktop Doctor \ bin \ sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C: \ Programmer \ Common Files \ SureThing Shared \ stllssvr.exe
O23 - Service: Symantec Core LC - Unknown ejer - C: \ Programmer \ Common Files \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C: \ Programmer \ Common Files \ Symantec Shared \ AppCore \ AppSvc32.exe
O23 - Service: synspunkt Manager Service - synspunkt Corporation - C: \ Programmer \ synspunkt \ Common \ ViewpointService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C: \ Windows \ system32 \ DRIVERS \ xaudio.exe

**howardhopkinson** · #5 31 December 2007, 01:33

Dit system er fyldt med malware.

Start HER og følg vejledningen nøjagtigt.

Skriv de ønskede logfiler.

I `ll få mod til at flytte denne tråd tilbage til sikkerhed forum. Don `t vide, hvorfor det blev flyttet fra at der i første omgang.

Regards Howard.

**ImSoLost** · #6 5 januar 2008, 18:05

Før op noget jeg ønsker at bemærke, at når jeg kom til at køre Online scanne det ville ikke lade mig ... det siger noget om ikke at have tilladelse.

Da jeg kiggede i min Tilføj / Fjern hardware Dette er nogle af de ting jeg fandt lidt mistænkelige eller at jeg vidste ikke noget om.

MSXML 4.0 SP2
My Search Bar
muvee Egenproducenter 5,0
Smart Video Codec v1.6

SUPERAntiSpyware log
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 01/05/2008 at 07:32
Application Version: 3.9.1008
Core Rules Database Version: 3374
Trace Rules Database Version: 1369
Scan type: Complete Scan
Total Scan Time: 01:23:02
Memory poster scannet: 712
Memory trusler opdaget: 1
Topdomæneadministratoren poster scannet: 8254
Topdomæneadministratoren trusler opdaget: 122
File poster skannet: 60434
File trusler opdaget: 12
Trojan.Net-MSV/VPS-Variant
C: \ WINDOWS \ BLOPENVXDT.DLL
C: \ WINDOWS \ BLOPENVXDT.DLL
HKLM \ Software \ Classes \ CLSID \ (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126)
HKCR \ CLSID \ (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126)
HKCR \ CLSID \ (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126)
HKCR \ CLSID \ (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126) \ InprocServer32
HKCR \ CLSID \ (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126) \ ProgID
HKCR \ CLSID \ (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126) \ Programmerbar
HKCR \ CLSID \ (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126) \ TypeLib
HKCR \ CLSID \ (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126) \ VersionIndependentProgID
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126)
Adware.MyWay
HKLM \ Software \ Classes \ CLSID \ (014DA6C1-189F-421a-88CD-07CFE51CFF10)
HKCR \ CLSID \ (014DA6C1-189F-421A-88CD-07CFE51CFF10)
HKCR \ CLSID \ (014DA6C1-189F-421A-88CD-07CFE51CFF10)
HKCR \ CLSID \ (014DA6C1-189F-421A-88CD-07CFE51CFF10) \ InprocServer32
HKCR \ CLSID \ (014DA6C1-189F-421A-88CD-07CFE51CFF10) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (014DA6C1-189F-421A-88CD-07CFE51CFF10) \ Programmerbar
HKCR \ CLSID \ (014DA6C1-189F-421A-88CD-07CFE51CFF10) \ TypeLib
C: \ Programmer \ MYSEARCH \ BAR \ 1.BIN \ S4BAR.DLL
HKLM \ Software \ Classes \ CLSID \ (014DA6C9-189F-421a-88CD-07CFE51CFF10)
HKCR \ CLSID \ (014DA6C9-189F-421A-88CD-07CFE51CFF10)
HKCR \ CLSID \ (014DA6C9-189F-421A-88CD-07CFE51CFF10)
HKCR \ CLSID \ (014DA6C9-189F-421A-88CD-07CFE51CFF10) \ InprocServer32
HKCR \ CLSID \ (014DA6C9-189F-421A-88CD-07CFE51CFF10) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (014DA6C9-189F-421A-88CD-07CFE51CFF10) \ Programmerbar
HKCR \ CLSID \ (014DA6C9-189F-421A-88CD-07CFE51CFF10) \ TypeLib
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (014DA6C1-189F-421a-88CD-07CFE51CFF10)
HKLM \ Software \ Microsoft \ Internet Explorer \ Toolbar # (014DA6C9-189F-421a-88CD-07CFE51CFF10)
HKCR \ TypeLib \ (014DA6C0-189F-421a-88CD-07CFE51CFF10)
HKCR \ TypeLib \ (014DA6C0-189F-421a-88CD-07CFE51CFF10) \ 1.0
HKCR \ TypeLib \ (014DA6C0-189F-421a-88CD-07CFE51CFF10) \ 1.0 \ 0
HKCR \ TypeLib \ (014DA6C0-189F-421a-88CD-07CFE51CFF10) \ 1.0 \ 0 \ win32
HKCR \ TypeLib \ (014DA6C0-189F-421a-88CD-07CFE51CFF10) \ 1.0 \ FLAG
HKCR \ TypeLib \ (014DA6C0-189F-421a-88CD-07CFE51CFF10) \ 1.0 \ HELPDIR
HKU \ S-1-5-21-3682377349-2593316749-328379415-1000 \ Software \ Microsoft \ Internet Explorer \ Toolbar \ WebBrowser # (014DA6C9-189F-421A-88CD-07CFE51CFF10)
Unclassified.Unknown Oprindelse
HKLM \ Software \ Classes \ CLSID \ (E09962E7-A39E-4F60-8003-66D57BED27B7)
HKCR \ CLSID \ (E09962E7-A39E-4F60-8003-66D57BED27B7)
HKCR \ CLSID \ (E09962E7-A39E-4F60-8003-66D57BED27B7)
HKCR \ CLSID \ (E09962E7-A39E-4F60-8003-66D57BED27B7) \ InprocServer32
HKCR \ CLSID \ (E09962E7-A39E-4F60-8003-66D57BED27B7) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (E09962E7-A39E-4F60-8003-66D57BED27B7) \ ProgID
HKCR \ CLSID \ (E09962E7-A39E-4F60-8003-66D57BED27B7) \ Programmerbar
HKCR \ CLSID \ (E09962E7-A39E-4F60-8003-66D57BED27B7) \ TypeLib
HKCR \ CLSID \ (E09962E7-A39E-4F60-8003-66D57BED27B7) \ VersionIndependentProgID
C: \ WINDOWS \ SYSTEM32 \ FASTRX.DLL
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (E09962E7-A39E-4F60-8003-66D57BED27B7)
Adware.Tracking Cookie
C: \ Users \ Yasmany \ AppData \ Roaming \ Microsoft \ Windows \ Cookies \ yasmany@ar.atwola [2]. Txt
C: \ Users \ Yasmany \ AppData \ Roaming \ Microsoft \ Windows \ Cookies \ yasmany @ atwola [1]. Txt
C: \ Users \ Yasmany \ AppData \ Roaming \ Microsoft \ Windows \ Cookies \ yasmany @ DoubleClick [1]. Txt
C: \ Users \ Yasmany \ AppData \ Roaming \ Microsoft \ Windows \ Cookies \ yasmany @ adlegend [1]. Txt
C: \ Users \ Yasmany \ AppData \ Roaming \ Microsoft \ Windows \ Cookies \ yasmany @ reklame [2]. Txt
C: \ Users \ Yasmany \ AppData \ Roaming \ Microsoft \ Windows \ Cookies \ yasmany @ 2o7 [1]. Txt
C: \ Users \ Yasmany \ AppData \ Roaming \ Microsoft \ Windows \ Cookies \ yasmany @ atdmt [2]. Txt
C: \ Users \ Yasmany \ AppData \ Roaming \ Microsoft \ Windows \ Cookies \ yasmany @ mediaplex [1]. Txt
Adware.180solutions/Seekmo
HKCR \ Seekmo.DesktopFlash
HKCR \ Seekmo.DesktopFlash \ CLSID
HKCR \ Seekmo.DesktopFlash \ CurVer
HKCR \ Seekmo.DesktopFlash.1
HKCR \ Seekmo.DesktopFlash.1 \ CLSID
HKCR \ SeekmoAX.ClientDetector
HKCR \ SeekmoAX.ClientDetector \ CLSID
HKCR \ SeekmoAX.ClientDetector \ CurVer
HKCR \ SeekmoAX.ClientDetector.1
HKCR \ SeekmoAX.ClientDetector.1 \ CLSID
HKCR \ SeekmoAX.UserProfiles
HKCR \ SeekmoAX.UserProfiles \ CLSID
HKCR \ SeekmoAX.UserProfiles \ CurVer
HKCR \ SeekmoAX.UserProfiles.1
HKCR \ SeekmoAX.UserProfiles.1 \ CLSID
HKCR \ CLSID \ (1F158A1E-A687-4a11-9679-B3AC64B86A1C)
HKCR \ CLSID \ (1F158A1E-A687-4a11-9679-B3AC64B86A1C) \ Control
HKCR \ CLSID \ (1F158A1E-A687-4a11-9679-B3AC64B86A1C) \ InprocServer32
HKCR \ CLSID \ (1F158A1E-A687-4a11-9679-B3AC64B86A1C) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (1F158A1E-A687-4a11-9679-B3AC64B86A1C) \ MiscStatus
HKCR \ CLSID \ (1F158A1E-A687-4a11-9679-B3AC64B86A1C) \ MiscStatus \ 1
HKCR \ CLSID \ (1F158A1E-A687-4a11-9679-B3AC64B86A1C) \ ProgID
HKCR \ CLSID \ (1F158A1E-A687-4a11-9679-B3AC64B86A1C) \ Programmerbar
HKCR \ CLSID \ (1F158A1E-A687-4a11-9679-B3AC64B86A1C) \ ToolboxBitmap32
HKCR \ CLSID \ (1F158A1E-A687-4a11-9679-B3AC64B86A1C) \ TypeLib
HKCR \ CLSID \ (1F158A1E-A687-4a11-9679-B3AC64B86A1C) \ Version
HKCR \ CLSID \ (1F158A1E-A687-4a11-9679-B3AC64B86A1C) \ VersionIndependentProgID
HKCR \ CLSID \ (914A8F99-38E4-47ec-B875-2B0653516030)
HKCR \ CLSID \ (914A8F99-38E4-47ec-B875-2B0653516030) # AppID
HKCR \ CLSID \ (914A8F99-38E4-47ec-B875-2B0653516030) \ LocalServer32
HKCR \ CLSID \ (914A8F99-38E4-47ec-B875-2B0653516030) \ ProgID
HKCR \ CLSID \ (914A8F99-38E4-47ec-B875-2B0653516030) \ Programmerbar
HKCR \ CLSID \ (914A8F99-38E4-47ec-B875-2B0653516030) \ TypeLib
HKCR \ CLSID \ (914A8F99-38E4-47ec-B875-2B0653516030) \ VersionIndependentProgID
HKCR \ CLSID \ (E313F5DC-CFE7-4568-84A4-C76653547571)
HKCR \ CLSID \ (E313F5DC-CFE7-4568-84A4-C76653547571) \ InprocServer32
HKCR \ CLSID \ (E313F5DC-CFE7-4568-84A4-C76653547571) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (E313F5DC-CFE7-4568-84A4-C76653547571) \ ProgID
HKCR \ CLSID \ (E313F5DC-CFE7-4568-84A4-C76653547571) \ Programmerbar
HKCR \ CLSID \ (E313F5DC-CFE7-4568-84A4-C76653547571) \ TypeLib
HKCR \ CLSID \ (E313F5DC-CFE7-4568-84A4-C76653547571) \ VersionIndependentProgID
HKCR \ TypeLib \ (995E885E-3FF5-4F66-A107-8BFB3A0F8F12)
HKCR \ TypeLib \ (995E885E-3FF5-4F66-A107-8BFB3A0F8F12) \ 1.0
HKCR \ TypeLib \ (995E885E-3FF5-4F66-A107-8BFB3A0F8F12) \ 1.0 \ 0
HKCR \ TypeLib \ (995E885E-3FF5-4F66-A107-8BFB3A0F8F12) \ 1.0 \ 0 \ win32
HKCR \ TypeLib \ (995E885E-3FF5-4F66-A107-8BFB3A0F8F12) \ 1.0 \ FLAG
HKCR \ TypeLib \ (995E885E-3FF5-4F66-A107-8BFB3A0F8F12) \ 1.0 \ HELPDIR
HKCR \ TypeLib \ (FBB40FDF-B715-4342-AB82-244ECC66E979)
HKCR \ TypeLib \ (FBB40FDF-B715-4342-AB82-244ECC66E979) \ 1.0
HKCR \ TypeLib \ (FBB40FDF-B715-4342-AB82-244ECC66E979) \ 1.0 \ 0
HKCR \ TypeLib \ (FBB40FDF-B715-4342-AB82-244ECC66E979) \ 1.0 \ 0 \ win32
HKCR \ TypeLib \ (FBB40FDF-B715-4342-AB82-244ECC66E979) \ 1.0 \ FLAG
HKCR \ TypeLib \ (FBB40FDF-B715-4342-AB82-244ECC66E979) \ 1.0 \ HELPDIR
HKCR \ Interface \ (BD5258AF-20AE-4BD3-B748-B2851ACA7335)
HKCR \ Interface \ (BD5258AF-20AE-4BD3-B748-B2851ACA7335) \ ProxyStubClsid
HKCR \ Interface \ (BD5258AF-20AE-4BD3-B748-B2851ACA7335) \ ProxyStubClsid32
HKCR \ Interface \ (BD5258AF-20AE-4BD3-B748-B2851ACA7335) \ TypeLib
HKCR \ Interface \ (BD5258AF-20AE-4BD3-B748-B2851ACA7335) \ TypeLib # Version
HKCR \ AppID \ SeekmoSA_df.exe
HKCR \ AppID \ SeekmoSA_df.exe # AppID
HKCR \ AppID \ (4A40E8FC-C7E4-4F57-9FA4-85DD77402897)
HKU \ S-1-5-21-3682377349-2593316749-328379415-1000 \ Software \ seekmosa
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ SeekmoSA
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ SeekmoSA # DisplayName
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ SeekmoSA # DisplayIcon
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ SeekmoSA # UninstallString
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ SeekmoSA # DisplayVersion
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ SeekmoSA # HelpLink
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ SeekmoSA # Publisher
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ SeekmoSA # URLInfoAbout
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run # SeekmoOE [C: \ Programmer \ Seekmo \ bin \ 10.0.341.0 \ OEAddOn.exe]
C: \ Users \ Yasmany \ AppData \ Roaming \ Seekmo
Trojan.DNSChanger-Codec
HKCR \ VAC.Video
HKCR \ VAC.Video \ CLSID
Trojan.Net-MSV/VPS
HKCR \ MSVPS.MSVPSApp
HKCR \ MSVPS.MSVPSApp \ CLSID
HKCR \ MSVPS.MSVPSApp \ CurVer
Trojan.Net-MU/Gen
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ WebVideo
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ WebVideo # DisplayName
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ WebVideo # UninstallString

Hijackthis Log

Logfile af Trend Micro HijackThis v2.0.2
Scan gemt på 8:13:58 PM, den 12/23/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal
Kørende processer:
C: \ Windows \ system32 \ taskeng.exe
C: \ Windows \ system32 \ Dwm.exe
C: \ Windows \ Explorer.EXE
C: \ Programmer \ Synaptics \ SynTP \ SynTPEnh.exe
C: \ Programmer \ HP \ QuickPlay \ QPService.exe
C: \ Programmer \ HP \ HP Software Update \ hpwuSchd2.exe
C: \ Programmer \ Hewlett-Packard \ HP Quick Launch Buttons \ QLBCTRL.exe
C: \ Programmer \ Hewlett-Packard \ HP Wireless Assistant \ WiFiMsg.exe
C: \ Programmer \ Hewlett-Packard \ HP Wireless Assistant \ HPWAMain.exe
C: \ Programmer \ Java \ jre1.6.0 \ bin \ jusched.exe
C: \ Programmer \ Common Files \ Real \ Update_OB \ realsched.exe
C: \ Programmer \ Common Files \ Symantec Shared \ ccApp.exe
C: \ Programmer \ Comcast \ Desktop Doctor \ bin \ sprtcmd.exe
C: \ Programmer \ Windows Sidebar \ sidebar.exe
C: \ Programmer \ Hewlett-Packard \ HP Advisor \ HPAdvisor.exe
C: \ WINDOWS \ System32 \ rundll32.exe
C: \ WINDOWS \ ehome \ ehtray.exe
C: \ Windows \ ehome \ ehmsas.exe
C: \ Users \ Yasmany \ Desktop \ Veoh \ VeohClient.exe
C: \ Programmer \ Google \ GoogleToolbarNotifier \ 1.2.1128.5462 \ G oogleToolbarNotifier.exe
C: \ Programmer \ Common Files \ Adobe \ Updater5 \ AdobeUpdater.exe
C: \ Programmer \ HP Tilslutninger \ 6811507 \ Programmer \ HP Connections.exe
C: \ Windows \ System32 \ Wbem \ Unsecapp.exe
C: \ PROGRA ~ 1 \ HEWLET ~ 1 \ Shared \ HPQTOA ~ 1.EXE
C: \ Programmer \ Hewlett-Packard \ HP Advisor \ SSDK04.exe
C: \ Programmer \ Internet Explorer \ ieuser.exe
C: \ Programmer \ Internet Explorer \ iexplore.exe
C: \ Programmer \ Common Files \ Microsoft Shared \ Windows Live \ WLLoginProxy.exe
C: \ Windows \ system32 \ SearchFilterHost.exe
C: \ Programmer \ Trend Micro \ HijackThis \ HijackThis.exe
C: \ Windows \ system32 \ Macromed \ Flash \ FlashUtil9b.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.comcast.net/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.comcast.net/
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, SearchAssistant =
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, CustomizeSearch =
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Window title = Windows Internet Explorer, som Comcast
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Settings, ProxyServer =: 0
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName =
R3 - URLSearchHook: AOLTBSearch Class - (EA756889-2338-43DB-8F07-D1CA6FB9C90D) - C: \ Programmer \ AOL \ AIM Toolbar 5.0 \ aoltb.dll
O1 - Hosts::: 1 localhost
O2 - BHO: My Search BHO - (014DA6C1-189F-421a-88CD-07CFE51CFF10) - C: \ Programmer \ MySearch \ bar \ 1.bin \ S4BAR.DLL
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Programmer \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: RealPlayer Download og Record Plugin for Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Programmer \ Real \ RealPlayer \ rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Programmer \ Java \ jre1.6.0 \ bin \ ssv.dll
O2 - BHO: AOL Toolbar Launcher - (7C554162-8CB7-45A4-B8F4-8EA1C75885F9) - C: \ Programmer \ AOL \ AIM Toolbar 5.0 \ aoltb.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Programmer \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: BDEX System - (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126) - C: \ Windows \ blopenvxdt.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - c: \ program files \ google \ googletoolbar1.dll
O2 - BHO: FastRX - (E09962E7-A39E-4F60-8003-66D57BED27B7) - C: \ Windows \ system32 \ fastRX.dll (filen mangler)
O3 - Toolbar: My Search Bar - (014DA6C9-189F-421a-88CD-07CFE51CFF10) - C: \ Programmer \ MySearch \ bar \ 1.bin \ S4BAR.DLL
O3 - Toolbar: Veoh Browser Plug-in - (D0943516-5076-4020-A3B5-AEFAF26AB263) - C: \ Users \ Yasmany \ Desktop \ Veoh \ Plugins \ reg \ VeohTool bar.dll
O3 - Toolbar: & Google - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - c: \ program files \ google \ googletoolbar1.dll
O3 - Toolbar: AIM Toolbar - (DE9C389F-3316-41A7-809B-AA305ED9D922) - C: \ Programmer \ AOL \ AIM Toolbar 5.0 \ aoltb.dll
O3 - Toolbar: The retnsrp - (CC304A4D-FC79-4CD3-9A67-46E3AF59319D) - C: \ Windows \ retnsrp.dll
O4 - HKLM \ .. \ Run: [Windows Defender]% ProgramFiles% \ Windows Defender \ MSASCui.exe-hide
O4 - HKLM \ .. \ Run: [SynTPEnh] C: \ Programmer \ Synaptics \ SynTP \ SynTPEnh.exe
O4 - HKLM \ .. \ Run: [QPService] "C: \ Programmer \ HP \ QuickPlay \ QPService.exe"
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Programmer \ Hp \ HP Software Update \ HPWuSchd2.exe
O4 - HKLM \ .. \ Run: [QlbCtrl]% ProgramFiles% \ Hewlett-Packard \ HP Quick Launch Buttons \ QlbCtrl.exe / Start
O4 - HKLM \ .. \ Run: [HP Health Check Scheduler] C: \ Programmer \ Hewlett-Packard \ HP Health Check \ HPHC_Scheduler.exe
O4 - HKLM \ .. \ Run: [WAWifiMessage]% ProgramFiles% \ Hewlett-Packard \ HP Wireless Assistant \ WiFiMsg.exe
O4 - HKLM \ .. \ Run: [hpWirelessAssistant]% ProgramFiles% \ Hewlett-Packard \ HP Wireless Assistant \ HPWAMain.exe
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Programmer \ Java \ jre1.6.0 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [kpx] C: \ Windows \ system32 \ rundll32.exe C: \ Windows \ system32 \ fastRX.dll DllInitApp
O4 - HKLM \ .. \ Run: [NvSvc] rundll32.exe C: \ Windows \ system32 \ nvsvc.dll, nvsvcStart
O4 - HKLM \ .. \ Run: [NvCplDaemon] rundll32.exe C: \ Windows \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [NvMediaCenter] rundll32.exe C: \ Windows \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Programmer \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKLM \ .. \ Run: [SeekmoOE] C: \ Programmer \ Seekmo \ bin \ 10.0.341.0 \ OEAddOn.exe
O4 - HKLM \ .. \ Run: [SeekmoSA] "C: \ Programmer \ Seekmo \ bin \ 10.0.341.0 \ SeekmoSA.exe"
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Programmer \ QuickTime \ QTTask.exe"-atboottime
O4 - HKLM \ .. \ Run: [ccApp] "C: \ Programmer \ Common Files \ Symantec Shared \ ccApp.exe"
O4 - HKLM \ .. \ Run: [Symantec PIF AlertEng] "C: \ Programmer \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe" / a / m " C: \ Programmer \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ AlertEng.dll "
O4 - HKLM \ .. \ Run: [ddoctorv2] "C: \ Programmer \ Comcast \ Desktop Doctor \ bin \ sprtcmd.exe" / P ddoctorv2
O4 - HKLM \ .. \ RunOnce: [Launcher]% WINDIR% \ SMINST \ Launcher.exe
O4 - HKCU \ .. \ Run: [Sidebar] C: \ Programmer \ Windows Sidebar \ sidebar.exe / autorun
O4 - HKCU \ .. \ Run: [HPAdvisor] C: \ Programmer \ Hewlett-Packard \ HP Advisor \ HPAdvisor.exe
O4 - HKCU \ .. \ Run: [Aim6] "C: \ Programmer \ AIM6 \ aim6.exe" / d locale = en-US ee: / / AOL / imApp
O4 - HKCU \ .. \ Run: [ehTray.exe] C: \ Windows \ ehome \ ehTray.exe
O4 - HKCU \ .. \ Run: [Veoh] "C: \ Users \ Yasmany \ Desktop \ Veoh \ VeohClient.exe" / VeohHide
O4 - HKCU \ .. \ Run: [MsnMsgr] "C: \ Programmer \ MSN Messenger \ MsnMsgr.Exe" / baggrund
O4 - HKCU \ .. \ Run: [SWG] C: \ Programmer \ Google \ GoogleToolbarNotifier \ 1.2.1128.5462 \ G oogleToolbarNotifier.exe
O4 - HKCU \ .. \ Run: [AdobeUpdater] C: \ Programmer \ Common Files \ Adobe \ Updater5 \ AdobeUpdater.exe
O4 - HKCU \ .. \ Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll, ShowWelcomeCenter
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-19 \ .. \ Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll, ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User 'NETWORK SERVICE')
O4 - Startup: LimeWire On Startup.lnk = C: \ Programmer \ LimeWire \ LimeWire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Programmer \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C: \ Programmer \ Adobe \ Reader 8.0 \ Reader \ AdobeCollabSync.exe
O4 - Global Startup: HP Connections.lnk = C: \ Programmer \ HP Tilslutninger \ 6811507 \ Programmer \ HP Connections.exe
O8 - Extra sammenhæng menupunktet: & AOL Toolbar Search - C: \ Programmer \ AOL \ Målet værktøjslinjen 5.0 \ ressourcer \ da-DK \ lokale \ search.html
O8 - Extra sammenhæng menupunktet: E & ksporter til Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ mikroer ~ 3 \ Office12 \ EXCEL.EXE/3000
O9 - Extra knappen: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programmer \ Java \ jre1.6.0 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programmer \ Java \ jre1.6.0 \ bin \ ssv.dll
O9 - Ekstra knap: Send til OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ mikroer ~ 3 \ Office12 \ ONBttnIE.dll
O9 - Extra 'Tools' MENUITEM: S & ende til OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ mikroer ~ 3 \ Office12 \ ONBttnIE.dll
O9 - Ekstra knap: AIM Toolbar - (3369AF0D-62E9-4bda-8103-B4C75499B578) - C: \ Programmer \ AOL \ AIM Toolbar 5.0 \ aoltb.dll
O9 - Ekstra knap: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ mikroer ~ 3 \ Office12 \ REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: (48DD0448-9209-4F81-9F6D-D83562940134) (MySpace Uploader Control) -- http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: (5D6F45B3-9043-443D-A792-115447494D24) (UnoCtrl klasse) -- http://messenger.zone.msn.com/EN-US/.../GAME_UNO1.cab
O16 - DPF: (67DABFBF-D0AB-41FA-9C46-CC0F21721616) (DivXBrowserPlugin Object) -- http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: (B8BE5E93-A60C-4D26-A2DC-220313175592) (MSN Games - Installer) -- http://messenger.zone.msn.com/binary...o.cab56649.cab
O16 - DPF: (BD393C14-72AD-4790-A095-76522973D6B8) (CBreakshotControl klasse) -- http://messenger.zone.msn.com/binary...t.cab57213.cab
O16 - DPF: (C3F79A2B-B9B4-4A66-B012-3EE46475B072) (MessengerStatsClient Class) -- http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: (DA758BB1-5F89-4465-975F-8D7179A4BCF3) (WheelofFortune Object) -- http://messenger.zone.msn.com/binary/WoF.cab57176.cab
O21 - SSODL: leorop - (38CA8AE4-A78E-4111-8D0E-BDDF145A5040) - C: \ Windows \ leorop.dll
O21 - SSODL: nopzet - (9543D4D7-3E5B-4B70-BB93-83AC9865627C) - C: \ Windows \ nopzet.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, LP - C: \ Programmer \ Hewlett-Packard \ HP Quick Launch Buttons \ AddFiltr.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C: \ Programmer \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C: \ Programmer \ Common Files \ Symantec Shared \ ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C: \ Programmer \ Common Files \ Symantec Shared \ ccSvcHst.exe
O23 - Service: Cyberlink Background Capture Service (CBCS) (CLCapSvc) - Unknown ejer - C: \ Programmer \ HP \ QuickPlay \ Kernel \ TV \ CLCapSvc.exe
O23 - Service: Cyberlink Task Scheduler (CTS) (CLSched) - Unknown ejer - C: \ Programmer \ HP \ QuickPlay \ Kernel \ TV \ CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C: \ Programmer \ Common Files \ Symantec Shared \ ccSvcHst.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Programmer \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C: \ Programmer \ Hewlett-Packard \ HP Health Check \ hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, LP - C: \ Programmer \ Hewlett-Packard \ Shared \ hpqwmiex.exe
O23 - Service: InstallDriver Tabel Manager (IDriverT) - Macrovision Corporation - C: \ Programmer \ Roxio \ Roxio MyDVD Basic v9 \ InstallShield \ Driver \ 1050 \ Intel 32 \ IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C: \ Programmer \ Norton AntiVirus \ isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C: \ Programmer \ Common Files \ LightScribe \ LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C: \ PROGRA ~ 1 \ Symantec \ LIVEUP ~ 1 \ LUCOMS ~ 1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C: \ Programmer \ Common Files \ Symantec Shared \ ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C: \ Programmer \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C: \ Programmer \ Common Files \ Roxio Shared \ 9.0 \ SharedCOM \ RoxMediaDB9.exe
O23 - Service: SupportSoft kædehjul Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C: \ Programmer \ Comcast \ Desktop Doctor \ bin \ sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C: \ Programmer \ Common Files \ SureThing Shared \ stllssvr.exe
O23 - Service: Symantec Core LC - Unknown ejer - C: \ Programmer \ Common Files \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C: \ Programmer \ Common Files \ Symantec Shared \ AppCore \ AppSvc32.exe
O23 - Service: synspunkt Manager Service - synspunkt Corporation - C: \ Programmer \ synspunkt \ Common \ ViewpointService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C: \ Windows \ system32 \ DRIVERS \ xaudio.exe
--
End of file - 13628 bytes

**howardhopkinson** · #7 5 januar 2008, 19:34

Måske du vil kopiere og indsætte disse instruktioner til en notesblok fil. Så kan du har åbnet filen i fejlsikret tilstand, så du kan følge instruktionerne lettere.

Starte op i fejlsikret tilstand, under din normale brugernavn (IKKE administratorkontoen). Se hvordan HER.

I Windows Explorer, tænder "Vis alle filer og mapper, herunder skjulte og system". Se hvordan HER.

Gå til Tilføj / fjern programmer i kontrolpanelet og fjerne noget at gøre med (hvis der).

MySearch
bar
Seekmo
Synspunkt

Luk Kontrolpanel.

Klik på Start / Kør og skriv services.msc i boksen Kør og tryk på Enter-tasten.

Når vindue, maksimere det. Dobbeltklik på følgende ydelser (hvis der), Og vælg stop, hvis de kører. Indstil starttype til handicappede. Klik på Anvend / OK for hver tjeneste, du deaktivere.

Synspunkt Manager Service

Luk tjenester vindue.

Åbn dit Jobliste, ved at holde Ctrl-og Alt-tasterne og trykke på delete-tasten.

Klik på fanen Processer og slutter processen for (hvis der).

ViewpointService.exe
Launcher.exe
SeekmoSA.exe
OEAddOn.exe

Luk Jobliste.

Kør HJT med ingen andre programmer åbne (undtagen notesblok). Klik på Scan-knappen. Har HJT fastsætte følgende, ved at sætte et kryds i den lille boks ved siden af (hvis der).

O2 - BHO: My Search BHO - (014DA6C1-189F-421a-88CD-07CFE51CFF10) - C: \ Programmer \ MySearch \ bar \ 1.bin \ S4BAR.DLL

O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)

O2 - BHO: BDEX System - (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126) - C: \ Windows \ blopenvxdt.dll

O2 - BHO: FastRX - (E09962E7-A39E-4F60-8003-66D57BED27B7) - C: \ Windows \ system32 \ fastRX.dll (filen mangler)

O3 - Toolbar: My Search Bar - (014DA6C9-189F-421a-88CD-07CFE51CFF10) - C: \ Programmer \ MySearch \ bar \ 1.bin \ S4BAR.DLL

O3 - Toolbar: The retnsrp - (CC304A4D-FC79-4CD3-9A67-46E3AF59319D) - C: \ Windows \ retnsrp.dll

O4 - HKLM \ .. \ Run: [kpx] C: \ Windows \ system32 \ rundll32.exe C: \ Windows \ system32 \ fastRX.dll DllInitApp

O4 - HKLM \ .. \ Run: [SeekmoOE] C: \ Programmer \ Seekmo \ bin \ 10.0.341.0 \ OEAddOn.exe

O4 - HKLM \ .. \ Run: [SeekmoSA] "C: \ Programmer \ Seekmo \ bin \ 10.0.341.0 \ SeekmoSA.exe"

O4 - HKLM \ .. \ RunOnce: [Launcher]% WINDIR% \ SMINST \ Launcher.exe

O21 - SSODL: leorop - (38CA8AE4-A78E-4111-8D0E-BDDF145A5040) - C: \ Windows \ leorop.dll

O21 - SSODL: nopzet - (9543D4D7-3E5B-4B70-BB93-83AC9865627C) - C: \ Windows \ nopzet.dll

O23 - Service: synspunkt Manager Service - synspunkt Corporation - C: \ Programmer \ synspunkt \ Common \ ViewpointService.exe

Klik på fastsætte kontrolleres knappen.

Luk HJT.

Find og slet følgende fed filer og / eller mapper (hvis der).

C: \ Programmer \Synspunkt<Slet hele mappen.
C: \ Windows \nopzet.dll
C: \ Windows \leorop.dll

% WINDIR% \ SMINST \Launcher.exe
C: \ Programmer \Seekmo<Slet hele mappen.
C: \ Windows \ system32 \fastRX.dll

C: \ Windows \retnsrp.dll
C: \ Programmer \MySearch<Slet hele mappen.
C: \ Windows \blopenvxdt.dll

Genstart i normal tilstand og rehide dit beskyttede OS filer.

Downloade combofix.exe til skrivebordet. Dobbeltklik combofix.exe & følg instruktionerne. Et vindue vil åbne med en advarsel. Type "1" (og Enter) for at starte fix. Når scanningen er fuldført, vil åbne en SMS-vinduet. Vedlæg at logge på igen her sammen med en frisk HJT log. Forsigtig - ikke røre ved din mus / tastatur, indtil scanningen er fuldført. Scanningen deaktiverer midlertidigt på din computer, og hvis afbrudt kan forlade dit skrivebord handicappede. Hvis dette sker, skal du genstarte at genoprette skrivebordet.

Combofix vil automatisk gemme logfilen til C: \ combofix.txt

Post den Combofix log samt en ny HJT log.

Regards Howard.

**ImSoLost** · #8 5 januar 2008, 19:45

Man jeg har dårlig timing. Jeg har lige fundet ud af, hvordan du kører online scanning. I'm running det lige nu, mens vi taler. Har du stadig vil have mig til at gøre som du sagde.

**howardhopkinson** · #9 5 januar 2008, 19:47

Glem online scanning for nu blot følge anvisningerne jeg har givet dig.

Regards Howard.

**ImSoLost** · #10 5 januar 2008, 21:01

Når jeg forsøger at køre Combofix jeg får det blå vindue, men så står der forbereder sig på at køre, så tør for hukommelse eller adgang krænkelse og så jeg får en anden pop up sige "Freeware gennemførelsen af Reg.exe er holdt op med at virke, og det tvinger mig til at lukke fastlæggelse af programmet. Vil du have mig til at sende den HJT log?

Jeg undskylder for al denne ballade.

Vent et sekund, jeg ved ikke hvordan, men det er nu arbejder jeg skal køre den.

Lignende Tråde
Tråd	Thread Starter	Forum	Svar	Last Post
Hjælp, Kan ikke få adgang til min Jobliste	Raph78	Windows-operativsystemer	5	23 juli 2009 02:45
Jobliste ikke lukke programmer	tbarber	Windows-operativsystemer	0	17th May 2009 17:52
Jobliste Processer ..	IsoldeAislinn	Windows-operativsystemer	9	25. sep 2008 19:26
Check min opgave manager ud for mig plz:)	pete21	General Software Chat	5	9 juli 2008 06:05
AnVir Jobliste	evilfantasy	General Software Chat	0	28 marts 2008 14:40