Hejsa Jeg har nogle problemer med en net.exe & net1.exe, som står mange gange i min Task manager, det er ikke muligt at lukke dem, søgte så lidt rundt omkring og fandt HJT, nogen der kan se noget galt? Jeg kan umiddelbart ikke. (Loggen står nederst) Derudover scannede jeg computeren og fandt, kill.BAT, og denne kan ikke fjernes via Norton2005. Nogen der kender en god reg cleaner ellers, kan være der er noget at hente der. Her er loggen: Logfile of HijackThis v1.97.7 Scan saved at 10:39:14 AM, on 10/7/2004 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:WINNTSystem32smss.exe C:WINNTsystem32csrss.exe C:WINNTsystem32winlogon.exe C:WINNTsystem32services.exe C:WINNTsystem32lsass.exe C:Program FilesCommon FilesSymantec SharedccProxy.exe C:Program FilesNorton Internet SecurityISSVC.exe C:WINNTsystem32svchost.exe C:Program FilesCommon FilesSymantec SharedSNDSrvc.exe C:Program FilesCommon FilesSymantec SharedccSetMgr.exe C:Program FilesCommon FilesSymantec SharedSPBBCSPBBCSvc.exe C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe C:WINNTsystem32spoolsv.exe C:WINNTSystem32svchost.exe C:WINDOWSsystem32sPERMFireDaemon.EXE C:WINDOWSsystem32sPERMiroffer.exe C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE C:Program FilesNorton Internet SecurityNorton AntiVirus avapsvc.exe C:WINNTsystem32altsvc.exe c:winntsystem32service.exe C:WINNTsystem32lssas.exe C:WINNTSystem32 vsvc32.exe C:WINNTsystem32msthost.exe C:WINNTsystem32 egsvc.exe C:WINNTsystem32MSTask.exe C:WINDOWSsystem32sPERMFireDaemon.EXE C:WINDOWSsystem32sPERMFireDaemon.EXE C:WINDOWSsystem32sPERMwinmgnt.exe C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe C:WINNTExplorer.EXE C:WINNTSystem32WBEMWinMgmt.exe C:WINNTsystem32svchost.exe C:Program FilesJavaj2re1.4.2_05injusched.exe C:Program FilesMessenger Plus! 3MsgPlus.exe C:Program FilesRaxcoPerfectDiskPDSched.exe C:Program FilesD-Toolsdaemon.exe C:Program FilesCommon FilesSymantec SharedccApp.exe C:WINNTsystem32ctfmon.exe C:Program FilesInterVideoCommonBinWinCinemaMgr.exe C:Program FilesBitCometBitComet.exe C:Program FilesMSN Messengermsnmsgr.exe C:Program FilesMozilla Thunderbird hunderbird.exe C:Program FilesWinampwinamp.exe C:Program FilesMaxthonMaxthon.exe D:IRCmirc.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesCommon FilesSymantec SharedAdBlockingNSMdtr.exe C:Documents and SettingsLasseNC1Local SettingsTemporary Internet FilesContent.IE5ITP6BQPSHijackThis[1].exe C:WINNTsystem32 et.exe C:WINNTsystem32 et1.exe C:WINNTsystem32 et.exe C:WINNTsystem32 et1.exe C:WINNTsystem32 et.exe C:WINNTsystem32 et1.exe C:WINNTsystem32 et.exe C:WINNTsystem32 et1.exe C:WINNTsystem32 et.exe C:WINNTsystem32 et1.exe C:WINNTsystem32 et.exe C:WINNTsystem32 et1.exe C:WINNTsystem32 et.exe C:WINNTsystem32 et1.exe C:WINNTsystem32 et.exe C:WINNTsystem32 et1.exe C:WINNTsystem32 et.exe C:WINNTsystem32 et1.exe C:WINNTsystem32 et.exe C:WINNTsystem32 et1.exe R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://google.icq.com[...] R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://www.microsoft.com[...] R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://forum.mopedgallery.dk[...] R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.microsoft.com[...] R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://www.microsoft.com[...] R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.microsoft.com[...] R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://www.microsoft.com[...] O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:Program FilesCommon FilesSymantec SharedAdBlockingNISShExt.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:Program FilesNorton Internet SecurityNorton AntiVirusNavShExt.dll O2 - BHO: (no name) - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:PROGRA~1TEXTwareQUICKF~1PlugInsIEHelp.dll O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:Program FilesCommon FilesSymantec SharedAdBlockingNISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:Program FilesNorton Internet SecurityNorton AntiVirusNavShExt.dll O4 - HKLM..Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINNTSystem32NvCpl.dll,NvStartup O4 - HKLM..Run: [nwiz] nwiz.exe /install O4 - HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavaj2re1.4.2_05injusched.exe O4 - HKLM..Run: [LoadQM] loadqm.exe O4 - HKLM..Run: [MessengerPlus3] "C:Program FilesMessenger Plus! 3MsgPlus.exe" O4 - HKLM..Run: [DAEMON Tools-1033] "C:Program FilesD-Toolsdaemon.exe" -lang 1033 O4 - HKLM..Run: [SSC_UserPrompt] C:Program FilesCommon FilesSymantec SharedSecurity CenterUsrPrmpt.exe O4 - HKLM..Run: [NetLimiter] C:Program FilesNetLimiterNetLimiter.exe /s O4 - HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe" O4 - HKLM..Run: [Symantec NetDriver Monitor] C:PROGRA~1SYMNET~1SNDMon.exe O4 - HKCU..Run: [MessengerPlus3] "C:Program FilesMessenger Plus! 3MsgPlus.exe" /WinStart O4 - HKCU..Run: [ctfmon.exe] ctfmon.exe O4 - HKCU..Run: [msnmsgr] "C:Program FilesMSN Messengermsnmsgr.exe" /background O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe O4 - Global Startup: Gyldendals Røde Ordbøger.lnk = C:Program FilesTEXTwareIlluminator 2Illview02.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:Program FilesInterVideoCommonBinWinCinemaMgr.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000 O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM) O9 - Extra button: Research (HKLM) O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com[...] O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com[...] O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com[...]
--