Problemer med at gemme hijackthis-logfile

Husker du at køre som administrator?

Normalt 'åbner' HiJackThis kørselen til sidst bare Notesblok med filen indlæst ... og så er det bare som normalt at gemme DERFRA ... på et sted du kan finde igen bagefter ...

Notesblok åbner ganske vist - men uden fil indlæst. Notesblok er tom!

Det hører (måske) med til historien at jeg sidder med en lille ASUS med pre-installeret windows OG at jeg får en besked når jeg kører Hijackthis som fortæller:

"For some reason your system denied write access to the Hosts file. If any hijacked domains are in this file, Hijackthis may NOT be able to fix this.

If that happens you need to edit the file yourself. To do this, click Start, Run and type:

notepad C:\windows\system32\drivers\etc\hosts

and press Enter. Find the line(s) hijackthis reports and delete them. Save the file as "hosts" (with quotes) and reboot.

For Vista simply exit hijack this, right click on the hijack this econ, choose "run as administrator"

Pyha..håber at det bringer svaret på mit spgs nærmere..

Notesblok åbner ganske vist - men uden fil indlæst. Notesblok er tom!

Det hører (måske) med til historien at jeg sidder med en lille ASUS med pre-installeret windows OG at jeg får en besked når jeg kører Hijackthis som fortæller:

"For some reason your system denied write access to the Hosts file. If any hijacked domains are in this file, Hijackthis may NOT be able to fix this.

If that happens you need to edit the file yourself. To do this, click Start, Run and type:

notepad C:\windows\system32\drivers\etc\hosts

and press Enter. Find the line(s) hijackthis reports and delete them. Save the file as "hosts" (with quotes) and reboot.

For Vista simply exit hijack this, right click on the hijack this econ, choose "run as administrator"

Pyha..håber at det bringer svaret på mit spgs nærmere..

Når du skal køre HiJackThis.exe skal det være med
HøjreMusseTast - "Kør Som Administrator..."

Prøv så igen...

PS: Du skal ikke selv lægge [svar]; er 'reserveret' til (til løsninger og pointgivning), som der står. Når man ser oversigten over spørgsmål, tror folk at der er lagt løsning/svar og så bliver spørgsmålet sprunget over...

ok, håber at jeg skriver det rigtige sted.

Det VIRKEDE mht at køre som administrator ved at højreklikke.

Sådan ser loggen ud:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:06:34, on 10-04-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Asus\Eee Docking\Eee Docking.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\ExpressGateUtil\VAWinAgent.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\Google\Google Pinyin 3\GooglePinyinDaemon.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\Google Pinyin 3\GooglePinyinService.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files\hijackthis\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ETDWare] %ProgramFiles%\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HotkeyMon] AsusSender.exe C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe
O4 - HKLM\..\Run: [HotkeyService] AsusSender.exe C:\Program Files\ASUS\HotkeyService\HotkeyService.exe
O4 - HKLM\..\Run: [SuperHybridEngine] AsusSender.exe C:\Program Files\ASUS\SHE\SuperHybridEngine.exe
O4 - HKLM\..\Run: [LiveUpdate] AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto
O4 - HKLM\..\Run: [CapsHook] AsusSender.exe C:\Program Files\ASUS\CapsHook\CapsHook.exe
O4 - HKLM\..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe autorun
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files\ASUS\ASUS WebStorage\3.0.102.211\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [VizorHtmlDialog.exe] "C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" "DEF" "EULA" "C:\Program Files\Trend Micro\Titanium\UI\Installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF"
O4 - HKLM\..\Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
O4 - HKLM\..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe -ReFlush "none" "none"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe
O4 - HKLM\..\Run: [ASUSPRP] C:\Program Files\ASUS\APRP\APRP.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [Google Pinyin 3 Autoupdater] "C:\Program Files\Google\Google Pinyin 3\GooglePinyinDaemon.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETVÆRKSTJENESTE')
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files\Asus\AsusVibe\AsusVibeLauncher.exe
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files\Common Files\InstantOn\InsOnSrv.exe
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\windows\system32\AsusService.exe
O23 - Service: TiMiniService - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
O23 - Service: VideAceWindowsService - Unknown owner - C:\ExpressGateUtil\VAWinService.exe

--
End of file - 7934 bytes

Alt normalt her?

Hilsen Lea

Afinstall
* ASK toolbar
* BING Toolbar

Oplever du problemer i øvrigt ?

Jeg har afinstalleret ASK toolbar og BING Toolbar og PC'en kører godt nu.

Så er det vel bare at oprette en sikkerhedskopi (via windowsguiden) og oprette et gendannelsespunkt (under "system" i kontrolpanelet). Jeg ved ikke helt hvad forskellen er så jeg gør begge dele.

Hvis ikke at der er andet jeg skal være opmærksom på er det vel blot at gå til pointgivning?

Rigtigt mange tak for svar karise_larry (og pstidsen).

Fortsat god dag

Lea

Kør også denne ->
Hent og instalér CCleaner www.ccleaner.com/ + www.spywarefri.dk/manualer/manual-for-installation-og-brug-af-ccleaner/
www.alt-til-windows.dk/?Artikler/CCleaner-GuideTilOptimeringAfVista/763
Lad programmet foretage en oprydning...

http://gratisupload.dk/vis/62873/
http://gratisupload.dk/vis/62874/
http://gratisupload.dk/vis/63036/

---

Du bør (skal) opdatere din gamle AcrobatReader ->
http://get.adobe.com/dk/reader/  (FRAKlik det der Google Halløj!!!)

* Oprydning med CCleaner
* Opret et FRISK SYSTEMGENDANNELSESPUNKT
* CCleaner - værktøjer - Systemgendannelse - Slet de gamle punkter
* Defragmentering

Fornemt - will do! TAK for svar.