Notifikationer

Markér alle som læst Log ud

follmann Novice

15. marts 2005 - 18:27 Der er 5 kommentarer og
2 løsninger

hijack gennemgang

Logfile of HijackThis v1.99.1
Scan saved at 18:25:51, on 15-03-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Programmer\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
D:\Programmer\Java\j2re1.4.2_06\bin\jusched.exe
D:\Programmer\SPAMfighter\SFAgent.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Programmer\MSN Messenger\msnmsgr.exe
D:\Programmer\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
D:\Programmer\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
D:\Programmer\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
D:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
D:\Programmer\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\inetsrv\inetinfo.exe
D:\Programmer\Fælles filer\Microsoft Shared\VS7Debug\mdm.exe
D:\Programmer\VeriSign\NAVI\naviagent.exe
D:\WINDOWS\System32\snmp.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\HPZipm12.exe
D:\Programmer\Alwil Software\Avast4\ashMaiSv.exe
D:\Programmer\Alwil Software\Avast4\ashWebSv.exe
D:\Programmer\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
D:\Programmer\Internet Explorer\iexplore.exe
C:\Fra nettet\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.dk/0SEDADK/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://nifo.homepage.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - D:\Programmer\VeriSign\i-Nav\i-nav_4_2_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {13CFE64C-F43A-AAD9-B14E-C89EE8D5FCEC} - D:\WINDOWS\system32\abkvnnjo.dll
O2 - BHO: (no name) - {24C62D92-221E-CE04-6EF0-8C9F66E34A0F} - D:\WINDOWS\system32\qphldora.dll
O2 - BHO: (no name) - {55F28C2B-1AE0-B40D-DBA2-9EE51F2F7C1E} - D:\WINDOWS\system32\usqcnbvh.dll
O2 - BHO: (no name) - {68530E2C-C9D8-19CB-A3EB-B4ACDEF70626} - D:\WINDOWS\system32\dasqjkxn.dll
O2 - BHO: (no name) - {7F607ACB-C96D-E869-DB07-8C7FEAE0FF6A} - D:\WINDOWS\system32\rxxfllal.dll
O2 - BHO: (no name) - {98ACD6AF-88F0-2EC0-CAE6-AD5ACDCE0FF0} - D:\WINDOWS\system32\ammyvfya.dll
O2 - BHO: (no name) - {BEC6562F-BC31-8B19-E07E-BFAAA5C0B79E} - D:\WINDOWS\system32\nlhseneh.dll
O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - D:\Programmer\VeriSign\i-Nav\i-nav_4_2_0.dll
O2 - BHO: (no name) - {F1CAFA8E-43F8-433A-D3D6-7DC8DD510C98} - D:\WINDOWS\system32\vdfnzmcl.dll
O2 - BHO: (no name) - {F2AABAF3-63FD-7B4A-AAB4-BD83ED108ACC} - D:\WINDOWS\system32\xosmvyqc.dll
O4 - HKLM\..\Run: [FmctrlTray] Fmctrl.EXE
O4 - HKLM\..\Run: [NeroCheck] D:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MessengerPlus3] "D:\Programmer\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [HP Software Update] "D:\Programmer\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [MessengerPlus2] "D:\Programmer\Messenger Plus! 2\MsgPlus.exe"
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [] c:\WINDOWS\System32\
O4 - HKLM\..\Run: [function redirec] c:\WINDOWS\System32\function redirect(){
O4 - HKLM\..\Run: [var strT] c:\WINDOWS\System32\var strTemp;
O4 - HKLM\..\Run: [var strP] c:\WINDOWS\System32\var strPort;
O4 - HKLM\..\Run: [ top.location.replace(strTe] c:\WINDOWS\System32\ top.location.replace(strTemp);
O4 - HKLM\..\Run: [<h] c:\WINDOWS\System32\<HTML>
O4 - HKLM\..\Run: [ <title>[news]</ti] c:\WINDOWS\System32\ <title>[news]</title>
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Programmer\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [SPAMfighter Agent] "D:\Programmer\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Frameset//] c:\WINDOWS\System32\<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Frameset//EN">
O4 - HKLM\..\Run: [ <H] c:\WINDOWS\System32\ <HEAD>
O4 - HKLM\..\Run: [ <TI] c:\WINDOWS\System32\ <TITLE>
O4 - HKLM\..\Run: [ newsinsider.us</TI] c:\WINDOWS\System32\ newsinsider.us</TITLE>
O4 - HKLM\..\Run: [ <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7] c:\WINDOWS\System32\ <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1">
O4 - HKLM\..\Run: [ <meta name="CODE_LANGUAGE" Content="] c:\WINDOWS\System32\ <meta name="CODE_LANGUAGE" Content="C#">
O4 - HKLM\..\Run: [ <meta name="vs_defaultClientScript" content="JavaScri] c:\WINDOWS\System32\ <meta name="vs_defaultClientScript" content="JavaScript">
O4 - HKLM\..\Run: [ <meta name='keywords' content='] c:\WINDOWS\System32\ <meta name='keywords' content='' />
O4 - HKLM\..\Run: [ <nofra] c:\WINDOWS\System32\ <noframes>
O4 - HKLM\..\Run: [ <b] c:\WINDOWS\System32\ <body>
O4 - HKLM\..\Run: [ Welcom] c:\WINDOWS\System32\ Welcome to
O4 - HKLM\..\Run: [ NEWSINSIDER.] c:\WINDOWS\System32\ NEWSINSIDER.US:
O4 - HKLM\..\Run: [ Search the web, search the internet. Our serch service provides you access] c:\WINDOWS\System32\ Search the web, search the internet. Our serch service provides you access to
O4 - HKLM\..\Run: [ the products and services you are looking for. Find shopping sites, financ] c:\WINDOWS\System32\ the products and services you are looking for. Find shopping sites, financial
O4 - HKLM\..\Run: [ offerings, travel information, beauty secrets, weight loss programs and more] c:\WINDOWS\System32\ offerings, travel information, beauty secrets, weight loss programs and more on
O4 - HKLM\..\Run: [ topics such] c:\WINDOWS\System32\ topics such as:
O4 - HKLM\..\Run: [ ] c:\WINDOWS\System32\ .
O4 - HKLM\..\Run: [ <b] c:\WINDOWS\System32\ <br />
O4 - HKLM\..\Run: [ To search the web, pl] c:\WINDOWS\System32\ To search the web, please
O4 - HKLM\..\Run: [ <a href='http://www.eta.us/default.aspx?host=newsinsider.u] c:\WINDOWS\System32\ <a href='http://www.eta.us/default.aspx?host=newsinsider.us'>.
O4 - HKLM\..\Run: [ </b] c:\WINDOWS\System32\ </body>
O4 - HKLM\..\Run: [ </nofra] c:\WINDOWS\System32\ </noframes>
O4 - HKLM\..\Run: [ </H] c:\WINDOWS\System32\ </HEAD>
O4 - HKLM\..\Run: [ <frameset rows=] c:\WINDOWS\System32\ <frameset rows="*">
O4 - HKLM\..\Run: [ <frame src='http://www.eta.us/default.aspx?host=newsinsider.us&framed] c:\WINDOWS\System32\ <frame src='http://www.eta.us/default.aspx?host=newsinsider.us&framed=1'>
O4 - HKLM\..\Run: [ </frame] c:\WINDOWS\System32\ </frameset>
O4 - HKLM\..\Run: [ 
O4 - HKLM\..\Run: [</H] c:\WINDOWS\System32\</HTML>
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "D:\Programmer\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "D:\Programmer\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [] c:\WINDOWS\System32\
O4 - HKCU\..\Run: [function redirec] c:\WINDOWS\System32\function redirect(){
O4 - HKCU\..\Run: [var strT] c:\WINDOWS\System32\var strTemp;
O4 - HKCU\..\Run: [var strP] c:\WINDOWS\System32\var strPort;
O4 - HKCU\..\Run: [ top.location.replace(strTe] c:\WINDOWS\System32\ top.location.replace(strTemp);
O4 - HKCU\..\Run: [<h] c:\WINDOWS\System32\<HTML>
O4 - HKCU\..\Run: [ <title>[news]</ti] c:\WINDOWS\System32\ <title>[news]</title>
O4 - HKCU\..\Run: [<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Frameset//] c:\WINDOWS\System32\<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Frameset//EN">
O4 - HKCU\..\Run: [ <H] c:\WINDOWS\System32\ <HEAD>
O4 - HKCU\..\Run: [ <TI] c:\WINDOWS\System32\ <TITLE>
O4 - HKCU\..\Run: [ newsinsider.us</TI] c:\WINDOWS\System32\ newsinsider.us</TITLE>
O4 - HKCU\..\Run: [ <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7] c:\WINDOWS\System32\ <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1">
O4 - HKCU\..\Run: [ <meta name="CODE_LANGUAGE" Content="] c:\WINDOWS\System32\ <meta name="CODE_LANGUAGE" Content="C#">
O4 - HKCU\..\Run: [ <meta name="vs_defaultClientScript" content="JavaScri] c:\WINDOWS\System32\ <meta name="vs_defaultClientScript" content="JavaScript">
O4 - HKCU\..\Run: [ <meta name='keywords' content='] c:\WINDOWS\System32\ <meta name='keywords' content='' />
O4 - HKCU\..\Run: [ <nofra] c:\WINDOWS\System32\ <noframes>
O4 - HKCU\..\Run: [ <b] c:\WINDOWS\System32\ <body>
O4 - HKCU\..\Run: [ Welcom] c:\WINDOWS\System32\ Welcome to
O4 - HKCU\..\Run: [ NEWSINSIDER.] c:\WINDOWS\System32\ NEWSINSIDER.US:
O4 - HKCU\..\Run: [ Search the web, search the internet. Our serch service provides you access] c:\WINDOWS\System32\ Search the web, search the internet. Our serch service provides you access to
O4 - HKCU\..\Run: [ the products and services you are looking for. Find shopping sites, financ] c:\WINDOWS\System32\ the products and services you are looking for. Find shopping sites, financial
O4 - HKCU\..\Run: [ offerings, travel information, beauty secrets, weight loss programs and more] c:\WINDOWS\System32\ offerings, travel information, beauty secrets, weight loss programs and more on
O4 - HKCU\..\Run: [ topics such] c:\WINDOWS\System32\ topics such as:
O4 - HKCU\..\Run: [ ] c:\WINDOWS\System32\ .
O4 - HKCU\..\Run: [ <b] c:\WINDOWS\System32\ <br />
O4 - HKCU\..\Run: [ To search the web, pl] c:\WINDOWS\System32\ To search the web, please
O4 - HKCU\..\Run: [ <a href='http://www.eta.us/default.aspx?host=newsinsider.u] c:\WINDOWS\System32\ <a href='http://www.eta.us/default.aspx?host=newsinsider.us'>.
O4 - HKCU\..\Run: [ </b] c:\WINDOWS\System32\ </body>
O4 - HKCU\..\Run: [ </nofra] c:\WINDOWS\System32\ </noframes>
O4 - HKCU\..\Run: [ </H] c:\WINDOWS\System32\ </HEAD>
O4 - HKCU\..\Run: [ <frameset rows=] c:\WINDOWS\System32\ <frameset rows="*">
O4 - HKCU\..\Run: [ <frame src='http://www.eta.us/default.aspx?host=newsinsider.us&framed] c:\WINDOWS\System32\ <frame src='http://www.eta.us/default.aspx?host=newsinsider.us&framed=1'>
O4 - HKCU\..\Run: [ </frame] c:\WINDOWS\System32\ </frameset>
O4 - HKCU\..\Run: [ 
O4 - HKCU\..\Run: [</H] c:\WINDOWS\System32\</HTML>
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmer\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmer\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra button: (no name) - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: i-Nav Hjælp - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra 'Tools' menuitem: i-Nav Hjælp - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F} - D:\Programmer\VeriSign\i-Nav\i-nav_4_2_0.dll
O9 - Extra 'Tools' menuitem: i-Nav Indstillinger - {CE000996-A58C-4441-8938-744CD72AB27F} - D:\Programmer\VeriSign\i-Nav\i-nav_4_2_0.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmer\Messenger\msmsgs.exe
O15 - Trusted Zone: *.bgbank.dk
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://downloadcenter.samsung.com/content/common/cab/DjVuControlLite_EN.cab
O16 - DPF: {1221EA33-878F-4672-B799-05DAAF1298CF} (sysinfo1 Class) - http://resources.tele2.dk/privat/internet/pctest/systeminfo1.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab30149.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=34738&clcid=0x409
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {53B3ABEA-4445-44D9-A01E-088144CAABD9} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/da/filesharingctrl.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/virusinfo/webscan.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (WebHandler Class) - http://activex.microgaming.com/DLhelper/version6/dlhelper.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab32846.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://slotsroyale.microgaming.com/slotsroyale/FlashAX.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.bgbank.dk/html/activex/e-Safekey/BG/e-Safekey.cab
O16 - DPF: {DB893839-10F0-4AF9-92FA-B23528F530AF} - http://deposito.hostance.net/dialer/1015176.exe
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - D:\Programmer\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - D:\Programmer\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - D:\Programmer\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: VeriSign Updater (navi) - Unknown owner - D:\Programmer\VeriSign\NAVI\naviagent.exe" uimode=agentupdate (file missing)
O23 - Service: NTLOAD - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe (file missing)
O23 - Service: NTSVCMGR - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - D:\Programmer\Fælles filer\Symantec Shared\SNDSrvc.exe (file missing)

Synes godt om

tonnybrandt Nybegynder

15. marts 2005 - 21:16 #1

Jeg kigger lige på den ..

Synes godt om

tonnybrandt Nybegynder

15. marts 2005 - 21:27 #2

Denne infektion er ny, jeg har aldrig set den før, men vi prøver at fjerne den på normal vis.

Hent denne Kaspersky scanner, den skal du bruge senere.
http://www.spywareinfo.dk/download/mwav.exe - Virusscanner.

Så skal du genstarte pc'en i fejlsikret tilstand. Klik F8 under opstart.

Kør Hijackthis, scan, sæt flueben ved linierne listet her, luk alle vinduer undtaget Hijackthis, klik på fix checked, slet mapper og filer listet nederst.
Dobbelttjek, så alt kommer med.

O2 - BHO: (no name) - {13CFE64C-F43A-AAD9-B14E-C89EE8D5FCEC} - D:\WINDOWS\system32\abkvnnjo.dll
O2 - BHO: (no name) - {24C62D92-221E-CE04-6EF0-8C9F66E34A0F} - D:\WINDOWS\system32\qphldora.dll
O2 - BHO: (no name) - {55F28C2B-1AE0-B40D-DBA2-9EE51F2F7C1E} - D:\WINDOWS\system32\usqcnbvh.dll
O2 - BHO: (no name) - {68530E2C-C9D8-19CB-A3EB-B4ACDEF70626} - D:\WINDOWS\system32\dasqjkxn.dll
O2 - BHO: (no name) - {7F607ACB-C96D-E869-DB07-8C7FEAE0FF6A} - D:\WINDOWS\system32\rxxfllal.dll
O2 - BHO: (no name) - {98ACD6AF-88F0-2EC0-CAE6-AD5ACDCE0FF0} - D:\WINDOWS\system32\ammyvfya.dll
O2 - BHO: (no name) - {BEC6562F-BC31-8B19-E07E-BFAAA5C0B79E} - D:\WINDOWS\system32\nlhseneh.dll
O2 - BHO: (no name) - {F1CAFA8E-43F8-433A-D3D6-7DC8DD510C98} - D:\WINDOWS\system32\vdfnzmcl.dll
O2 - BHO: (no name) - {F2AABAF3-63FD-7B4A-AAB4-BD83ED108ACC} - D:\WINDOWS\system32\xosmvyqc.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [] c:\WINDOWS\System32\
O4 - HKLM\..\Run: [function redirec] c:\WINDOWS\System32\function redirect(){
O4 - HKLM\..\Run: [var strT] c:\WINDOWS\System32\var strTemp;
O4 - HKLM\..\Run: [var strP] c:\WINDOWS\System32\var strPort;
O4 - HKLM\..\Run: [ top.location.replace(strTe] c:\WINDOWS\System32\ top.location.replace(strTemp);
O4 - HKLM\..\Run: [<h] c:\WINDOWS\System32\<HTML>
O4 - HKLM\..\Run: [ <title>[news]</ti] c:\WINDOWS\System32\ <title>[news]</title>
O4 - HKLM\..\Run: [<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Frameset//] c:\WINDOWS\System32\<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Frameset//EN">
O4 - HKLM\..\Run: [ <H] c:\WINDOWS\System32\ <HEAD>
O4 - HKLM\..\Run: [ <TI] c:\WINDOWS\System32\ <TITLE>
O4 - HKLM\..\Run: [ newsinsider.us</TI] c:\WINDOWS\System32\ newsinsider.us</TITLE>
O4 - HKLM\..\Run: [ <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7] c:\WINDOWS\System32\ <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1">
O4 - HKLM\..\Run: [ <meta name="CODE_LANGUAGE" Content="] c:\WINDOWS\System32\ <meta name="CODE_LANGUAGE" Content="C#">
O4 - HKLM\..\Run: [ <meta name="vs_defaultClientScript" content="JavaScri] c:\WINDOWS\System32\ <meta name="vs_defaultClientScript" content="JavaScript">
O4 - HKLM\..\Run: [ <meta name='keywords' content='] c:\WINDOWS\System32\ <meta name='keywords' content='' />
O4 - HKLM\..\Run: [ <nofra] c:\WINDOWS\System32\ <noframes>
O4 - HKLM\..\Run: [ <b] c:\WINDOWS\System32\ <body>
O4 - HKLM\..\Run: [ Welcom] c:\WINDOWS\System32\ Welcome to
O4 - HKLM\..\Run: [ NEWSINSIDER.] c:\WINDOWS\System32\ NEWSINSIDER.US:
O4 - HKLM\..\Run: [ Search the web, search the internet. Our serch service provides you access] c:\WINDOWS\System32\ Search the web, search the internet. Our serch service provides you access to
O4 - HKLM\..\Run: [ the products and services you are looking for. Find shopping sites, financ] c:\WINDOWS\System32\ the products and services you are looking for. Find shopping sites, financial
O4 - HKLM\..\Run: [ offerings, travel information, beauty secrets, weight loss programs and more] c:\WINDOWS\System32\ offerings, travel information, beauty secrets, weight loss programs and more on
O4 - HKLM\..\Run: [ topics such] c:\WINDOWS\System32\ topics such as:
O4 - HKLM\..\Run: [ ] c:\WINDOWS\System32\ .
O4 - HKLM\..\Run: [ <b] c:\WINDOWS\System32\ <br />
O4 - HKLM\..\Run: [ To search the web, pl] c:\WINDOWS\System32\ To search the web, please
O4 - HKLM\..\Run: [ <a href='http://www.eta.us/default.aspx?host=newsinsider.u] c:\WINDOWS\System32\ <a href='http://www.eta.us/default.aspx?host=newsinsider.us'>.
O4 - HKLM\..\Run: [ </b] c:\WINDOWS\System32\ </body>
O4 - HKLM\..\Run: [ </nofra] c:\WINDOWS\System32\ </noframes>
O4 - HKLM\..\Run: [ </H] c:\WINDOWS\System32\ </HEAD>
O4 - HKLM\..\Run: [ <frameset rows=] c:\WINDOWS\System32\ <frameset rows="*">
O4 - HKLM\..\Run: [ <frame src='http://www.eta.us/default.aspx?host=newsinsider.us&framed] c:\WINDOWS\System32\ <frame src='http://www.eta.us/default.aspx?host=newsinsider.us&framed=1'>
O4 - HKLM\..\Run: [ </frame] c:\WINDOWS\System32\ </frameset>
O4 - HKLM\..\Run: [ 
O4 - HKLM\..\Run: [</H] c:\WINDOWS\System32\</HTML>
O4 - HKCU\..\Run: [] c:\WINDOWS\System32\
O4 - HKCU\..\Run: [function redirec] c:\WINDOWS\System32\function redirect(){
O4 - HKCU\..\Run: [var strT] c:\WINDOWS\System32\var strTemp;
O4 - HKCU\..\Run: [var strP] c:\WINDOWS\System32\var strPort;
O4 - HKCU\..\Run: [ top.location.replace(strTe] c:\WINDOWS\System32\ top.location.replace(strTemp);
O4 - HKCU\..\Run: [<h] c:\WINDOWS\System32\<HTML>
O4 - HKCU\..\Run: [ <title>[news]</ti] c:\WINDOWS\System32\ <title>[news]</title>
O4 - HKCU\..\Run: [<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Frameset//] c:\WINDOWS\System32\<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Frameset//EN">
O4 - HKCU\..\Run: [ <H] c:\WINDOWS\System32\ <HEAD>
O4 - HKCU\..\Run: [ <TI] c:\WINDOWS\System32\ <TITLE>
O4 - HKCU\..\Run: [ newsinsider.us</TI] c:\WINDOWS\System32\ newsinsider.us</TITLE>
O4 - HKCU\..\Run: [ <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7] c:\WINDOWS\System32\ <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1">
O4 - HKCU\..\Run: [ <meta name="CODE_LANGUAGE" Content="] c:\WINDOWS\System32\ <meta name="CODE_LANGUAGE" Content="C#">
O4 - HKCU\..\Run: [ <meta name="vs_defaultClientScript" content="JavaScri] c:\WINDOWS\System32\ <meta name="vs_defaultClientScript" content="JavaScript">
O4 - HKCU\..\Run: [ <meta name='keywords' content='] c:\WINDOWS\System32\ <meta name='keywords' content='' />
O4 - HKCU\..\Run: [ <nofra] c:\WINDOWS\System32\ <noframes>
O4 - HKCU\..\Run: [ <b] c:\WINDOWS\System32\ <body>
O4 - HKCU\..\Run: [ Welcom] c:\WINDOWS\System32\ Welcome to
O4 - HKCU\..\Run: [ NEWSINSIDER.] c:\WINDOWS\System32\ NEWSINSIDER.US:
O4 - HKCU\..\Run: [ Search the web, search the internet. Our serch service provides you access] c:\WINDOWS\System32\ Search the web, search the internet. Our serch service provides you access to
O4 - HKCU\..\Run: [ the products and services you are looking for. Find shopping sites, financ] c:\WINDOWS\System32\ the products and services you are looking for. Find shopping sites, financial
O4 - HKCU\..\Run: [ offerings, travel information, beauty secrets, weight loss programs and more] c:\WINDOWS\System32\ offerings, travel information, beauty secrets, weight loss programs and more on
O4 - HKCU\..\Run: [ topics such] c:\WINDOWS\System32\ topics such as:
O4 - HKCU\..\Run: [ ] c:\WINDOWS\System32\ .
O4 - HKCU\..\Run: [ <b] c:\WINDOWS\System32\ <br />
O4 - HKCU\..\Run: [ To search the web, pl] c:\WINDOWS\System32\ To search the web, please
O4 - HKCU\..\Run: [ <a href='http://www.eta.us/default.aspx?host=newsinsider.u] c:\WINDOWS\System32\ <a href='http://www.eta.us/default.aspx?host=newsinsider.us'>.
O4 - HKCU\..\Run: [ </b] c:\WINDOWS\System32\ </body>
O4 - HKCU\..\Run: [ </nofra] c:\WINDOWS\System32\ </noframes>
O4 - HKCU\..\Run: [ </H] c:\WINDOWS\System32\ </HEAD>
O4 - HKCU\..\Run: [ <frameset rows=] c:\WINDOWS\System32\ <frameset rows="*">
O4 - HKCU\..\Run: [ <frame src='http://www.eta.us/default.aspx?host=newsinsider.us&framed] c:\WINDOWS\System32\ <frame src='http://www.eta.us/default.aspx?host=newsinsider.us&framed=1'>
O4 - HKCU\..\Run: [ </frame] c:\WINDOWS\System32\ </frameset>
O4 - HKCU\..\Run: [ 
O4 - HKCU\..\Run: [</H] c:\WINDOWS\System32\</HTML>
O16 - DPF: {DB893839-10F0-4AF9-92FA-B23528F530AF} - http://deposito.hostance.net/dialer/1015176.exe
O23 - Service: NTLOAD - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe (file missing)
O23 - Service: NTSVCMGR - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe (file missing)

---------------------------------------
Sletning af filer og mapper:
Åbn en mappe, klik på Funktioner=>Mappeindstillinger=>Vis.
Fjern flueben ved "Skjul beskyttede operativsystemfiler".
Fjern flueben ved "Skjul filtypenavne for kendte filtyper".
Sæt prik i "Vis skjulte filer og mapper".
Brug af Start->Søg.
Klik på "Alle filer og mapper"
Klik på "Avancerede indstillinger"
Sæt flueben i de tre øverste.
-------------------
Mapper:
<ingen>

Filer:
D:\WINDOWS\system32\abkvnnjo.dll
D:\WINDOWS\system32\qphldora.dll
D:\WINDOWS\system32\usqcnbvh.dll
D:\WINDOWS\system32\dasqjkxn.dll
D:\WINDOWS\system32\rxxfllal.dll
D:\WINDOWS\system32\ammyvfya.dll
D:\WINDOWS\system32\nlhseneh.dll
D:\WINDOWS\system32\vdfnzmcl.dll
D:\WINDOWS\system32\xosmvyqc.dll
c:\windows\system32\dllcache\win32\winlogon.exe

---------------------------------------
Så kører du engangsskanneren fra Kaspersky - Aktiver det hele i opsætningen derinde, så den kan skanne alt igennem.
---------------------------------------

Genstart normalt og kom med en ny log til kontrol

Synes godt om

follmann Novice

17. marts 2005 - 21:21 #3

Undskyld forsinkelsen, men her er den nye Hijack

Synes godt om

follmann Novice

17. marts 2005 - 21:21 #4

Logfile of HijackThis v1.99.1
Scan saved at 21:16:31, on 17-03-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Programmer\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
D:\Programmer\Java\j2re1.4.2_06\bin\jusched.exe
D:\Programmer\SPAMfighter\SFAgent.exe
D:\Programmer\Zone Labs\ZoneAlarm\zlclient.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Programmer\MSN Messenger\msnmsgr.exe
D:\Programmer\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
D:\Programmer\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
D:\Programmer\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
D:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
D:\Programmer\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\inetsrv\inetinfo.exe
D:\Programmer\Fælles filer\Microsoft Shared\VS7Debug\mdm.exe
D:\Programmer\VeriSign\NAVI\naviagent.exe
D:\WINDOWS\System32\snmp.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\ZoneLabs\vsmon.exe
D:\WINDOWS\system32\msiexec.exe
D:\WINDOWS\System32\HPZipm12.exe
D:\Programmer\Alwil Software\Avast4\ashMaiSv.exe
D:\Programmer\Alwil Software\Avast4\ashWebSv.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Programmer\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
D:\Documents and Settings\Administrator\Skrivebord\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.dk/0SEDADK/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://nifo.homepage.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - D:\Programmer\VeriSign\i-Nav\i-nav_4_2_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - D:\Programmer\VeriSign\i-Nav\i-nav_4_2_0.dll
O4 - HKLM\..\Run: [FmctrlTray] Fmctrl.EXE
O4 - HKLM\..\Run: [NeroCheck] D:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] "D:\Programmer\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Programmer\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [SPAMfighter Agent] "D:\Programmer\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [Zone Labs Client] "D:\Programmer\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "D:\Programmer\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmer\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmer\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra button: (no name) - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: i-Nav Hjælp - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra 'Tools' menuitem: i-Nav Hjælp - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F} - D:\Programmer\VeriSign\i-Nav\i-nav_4_2_0.dll
O9 - Extra 'Tools' menuitem: i-Nav Indstillinger - {CE000996-A58C-4441-8938-744CD72AB27F} - D:\Programmer\VeriSign\i-Nav\i-nav_4_2_0.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmer\Messenger\msmsgs.exe
O15 - Trusted Zone: *.bgbank.dk
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://downloadcenter.samsung.com/content/common/cab/DjVuControlLite_EN.cab
O16 - DPF: {1221EA33-878F-4672-B799-05DAAF1298CF} (sysinfo1 Class) - http://resources.tele2.dk/privat/internet/pctest/systeminfo1.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab30149.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=34738&clcid=0x409
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {53B3ABEA-4445-44D9-A01E-088144CAABD9} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/da/filesharingctrl.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/virusinfo/webscan.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebAAS.cab
O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (WebHandler Class) - http://activex.microgaming.com/DLhelper/version6/dlhelper.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab32846.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://slotsroyale.microgaming.com/slotsroyale/FlashAX.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.bgbank.dk/html/activex/e-Safekey/BG/e-Safekey.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - D:\Programmer\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - D:\Programmer\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - D:\Programmer\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: VeriSign Updater (navi) - Unknown owner - D:\Programmer\VeriSign\NAVI\naviagent.exe" uimode=agentupdate (file missing)
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - D:\Programmer\Fælles filer\Symantec Shared\SNDSrvc.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC - D:\WINDOWS\system32\ZoneLabs\vsmon.exe

Synes godt om

tonnybrandt Nybegynder

17. marts 2005 - 21:29 #5

Det har du gjort godt. Fin og ren log !

Efter sådan en tur er det altid en god ide og rydde op i systemgendannelses filerne. Deaktiver systemgendannelse - genstart din computer - aktiver systemgendannelse.
(klik start | indstillinger | kontrolpanel | system, fanebladet systemgendannelse)

Du kan evt installere nogle af programmerne i spywarefri pakken..de er alle små, konflikter ikke og er meget effektive mod snavs af den slags du lige har været angrebet af.

Specielt anbefaler vi Spybot,spywareblaster, IE-Spyad og spywareguard.
Se mere i "pakken" her
http://www.spywarefri.dk/pakken.htm

Synes godt om

tonnybrandt Nybegynder

22. marts 2005 - 10:31 #6

Kan spørgsmålet lukkes ?

Du lukker spørgsmålet ved at markere mit navn nede til venstre og trykke accepter.

Synes godt om

tonnybrandt Nybegynder

22. marts 2005 - 17:02 #7

Takker for point :)

Synes godt om

Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Følg dette spørgsmål

Opret Preview

Se alle it-kurser fra Computerworld Kurser

IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.

Se alle it-kurser

Flere spørgsmål fra Andet sikkerhed kategorien

Titel	Indlæg	Oprettet	Seneste aktivitet
hvilken afløser kan I anbefale? Af jcr18 i Andet sikkerhed	5	17/03/202610:32	18/03/202615:36
Advarsler om datalæk for nogle apps Af nu_igen i Andet sikkerhed	6	02/02/202614:54	03/02/202613:45
Mail fra Yousee ? Svindel? Af nu_igen i Andet sikkerhed	4	13/01/202617:27	14/01/202609:36
Er det sandsynligt, at jeg har været udsat for phishing Af Slettet bruger i Andet sikkerhed	4	13/11/202515:09	14/11/202510:45
Google fake Af johp i Andet sikkerhed	3	27/10/202516:31	28/10/202506:52

Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten

Seneste artiklerRSS

13:00

Podcasten Hard Fork giver et skarpt blik på ugens vigtigste tech-historier

11:58

Nørgaard: Læs skideballen fra en ukrainer til Rheinmetal - og derfor trender #MadeByHousewives

09:00

Læs hele Computerworlds løn-magasin: Så meget får danske it-folk i løn

02/04

Sådan kan du implementere ansvarlig AI i din organisation

01/04

Vi tester to udgaver af Denons Home-højttalere - og vi er ikke i tvivl om dommen

01/04

Som slagterlærling traf Rasmus et livsændrende valg: Nu er han udviklingschef i kæmpe energivirksomhed

01/04

Hård kritik efter tirsdagens stor-nedbrud: MitID er som en stor hullet ost og kan udvikle sig til en national katastrofe

01/04

OpenAI får kæmpemæssig kapitaltilførsel: Bliver værdisat til 5.500 milliarder kroner

01/04

Anthropic-medarbejder har ved et uheld lækket hele Claude Codes kildekode: 500.000 linier kode sluppet fri

01/04

Mørklægger årsag til tirsdagens timelange MitID-nedbrud: Vil intet fortælle af 'sikkerhedsmæssige årsager'

01/04

Hver fjerde forventer nul kroner i lønforhøjelse: It-testerne er blandt branchens mest pessimistiske for tredje år i træk

Vis flere artikler

IT-JOB

TV2

Erfaren leder til Finance og People & Culture teknologi i TV 2

Jyske Bank

Forretningsudvikler til porteføljestyring

Forsvarsministeriets Materiel- og Indkøbsstyrelse

Stærk sagsbehandler til støtte for Kapacitetsmanager og egen portefølje

Nextway Software A/S

Software Architect

KMD A/S

Compliance Officer

Vis flere jobs

Seneste spørgsmål Seneste aktivitet

31/0310:22	Makro der gemmer vedhæftet fil fra Msg og omdøber filen Af lokesa i Excel
30/0313:45	Kablet forbindelse mellem android telefon og windows 11 pc Af 1Dorte i Android
30/0312:04	Elementtype vises - og ikke billedet? Af hkprofil i Billedbehandling
29/0312:08	Problemer med replay af købte kursusvideoer Af annam i Browsere
28/0311:18	DENVER DVB-tMPEG-4 HD TUNER Af ole falsted i Fjernsyn & projektorer

White papers

Arctic Wolf Threat Report 2026: Sådan ændrer ransomware-landskabet sig
Arctic Wolf
Samarbejde mellem AI og mennesker styrker sikkerheden
Konica Minolta
Undgå at printeren bliver svageste led i sikkerheden
Konica Minolta
Erfaringer fra frontlinjen: Sådan ændrer trusselsbilledet sig
Arctic Wolf

Flere white papers »