Søg
Avatar billede motyl Nybegynder
22. marts 2005 - 04:24 Der er 20 kommentarer og
1 løsning

HJT log til undersøgelse

Hej Eksperter.

Er der en af jer, som vil være så venlig at tjekke min log for trojaner og andet skidt. Min Firewall blev afinstalleret da jeg skulle installeret en ny verison, og pludselig dukke viruserne op en efter en!

Her er min log:

Logfile of HijackThis v1.98.2
Scan saved at 04:19:06, on 22-03-2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\Programmer\Borland\InterBase\bin\ibguard.exe
C:\NORMAN\Nvc\BIN\NPFSVICE.EXE
C:\Norman\bin\ZANDA.EXE
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\Norman\bin\NJEEVES.EXE
C:\NORMAN\Nvc\BIN\nipsvc.exe
C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
C:\Programmer\Borland\InterBase\bin\ibserver.exe
C:\NORMAN\Nvc\BIN\nvcoas.exe
C:\WINNT\Explorer.EXE
C:\WINNT\anvshell.exe
C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\iTunes\iTunesHelper.exe
C:\Norman\bin\ZLH.EXE
C:\WINNT\SYSTEM32\ikusefote.exe
C:\WINNT\system32\ihotunib.exe
C:\WINNT\SYSTEM32\ukaky.exe
C:\WINNT\system32\winsys32.exe
C:\WINNT\system32\ipconn.exe
C:\Programmer\iPod\bin\iPodService.exe
C:\WINNT\system32\axepis.exe
C:\WINNT\SYSTEM32\wycir.exe
C:\WINNT\system32\efipef.exe
C:\WINNT\system32\msdriver.exe
C:\winnt\system32\wogure20.exe
C:\WINNT\system32\msdriver.exe
C:\Norman\Nvc\bin\cclaw.exe
C:\WINNT\system32\wsyerds19.exe
C:\Norman\Nvc\BIN\NIP.EXE
C:\WINNT\system32\ATAPl.EXE
C:\WINNT\system32\sams.exe
C:\WINNT\system32\internat.exe
C:\WINNT\system32\ipconn.exe
C:\WINNT\system32\ihotunib.exe
C:\WINNT\system32\winsys32.exe
C:\Norman\Nvc\BIN\npfmsg2.exe
C:\WINNT\system32\axepis.exe
C:\WINNT\system32\efipef.exe
C:\WINNT\system32\msdriver.exe
C:\WINNT\system32\wsyerds19.exe
C:\WINNT\system32\msdriver.exe
C:\WINNT\system32\sams.exe
C:\WINNT\system32\dllhost.exe
C:\Documents and Settings\Brian\Skrivebord\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://signon.stofanet.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmer\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [anvshell] anvshell.exe
O4 - HKLM\..\Run: [LiveNote] livenote.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Programmer\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [Microsoft Connection Firewall Manager/Monitor (Critical)] msnetzfirewallsrv.exe
O4 - HKLM\..\Run: [fasdqwdwq] C:\WINNT\SYSTEM32\ikusefote.exe
O4 - HKLM\..\Run: [Adiliwut] ihotunib.exe
O4 - HKLM\..\Run: [qgqqft] C:\WINNT\SYSTEM32\ukaky.exe
O4 - HKLM\..\Run: [Configuration Loader Service] winsys32.exe
O4 - HKLM\..\Run: [Logitech Desktop] ipconn.exe
O4 - HKLM\..\Run: [Windows Service Starter] service.exe
O4 - HKLM\..\Run: [vanyzim] axepis.exe
O4 - HKLM\..\Run: [fqfeqajw] C:\WINNT\SYSTEM32\wycir.exe
O4 - HKLM\..\Run: [azixegoira] efipef.exe
O4 - HKLM\..\Run: [Micrsoft Driver] msdriver.exe
O4 - HKLM\..\Run: [assdqfq] C:\winnt\system32\wogure20.exe
O4 - HKLM\..\Run: [wsyerd19] wsyerds19.exe
O4 - HKLM\..\Run: [ATAPl] ATAPl.EXE
O4 - HKLM\..\Run: [Service Manager] sams.exe
O4 - HKLM\..\RunServices: [Microsoft Connection Firewall Manager/Monitor (Critical)] msnetzfirewallsrv.exe
O4 - HKLM\..\RunServices: [Adiliwut] ihotunib.exe
O4 - HKLM\..\RunServices: [Configuration Loader Service] winsys32.exe
O4 - HKLM\..\RunServices: [Logitech Desktop] ipconn.exe
O4 - HKLM\..\RunServices: [Windows Service Starter] service.exe
O4 - HKLM\..\RunServices: [vanyzim] axepis.exe
O4 - HKLM\..\RunServices: [azixegoira] efipef.exe
O4 - HKLM\..\RunServices: [Micrsoft Driver] msdriver.exe
O4 - HKLM\..\RunServices: [wsyerd19] wsyerds19.exe
O4 - HKLM\..\RunServices: [ATAPl] ATAPl.EXE
O4 - HKLM\..\RunServices: [Service Manager] sams.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [Logitech Desktop] ipconn.exe
O4 - HKCU\..\Run: [Adiliwut] ihotunib.exe
O4 - HKCU\..\Run: [Configuration Loader Service] winsys32.exe
O4 - HKCU\..\Run: [vanyzim] axepis.exe
O4 - HKCU\..\Run: [azixegoira] efipef.exe
O4 - HKCU\..\Run: [Micrsoft Driver] msdriver.exe
O4 - HKCU\..\Run: [wsyerd19] wsyerds19.exe
O4 - HKCU\..\Run: [Service Manager] sams.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://appldnld.m7z.net/content.info.apple.com/iTunes4/WW/win/019-0312.20050111.MmVrT/iTunesSetup.exe
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
Avatar billede kalp Novice
22. marts 2005 - 08:58 #1
jeg ser på den
Avatar billede kalp Novice
22. marts 2005 - 08:59 #2
ny log med det nye hjt

http://downloadportal.dk/showdownload.asp?rid=4212&sp=Hijackthis
eller
http://www.downloadportal.dk/showdownload.asp?rid=4234&sp=title
Avatar billede kalp Novice
22. marts 2005 - 09:20 #3
Download og gem denne scanner på skrivebordet. (Vi skal bruge den senere)
http://www.spywareinfo.dk/download/mwav.exe

Genstart i Fejlsikret tilstand ved at taste F8 under opstart. Kør HijackThis, scan og sæt et flueben ud for disse linjer - luk øvrige

programvinduer. Dobbelt tjeck alt kom med!. Klik herefter "Fixchecked" i hijackthis:

O4 - HKLM\..\Run: [Microsoft Connection Firewall Manager/Monitor (Critical)] msnetzfirewallsrv.exe
O4 - HKLM\..\Run: [fasdqwdwq] C:\WINNT\SYSTEM32\ikusefote.exe
O4 - HKLM\..\Run: [Adiliwut] ihotunib.exe
O4 - HKLM\..\Run: [qgqqft] C:\WINNT\SYSTEM32\ukaky.exe
O4 - HKLM\..\Run: [Configuration Loader Service] winsys32.exe
O4 - HKLM\..\Run: [Logitech Desktop] ipconn.exe
O4 - HKLM\..\Run: [Windows Service Starter] service.exe
O4 - HKLM\..\Run: [vanyzim] axepis.exe
O4 - HKLM\..\Run: [fqfeqajw] C:\WINNT\SYSTEM32\wycir.exe
O4 - HKLM\..\Run: [azixegoira] efipef.exe
O4 - HKLM\..\Run: [Micrsoft Driver] msdriver.exe
O4 - HKLM\..\Run: [assdqfq] C:\winnt\system32\wogure20.exe
O4 - HKLM\..\Run: [wsyerd19] wsyerds19.exe
O4 - HKLM\..\Run: [ATAPl] ATAPl.EXE
O4 - HKLM\..\Run: [Service Manager] sams.exe
O4 - HKLM\..\RunServices: [Microsoft Connection Firewall Manager/Monitor (Critical)] msnetzfirewallsrv.exe
O4 - HKLM\..\RunServices: [Adiliwut] ihotunib.exe
O4 - HKLM\..\RunServices: [Configuration Loader Service] winsys32.exe
O4 - HKLM\..\RunServices: [Logitech Desktop] ipconn.exe
O4 - HKLM\..\RunServices: [Windows Service Starter] service.exe
O4 - HKLM\..\RunServices: [vanyzim] axepis.exe
O4 - HKLM\..\RunServices: [azixegoira] efipef.exe
O4 - HKLM\..\RunServices: [Micrsoft Driver] msdriver.exe
O4 - HKLM\..\RunServices: [wsyerd19] wsyerds19.exe
O4 - HKLM\..\RunServices: [ATAPl] ATAPl.EXE
O4 - HKLM\..\RunServices: [Service Manager] sams.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [Logitech Desktop] ipconn.exe
O4 - HKCU\..\Run: [Adiliwut] ihotunib.exe
O4 - HKCU\..\Run: [Configuration Loader Service] winsys32.exe
O4 - HKCU\..\Run: [vanyzim] axepis.exe
O4 - HKCU\..\Run: [azixegoira] efipef.exe
O4 - HKCU\..\Run: [Micrsoft Driver] msdriver.exe
O4 - HKCU\..\Run: [wsyerd19] wsyerds19.exe
O4 - HKCU\..\Run: [Service Manager] sams.exe
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://appldnld.m7z.net/content.info.apple.com/iTunes4/WW/win/019-0312.20050111.MmVrT/iTunesSetup.exe


Åbn Stifinder, klik på Funktioner=>Mappeindstillinger=>Vis.
Fjern flueben ved "Skjul beskyttede operativsystemfiler".
Fjern flueben ved "Skjul filtypenavne for kendte filtyper".
Sæt prik i "Vis skjulte filer og mapper".

Find og slet (Kig godt efter!!.. Det du ikke finder har hijackthis nok fjernet!)

Filerne

C:\WINNT\SYSTEM32\ikusefote.exe
C:\WINNT\system32\ihotunib.exe
C:\WINNT\SYSTEM32\ukaky.exe
C:\WINNT\system32\winsys32.exe
C:\WINNT\system32\ipconn.exe
C:\WINNT\system32\axepis.exe
C:\WINNT\SYSTEM32\wycir.exe
C:\WINNT\system32\efipef.exe
C:\WINNT\system32\msdriver.exe
C:\winnt\system32\wogure20.exe
C:\WINNT\system32\msdriver.exe
C:\WINNT\system32\wsyerds19.exe
C:\WINNT\system32\ATAPl.EXE
C:\WINNT\system32\sams.exe
C:\WINNT\system32\internat.exe
C:\WINNT\system32\ipconn.exe
C:\WINNT\system32\ihotunib.exe
C:\WINNT\system32\winsys32.exe
C:\WINNT\system32\axepis.exe
C:\WINNT\system32\efipef.exe
C:\WINNT\system32\msdriver.exe
C:\WINNT\system32\wsyerds19.exe
C:\WINNT\system32\msdriver.exe
C:\WINNT\system32\sams.exe

Gå herefter i Start -> Programmer -> Tilbehør -> Systemværktøjer -> Diskoprydning og slet temp-filer, temporary internet files og papirkurv.

Klik på mwav.exe som du hentede, programmet pakker sig selv ud og starter.
Sæt flueben i følgende:
Memory, Startup folders, drive, Registry, System folders og Services.
Sæt prik i følgende:
All local drives og Scan all files

Genstart normalt og kopir en ny log herind så jeg kan se om vi fik det hele med eller om noget er blevet overset:) (med det nye hijackthis)
Avatar billede motyl Nybegynder
22. marts 2005 - 12:54 #4
Hej Kalp.

Mange tak for hjælpen. Jeg har gjort som du har skrevet, og det er allerede blevet meget bedre. Her kommer en ny log:

Logfile of HijackThis v1.98.2
Scan saved at 12:52:45, on 22-03-2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\Programmer\Borland\InterBase\bin\ibguard.exe
C:\NORMAN\Nvc\BIN\NPFSVICE.EXE
C:\Norman\bin\ZANDA.EXE
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\Norman\bin\NJEEVES.EXE
C:\NORMAN\Nvc\BIN\nvcoas.exe
C:\NORMAN\Nvc\BIN\nipsvc.exe
C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
C:\Programmer\Borland\InterBase\bin\ibserver.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\dllhost.exe
C:\WINNT\anvshell.exe
C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\iTunes\iTunesHelper.exe
C:\Norman\bin\ZLH.EXE
C:\Programmer\iPod\bin\iPodService.exe
C:\Norman\Nvc\BIN\NIP.EXE
C:\Norman\Nvc\bin\cclaw.exe
C:\Norman\Nvc\BIN\npfmsg2.exe
C:\Documents and Settings\Brian\Skrivebord\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://signon.stofanet.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmer\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [anvshell] anvshell.exe
O4 - HKLM\..\Run: [LiveNote] livenote.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Programmer\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [THGuard] "C:\Programmer\TrojanHunter 4.0\THGuard.exe"
O4 - HKLM\..\RunServices: [vsadmin] smrs.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
Avatar billede kalp Novice
22. marts 2005 - 12:55 #5
ja men du har altså ikke hentet den nye hijackthis det skal du:) og ny log
Avatar billede motyl Nybegynder
30. marts 2005 - 14:04 #6
Hej Kalp.

Så er jeg kommet hjem fra ferie og jeg har stadig problemer med virus. Den Hijackthis jeg hr hentet er version 1.98.2. Hvor kan jeg ellers hente en nyere?

Her den sidste log:

Logfile of HijackThis v1.98.2
Scan saved at 14:03:00, on 30-03-2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\Programmer\Borland\InterBase\bin\ibguard.exe
C:\Norman\bin\ZANDA.EXE
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\Norman\bin\NJEEVES.EXE
C:\Programmer\Borland\InterBase\bin\ibserver.exe
C:\WINNT\Explorer.EXE
C:\WINNT\anvshell.exe
C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\iTunes\iTunesHelper.exe
C:\Norman\bin\ZLH.EXE
C:\WINNT\SYSTEM32\tisawarub.exe
C:\WINNT\system32\axepis.exe
C:\WINNT\SYSTEM32\wycir.exe
C:\WINNT\system32\yikylohi.exe
C:\winnt\system32\wogure20.exe
C:\Programmer\iPod\bin\iPodService.exe
C:\WINNT\system32\wsyerds19.exe
C:\WINNT\SYSTEM32\meka.exe
C:\WINNT\system32\jijikete.exe
C:\WINNT\SYSTEM32\aheyoj.exe
C:\WINNT\system32\axepis.exe
C:\WINNT\system32\yikylohi.exe
C:\WINNT\system32\wsyerds19.exe
C:\WINNT\system32\jijikete.exe
C:\WINNT\System32\svchost.exe
C:\asd8yasd.exe
C:\WINNT\system32\wscel.exe
C:\NORMAN\Nvc\BIN\nvcoas.exe
C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
C:\Norman\Nvc\BIN\NIP.EXE
C:\NORMAN\Nvc\BIN\nipsvc.exe
C:\Norman\Nvc\BIN\npfmsg2.exe
C:\NORMAN\Nvc\BIN\NPFSVICE.EXE
C:\Norman\Nvc\bin\cclaw.exe
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\WINNT\SYSTEM32\epetypa.exe
C:\WINNT\system32\ucilonyc.exe
C:\Documents and Settings\Brian\Skrivebord\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://signon.stofanet.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmer\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [anvshell] anvshell.exe
O4 - HKLM\..\Run: [LiveNote] livenote.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Programmer\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [THGuard] "C:\Programmer\TrojanHunter 4.0\THGuard.exe"
O4 - HKLM\..\Run: [fasdqwdwq] C:\WINNT\SYSTEM32\tisawarub.exe
O4 - HKLM\..\Run: [vanyzim] axepis.exe
O4 - HKLM\..\Run: [fqfeqajw] C:\WINNT\SYSTEM32\epetypa.exe
O4 - HKLM\..\Run: [azixegoira] yikylohi.exe
O4 - HKLM\..\Run: [assdqfq] C:\winnt\system32\wogure20.exe
O4 - HKLM\..\Run: [wsyerd19] wsyerds19.exe
O4 - HKLM\..\Run: [vdsadasw] C:\WINNT\SYSTEM32\meka.exe
O4 - HKLM\..\Run: [uwuxusif] jijikete.exe
O4 - HKLM\..\Run: [qgqqft] C:\WINNT\SYSTEM32\aheyoj.exe
O4 - HKLM\..\Run: [Configuration Loading Service] wscel.exe
O4 - HKLM\..\Run: [birelosit] ucilonyc.exe
O4 - HKLM\..\RunServices: [vsadmin] smrs.exe
O4 - HKLM\..\RunServices: [vanyzim] axepis.exe
O4 - HKLM\..\RunServices: [azixegoira] yikylohi.exe
O4 - HKLM\..\RunServices: [wsyerd19] wsyerds19.exe
O4 - HKLM\..\RunServices: [uwuxusif] jijikete.exe
O4 - HKLM\..\RunServices: [Configuration Loading Service] wscel.exe
O4 - HKLM\..\RunServices: [birelosit] ucilonyc.exe
O4 - HKCU\..\Run: [vanyzim] axepis.exe
O4 - HKCU\..\Run: [azixegoira] yikylohi.exe
O4 - HKCU\..\Run: [wsyerd19] wsyerds19.exe
O4 - HKCU\..\Run: [uwuxusif] jijikete.exe
O4 - HKCU\..\Run: [Configuration Loading Service] wscel.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
Avatar billede kalp Novice
30. marts 2005 - 14:08 #7
og det er en gammel version.. hent denne og ny log
www.arlet.dk/hjt.exe
Avatar billede motyl Nybegynder
30. marts 2005 - 14:39 #8
Ok, så er den downloadet og en ny log er klar ;)

Logfile of HijackThis v1.99.1
Scan saved at 14:32:35, on 30-03-2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\Programmer\Borland\InterBase\bin\ibguard.exe
C:\NORMAN\Nvc\BIN\NPFSVICE.EXE
C:\Norman\bin\ZANDA.EXE
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\WINNT\Explorer.EXE
C:\WINNT\anvshell.exe
C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\iTunes\iTunesHelper.exe
C:\Norman\bin\ZLH.EXE
C:\NORMAN\Nvc\BIN\nipsvc.exe
C:\Norman\bin\NJEEVES.EXE
C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
C:\WINNT\SYSTEM32\tisawarub.exe
C:\WINNT\system32\axepis.exe
C:\NORMAN\Nvc\BIN\nvcoas.exe
C:\WINNT\SYSTEM32\epetypa.exe
C:\Programmer\Borland\InterBase\bin\ibserver.exe
C:\winnt\system32\wogure20.exe
C:\WINNT\system32\wsyerds19.exe
C:\WINNT\SYSTEM32\meka.exe
C:\Programmer\iPod\bin\iPodService.exe
C:\WINNT\system32\jijikete.exe
C:\WINNT\SYSTEM32\aheyoj.exe
C:\WINNT\system32\wscel.exe
C:\WINNT\system32\ucilonyc.exe
C:\WINNT\system32\axepis.exe
C:\WINNT\system32\yikylohi.exe
C:\WINNT\system32\wsyerds19.exe
C:\WINNT\system32\jijikete.exe
C:\WINNT\system32\wscel.exe
C:\WINNT\system32\ucilonyc.exe
C:\Norman\Nvc\bin\cclaw.exe
C:\Norman\Nvc\BIN\NIP.EXE
C:\asd8yasd.exe
C:\Norman\Nvc\BIN\npfmsg2.exe
C:\Programmer\Outlook Express\msimn.exe
C:\Programmer\MSN Messenger\msnmsgr.exe
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Brian\Skrivebord\hjt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://signon.stofanet.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmer\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [anvshell] anvshell.exe
O4 - HKLM\..\Run: [LiveNote] livenote.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Programmer\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [THGuard] "C:\Programmer\TrojanHunter 4.0\THGuard.exe"
O4 - HKLM\..\Run: [fasdqwdwq] C:\WINNT\SYSTEM32\tisawarub.exe
O4 - HKLM\..\Run: [vanyzim] axepis.exe
O4 - HKLM\..\Run: [fqfeqajw] C:\WINNT\SYSTEM32\epetypa.exe
O4 - HKLM\..\Run: [assdqfq] C:\winnt\system32\wogure20.exe
O4 - HKLM\..\Run: [wsyerd19] wsyerds19.exe
O4 - HKLM\..\Run: [vdsadasw] C:\WINNT\SYSTEM32\meka.exe
O4 - HKLM\..\Run: [uwuxusif] jijikete.exe
O4 - HKLM\..\Run: [qgqqft] C:\WINNT\SYSTEM32\aheyoj.exe
O4 - HKLM\..\Run: [Configuration Loading Service] wscel.exe
O4 - HKLM\..\Run: [birelosit] ucilonyc.exe
O4 - HKLM\..\Run: [azixegoira] yikylohi.exe
O4 - HKLM\..\RunServices: [vsadmin] smrs.exe
O4 - HKLM\..\RunServices: [vanyzim] axepis.exe
O4 - HKLM\..\RunServices: [wsyerd19] wsyerds19.exe
O4 - HKLM\..\RunServices: [uwuxusif] jijikete.exe
O4 - HKLM\..\RunServices: [Configuration Loading Service] wscel.exe
O4 - HKLM\..\RunServices: [birelosit] ucilonyc.exe
O4 - HKLM\..\RunServices: [azixegoira] yikylohi.exe
O4 - HKCU\..\Run: [vanyzim] axepis.exe
O4 - HKCU\..\Run: [wsyerd19] wsyerds19.exe
O4 - HKCU\..\Run: [uwuxusif] jijikete.exe
O4 - HKCU\..\Run: [Configuration Loading Service] wscel.exe
O4 - HKCU\..\Run: [birelosit] ucilonyc.exe
O4 - HKCU\..\Run: [azixegoira] yikylohi.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O23 - Service: Client Runtime Server Subsystem (crss) - Unknown owner - crss.exe (file missing)
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\Programmer\Borland\InterBase\bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Inprise Corporation - C:\Programmer\Borland\InterBase\bin\ibserver.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\NORMAN\Nvc\BIN\nipsvc.exe
O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\bin\NJEEVES.EXE
O23 - Service: Norman Type-R - Unknown owner - C:\NORMAN\Nvc\BIN\NPFSVICE.EXE
O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\bin\ZANDA.EXE
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\NORMAN\Nvc\BIN\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
O23 - Service: %NVSVC.name% (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
Avatar billede kalp Novice
30. marts 2005 - 14:52 #9
Okay vi bliver nød til at starte forfra.. ferien har taget hårdt på din pc:( så håber vi kan blive færdige denne gang så det ikke bare genere sig igen.

Download og gem denne scanner på skrivebordet. (Vi skal bruge den senere)
http://www.spywareinfo.dk/download/mwav.exe

Genstart i Fejlsikret tilstand ved at taste F8 under opstart. Kør HijackThis, scan og sæt et flueben ud for disse linjer - luk øvrige programvinduer. Dobbelttjeck alt kom med!. Klik herefter "Fix checked" i hijackthis:

O4 - HKLM\..\Run: [fasdqwdwq] C:\WINNT\SYSTEM32\tisawarub.exe
O4 - HKLM\..\Run: [vanyzim] axepis.exe
O4 - HKLM\..\Run: [fqfeqajw] C:\WINNT\SYSTEM32\epetypa.exe
O4 - HKLM\..\Run: [assdqfq] C:\winnt\system32\wogure20.exe
O4 - HKLM\..\Run: [wsyerd19] wsyerds19.exe
O4 - HKLM\..\Run: [vdsadasw] C:\WINNT\SYSTEM32\meka.exe
O4 - HKLM\..\Run: [uwuxusif] jijikete.exe
O4 - HKLM\..\Run: [qgqqft] C:\WINNT\SYSTEM32\aheyoj.exe
O4 - HKLM\..\Run: [Configuration Loading Service] wscel.exe
O4 - HKLM\..\Run: [birelosit] ucilonyc.exe
O4 - HKLM\..\Run: [azixegoira] yikylohi.exe
O4 - HKLM\..\RunServices: [vsadmin] smrs.exe
O4 - HKLM\..\RunServices: [vanyzim] axepis.exe
O4 - HKLM\..\RunServices: [wsyerd19] wsyerds19.exe
O4 - HKLM\..\RunServices: [uwuxusif] jijikete.exe
O4 - HKLM\..\RunServices: [Configuration Loading Service] wscel.exe
O4 - HKLM\..\RunServices: [birelosit] ucilonyc.exe
O4 - HKLM\..\RunServices: [azixegoira] yikylohi.exe
O4 - HKCU\..\Run: [vanyzim] axepis.exe
O4 - HKCU\..\Run: [wsyerd19] wsyerds19.exe
O4 - HKCU\..\Run: [uwuxusif] jijikete.exe
O4 - HKCU\..\Run: [Configuration Loading Service] wscel.exe
O4 - HKCU\..\Run: [birelosit] ucilonyc.exe
O4 - HKCU\..\Run: [azixegoira] yikylohi.exe
O23 - Service: Client Runtime Server Subsystem (crss) - Unknown owner - crss.exe (file missing)

Åbn Stifinder, klik på Funktioner=>Mappeindstillinger=>Vis.
Fjern flueben ved "Skjul beskyttede operativsystemfiler".
Fjern flueben ved "Skjul filtypenavne for kendte filtyper".
Sæt prik i "Vis skjulte filer og mapper".

Find og slet (Kig godt efter!!.. Det du ikke finder har hijackthis nok fjernet!)

Filerne

C:\WINNT\SYSTEM32\tisawarub.exe
C:\WINNT\system32\axepis.exe
C:\WINNT\SYSTEM32\epetypa.exe
C:\winnt\system32\wogure20.exe
C:\WINNT\system32\wsyerds19.exe
C:\WINNT\SYSTEM32\meka.exe
C:\WINNT\SYSTEM32\aheyoj.exe
C:\WINNT\system32\wscel.exe
C:\WINNT\system32\ucilonyc.exe
C:\WINNT\system32\axepis.exe
C:\WINNT\system32\yikylohi.exe
C:\WINNT\system32\wsyerds19.exe
C:\WINNT\system32\jijikete.exe
C:\WINNT\system32\wscel.exe
C:\WINNT\system32\ucilonyc.exe
C:\asd8yasd.exe

Gå herefter i Start -> Programmer -> Tilbehør -> Systemværktøjer -> Diskoprydning og slet temp-filer, temporary internet files og papirkurv.

Klik på mwav.exe som du hentede, programmet pakker sig selv ud og starter.
Sæt flueben i følgende:
Memory, Startup folders, drive, Registry, System folders og Services.
Sæt prik i følgende:
All local drives og Scan all files

Genstart normalt og kopir en ny log herind så jeg kan se om vi fik ramt på det hele eller om noget er blevet overset:)
Avatar billede motyl Nybegynder
30. marts 2005 - 22:12 #10
Sådan, så er der en ny log klar til tjek ;)

Logfile of HijackThis v1.99.1
Scan saved at 22:10:26, on 30-03-2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\Programmer\Borland\InterBase\bin\ibguard.exe
C:\NORMAN\Nvc\BIN\NPFSVICE.EXE
C:\Norman\bin\ZANDA.EXE
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\WINNT\Explorer.EXE
C:\NORMAN\Nvc\BIN\nipsvc.exe
C:\Norman\bin\NJEEVES.EXE
C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
C:\NORMAN\Nvc\BIN\nvcoas.exe
C:\Programmer\Borland\InterBase\bin\ibserver.exe
C:\WINNT\anvshell.exe
C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\iTunes\iTunesHelper.exe
C:\Norman\bin\ZLH.EXE
C:\Programmer\iPod\bin\iPodService.exe
C:\Norman\Nvc\bin\cclaw.exe
C:\Norman\Nvc\BIN\NIP.EXE
C:\Norman\Nvc\BIN\npfmsg2.exe
C:\Documents and Settings\Brian\Skrivebord\hjt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://signon.stofanet.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmer\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [anvshell] anvshell.exe
O4 - HKLM\..\Run: [LiveNote] livenote.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Programmer\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [THGuard] "C:\Programmer\TrojanHunter 4.0\THGuard.exe"
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O23 - Service: Client Runtime Server Subsystem (crss) - Unknown owner - crss.exe (file missing)
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\Programmer\Borland\InterBase\bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Inprise Corporation - C:\Programmer\Borland\InterBase\bin\ibserver.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\NORMAN\Nvc\BIN\nipsvc.exe
O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\bin\NJEEVES.EXE
O23 - Service: Norman Type-R - Unknown owner - C:\NORMAN\Nvc\BIN\NPFSVICE.EXE
O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\bin\ZANDA.EXE
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\NORMAN\Nvc\BIN\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
O23 - Service: %NVSVC.name% (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
Avatar billede motyl Nybegynder
30. marts 2005 - 22:17 #11
Ups, der dukkede lige nogle flere op ved anden omgang:

Logfile of HijackThis v1.99.1
Scan saved at 22:16:33, on 30-03-2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\Programmer\Borland\InterBase\bin\ibguard.exe
C:\NORMAN\Nvc\BIN\NPFSVICE.EXE
C:\Norman\bin\ZANDA.EXE
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\WINNT\Explorer.EXE
C:\NORMAN\Nvc\BIN\nipsvc.exe
C:\Norman\bin\NJEEVES.EXE
C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
C:\NORMAN\Nvc\BIN\nvcoas.exe
C:\Programmer\Borland\InterBase\bin\ibserver.exe
C:\WINNT\anvshell.exe
C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\iTunes\iTunesHelper.exe
C:\Norman\bin\ZLH.EXE
C:\Programmer\iPod\bin\iPodService.exe
C:\Norman\Nvc\bin\cclaw.exe
C:\Norman\Nvc\BIN\NIP.EXE
C:\Norman\Nvc\BIN\npfmsg2.exe
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\WINNT\system32\wscel.exe
C:\WINNT\SYSTEM32\getikap.exe
C:\WINNT\system32\yetenyve.exe
C:\Documents and Settings\Brian\Skrivebord\hjt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://signon.stofanet.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmer\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [anvshell] anvshell.exe
O4 - HKLM\..\Run: [LiveNote] livenote.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Programmer\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [THGuard] "C:\Programmer\TrojanHunter 4.0\THGuard.exe"
O4 - HKLM\..\Run: [Configuration Loading Service] wscel.exe
O4 - HKLM\..\Run: [Comcast Network] C:\WINNT\SYSTEM32\getikap.exe
O4 - HKLM\..\Run: [Ecat] yetenyve.exe
O4 - HKLM\..\RunServices: [Configuration Loading Service] wscel.exe
O4 - HKLM\..\RunServices: [Ecat] yetenyve.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O23 - Service: Client Runtime Server Subsystem (crss) - Unknown owner - crss.exe (file missing)
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\Programmer\Borland\InterBase\bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Inprise Corporation - C:\Programmer\Borland\InterBase\bin\ibserver.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\NORMAN\Nvc\BIN\nipsvc.exe
O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\bin\NJEEVES.EXE
O23 - Service: Norman Type-R - Unknown owner - C:\NORMAN\Nvc\BIN\NPFSVICE.EXE
O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\bin\ZANDA.EXE
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\NORMAN\Nvc\BIN\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
O23 - Service: %NVSVC.name% (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
Avatar billede kalp Novice
30. marts 2005 - 22:17 #12
Din log er ren.. vil dog gerne lige sikre mig at denne her fil ikke findes

så søg efter "crss.exe" hvis den er der genstart i fejlsikret tilstand. Find den igen og slet den.

Fix denne linje i hijackthis.

O23 - Service: Client Runtime Server Subsystem (crss) - Unknown owner - crss.exe (file missing)
Avatar billede kalp Novice
30. marts 2005 - 22:18 #13
vent lidt du får en lille procedure for det sidste
Avatar billede kalp Novice
30. marts 2005 - 22:20 #14
Hent regcleaner
http://www.webmasterfree.com/regcleaner.html

Genstart i Fejlsikret tilstand ved at taste F8 under opstart. Kør HijackThis, scan og sæt et flueben ud for disse linjer - luk øvrige programvinduer. Dobbelttjeck alt kom med!. Klik herefter "Fix checked" i hijackthis:

O4 - HKLM\..\Run: [Configuration Loading Service] wscel.exe
O4 - HKLM\..\Run: [Comcast Network] C:\WINNT\SYSTEM32\getikap.exe
O4 - HKLM\..\Run: [Ecat] yetenyve.exe
O4 - HKLM\..\RunServices: [Configuration Loading Service] wscel.exe
O4 - HKLM\..\RunServices: [Ecat] yetenyve.exe
O23 - Service: Client Runtime Server Subsystem (crss) - Unknown owner - crss.exe (file missing)

Find og slet (Kig godt efter!!.. Det du ikke finder har hijackthis nok fjernet!)

Filerne

C:\WINNT\system32\wscel.exe
C:\WINNT\SYSTEM32\getikap.exe
C:\WINNT\system32\yetenyve.exe

søg efter filen "crss.exe" og slet den.

Kør regcleaner
scan og slet alt den finder.

Genstart normalt og kopir en ny log herind så jeg kan se om vi fik ramt på det hele eller om noget er blevet overset:)
Avatar billede motyl Nybegynder
31. marts 2005 - 00:11 #15
Hej Kalp.

Min computer kører værre og værre. Jeg kan ikke længere åbne stifinder og mine antivirus programmer fungerer ikke korrekt. Jeg har installeret RegCleaner, men den siger at min prøveperiode er udløbet og kan desværre ikke køre den.

Her er min sidste log:

Logfile of HijackThis v1.99.1
Scan saved at 00:09:00, on 31-03-2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmer\Alwil Software\Avast4\ashServ.exe
C:\WINNT\System32\svchost.exe
C:\Programmer\Borland\InterBase\bin\ibguard.exe
C:\NORMAN\Nvc\BIN\NPFSVICE.EXE
C:\Norman\bin\ZANDA.EXE
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\WINNT\Explorer.EXE
C:\Norman\bin\ZLH.EXE
C:\Programmer\Borland\InterBase\bin\ibserver.exe
C:\Programmer\Alwil Software\Avast4\ashWebSv.exe
C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
C:\Norman\Nvc\BIN\NIP.EXE
C:\Norman\bin\NJEEVES.EXE
C:\NORMAN\Nvc\BIN\nipsvc.exe
C:\NORMAN\Nvc\BIN\nvcoas.exe
C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe
C:\Documents and Settings\Brian\Skrivebord\hjt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://signon.stofanet.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmer\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [anvshell] anvshell.exe
O4 - HKLM\..\Run: [LiveNote] livenote.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Programmer\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [THGuard] "C:\Programmer\TrojanHunter 4.0\THGuard.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Logitech Desktop] ipconn.exe
O4 - HKLM\..\Run: [fqfeqajw] C:\WINNT\SYSTEM32\epetypa.exe
O4 - HKLM\..\Run: [birelosit] ucilonyc.exe
O4 - HKLM\..\Run: [Internet Explorer Control Panel] IExploreCTL.exe
O4 - HKLM\..\RunServices: [Logitech Desktop] ipconn.exe
O4 - HKLM\..\RunServices: [birelosit] ucilonyc.exe
O4 - HKLM\..\RunServices: [Internet Explorer Control Panel] IExploreCTL.exe
O4 - HKCU\..\Run: [Logitech Desktop] ipconn.exe
O4 - HKCU\..\Run: [birelosit] ucilonyc.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971CanadaInc/ie/bridge-c9.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programmer\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmer\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Client Runtime Server Subsystem (crss) - Unknown owner - crss.exe (file missing)
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\Programmer\Borland\InterBase\bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Inprise Corporation - C:\Programmer\Borland\InterBase\bin\ibserver.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\NORMAN\Nvc\BIN\nipsvc.exe
O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\bin\NJEEVES.EXE
O23 - Service: Norman Type-R - Unknown owner - C:\NORMAN\Nvc\BIN\NPFSVICE.EXE
O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\bin\ZANDA.EXE
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\NORMAN\Nvc\BIN\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
O23 - Service: %NVSVC.name% (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
Avatar billede kalp Novice
31. marts 2005 - 00:15 #16
Din pc er også fuld af virus.. mere end hvad jeg kan se i loggen

Genstart i Fejlsikret tilstand ved at taste F8 under opstart. Kør HijackThis, scan og sæt et flueben ud for disse linjer - luk øvrige programvinduer. Dobbelttjeck alt kom med!. Klik herefter "Fix checked" i hijackthis:

O4 - HKLM\..\Run: [Logitech Desktop] ipconn.exe
O4 - HKLM\..\Run: [fqfeqajw] C:\WINNT\SYSTEM32\epetypa.exe
O4 - HKLM\..\Run: [birelosit] ucilonyc.exe
O4 - HKLM\..\Run: [Internet Explorer Control Panel] IExploreCTL.exe
O4 - HKLM\..\RunServices: [Logitech Desktop] ipconn.exe
O4 - HKLM\..\RunServices: [birelosit] ucilonyc.exe
O4 - HKLM\..\RunServices: [Internet Explorer Control Panel] IExploreCTL.exe
O4 - HKCU\..\Run: [Logitech Desktop] ipconn.exe
O4 - HKCU\..\Run: [birelosit] ucilonyc.exe
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971CanadaInc/ie/bridge-c9.cab

find og slet disse filer

ipconn.exe
C:\WINNT\SYSTEM32\epetypa.exe
ucilonyc.exe
IExploreCTL.exe

genstart normalt og ny log.
Avatar billede motyl Nybegynder
08. april 2005 - 22:33 #17
Hej Kalp.

Jeg til sidst fik jeg så mange problemer med mit styresystem, at jeg valgte at tage backup af mine filer i fejlsikret tilstand og formattere harddisken. Du skal alligevel have mange tak for hjælpen i denne sag. Jeg har dog ellers en anden forespørgsle: Min fars computer med win XP er lige gået ned. Win XP kan ikke indlæses hverken i normal eller fejlsikret tilstand. Ved at indsætte win xp cd-rommen i computeren med henblik på en reperation af styresystemet melder processen om ugyldig partition og ingen reperations muligheder er tilrådighed. Mit spørgsmål er så om vi kan reperere partitionen/filsystemet på anden vis?...er der et program man kan benytte til dette formål? Jeg håber at du kan hjælpe mig med dette Win XP problem :)
Avatar billede kalp Novice
08. april 2005 - 22:42 #18
hvor langt når du når du bare vil logge ind?
Avatar billede motyl Nybegynder
08. april 2005 - 22:58 #19
Computeren når at tælle rammene op og viser følgende tekst "Windows starter ikke korrekt. Dette kan skyldes at der fornyeligt at sket en forandring i computerens hardware eller software..." og viser forskellige start op muligheder. Ingen af mulighederne kan vælges. Hvad kan problemet være?
Avatar billede motyl Nybegynder
09. april 2005 - 20:17 #20
Findes der evt. en software til reperation af partitioner(NTFS) og måske boot-sectorere?
Avatar billede kalp Novice
09. april 2005 - 20:21 #21
Hej igen!

Jeg undre mig lidt over hvorfor den gør det for der er vel ikke kommet nyt hardware i maskinen?

Du kan før alt andet prøve at hive strømstikket ud (sluk pc'en først) åbne kabinettet.. finde det lille batteri der sidder på bundkortet.. tag det ud.. vent 10min sæt det i igen.. tænd din pc og se om det stadig sker!

jeg kender ikke lige en metode til at reparere, men hvis du kan køre dette værktøj
http://www.killdisk.com/
forsvinder alt på hd'en.. muligvis er det nok
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel Indlæg Oprettet Seneste aktivitet
Vil skrifte antivirusprogram. Af ErikHg i Virus 22 26/11/202510:42 23/12/202514:29
Er gratis Bitdefender værd at installere ? Af Ikke-ekspert i Virus 8 31/08/202519:08 01/09/202514:18
Ukendte filer på min Pc Af jonpet i Virus 10 03/02/202514:20 04/02/202511:05
mulig ukendt virus Af jackie18 i Virus 3 18/01/202514:07 18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus 13 18/01/202511:40 20/01/202517:53
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
I går 00:59 Mobilepay app virker ikke mere på Xiaomi Redmi Note 13 Pro Af henrixx i Apps til Android
02/0519:09 Download Win 11 - 25H2 Af ErikHg i Windows
30/0410:42 Access Import af csv fil - forkerte datatyper Af Henrik Berg Hansen i Andet software
29/0419:37 Hente CSV fil, indsætte CSV data i TABEL for JAVASCRIPT Af snestrup2000 i Programmeringsværktøjer
29/0412:23 Facebook Af hkv i Sociale medier
White papers
Flere white papers »