Så er det gjort.
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------
+ Created on: 23:00:08, 06/17/2005
+ Report-Checksum: 437B5F46
+ Date of database: 06/17/2005
+ Version of scan engine: v3.0
+ Duration: 41 min
+ Scanned Files: 105224
+ Speed: 41.94 Files/Second
+ Infected files: 28
+ Removed files: 28
+ Files put in quarantine: 28
+ Files that could not be opened: 0
+ Files that could not be cleaned: 0
+ Binder: Yes
+ Crypter: Yes
+ Archives: Yes
+ Scanned items:
C:\
E:\
+ Scan result:
C:\Documents and Settings\Åse Krabbe\Cookies\åse krabbe@atdmt[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Åse Krabbe\Cookies\åse krabbe@cgi-bin[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Åse Krabbe\Cookies\åse krabbe@com[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Åse Krabbe\Cookies\åse krabbe@doubleclick[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Åse Krabbe\Cookies\åse krabbe@mediaplex[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Åse Krabbe\Cookies\åse krabbe@mevault.ign[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Åse Krabbe\Lokale indstillinger\Temp\P2P Networkingp2p602.EXE -> Spyware.P2PNetworking -> Cleaned with backup
C:\Documents and Settings\Åse Krabbe\Lokale indstillinger\Temp\p2psetup.exe -> Spyware.P2PNetworking -> Cleaned with backup
C:\Documents and Settings\Åse Krabbe\Skrivebord\backups\backup-20050530-163630-380.dll -> Spyware.Retro64 -> Cleaned with backup
C:\Programmer\MSN Messenger\riched20.dll -> Spyware.Wesbar -> Cleaned with backup
C:\WINDOWS\Downloaded Program Files\popcaploader.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\htpatch.exe -> Not-A-Virus.Tool.HTPatch.a -> Cleaned with backup
C:\WINDOWS\system32\f3PSSavr.scr -> Spyware.MyWebSearch -> Cleaned with backup
E:\Backup\Kaspersky Antivirus\Kaspersky_AntiVirus_AVP_Personal_Pro_v4[1].0.1.54_v4.x.x.x.zip/Launch Avp32.exe -> Not-A-Virus.Joke.VB.k -> Cleaned with backup
E:\Backup\Kaspersky Antivirus\Kaspersky_AntiVirus_AVP_Personal_Pro_v4[1].0.1.54_v4.x.x.x.zip/Launch AvpM.exe -> Not-A-Virus.Joke.VB.k -> Cleaned with backup
E:\Backup\Kaspersky Antivirus\Kaspersky_AntiVirus_AVP_Personal_Pro_v4[1].0.1.54_v4.x.x.x.zip/Launch avpupd.exe -> Not-A-Virus.Joke.VB.k -> Cleaned with backup
E:\Backup\Kaspersky Antivirus\Kaspersky_AntiVirus_AVP_Personal_Pro_v4[1].0.1.54_v4.x.x.x.zip/Launch KAVI.exe -> Not-A-Virus.Joke.VB.k -> Cleaned with backup
E:\Backup\Kaspersky Antivirus\Kaspersky_AntiVirus_AVP_Personal_Pro_v4[1].0.1.54_v4.x.x.x.zip/Launch OffGuard.exe -> Not-A-Virus.Joke.VB.k -> Cleaned with backup
E:\Backup\Kaspersky Antivirus\keys.zip/Kaspersky AntiVirus Personal Pro v4.0.1.54 & v4.x.x.x Crack.zip/Launch Avp32.exe -> Not-A-Virus.Joke.VB.k -> Cleaned with backup
E:\Backup\Kaspersky Antivirus\keys.zip/Kaspersky AntiVirus Personal Pro v4.0.1.54 & v4.x.x.x Crack.zip/Launch AvpM.exe -> Not-A-Virus.Joke.VB.k -> Cleaned with backup
E:\Backup\Kaspersky Antivirus\keys.zip/Kaspersky AntiVirus Personal Pro v4.0.1.54 & v4.x.x.x Crack.zip/Launch avpupd.exe -> Not-A-Virus.Joke.VB.k -> Cleaned with backup
E:\Backup\Kaspersky Antivirus\keys.zip/Kaspersky AntiVirus Personal Pro v4.0.1.54 & v4.x.x.x Crack.zip/Launch KAVI.exe -> Not-A-Virus.Joke.VB.k -> Cleaned with backup
E:\Backup\Kaspersky Antivirus\keys.zip/Kaspersky AntiVirus Personal Pro v4.0.1.54 & v4.x.x.x Crack.zip/Launch OffGuard.exe -> Not-A-Virus.Joke.VB.k -> Cleaned with backup
E:\Backup\Kaspersky Antivirus\keys.zip/Kaspersky_AntiVirus_AVP_Personal_Pro_v4[1].0.1.54_v4.x.x.x Fixed.zip/Launch Avp32.exe -> Not-A-Virus.Joke.VB.k -> Cleaned with backup
E:\Backup\Kaspersky Antivirus\keys.zip/Kaspersky_AntiVirus_AVP_Personal_Pro_v4[1].0.1.54_v4.x.x.x Fixed.zip/Launch AvpM.exe -> Not-A-Virus.Joke.VB.k -> Cleaned with backup
E:\Backup\Kaspersky Antivirus\keys.zip/Kaspersky_AntiVirus_AVP_Personal_Pro_v4[1].0.1.54_v4.x.x.x Fixed.zip/Launch avpupd.exe -> Not-A-Virus.Joke.VB.k -> Cleaned with backup
E:\Backup\Kaspersky Antivirus\keys.zip/Kaspersky_AntiVirus_AVP_Personal_Pro_v4[1].0.1.54_v4.x.x.x Fixed.zip/Launch KAVI.exe -> Not-A-Virus.Joke.VB.k -> Cleaned with backup
E:\Backup\Kaspersky Antivirus\keys.zip/Kaspersky_AntiVirus_AVP_Personal_Pro_v4[1].0.1.54_v4.x.x.x Fixed.zip/Launch OffGuard.exe -> Not-A-Virus.Joke.VB.k -> Cleaned with backup
::Report End
Logfile of HijackThis v1.99.1
Scan saved at 23:04:43, on 06/17/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Programmer\ewido\security suite\ewidoctrl.exe
C:\Programmer\ewido\security suite\ewidoguard.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Programmer\Iomega\AutoDisk\ADUserMon.exe
C:\PROGRA~1\OPTICA~1\4DMAIN.EXE
C:\Programmer\Iomega\DriveIcons\ImgIcon.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\Quicktime\iTunesHelper.exe
C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmer\Java\j2re1.4.2_05\bin\jusched.exe
C:\Programmer\Office Mouse\moffice.exe
C:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
C:\Programmer\Eset\nod32kui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmer\Office Mouse\MOUSE32A.DAT
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\MSN Messenger\msnmsgr.exe
C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Programmer\HotKey\HotKey.exe
C:\Programmer\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Programmer\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\WINDOWS\System32\GEARSEC.EXE
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Programmer\Fælles filer\Microsoft Shared\VS7Debug\mdm.exe
C:\Programmer\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Iomega\AutoDisk\ADService.exe
C:\Programmer\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Programmer\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Åse Krabbe\Skrivebord\hjt.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://signon.stofanet.dk/R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://signon.stofanet.dk/R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ADUserMon] C:\Programmer\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [WheelMouse] C:\PROGRA~1\OPTICA~1\4DMAIN.EXE
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Programmer\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [Deskup] C:\Programmer\Iomega\DriveIcons\deskup.exe /IMGSTART
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Programmer\Quicktime\iTunesHelper.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Programmer\Office Mouse\moffice.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Programmer\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: MemTurbo.lnk = C:\Programmer\Silicon Software\MemTurbo\memturbo.exe
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HotKey Driver.lnk = C:\Programmer\HotKey\HotKey.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: E&ksporter til Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: RaptisoftGameLoader -
http://www.miniclip.com/hamsterball/raptisoftgameloader.cabO16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cabO16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) -
http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cabO16 - DPF: {53B3ABEA-4445-44D9-A01E-088144CAABD9} (FileSharingCtrl Class) -
http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/da/filesharingctrl.cabO16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) -
http://www.ea.com/downloads/rtpatch/EARTPX.cabO16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} -
http://toolbar.google.com/data/da/big/1.1.62-big/GoogleNav.cabO16 - DPF: {71AEE1E3-1B65-41FA-BBD2-565CBD1359D8} -
https://udstedelse.certifikat.tdc.dk/csp/authenticode/PrimeInkCSPInstall0703.exeO16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClient.cabO16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloader.cabO16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Service Client v.3.4) -
http://ccon.futuremark.com/global/msc34.cabO16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) -
http://www.shockwave.com/content/feedingfrenzy/SproutLauncher.cabO16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
http://utu.popcap.com/games/popcaploader_v5.cabO16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) -
http://messenger.zone.msn.com/binary/SolitaireShowdown.cabO23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Programmer\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Programmer\ewido\security suite\ewidoguard.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSEC.EXE
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - C:\Programmer\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Programmer\Iomega\AutoDisk\ADService.exe
mange hilsener
Ny bruger
Nybegynder
Opret
Preview
