Notifikationer

Markér alle som læst Log ud

snailey Nybegynder

18. juni 2005 - 23:44 Der er 4 kommentarer og
1 løsning

Hijack log

Hej Eksperter

Kan nogen fortæller mig om der er noget at slette her?

Får en virus alarm frem ofte.

Mvh P

---
Logfile of HijackThis v1.99.1
Scan saved at 23:41:08, on 18-06-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmer\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmer\WZCBDL Service\WZCBDLS.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmer\D-Tools\daemon.exe
C:\Programmer\D-Link\Air Utility\AirCFG.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmer\Java\jre1.5.0_02\bin\jusched.exe
F:\Programmer\Winamp\winampa.exe
C:\Programmer\Microsoft IntelliPoint\point32.exe
F:\Programmer\iTunes\iTunesHelper.exe
C:\Programmer\QuickTime\qttask.exe
C:\WINDOWS\system32\winis.exe
C:\Programmer\ISTsvc\istsvc.exe
C:\Programmer\iPod\bin\iPodService.exe
C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmer\Alwil Software\Avast4\ashWebSv.exe
C:\Documents and Settings\Odder PC 1\Dokumenter\HJT\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.dk/0SEDADK/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\Programmer\SideFind\sfbho.dll (file missing)
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\MSN Toolbar\01.01.1629.0\da\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programmer\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [D-Link Air Utility] C:\Programmer\D-Link\Air Utility\AirCFG.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [WinampAgent] F:\Programmer\Winamp\winampa.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Programmer\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [iTunesHelper] F:\Programmer\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [p2pnetwork] p2pnetwork.exe
O4 - HKLM\..\Run: [IE Runtimes] winis.exe
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [salm] c:\temp\salm.exe
O4 - HKLM\..\Run: [IST Service] C:\Programmer\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [SAHBundle] C:\DOCUME~1\ODDERP~1\LOKALE~1\Temp\sahagent-cdt1004.exe run
O4 - HKLM\..\Run: [ap9h4qmo] C:\WINDOWS\system32\ap9h4qmo.exe
O4 - HKLM\..\RunServices: [p2pnetwork] p2pnetwork.exe
O4 - HKLM\..\RunServices: [IE Runtimes] winis.exe
O4 - HKCU\..\Run: [p2pnetwork] p2pnetwork.exe
O4 - HKCU\..\RunServices: [p2pnetwork] p2pnetwork.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = F:\Programmer\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://F:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O12 - Plugin for .pdf: C:\Programmer\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://www.lizardtech.com/download/files/win/djvuplugin/en_US/DjVuControl_en_US.cab
O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} (AlternaTIFF ActiveX) - http://www.alternatiff.com/install/00/alttiff.cab
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} (CR64Loader Object) - http://www.miniclip.com/bestfriends/retro64_loader.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1100103176962
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programmer\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmer\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: WZCBDL Service (WZCBDLService) - D-Link - C:\Programmer\WZCBDL Service\WZCBDLS.exe

Synes godt om

arlet Juniormester

19. juni 2005 - 09:39 #1

tjekker den nu

Synes godt om

arlet Juniormester

19. juni 2005 - 09:41 #2

Download og gem denne scanner på skrivebordet. (Vi skal bruge den senere)
http://www.spywareinfo.dk/download/mwav.exe

----------------------

Ewido skal du downloade her: http://www.ewido.net/en/download/ ( Vi skal bruge den senere)
Klik på Download now. Installer og kør Ewido. Opdater straks efter installationen programmet.

-----------------------

Du skal nu til at i gang med at fixe:

Kør Hijackthis, scan, sæt flueben ved linierne listet her, luk alle vinduer undtaget Hijackthis, klik på fix checked, luk hijackthis igen.
Dobbelttjek, så alt kommer med.

O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\Programmer\SideFind\sfbho.dll (file missing)

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [p2pnetwork] p2pnetwork.exe
O4 - HKLM\..\Run: [IE Runtimes] winis.exe
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [salm] c:\temp\salm.exe
O4 - HKLM\..\Run: [IST Service] C:\Programmer\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [SAHBundle] C:\DOCUME~1\ODDERP~1\LOKALE~1\Temp\sahagent-cdt1004.exe run
O4 - HKLM\..\Run: [ap9h4qmo] C:\WINDOWS\system32\ap9h4qmo.exe
O4 - HKLM\..\RunServices: [p2pnetwork] p2pnetwork.exe
O4 - HKLM\..\RunServices: [IE Runtimes] winis.exe
O4 - HKCU\..\Run: [p2pnetwork] p2pnetwork.exe
O4 - HKCU\..\RunServices: [p2pnetwork] p2pnetwork.exe

--------------------------------------------------------------------

Åbn en tilfældig mappe, klik på Funktioner=>Mappeindstillinger=>Vis.
Fjern flueben ved "Skjul beskyttede operativsystemfiler".
Fjern flueben ved "Skjul filtypenavne for kendte filtyper".
Sæt prik i "Vis skjulte filer og mapper".

------------------------------

Hent denne bats fil og kør den :
http://www.spywareinfo.dk/download/cleantempxp2k.bat
den sletter alt i din temp mappe.

------------------------------

Genstart computeren i fejlsikret tilstand(Du skal klikke på f8 tasten under genstarten (ca. lige når der er talt ram), og så vælge fejlsikret tilstand. Er du i tvivl, så klik bare på f8 flere gange.)
Find og slet disse manuelt :

C:\WINDOWS\system32\ap9h4qmo.exe
C:\Programmer\ISTsvc<-hele mappen
C:\Program Files\Media Access<-hele mappen

-----------------------------

Stadig i fejlsikret:
Klik på mwav.exe som du hentede, programmet pakker sig selv ud og starter.
Sæt flueben i følgende:
Memory, Startup folders, drive, Registry, System folders og Services.
Sæt prik i følgende:
All local drives og Scan all files
Og så trykker du på Scan Clean
Det tager lidt over en time at scanne

-------------------------------

Stadig i fejlsikret:
Kør nu en fuld scanning med Ewido. Når den er færdig trykker du save report og gemmer rapporten.

Så genstarter du computeren normalt og laver en ny hijackthis log, som du lægger herind sammen med reporten fra Ewido

Synes godt om

snailey Nybegynder

01. august 2005 - 09:22 #3

Arlet, jeg er meget beæret over at det er dig der har besvaret dette spørgsmål! Jeg er på ferie og har derfor ikke forsøgt mig endnu. Vil prøve i næste weekend.

Synes godt om

snailey Nybegynder

03. august 2005 - 21:39 #4

Hej så har jeg gjort som du skrev. Kunne ikke finde følgende fil: C:\WINDOWS\system32\ap9h4qmo.exe - så den har jeg ikke slettet.

Her kommer først Hijack:

Logfile of HijackThis v1.98.0
Scan saved at 21:34:37, on 03-08-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmer\D-Tools\daemon.exe
C:\Programmer\D-Link\Air Utility\AirCFG.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmer\Java\jre1.5.0_02\bin\jusched.exe
F:\Programmer\Winamp\winampa.exe
C:\Programmer\Microsoft IntelliPoint\point32.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\Java\jre1.5.0_02\bin\jucheck.exe
C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmer\Alwil Software\Avast4\ashServ.exe
C:\Programmer\ewido\security suite\ewidoctrl.exe
C:\Programmer\ewido\security suite\ewidoguard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmer\WZCBDL Service\WZCBDLS.exe
C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmer\Alwil Software\Avast4\ashWebSv.exe
C:\DOCUME~1\ODDERP~1\LOKALE~1\Temp\jre-1_5_0_04-windows-i586-p-iftw_c07126c3.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\MsiExec.exe
C:\WINDOWS\system32\MsiExec.exe
C:\Documents and Settings\Odder PC 1\Dokumenter\HJT\hijackthis.exe
C:\WINDOWS\system32\javaw.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.dk/0SEDADK/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\MSN Toolbar\01.01.1629.0\da\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programmer\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [D-Link Air Utility] C:\Programmer\D-Link\Air Utility\AirCFG.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [WinampAgent] F:\Programmer\Winamp\winampa.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Programmer\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [iTunesHelper] F:\Programmer\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = F:\Programmer\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://F:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O12 - Plugin for .pdf: C:\Programmer\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://www.lizardtech.com/download/files/win/djvuplugin/en_US/DjVuControl_en_US.cab
O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} (AlternaTIFF ActiveX) - http://www.alternatiff.com/install/00/alttiff.cab
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} (CR64Loader Object) - http://www.miniclip.com/bestfriends/retro64_loader.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1100103176962
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab

og nu Ewido report:

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 21:21:32, 03-08-2005
+ Report-Checksum: EA016F11

+ Scan result:

HKLM\SOFTWARE\Classes\BrowserHelperObject.BAHelper -> Spyware.SideFind : Cleaned with backup
HKLM\SOFTWARE\Classes\BrowserHelperObject.BAHelper\CLSID -> Spyware.SideFind : Cleaned with backup
HKLM\SOFTWARE\Classes\BrowserHelperObject.BAHelper\CurVer -> Spyware.SideFind : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} -> Spyware.GameSpyArcade : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{8CBA1B49-8144-4721-A7B1-64C578C9EED7} -> Spyware.SideFind : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{FAA356E4-D317-42a6-AB41-A3021C6E7D52} -> Spyware.ISTBar : Cleaned with backup
HKLM\SOFTWARE\Classes\ISTbar.BarObj -> Spyware.ISTBar : Cleaned with backup
HKLM\SOFTWARE\Classes\ISTbar.BarObj\CLSID -> Spyware.ISTBar : Cleaned with backup
HKLM\SOFTWARE\Classes\SideFind.Finder -> Spyware.SideFind : Cleaned with backup
HKLM\SOFTWARE\Classes\SideFind.Finder\CLSID -> Spyware.SideFind : Cleaned with backup
HKLM\SOFTWARE\Classes\SideFind.Finder\CurVer -> Spyware.SideFind : Cleaned with backup
HKLM\SOFTWARE\eXactUtil -> Spyware.BargainBuddy : Cleaned with backup
HKLM\SOFTWARE\ISTbar -> Spyware.ISTBar : Error during cleaning
HKLM\SOFTWARE\ISTbar\Historyfiles -> Spyware.ISTBar : Error during cleaning
HKLM\SOFTWARE\ISTbar\Historystring -> Spyware.ISTBar : Error during cleaning
HKLM\SOFTWARE\ISTsvc -> Spyware.ISTBar : Cleaned with backup
HKLM\SOFTWARE\ISTsvc\history -> Spyware.ISTBar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} -> Spyware.GameSpyArcade : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\AMeOpt -> Spyware.InternetOptimizer : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Optimizer -> Spyware.InternetOptimizer : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ISTbar -> Spyware.ISTBar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ISTsvc -> Spyware.ISTBar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Kapabout -> Spyware.InternetOptimizer : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SideFind -> Spyware.SideFind : Cleaned with backup
HKLM\SOFTWARE\Policies\Avenue Media -> Spyware.InternetOptimizer : Cleaned with backup
HKLM\SOFTWARE\PowerScan -> Spyware.PowerScan : Cleaned with backup
HKLM\SOFTWARE\salm -> Spyware.180Solutions : Cleaned with backup
HKLM\SOFTWARE\SideFind -> Spyware.SideFind : Cleaned with backup
HKLM\SOFTWARE\VGroup -> Spyware.SAHA : Cleaned with backup
HKLM\SOFTWARE\VGroup\SAHAgent -> Spyware.SAHA : Cleaned with backup
C:\Documents and Settings\Odder PC 1\Cookies\odder pc 1@ads.pointroll[2].txt -> Spyware.Cookie.Pointroll : Cleaned with backup
C:\Documents and Settings\Odder PC 1\Cookies\odder pc 1@adtech[2].txt -> Spyware.Cookie.Adtech : Cleaned with backup
C:\Documents and Settings\Odder PC 1\Cookies\odder pc 1@as1.falkag[1].txt -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Documents and Settings\Odder PC 1\Cookies\odder pc 1@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Odder PC 1\Cookies\odder pc 1@burstnet[2].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Odder PC 1\Cookies\odder pc 1@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Odder PC 1\Cookies\odder pc 1@ehg-dig.hitbox[2].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Odder PC 1\Cookies\odder pc 1@ehg-legonewyorkinc.hitbox[2].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Odder PC 1\Cookies\odder pc 1@fastclick[2].txt -> Spyware.Cookie.Fastclick : Cleaned with backup
C:\Documents and Settings\Odder PC 1\Cookies\odder pc 1@hitbox[1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Odder PC 1\Cookies\odder pc 1@image.masterstats[1].txt -> Spyware.Cookie.Masterstats : Cleaned with backup
C:\Documents and Settings\Odder PC 1\Cookies\odder pc 1@ivwbox[2].txt -> Spyware.Cookie.Ivwbox : Cleaned with backup
C:\Documents and Settings\Odder PC 1\Cookies\odder pc 1@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Odder PC 1\Cookies\odder pc 1@perf.overture[1].txt -> Spyware.Cookie.Overture : Cleaned with backup
C:\Documents and Settings\Odder PC 1\Cookies\odder pc 1@server.iad.liveperson[1].txt -> Spyware.Cookie.Liveperson : Cleaned with backup
C:\Documents and Settings\Odder PC 1\Cookies\odder pc 1@serving-sys[2].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\Odder PC 1\Cookies\odder pc 1@spylog[1].txt -> Spyware.Cookie.Spylog : Cleaned with backup
C:\Documents and Settings\Odder PC 1\Cookies\odder pc 1@stat.onestat[2].txt -> Spyware.Cookie.Onestat : Cleaned with backup
C:\Documents and Settings\Odder PC 1\Cookies\odder pc 1@statcounter[1].txt -> Spyware.Cookie.Statcounter : Cleaned with backup
C:\Documents and Settings\Odder PC 1\Cookies\odder pc 1@statse.webtrendslive[2].txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
C:\Documents and Settings\Odder PC 1\Cookies\odder pc 1@tradedoubler[1].txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
C:\Documents and Settings\Odder PC 1\Cookies\odder pc 1@valueclick[2].txt -> Spyware.Cookie.Valueclick : Cleaned with backup
C:\Documents and Settings\Odder PC 1\Cookies\odder pc 1@www.shopathomeselect[2].txt -> Spyware.Cookie.Shopathomeselect : Cleaned with backup
C:\Documents and Settings\Odder PC 1\Cookies\odder pc 1@xxxtoolbar[2].txt -> Spyware.Cookie.Xxxtoolbar : Cleaned with backup
C:\Documents and Settings\Odder PC 1\Lokale indstillinger\Temp\Cookies\odder pc 1@server.iad.liveperson[1].txt -> Spyware.Cookie.Liveperson : Cleaned with backup
C:\Documents and Settings\Odder PC 1\Lokale indstillinger\Temp\Cookies\odder pc 1@xxxtoolbar[2].txt -> Spyware.Cookie.Xxxtoolbar : Cleaned with backup
C:\Documents and Settings\Odder PC 1\Lokale indstillinger\Temp\setup4002b.cab/lkir8l2gm_.dll -> Adware.SAHA : Error during cleaning
C:\Documents and Settings\Odder PC 1\Lokale indstillinger\Temp\setup4002b.cab/abasa5jrp_.exe -> Adware.SAHA : Error during cleaning
C:\Documents and Settings\Odder PC 1\Lokale indstillinger\Temp\setup4002b.cab/u6f6uftuc_.exe -> Adware.SAHA : Error during cleaning
C:\Documents and Settings\Odder PC 1\Lokale indstillinger\Temp\setup4002b.cab/hochkaod3_.exe -> Adware.SAHA : Error during cleaning
C:\Documents and Settings\Odder PC 1\Lokale indstillinger\Temp\Temporary Internet Files\Content.IE5\D32JA1JE\package_MARKETING27[1].exe -> Spyware.BargainBuddy.n : Cleaned with backup
C:\Documents and Settings\Odder PC 1\Lokale indstillinger\Temp\VVSNInst.exe/VVSN.exe -> Adware.SaveNow : Error during cleaning
C:\Documents and Settings\Odder PC 1\xxxzzz.exe/rebates.exe -> Spyware.WinAD : Error during cleaning
C:\Documents and Settings\Odder PC 1\xxxzzz.exe/toolbar.exe -> Trojan.Crypt.e : Error during cleaning
C:\Documents and Settings\Odder PC 1\xxxzzz.exe/rebates.exe -> Spyware.WinAD : Error during cleaning
C:\Documents and Settings\Odder PC 1\xxxzzz.exe/toolbar.exe -> Trojan.Crypt.e : Error during cleaning
C:\My Downloads\Prg\Udpakket\Jewel Quest - FULL craked\[auto - bitorrent] Construction Destruction ValuSoft [found on PeerAnia.com].exe -> Spyware.Trymedia : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\gsda.dll -> Dialer.Generic : Cleaned with backup
C:\WINDOWS\system32\bbchk.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\WINDOWS\system32\H@tKeysH@@k.DLL -> Not-A-Virus.Tool.Game.HotHook : Cleaned with backup
C:\WINDOWS\Temp\_avast4_\unp63461598 -> Spyware.WinAD : Cleaned with backup
D:\Arcade Games\Jewel Quest - FULL craked.rar/[auto - bitorrent] Construction Destruction ValuSoft [found on PeerAnia.com].exe -> Spyware.Trymedia : Cleaned with backup
D:\Arcade Games\udpakket\Jewel Quest - FULL craked\[auto - bitorrent] Construction Destruction ValuSoft [found on PeerAnia.com].exe -> Spyware.Trymedia : Cleaned with backup
D:\Arcade Games\udpakket\PopCap and GameHouse Games Full\Games\Big Money Deluxe\BigMoney1_11_patch.exe -> Trojan.FraggleRock.155 : Cleaned with backup
D:\Arcade Games\udpakket\PopCap and GameHouse Games Full\Games\MummyMaze Deluxe\MummyMaze1_1_patch.exe -> Trojan.FraggleRock.155 : Cleaned with backup
D:\Arcade Games\udpakket\PopCap and GameHouse Games Full\Games\Ning Po Majong\NingPoMahJong1_04_04_patch.exe -> Trojan.FraggleRock.155 : Cleaned with backup
D:\Arcade Games\udpakket\PopCap and GameHouse Games Full\Games\Noah' Ark Deluxe\NoahsArk1_1_patch.exe -> Trojan.FraggleRock.155 : Cleaned with backup

::Report End

Synes godt om

arlet Juniormester

04. august 2005 - 17:36 #5

Hvorfor kommer du med en gammel version af hijackthis??

Du skal scanne med den der ligger her:
C:\Documents and Settings\Odder PC 1\Dokumenter\HJT\hijackthis\HijackThis.exe

version 1.99.1

Synes godt om

Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Følg dette spørgsmål

Opret Preview

Se alle it-kurser fra Computerworld Kurser

IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.

Se alle it-kurser

Flere spørgsmål fra Andet sikkerhed kategorien

Titel	Indlæg	Oprettet	Seneste aktivitet
hvilken afløser kan I anbefale? Af jcr18 i Andet sikkerhed	5	17/03/202610:32	18/03/202615:36
Advarsler om datalæk for nogle apps Af nu_igen i Andet sikkerhed	6	02/02/202614:54	03/02/202613:45
Mail fra Yousee ? Svindel? Af nu_igen i Andet sikkerhed	4	13/01/202617:27	14/01/202609:36
Er det sandsynligt, at jeg har været udsat for phishing Af Slettet bruger i Andet sikkerhed	4	13/11/202515:09	14/11/202510:45
Google fake Af johp i Andet sikkerhed	3	27/10/202516:31	28/10/202506:52

Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten

Seneste artiklerRSS

13:00

Sådan kan du implementere ansvarlig AI i din organisation

01/04

Vi tester to udgaver af Denons Home-højttalere - og vi er ikke i tvivl om dommen

01/04

Som slagterlærling traf Rasmus et livsændrende valg: Nu er han udviklingschef i kæmpe energivirksomhed

01/04

Hård kritik efter tirsdagens stor-nedbrud: MitID er som en stor hullet ost og kan udvikle sig til en national katastrofe

01/04

OpenAI får kæmpemæssig kapitaltilførsel: Bliver værdisat til 5.500 milliarder kroner

01/04

Anthropic-medarbejder har ved et uheld lækket hele Claude Codes kildekode: 500.000 linier kode sluppet fri

01/04

Mørklægger årsag til tirsdagens timelange MitID-nedbrud: Vil intet fortælle af 'sikkerhedsmæssige årsager'

01/04

Hver fjerde forventer nul kroner i lønforhøjelse: It-testerne er blandt branchens mest pessimistiske for tredje år i træk

01/04

Synes du også, at det er lidt pinligt, når du har anvendt AI til at løse dine opgaver? Så bør du komme over 'AI-skammen' omgående, mener lektor

01/04

Ny bog kommer tættere på geniet bag Googles DeepMind

01/04

Dansk stjerne-CIO fratræder: Det blev til to og et halvt år i en af verdens største logistik-virksomheder

Vis flere artikler

IT-JOB

Jyske Bank

Senior Forretningsudvikler til Wealth Selvbetjening

Statens IT

Sikkerhedsarkitekt til Statens It

Forsvarsministeriets Materiel- og Indkøbsstyrelse

Teknologirådgiver inden for Sensor Fusion, AI og Teknisk Efterretning ved Forsvarsministeriets Materiel- og Indkøbsstyrelse i Ballerup

Digitaliseringsstyrelsen

Relationsstærk agil konsulent til tværgående it-styring i Digitaliseringsstyrelsen

Operate Technology A/S

PHP-udvikler til Drupal

Vis flere jobs

Seneste spørgsmål Seneste aktivitet

31/0310:22	Makro der gemmer vedhæftet fil fra Msg og omdøber filen Af lokesa i Excel
30/0313:45	Kablet forbindelse mellem android telefon og windows 11 pc Af 1Dorte i Android
30/0312:04	Elementtype vises - og ikke billedet? Af hkprofil i Billedbehandling
29/0312:08	Problemer med replay af købte kursusvideoer Af annam i Browsere
28/0311:18	DENVER DVB-tMPEG-4 HD TUNER Af ole falsted i Fjernsyn & projektorer

White papers

Arctic Wolf Threat Report 2026: Sådan ændrer ransomware-landskabet sig
Arctic Wolf
Arctic Wolf Security Operations Report 2025: Indblik i moderne sikkerhedsdrift
Arctic Wolf
Undgå at printeren bliver svageste led i sikkerheden
Konica Minolta
Samarbejde mellem AI og mennesker styrker sikkerheden
Konica Minolta

Flere white papers »