Søg
Avatar billede zealot Nybegynder
04. januar 2006 - 11:29 Der er 6 kommentarer og
1 løsning

High Risk virus: c:\windows\cmdsys.exe

Hejsa.
Min bærbare med Win Xp Pro er begyndt at vise ovennævnte fejlmelding flere gange om dagen. Den begynder af sig selv at udpakke en fil ved navn "aPackage", herefter kommer der en fejlmelding og norton antivirus 2005 fjerner ovenstående fil med melding om, at det drejer sig om en virus ved navn "Downloader.Trojan". Samtidig med dette er maskinen blevet en del mere langsom under opstart mv.
Håber en eller anden har set dette problem før og kan hjælpe mig.
På forhånd tak...
Bjørn
Avatar billede arlet Juniormester
04. januar 2006 - 11:30 #1
Hent Ewido og Hijackthis her : http://www.arlet.dk/ewidohjt.htm
Avatar billede zealot Nybegynder
04. januar 2006 - 13:39 #2
Hej Arlet.
Her er de 2 rapporter. Håber de kan bruges til noget...
Tak for hjælpen indtil videre.
mvh. Bjørn
---------------------------------------------------------
ewido anti-malware - Scanningsrapport
---------------------------------------------------------

+ Oprettet den:            12:44:00, 04-01-2006
+ Rapport-Checksum:        8ECE9BF4

+ Scanningsresultat:
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Spyware.WebRebates : Renset med backup
    :mozilla.16:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Adtech : Renset med backup
    :mozilla.34:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Adtech : Renset med backup
    :mozilla.39:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Doubleclick : Renset med backup
    :mozilla.73:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.74:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.75:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.76:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.77:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.78:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.79:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.80:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.81:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.82:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.83:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.84:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.85:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.86:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.87:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.88:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.89:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.90:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.91:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.92:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.93:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.94:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.95:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.96:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.97:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.98:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.99:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.100:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.101:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.102:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.103:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.104:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.105:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.106:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.107:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.108:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.109:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.110:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.111:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.112:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.113:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.114:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.115:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.116:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.117:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.118:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.119:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.120:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.121:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.122:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.123:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Mediaplex : Renset med backup
    :mozilla.125:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Tradedoubler : Renset med backup
    :mozilla.130:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.2o7 : Renset med backup
    :mozilla.148:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Atdmt : Renset med backup
    :mozilla.159:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Falkag : Renset med backup
    :mozilla.160:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Falkag : Renset med backup
    :mozilla.161:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Falkag : Renset med backup
    :mozilla.162:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Falkag : Renset med backup
    :mozilla.163:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Falkag : Renset med backup
    :mozilla.178:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Webtrendslive : Renset med backup
    :mozilla.206:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Falkag : Renset med backup
    :mozilla.207:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Falkag : Renset med backup
    :mozilla.208:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Falkag : Renset med backup
    :mozilla.209:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Falkag : Renset med backup
    :mozilla.210:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Falkag : Renset med backup
    :mozilla.229:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Fastclick : Renset med backup
    :mozilla.231:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Fastclick : Renset med backup
    :mozilla.232:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Yieldmanager : Renset med backup
    :mozilla.233:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Yieldmanager : Renset med backup
    :mozilla.234:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Yieldmanager : Renset med backup
    :mozilla.235:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Yieldmanager : Renset med backup
    :mozilla.236:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Yieldmanager : Renset med backup
    :mozilla.248:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Hitslink : Renset med backup
    :mozilla.249:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Hitslink : Renset med backup
    :mozilla.251:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Hitslink : Renset med backup
    :mozilla.252:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Hitslink : Renset med backup
    :mozilla.260:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Centrport : Renset med backup
    :mozilla.276:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Googleadservices : Renset med backup
    :mozilla.284:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Statcounter : Renset med backup
    :mozilla.285:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Statcounter : Renset med backup
    :mozilla.286:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Statcounter : Renset med backup
    :mozilla.287:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Statcounter : Renset med backup
    :mozilla.293:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Tribalfusion : Renset med backup
    :mozilla.303:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Liveperson : Renset med backup
    :mozilla.304:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Liveperson : Renset med backup
    :mozilla.305:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Liveperson : Renset med backup
    :mozilla.315:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Googleadservices : Renset med backup
    :mozilla.323:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Burstnet : Renset med backup
    :mozilla.324:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Burstnet : Renset med backup
    :mozilla.325:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Casalemedia : Renset med backup
    :mozilla.326:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Casalemedia : Renset med backup
    :mozilla.327:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Casalemedia : Renset med backup
    :mozilla.329:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Webtrendslive : Renset med backup
    :mozilla.366:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Questionmarket : Renset med backup
    :mozilla.401:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Falkag : Renset med backup
    :mozilla.415:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Googleadservices : Renset med backup
    :mozilla.416:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Googleadservices : Renset med backup
    :mozilla.417:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Googleadservices : Renset med backup
    :mozilla.418:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\17mfu73q.Standard bruger\cookies.txt -> Spyware.Cookie.Googleadservices : Renset med backup
    :mozilla.6:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.2o7 : Renset med backup
    :mozilla.8:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.Adtech : Renset med backup
    :mozilla.9:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.Adtech : Renset med backup
    :mozilla.17:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.Com : Renset med backup
    :mozilla.18:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.Com : Renset med backup
    :mozilla.21:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.Sexcounter : Renset med backup
    :mozilla.22:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.Sexcounter : Renset med backup
    :mozilla.67:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.Overture : Renset med backup
    :mozilla.79:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.Statcounter : Renset med backup
    :mozilla.80:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.Statcounter : Renset med backup
    :mozilla.81:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.Statcounter : Renset med backup
    :mozilla.85:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Renset med backup
    :mozilla.102:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Renset med backup
    :mozilla.103:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Renset med backup
    :mozilla.104:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Renset med backup
    :mozilla.105:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Renset med backup
    :mozilla.106:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Renset med backup
    :mozilla.110:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.Falkag : Renset med backup
    :mozilla.111:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.Falkag : Renset med backup
    :mozilla.112:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.Falkag : Renset med backup
    :mozilla.113:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.Falkag : Renset med backup
    :mozilla.114:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.Falkag : Renset med backup
    :mozilla.130:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.Itrack : Renset med backup
    :mozilla.159:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.Onestat : Renset med backup
    :mozilla.160:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.Onestat : Renset med backup
    :mozilla.203:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.Etracker : Renset med backup
    :mozilla.208:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.Googleadservices : Renset med backup
    :mozilla.209:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.Googleadservices : Renset med backup
    :mozilla.210:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.Googleadservices : Renset med backup
    :mozilla.211:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.Googleadservices : Renset med backup
    :mozilla.212:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.Googleadservices : Renset med backup
    :mozilla.213:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.Googleadservices : Renset med backup
    :mozilla.214:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.Googleadservices : Renset med backup
    :mozilla.215:C:\Documents and Settings\Bjørn\Application Data\Mozilla\Firefox\Profiles\xwxz2n9p.default\cookies.txt -> Spyware.Cookie.Googleadservices : Renset med backup
    C:\Documents and Settings\Bjørn\Cookies\bjørn@ad.yieldmanager[2].txt -> Spyware.Cookie.Yieldmanager : Renset med backup
    C:\Documents and Settings\Bjørn\Cookies\bjørn@adtech[1].txt -> Spyware.Cookie.Adtech : Renset med backup
    C:\Documents and Settings\Bjørn\Cookies\bjørn@buildabear.122.2o7[1].txt -> Spyware.Cookie.2o7 : Renset med backup
    C:\Documents and Settings\Bjørn\Cookies\bjørn@cnn.122.2o7[1].txt -> Spyware.Cookie.2o7 : Renset med backup
    C:\Documents and Settings\Bjørn\Cookies\bjørn@com[2].txt -> Spyware.Cookie.Com : Renset med backup
    C:\Documents and Settings\Bjørn\Cookies\bjørn@ilead.itrack[1].txt -> Spyware.Cookie.Itrack : Renset med backup
    C:\Documents and Settings\Bjørn\Cookies\bjørn@ivwbox[1].txt -> Spyware.Cookie.Ivwbox : Renset med backup
    C:\Documents and Settings\Bjørn\Cookies\bjørn@paypopup[1].txt -> Spyware.Cookie.Paypopup : Renset med backup
    C:\WINDOWS\Downloaded Program Files\cssweb.dll -> Spyware.CSSWeb : Renset med backup
    C:\WINDOWS\Downloaded Program Files\miniclipGameLoader.dll -> Downloader.Small : Renset med backup
    C:\WINDOWS\system32\XXXDownloader.ocx -> Downloader.Mypay.a : Renset med backup


::Rapport slut


Logfile of HijackThis v1.99.1
Scan saved at 13:22:44, on 04-01-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fælles filer\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Fælles filer\Symantec Shared\SNDSrvc.exe
C:\Programmer\Fælles filer\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\crypserv.exe
C:\Programmer\ewido anti-malware\ewidoctrl.exe
C:\Programmer\ewido anti-malware\ewidoguard.exe
C:\Programmer\Norton AntiVirus\navapsvc.exe
C:\Programmer\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fælles filer\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Programmer\EzButton\CplBCL50.EXE
C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe
C:\Programmer\Apoint2K\Apoint.exe
C:\Programmer\Messenger Plus! 3\MsgPlus.exe
C:\Programmer\Globe Software\StatBar\StatBar.exe
C:\Programmer\Apoint2K\Apntex.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Documents and Settings\Bjørn\Skrivebord\Hijackthis\hjt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.rvvsftkwre.info/ispSyc0iZZ17pw7Ri3TDQrUNaIOvE1ZT_9gv9z6CfYVPwGEQuIOzboOmEmW9eAda.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/firefox?client=firefox-a&rls=org.mozilla:da-DK:official
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://portal.xini.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programmer\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmer\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\MSN Apps\MSN Toolbar\01.02.4000.1001\da\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmer\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\MSN Apps\MSN Toolbar\01.02.4000.1001\da\msntb.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmer\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmer\google\googletoolbar2.dll
O4 - HKLM\..\Run: [] C:\\Programmer\\EzButton\\CplBCL50.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Apoint] C:\Programmer\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [system] regsvr32.exe /s C:\WINDOWS\system32\XXXDownloader.ocx
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programmer\Messenger Plus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [StatBar] C:\Programmer\Globe Software\StatBar\StatBar.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Google Search - res://c:\programmer\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\programmer\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\programmer\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\programmer\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\programmer\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\programmer\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: TvGuide - {E6850551-1B82-47cd-BBF3-8E7D6099F9B3} - www.tvguide.dk (file missing)
O9 - Extra 'Tools' menuitem: TvGuide.dk - {E6850551-1B82-47cd-BBF3-8E7D6099F9B3} - www.tvguide.dk (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe (file missing)
O16 - DPF: PCPitstop-Tracks-Checker - http://pcpitstop.com/privacy/PCPTracks.cab
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) - http://www.pcpitstop.com/internet/pcpConnCheck.cab
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) - http://www.miniclip.com/supergerball/miniclipGameLoader.dll
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {3D6DDD23-870A-4FC8-B3AF-5F67C935A9B7} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/PrimeInkCSP-1204.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1100032745738
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://print2peoplephoto.com/photo/library/ImageUploader3.cab
O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} (CSS Web Installer Class) - http://scanner.virus112.com/cabs/cssweb.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Programmer\Fælles filer\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccSetMgr.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: ewido security suite control - ewido networks - C:\Programmer\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Programmer\ewido anti-malware\ewidoguard.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Programmer\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Programmer\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Programmer\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FLLESF~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\CCPD-LC\symlcsvc.exe

Mvh. Bjørn
Avatar billede arlet Juniormester
04. januar 2006 - 13:47 #3
Hent denne scanner.
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
(men lad være med at scanne endnu).

--------------------------------------------------------------------

Åbn en tilfældig mappe, klik på Funktioner=>Mappeindstillinger=>Vis.
Fjern flueben ved "Skjul beskyttede operativsystemfiler".
Fjern flueben ved "Skjul filtypenavne for kendte filtyper".
Sæt prik i "Vis skjulte filer og mapper".

--------------------------------------------------------------------

Du skal nu til at i gang med at fixe:
Kør Hijackthis, scan, sæt flueben ved linien/linierne listet her, luk alle vinduer undtaget Hijackthis, klik på fix checked, luk hijackthis igen.

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.rvvsftkwre.info/ispSyc0iZZ17pw7Ri3TDQrUNaIOvE1ZT_9gv9z6CfYVPwGEQuIOzboOmEmW9eAda.php

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm

R3 - Default URLSearchHook is missin

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe

O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)

O4 - HKLM\..\Run: [system] regsvr32.exe /s C:\WINDOWS\system32\XXXDownloader.ocx



Find og slet den/disse manuelt:

C:\WINDOWS\system32\XXXDownloader.ocx


Genstart computeren i fejlsikret tilstand(Du skal klikke på f8 tasten under genstarten (ca. lige når der er talt ram), og så vælge fejlsikret tilstand. Er du i tvivl, så klik bare på f8 flere gange.)


Dobbeltklik på drweb-cureit.exe, den vil køre en expressscan, det siger du ja til.
Når den skriver Done nederst til venstre, skal du klikke på Options->Change settings.
Skift til fanebladet Scan, fjern fluebenet ved Heuristic analysis.
Skift til fanebladet Actions, her skal alle punkter under Malware sættes til Rename.
Klik så på det eller de drev du vil have scannet, der kommer en rød prik for at vise det/de er valgt.

Klik så på den grønne pil ovre til højre på siden, så starter scanningen.
Første gang Dr.Web finder noget, klik "Yes to All", så fjerner den hvad den finder.
Klik så på Start->Søg, find filen drweb32w.log kopier det nederste af teksten herind, startende med:
Scan statistics.


Genstart og ny hijackthis log samt loggen fra dr.web
Avatar billede zealot Nybegynder
04. januar 2006 - 13:57 #4
Hej Arlet.
Tak for hjælpen - og en god hjemmeside på www.arlet.dk
Bjørn
Avatar billede zealot Nybegynder
04. januar 2006 - 15:03 #5
Hej igen Arlet.
Nyeste logfiler...

Logfile of HijackThis v1.99.1
Scan saved at 15:00:33, on 04-01-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fælles filer\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Fælles filer\Symantec Shared\SNDSrvc.exe
C:\Programmer\Fælles filer\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\crypserv.exe
C:\Programmer\ewido anti-malware\ewidoctrl.exe
C:\Programmer\ewido anti-malware\ewidoguard.exe
C:\Programmer\Norton AntiVirus\navapsvc.exe
C:\Programmer\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fælles filer\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Programmer\EzButton\CplBCL50.EXE
C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe
C:\Programmer\Apoint2K\Apoint.exe
C:\Programmer\Messenger Plus! 3\MsgPlus.exe
C:\Programmer\Globe Software\StatBar\StatBar.exe
C:\Programmer\Apoint2K\Apntex.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Bjørn\Skrivebord\Hijackthis\hjt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

http://www.google.dk/firefox?client=firefox-a&rls=org.mozilla:da-DK:official
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://portal.xini.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -

C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programmer\MSN

Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -

c:\programmer\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -

C:\Programmer\MSN Apps\MSN Toolbar\01.02.4000.1001\da\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmer\Norton

AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\MSN

Apps\MSN Toolbar\01.02.4000.1001\da\msntb.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -

C:\Programmer\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -

c:\programmer\google\googletoolbar2.dll
O4 - HKLM\..\Run: [] C:\\Programmer\\EzButton\\CplBCL50.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Apoint] C:\Programmer\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programmer\Messenger Plus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [StatBar] C:\Programmer\Globe Software\StatBar\StatBar.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat

7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Google Search -

res://c:\programmer\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word -

res://c:\programmer\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links -

res://c:\programmer\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page -

res://c:\programmer\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&ksporter til Microsoft Excel -

res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages -

res://c:\programmer\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English -

res://c:\programmer\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\Programmer\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\Programmer\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -

C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: TvGuide - {E6850551-1B82-47cd-BBF3-8E7D6099F9B3} - www.tvguide.dk (file

missing)
O9 - Extra 'Tools' menuitem: TvGuide.dk - {E6850551-1B82-47cd-BBF3-8E7D6099F9B3} -

www.tvguide.dk (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Programmer\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Programmer\Messenger\msmsgs.exe (file missing)
O16 - DPF: PCPitstop-Tracks-Checker - http://pcpitstop.com/privacy/PCPTracks.cab
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) -

http://pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) -

http://www.pcpitstop.com/internet/pcpConnCheck.cab
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) -

http://www.miniclip.com/supergerball/miniclipGameLoader.dll
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) -

http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {3D6DDD23-870A-4FC8-B3AF-5F67C935A9B7} (Util Class) -

https://udstedelse.certifikat.tdc.dk/csp/authenticode/PrimeInkCSP-1204.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -

http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1100032

745738
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) -

http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -

http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) -

http://print2peoplephoto.com/photo/library/ImageUploader3.cab
O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} (CSS Web Installer Class) -

http://scanner.virus112.com/cabs/cssweb.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -

"C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Programmer\Fælles filer\Adobe Systems

Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmer\Fælles

filer\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation -

C:\Programmer\Fælles filer\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation -

C:\Programmer\Fælles filer\Symantec Shared\ccSetMgr.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: ewido security suite control - ewido networks - C:\Programmer\ewido

anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Programmer\ewido

anti-malware\ewidoguard.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation -

C:\Programmer\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation -

C:\Programmer\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Programmer\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation -

C:\PROGRA~1\FLLESF~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation -

C:\Programmer\Fælles filer\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programmer\Fælles

filer\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programmer\Fælles filer\Symantec

Shared\CCPD-LC\symlcsvc.exe


Dr. Web
-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 69284
Infected objects found: 32
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 32
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 56 Kb/s
Scan time: 00:39:18
-----------------------------------------------------------------------------
Avatar billede arlet Juniormester
04. januar 2006 - 16:12 #6
Så er din log ren.

Efter sådan en tur er det altid en god ide og rydde op i dine systemgendannelses filerne.
Deaktiver systemgendannelse ( http://www.arlet.dk/systemgendannelsen.htm ) - genstart din computer - aktiver systemgendannelse.

Generel oprydning: http://www.arlet.dk/oprydning.htm

For at beskytte dig mod snavs har jeg lavet en sikkerhedspakke,
som du kan se her : www.arlet.dk/pakke.htm
Avatar billede zealot Nybegynder
04. januar 2006 - 18:57 #7
Tusind tak for hjælpen!
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel Indlæg Oprettet Seneste aktivitet
Vil skrifte antivirusprogram. Af ErikHg i Virus 22 26/11/202510:42 23/12/202514:29
Er gratis Bitdefender værd at installere ? Af Ikke-ekspert i Virus 8 31/08/202519:08 01/09/202514:18
Ukendte filer på min Pc Af jonpet i Virus 10 03/02/202514:20 04/02/202511:05
mulig ukendt virus Af jackie18 i Virus 3 18/01/202514:07 18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus 13 18/01/202511:40 20/01/202517:53
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
I går 17:35 Kan ikke resette PC med Windows 8.1 Af TTA i Office & Kontorpakker
I går 13:33 Lukning af Microsoftkonto Af ErikHg i Windows
23/0416:10 Bat file. Af johnnylassen i Andet programmering
23/0410:28 “Signe” Svindel omtalt i medier Af nu_igen i Mobiltelefoner
22/0420:59 RAID controller virker ikke ved tilslutning af alle 4 harddiske Af Strawberry i Andet hardware
White papers
Flere white papers »