Søg
Avatar billede wolfcas Nybegynder
07. januar 2006 - 09:34 Der er 19 kommentarer og
2 løsninger

hijackthis-log nogen der har tid?

Hej med jer

En af mine gode venner har problemer med pop-ups fra diverse pornosites og alt muligt andet... så jeg har fortalt lidt om hvor dygtige folk er herinde og lvoet at sende hans log herind.
Hvis en af jer har tid, må i gerne give en lidt udførlig forklaring, idet jeg sender den videre til ham.

Godt nytår og på forhånd tak for hjælpen

Wolfcas (Log følger --->)

Logfile of HijackThis v1.99.1
Scan saved at 19:54:48, on 06-01-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Firewall Sygate\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Fælles filer\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\System32\CTSvcCDA.exe
C:\Programmer\Norton AntiVirus\navapsvc.exe
C:\Programmer\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fælles filer\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
C:\Programmer\Fælles filer\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\BtUsrBdg.exe
C:\WINDOWS\system32\BTSetBootKey.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Ipod\Ny iTunes 5.1\iTunesHelper.exe
C:\Programmer\QuickTime\qttask.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\Skype\Skype.exe
C:\Programmer\Common Files\VCClient\VCClient.exe
C:\Programmer\Common Files\VCClient\VCMain.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\E-Color Indicator\TICIcon.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\Registration\SonnReg.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\HP printer\Digital Imaging\bin\hpohmr08.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\HP printer\Digital Imaging\bin\hpotdd01.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Ipod\iPod update\iPod\bin\iPodService.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\HP printer\Digital Imaging\bin\hpoevm08.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\HP printer\Digital Imaging\Bin\hpoSTS08.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\Messenger\msmsgs.exe
C:\Documents and Settings\Joachiem Marques\Skrivebord\hjt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.jubii.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmer\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~2\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [BTUSRBDG] BtUsrBdg.exe
O4 - HKLM\..\Run: [BTSETBOOTKEY] BTSetBootKey.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Documents and Settings\Joachiem Marques\Dokumenter\Ipod\Ny iTunes 5.1\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [winsync] C:\WINDOWS\system32\ykqyrr.exe reg_run
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~2\FIREWA~1\smc.exe -startgui
O4 - HKCU\..\Run: [Skype] "C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\Skype\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Shell] "C:\Programmer\Fælles filer\Microsoft Shared\Web Folders\ibm00001.exe"
O4 - HKCU\..\Run: [CU1] C:\Programmer\Common Files\VCClient\VCClient.exe
O4 - HKCU\..\Run: [CU2] C:\Programmer\Common Files\VCClient\VCMain.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: 3Deep.lnk = C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\3Deep\3Deepctl.exe
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: E-Color Indicator.lnk = C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\E-Color Indicator\TICIcon.exe
O4 - Global Startup: E-Color.lnk = C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\Registration\SonnReg.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~2\INCRED~1\bin\resources\WebMenuImg.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~2\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: ShellServiceObjectDelayLoad - C:\WINDOWS\system32\en4ul1h91.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Documents and Settings\Joachiem Marques\Dokumenter\Ipod\iPod update\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Programmer\Norton AntiVirus\navapsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Programmer\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~2\FLLESF~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programmer\Firewall Sygate\smc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\Security Center\SymWSC.exe
Avatar billede arlet Juniormester
07. januar 2006 - 09:36 #1
Vi har ikke andet end tid*S*
Avatar billede arlet Juniormester
07. januar 2006 - 09:37 #2
Hent L2mfix.exe fra et af disse steder:

http://www.atribune.org/downloads/l2mfix.exe
http://www.downloads.subratam.org/l2mfix.exe

Gem filen på dit Skrivebord og dobbeltklik på l2mfix.exe. Klik på Install knappen og følg instruktionerne. Åben herefter den nye mappe der er dannet på dit Skrivebord (l2mfix). Dobbeltklik på l2mfix.bat og vælg option 1 (Run Find log) ved at taste "1" og "Enter". Din computer bliver nu scannet - efter et par minutter åbnes en tekstfil i Notesblok. Kopier indholdet herind.

NB: Du må ikke køre option 2 eller andre af filerne i l2mfix mappen, før du er blevet bedt om det.
Avatar billede wolfcas Nybegynder
07. januar 2006 - 09:38 #3
Hold da helt op det går stærkt!! OG så endda selveste Arlet!!! Jeg er storbruger af din hjemmeside :)

Jeg sender det videre til ham.. og håber han kigger men kan ikke love at det lige går så stærkt...

Mange tak!!!
Avatar billede arlet Juniormester
07. januar 2006 - 09:40 #4
Tak!!

Det er helt i orden..
Avatar billede wolfcas Nybegynder
07. januar 2006 - 14:26 #5
Så er der en ny rapport!

L2MFIX find log 010406
These are the registry keys present
**********************************************************************************
Winlogon/notify:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Themes]
"Asynchronous"=dword:00000000
"DllName"="C:\\WINDOWS\\system32\\j2j60c1sef.dll"
"Impersonate"=dword:00000000
"Logon"="WinLogon"
"Logoff"="WinLogoff"
"Shutdown"="WinShutdown"

**********************************************************************************
useragent:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"{8C429B90-6719-3E1C-A8EC-DC4692DE4570}"=""

**********************************************************************************
Shell Extension key:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{00022613-0000-0000-C000-000000000046}"="Egenskabsark for multimediefiler"
"{176d6597-26d3-11d1-b350-080036a75b03}"="ICM-scannerstyring"
"{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="NTFS Sikkerhedsside"
"{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="Egenskabsside for OLE-dokumentfil"
"{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Gr‘nsefladeudvidelse til deling"
"{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension"
"{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Kontrolpanel-udvidelse til sk‘rmkort"
"{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Kontrolpanel-udvidelse til sk‘rm"
"{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Kontrolpanel-udvidelse til sk‘rmpanorering"
"{4E40F770-369C-11d0-8922-00A024AB2DBB}"="DS Security-side"
"{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Kompatibilitetsside"
"{56117100-C0CD-101B-81E2-00AA004AE837}"="Shell Scrap DataHandler"
"{59099400-57FF-11CE-BD94-0020AF85B590}"="Udvidelsen Diskcopy"
"{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Gr‘nsefladeudvidelser til Microsoft Windows-netv‘rksobjekter"
"{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="ICM-sk‘rmstyring"
"{675F097E-4C4D-11D0-B6C1-0800091AA605}"="ICM-printerstyring"
"{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Gr‘nsefladeudvidelser til filkomprimering"
"{77597368-7b15-11d0-a0c2-080036af3f03}"="Gr‘nsefladeudvidelse til webudskrift"
"{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI"
"{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Kontekstmenu til kryptering"
"{85BBD920-42A0-1069-A2E4-08002B30309D}"="Rejsetaske"
"{88895560-9AA2-1069-930E-00AA0030EBC8}"="HyperTerminal-ikon"
"{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts"
"{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="ICC-profil"
"{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Printers Sikkerhedsside"
"{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Gr‘nsefladeudvidelse til deling"
"{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension"
"{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Crypto PKO-filtype"
"{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Crypto signeringsfiltype"
"{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Netv‘rksforbindelser"
"{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Netv‘rksforbindelser"
"{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="Scannere og kameraer"
"{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="Scannere og kameraer"
"{905667aa-acd6-11d2-8080-00805f6596d2}"="Scannere og kameraer"
"{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="Scannere og kameraer"
"{83bbcbf3-b28a-4919-a5aa-73027445d672}"="Scannere og kameraer"
"{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension"
"{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Shell-udvidelser til Windows Script Host"
"{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Microsoft-dataforbindelse"
"{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler"
"{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension"
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Planlagte opgaver"
"{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Proceslinje og menuen Start"
"{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="S›g"
"{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Hj‘lp og support"
"{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Hj‘lp og support"
"{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="K›r..."
"{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internettet"
"{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="E-mail"
"{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Fonts"
"{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Administration"
"{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler"
"{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler"
"{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler"
"{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler"
"{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler"
"{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor"
"{5E6AB780-7743-11CF-A12B-00AA004AE837}"="V‘rkt›jslinje til Microsoft Internet"
"{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="Download Status"
"{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Augmented Shell Folder"
"{6413BA2C-B461-11d1-A18A-080036B11A03}"="Augmented Shell Folder 2"
"{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy"
"{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Microsoft BrowserBand"
"{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Search Band"
"{32683183-48a0-441b-a342-7c2a440a9478}"="Media Band"
"{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="In-pane search"
"{07798131-AF23-11d1-9111-00A0C98BA67D}"="Webs›gning"
"{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Registry Tree Options Utility"
"{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Adresse"
"{A08C11D2-A228-11d0-825B-00AA005B4383}"="Redigeringsboks til adresse"
"{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Microsoft AutoComplete"
"{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor"
"{6756A641-DE71-11d0-831B-00AA005B4383}"="MRU AutoComplete List"
"{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Custom MRU AutoCompleted List"
"{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible"
"{acf35015-526e-4230-9596-becbe19f0ac9}"="Track Popup Bar"
"{E0E11A09-5CB8-4B6C-8332-E00720A168F2}"="Address Bar Parser"
"{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Microsoft History AutoComplete List"
"{03C036F1-A186-11D0-824A-00AA005B4383}"="Microsoft Shell Folder AutoComplete List"
"{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Microsoft Multiple AutoComplete List Container"
"{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Shell Band Site Menu"
"{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp"
"{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Shell DeskBar"
"{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite"
"{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="User Assist"
"{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="Global Folder Settings"
"{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band"
"{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service"
"{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer"
"{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture"
"{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut"
"{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft URL-oversigtstjeneste"
"{FF393560-C2A7-11CF-BFF4-444553540000}"="Oversigt"
"{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook"
"{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="Velkomstbillede til Internet Explorer 4-suiten"
"{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook"
"{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC"
"{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC"
"{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internettet"
"{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space"
"{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band"
"{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{88C6C381-2E85-11D0-94DE-444553540000}"="ActiveX-cachemappe"
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck"
"{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr"
"{F5175861-2688-11d0-9C5E-00AA00A45957}"="Subscription Folder"
"{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler"
"{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent"
"{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent"
"{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent"
"{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent"
"{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent"
"{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler"
"{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Shell Programstyring"
"{0B124F8F-91F0-11D1-B8B5-006008059382}"="Opt‘lling af installerede programmer"
"{CFCCC7A0-A282-11D1-9082-006008059382}"="Darwin App Publisher"
"{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs"
"{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory"
"{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="Udpakning af miniaturer til GDI+-filer"
"{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Dokumentinfo om miniaturehandler (DOCFILES)"
"{EAB841A0-9550-11cf-8C16-00805F1408F3}"="Udpakning af HTML-miniaturer"
"{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler"
"{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Guiden Webudgivelse"
"{add36aa8-751a-4579-a266-d66f5202ccbb}"="Bestil billedudskrift over World Wide Web"
"{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Objekt til guiden Webudgivelse"
"{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Guiden F† et Passport"
"{7A9D77BD-5403-11d2-8785-2E0420524153}"="Brugerkonti"
"{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler"
"{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target"
"{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Kanalfil"
"{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Genvej til kanal"
"{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channel Handler Object"
"{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu"
"{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties"
"{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview"
"{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext"
"{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control"
"{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control"
"{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control"
"{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control"
"{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control"
"{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI"
"{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object"
"{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find"
"{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find"
"{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI"
"{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs"
"{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook"
"{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target"
"{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties"
"{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu"
"{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options"
"{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Mappen Offlinefiler"
"{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler"
"{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell"
"{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%"
"{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler"
"{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer"
"{32714800-2E5F-11d0-8B85-00AA0044F941}"="Efter &personer..."
"{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler"
"{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler"
"{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler"
"{0006F045-0000-0000-C000-000000000046}"="Microsoft Outlook Custom Icon Handler"
"{1CDB2949-8F65-4355-8456-263E7C208A5D}"="Desktop Explorer"
"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}"="Desktop Explorer Menu"
"{1D2680C9-0E2A-469d-B787-065558BC7D43}"="Fusion Cache"
"{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"="Set Program Access and Defaults"
"{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension"
"{596AB062-B4D2-4215-9F74-E9109B0A8153}"="Previous Versions Property Page"
"{9DB7A13C-F208-4981-8353-73CC61AE2783}"="Previous Versions"
"{692F0339-CBAA-47e6-B5B5-3B84DB604E87}"="Extensions Manager Folder"
"{640167b4-59b0-47a6-b335-a6b3c0695aea}"="Portable Media Devices"
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}"="Portable Media Devices Menu"
"{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}"="iTunes"
"{21569614-B795-46b1-85F4-E737A8DC09AD}"="Shell Search Band"
"{FF423029-1122-4DD6-AC48-361E1D8E860D}"=""
"{4D1DEE1E-D985-4672-BF94-47563890D74C}"=""
"{B09B3C22-5E34-4181-9103-453369DE8E39}"=""
"{928450C4-72D7-4D40-9A30-AB289897E93D}"=""
"{D0210061-701A-4CEA-A7E8-C0E3736ABEE6}"=""

**********************************************************************************
HKEY ROOT CLASSIDS:
Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{FF423029-1122-4DD6-AC48-361E1D8E860D}]

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{4D1DEE1E-D985-4672-BF94-47563890D74C}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{4D1DEE1E-D985-4672-BF94-47563890D74C}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{4D1DEE1E-D985-4672-BF94-47563890D74C}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{4D1DEE1E-D985-4672-BF94-47563890D74C}\InprocServer32]
@="C:\\WINDOWS\\system32\\uqimdmat.dll"
"ThreadingModel"="Apartment"

**********************************************************************************
Files Found are not all bad files:

C:\WINDOWS\SYSTEM32\
  browseui.dll  Thu 24 Nov 2005  1.39.20  A....      1.022.464  998,50 K
  cdfview.dll    Fri 21 Oct 2005  4.41.34  A....        151.552  148,00 K
  danim.dll      Sat  5 Nov 2005  4.17.42  A....      1.056.256    1,00 M
  dnn801~1.dll  Sat  7 Jan 2006  1.26.02  ..S.R        233.860  228,38 K
  dxtrans.dll    Fri 21 Oct 2005  4.41.34  A....        205.312  200,50 K
  esent.dll      Thu 20 Oct 2005  23.26.42  A....      1.082.368    1,03 M
  extmgr.dll    Fri 21 Oct 2005  4.41.34  .....        55.808    54,50 K
  gdi32.dll      Thu 29 Dec 2005  3.56.06  A....        280.064  273,50 K
  glqgr.dll      Sat  7 Jan 2006  13.27.14  A....        24.064    23,50 K
  iepeers.dll    Fri 21 Oct 2005  4.41.34  A....        251.392  245,50 K
  inseng.dll    Fri 21 Oct 2005  4.41.34  A....        96.768    94,50 K
  j2j60c~1.dll  Fri  6 Jan 2006  21.18.04  ..S.R        236.457  230,91 K
  mshtml.dll    Thu 24 Nov 2005  1.39.22  A....      3.013.632    2,87 M
  mshtmled.dll  Fri 21 Oct 2005  4.41.36  A....        448.512  438,00 K
  msrating.dll  Fri 21 Oct 2005  4.41.36  A....        146.432  143,00 K
  mstime.dll    Fri 21 Oct 2005  4.41.36  A....        530.944  518,50 K
  pngfilt.dll    Fri 21 Oct 2005  4.41.36  A....        39.424    38,50 K
  qasqppe.dll    Sat  7 Jan 2006  13.27.14  A....        67.072    65,50 K
  s32evnt1.dll  Thu  1 Dec 2005  12.14.20  A....        86.091    84,07 K
  shdocvw.dll    Thu  1 Dec 2005  4.33.22  A....      1.492.480    1,42 M
  shlwapi.dll    Fri 21 Oct 2005  4.41.38  A....        473.600  462,50 K
  sirenacm.dll  Wed 12 Oct 2005  23.11.06  A....        118.784  116,00 K
  spmsg.dll      Thu 13 Oct 2005  0.10.46  .....        14.560    14,22 K
  uqimdmat.dll  Sat  7 Jan 2006  13.27.00  ..S.R        236.457  230,91 K
  urlmon.dll    Sat  5 Nov 2005  4.17.54  A....        606.208  592,00 K
  wininet.dll    Fri 21 Oct 2005  4.41.38  A....        659.968  644,50 K
  xyctsrv.dll    Wed  4 Jan 2006  17.48.24  ..S.R        233.665  228,19 K

27 items found:  27 files (4 H/S), 0 directories.
  Total of file sizes:  12.864.194 bytes    12,27 M
Locate .tmp files:

No matches found.
**********************************************************************************
Directory Listing of system files:
Disken i drev C har ikke noget navn.
Diskens serienummer er 9491-509D

Indhold af C:\WINDOWS\System32

07-01-2006  13:26          236.457 uqimdmat.dll
07-01-2006  01:26          233.860 dnn8015ue.dll
06-01-2006  21:18          236.457 j2j60c1sef.dll
04-01-2006  17:48          233.665 xYctsrv.dll
25-10-2005  12:53    <DIR>          dllcache
29-11-2003  20:26    <DIR>          Microsoft
              4 fil(er)          940.439 byte
              2 mappe(r)  7.648.333.824 byte ledig
Avatar billede arlet Juniormester
07. januar 2006 - 14:28 #6
Fint.

Luk alle programmer - du vil om lidt blive bedt om at genstarte din computer.

Fra mappen l2mfix skal du køre l2mfix.bat igen - denne gang skal du vælge option 2 (Run Fix). Så vil du blive bedt om et password. Her skriver du (efterfulgt af <Enter>)
bye

Dit skrivebord og ikoner vil forsvinde en tid så. L2Mfix vil fortsætte med at scanne din computer, vil den være klar til en genstart. Tryk en taste for at genstarte. Efter genstarten, vil Notepad åbnes med en ny log. Kopiér indholdet af denne log ind i denne tråd, sammen med en ny Hijackthis-log.
Avatar billede wolfcas Nybegynder
07. januar 2006 - 14:57 #7
Han skriver til mig at den ikke åbner en rapport i notepad.. kan man forcere det?
Avatar billede wolfcas Nybegynder
07. januar 2006 - 15:00 #8
måske det er den rapport der ligger i mappem l2mfix han siger der ligger en rapport der
Avatar billede arlet Juniormester
07. januar 2006 - 15:09 #9
Prøv at smide den herind
Avatar billede wolfcas Nybegynder
07. januar 2006 - 15:16 #10
Det ser ud til at være den samme som den første jeg sendte til dig.. andre ideer til hvor den kan være blevet af?
Vil du have hijackthis-loggen ?
Avatar billede arlet Juniormester
07. januar 2006 - 15:29 #11
Ja, han skal lige genstarte inden han laver en ny hijackthis
Avatar billede wolfcas Nybegynder
07. januar 2006 - 15:33 #12
Kommer her:

Logfile of HijackThis v1.99.1
Scan saved at 15:30:08, on 07-01-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Firewall Sygate\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Fælles filer\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\System32\CTSvcCDA.exe
C:\Programmer\Norton AntiVirus\navapsvc.exe
C:\Programmer\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fælles filer\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
C:\Programmer\Fælles filer\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\BtUsrBdg.exe
C:\WINDOWS\system32\BTSetBootKey.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Ipod\Ny iTunes 5.1\iTunesHelper.exe
C:\Programmer\QuickTime\qttask.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\Skype\Skype.exe
C:\Programmer\Common Files\VCClient\VCClient.exe
C:\Programmer\Common Files\VCClient\VCMain.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Ipod\iPod update\iPod\bin\iPodService.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\E-Color Indicator\TICIcon.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\Registration\SonnReg.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\HP printer\Digital Imaging\bin\hpohmr08.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\HP printer\Digital Imaging\bin\hpotdd01.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\HP printer\Digital Imaging\bin\hpoevm08.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\HP printer\Digital Imaging\Bin\hpoSTS08.exe
C:\Programmer\EA SPORTS\FIFA 2004\fifa2004.exe
C:\DOCUME~1\JOACHI~1\LOKALE~1\Temp\~e5d141.tmp
C:\Programmer\Messenger\msmsgs.exe
C:\Programmer\Outlook Express\msimn.exe
C:\Programmer\Norton AntiVirus\OPScan.exe
C:\Documents and Settings\Joachiem Marques\Skrivebord\hjt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.jubii.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmer\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~2\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [BTUSRBDG] BtUsrBdg.exe
O4 - HKLM\..\Run: [BTSETBOOTKEY] BTSetBootKey.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Documents and Settings\Joachiem Marques\Dokumenter\Ipod\Ny iTunes 5.1\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [winsync] C:\WINDOWS\system32\ykqyrr.exe reg_run
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~2\FIREWA~1\smc.exe -startgui
O4 - HKCU\..\Run: [Skype] "C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\Skype\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Shell] "C:\Programmer\Fælles filer\Microsoft Shared\Web Folders\ibm00001.exe"
O4 - HKCU\..\Run: [CU1] C:\Programmer\Common Files\VCClient\VCClient.exe
O4 - HKCU\..\Run: [CU2] C:\Programmer\Common Files\VCClient\VCMain.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: 3Deep.lnk = C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\3Deep\3Deepctl.exe
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: E-Color Indicator.lnk = C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\E-Color Indicator\TICIcon.exe
O4 - Global Startup: E-Color.lnk = C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\Registration\SonnReg.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~2\INCRED~1\bin\resources\WebMenuImg.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~2\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: Setup - C:\WINDOWS\system32\j2j60c1sef.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Documents and Settings\Joachiem Marques\Dokumenter\Ipod\iPod update\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Programmer\Norton AntiVirus\navapsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Programmer\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~2\FLLESF~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programmer\Firewall Sygate\smc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\Security Center\SymWSC.exe
Avatar billede arlet Juniormester
07. januar 2006 - 15:37 #13
Så prøver vi dette her:
Hent L2mfix.exe fra et af disse steder:

http://www.atribune.org/downloads/l2mfix.exe
http://www.downloads.subratam.org/l2mfix.exe

Gem filen på dit Skrivebord og dobbeltklik på l2mfix.exe. Klik på Install knappen og følg instruktionerne. Åben herefter den nye mappe der er dannet på dit Skrivebord (l2mfix). Dobbeltklik på l2mfix.bat og vælg option 1 (Run Find log) ved at taste "1" og "Enter". Din computer bliver nu scannet - efter et par minutter åbnes en tekstfil i Notesblok. Kopier indholdet herind.

NB: Du må ikke køre option 2 eller andre af filerne i l2mfix mappen, før du er blevet bedt om det.

---------------------------------------------
Files Found are not all bad files:

C:\WINDOWS\SYSTEM32\
  hrink.dll      Sat 12 Nov 2005  16.01.46  ..S.R        236.553  231,01 K
  l02s0a~1.dll  Sat 12 Nov 2005  16.01.44  ..S.R        237.273  231,71 K
  sirenacm.dll  Thu 13 Oct 2005  0.11.06  A....        118.784  116,00 K
  u0ru0a~1.dll  Sat 12 Nov 2005  1.38.00  ..S.R        236.553  231,01 K

Kig efter ca. 235 kb størrelse, og helt nydannede

Efter loggen, så kommer næste vejledning:
---------------------------------------------


Luk alle programmer - du vil om lidt blive bedt om at genstarte din computer.

Fra mappen l2mfix skal du køre l2mfix.bat igen - denne gang skal du vælge option 2 (Run Fix). Så vil du blive bedt om et password. Her skriver du (efterfulgt af <Enter>)
bye

Dit skrivebord og ikoner vil forsvinde en tid så. L2Mfix vil fortsætte med at scanne din computer, vil den være klar til en genstart. Tryk en taste for at genstarte. Efter genstarten, vil Notepad åbnes med en ny log. Kopiér indholdet af denne log ind i denne tråd, sammen med en ny Hijackthis-log.


HVIS DET IKKE VIRKER:


Hent KillBox her:
http://www.bleepingcomputer.com/files/spyware/KillBox.zip

Brugsanvisning kan du finde her:
http://www.fbeej.dk/KillBox2_manual.htm

Kør KillBox, sæt prik i "Delete on reboot". Kopier nedenstående linier ind i tekstfeltet på Killbox og klik herefter på den røde knap med det hvide kryds. Programmet vil spørge om du vil genstarte - svar NEJ undtagen når du når til den sidste linie - der skal du svare JA, og din computer vil genstarte

C:\WINDOWS\system32\j2j60c1sef.dll

Hent Spysweeper prøveversion her: http://www.spywarefri.dk/downloads1.htm
Installer og opdater det (check for definition update)
Derefter, tryk på Options.
sæt prik i- sweep all folders on selected drive (s)
fjern flueben ved-don´t sweep systemrestore folder.
sæt flueben ved- sweep for Rootkits

Luk programmet.

Så lukker du computeren, og lader den være i ca. 30 sekunder. Så starter du op i fejlsikret tilstand (Tryk f8 flere gange under opstart). Vælg med piletasterne fejlsikret tilstand og tast <enter>


Start Spysweeper. Så popper der en boks op fra Spysweeper, der trykker du på NO

Kør så en Sweep. Når scanningen er færdig, tryk på- next-select all-next-finish. Luk programmet.

Kør en scanning med HijackThis, så du kan se alle filer. Luk alle vinduer, sæt flueben ved denne linie, og klik fix checked.

O20 - Winlogon Notify: Setup - C:\WINDOWS\system32\j2j60c1sef.dll

Genstart til normaltilstand, og tag en online scan her (Complete scan) http://housecall.trendmicro.com/
og med X Cleaner her
http://www.spywarefri.dk/onlinevark.htm

Kom med en frisk HijackThis log.
Avatar billede arlet Juniormester
07. januar 2006 - 15:39 #14
Der er 2 filer, der skal fixes i hijackthis:

O4 - HKLM\..\Run: [winsync] C:\WINDOWS\system32\ykqyrr.exe reg_run
O20 - Winlogon Notify: Setup - C:\WINDOWS\system32\j2j60c1sef.dll
Avatar billede wolfcas Nybegynder
07. januar 2006 - 15:41 #15
Fint prøver, men nu går der nok lidt tid igen.. han kæreste står og tripper de skal til hendes søster hehe
takker so far
Avatar billede arlet Juniormester
07. januar 2006 - 15:42 #16
Helt i orden..
Avatar billede wolfcas Nybegynder
09. januar 2006 - 00:46 #17
Ny log:
Logfile of HijackThis v1.99.1
Scan saved at 18:35:19, on 08-01-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Firewall Sygate\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\BtUsrBdg.exe
C:\WINDOWS\system32\BTSetBootKey.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Ipod\Ny iTunes 5.1\iTunesHelper.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\Webroot\Spy Sweeper\SpySweeper.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\E-Color Indicator\TICIcon.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\Registration\SonnReg.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\HP printer\Digital Imaging\bin\hpohmr08.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\HP printer\Digital Imaging\bin\hpotdd01.exe
C:\Programmer\Fælles filer\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\System32\CTSvcCDA.exe
C:\Programmer\Norton AntiVirus\navapsvc.exe
C:\Programmer\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\HP printer\Digital Imaging\bin\hpoevm08.exe
C:\Programmer\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Programmer\Fælles filer\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
C:\Programmer\Fælles filer\Symantec Shared\Security Center\SymWSC.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Ipod\iPod update\iPod\bin\iPodService.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\HP printer\Digital Imaging\Bin\hpoSTS08.exe
C:\Programmer\Messenger\msmsgs.exe
C:\Documents and Settings\Joachiem Marques\Skrivebord\hjt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.jubii.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmer\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~2\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [BTUSRBDG] BtUsrBdg.exe
O4 - HKLM\..\Run: [BTSETBOOTKEY] BTSetBootKey.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Documents and Settings\Joachiem Marques\Dokumenter\Ipod\Ny iTunes 5.1\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~2\FIREWA~1\smc.exe -startgui
O4 - HKLM\..\Run: [SpySweeper] "C:\Programmer\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKCU\..\Run: [Skype] "C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\Skype\Skype.exe" /nosplash /minimized
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: 3Deep.lnk = C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\3Deep\3Deepctl.exe
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: E-Color Indicator.lnk = C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\E-Color Indicator\TICIcon.exe
O4 - Global Startup: E-Color.lnk = C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\Registration\SonnReg.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~2\INCRED~1\bin\resources\WebMenuImg.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~2\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: DateTime - C:\WINDOWS\system32\irlul5391.dll (file missing)
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Documents and Settings\Joachiem Marques\Dokumenter\Ipod\iPod update\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Programmer\Norton AntiVirus\navapsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Programmer\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~2\FLLESF~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programmer\Firewall Sygate\smc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\SNDSrvc.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Programmer\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\Security Center\SymWSC.exe
Avatar billede arlet Juniormester
09. januar 2006 - 09:13 #18
Så er vi næsten i mål..

Start op i fejlsikret og fix denne i hijackthis:
O20 - Winlogon Notify: DateTime - C:\WINDOWS\system32\irlul5391.dll (file missing)

genstart normalt og nu hijackthis log
Avatar billede wolfcas Nybegynder
09. januar 2006 - 23:55 #19
Hermed en logfil mere:

Logfile of HijackThis v1.99.1
Scan saved at 16:46:14, on 09-01-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Firewall Sygate\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Fælles filer\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\System32\CTSvcCDA.exe
C:\Programmer\Norton AntiVirus\navapsvc.exe
C:\Programmer\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Programmer\Fælles filer\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
C:\Programmer\Fælles filer\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\BtUsrBdg.exe
C:\WINDOWS\system32\BTSetBootKey.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Ipod\Ny iTunes 5.1\iTunesHelper.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\Webroot\Spy Sweeper\SpySweeper.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\Skype\Skype.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\E-Color Indicator\TICIcon.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\Registration\SonnReg.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\HP printer\Digital Imaging\bin\hpohmr08.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\HP printer\Digital Imaging\bin\hpotdd01.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Ipod\iPod update\iPod\bin\iPodService.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\HP printer\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\HP printer\Digital Imaging\Bin\hpoSTS08.exe
C:\Programmer\Messenger\msmsgs.exe
C:\Documents and Settings\Joachiem Marques\Skrivebord\hjt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.jubii.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmer\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~2\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [BTUSRBDG] BtUsrBdg.exe
O4 - HKLM\..\Run: [BTSETBOOTKEY] BTSetBootKey.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Documents and Settings\Joachiem Marques\Dokumenter\Ipod\Ny iTunes 5.1\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~2\FIREWA~1\smc.exe -startgui
O4 - HKLM\..\Run: [SpySweeper] "C:\Programmer\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKCU\..\Run: [Skype] "C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\Skype\Skype.exe" /nosplash /minimized
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: 3Deep.lnk = C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\3Deep\3Deepctl.exe
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: E-Color Indicator.lnk = C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\E-Color Indicator\TICIcon.exe
O4 - Global Startup: E-Color.lnk = C:\Documents and Settings\Joachiem Marques\Dokumenter\Software\Registration\SonnReg.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~2\INCRED~1\bin\resources\WebMenuImg.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~2\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Documents and Settings\Joachiem Marques\Dokumenter\Ipod\iPod update\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Programmer\Norton AntiVirus\navapsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Programmer\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~2\FLLESF~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programmer\Firewall Sygate\smc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\SNDSrvc.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Programmer\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\Security Center\SymWSC.exe
Avatar billede arlet Juniormester
10. januar 2006 - 06:45 #20
Så lykkes det*S*

Så er din log ren.

Efter sådan en tur er det altid en god ide og rydde op i dine systemgendannelses filerne.
Deaktiver systemgendannelse ( http://www.arlet.dk/systemgendannelsen.htm ) - genstart din computer - aktiver systemgendannelse.

Generel oprydning: http://www.arlet.dk/oprydning.htm

For at beskytte dig mod snavs har jeg lavet en sikkerhedspakke,
som du kan se her : www.arlet.dk/pakke.htm
Avatar billede wolfcas Nybegynder
10. januar 2006 - 08:21 #21
Godmorgen Arlet

MANGE MANGE tak for hjælpen endnu en gang! Han er ovenud lykkelig over at han har sluppet for popups og andet snavs!!

Igen tak og ja vi skirves jo nok ved :)

Wolfcas
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel Indlæg Oprettet Seneste aktivitet
Vil skrifte antivirusprogram. Af ErikHg i Virus 22 26/11/202510:42 23/12/202514:29
Er gratis Bitdefender værd at installere ? Af Ikke-ekspert i Virus 8 31/08/202519:08 01/09/202514:18
Ukendte filer på min Pc Af jonpet i Virus 10 03/02/202514:20 04/02/202511:05
mulig ukendt virus Af jackie18 i Virus 3 18/01/202514:07 18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus 13 18/01/202511:40 20/01/202517:53
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
I går 17:35 Kan ikke resette PC med Windows 8.1 Af TTA i Office & Kontorpakker
I går 13:33 Lukning af Microsoftkonto Af ErikHg i Windows
23/0416:10 Bat file. Af johnnylassen i Andet programmering
23/0410:28 “Signe” Svindel omtalt i medier Af nu_igen i Mobiltelefoner
22/0420:59 RAID controller virker ikke ved tilslutning af alle 4 harddiske Af Strawberry i Andet hardware
White papers
Flere white papers »