Søg
Avatar billede kgpedersen Nybegynder
10. januar 2006 - 13:12 Der er 9 kommentarer og
1 løsning

Hjælp til hijackthis log

Jeg har kørt spybot og den fandt en firewall override og en antivirus override. Hvad gør disse.

Derfor har jeg lavet en hijackthis.log som jeg håber der er en der vil se på:

Logfile of HijackThis v1.99.1
Scan saved at 12:59:41, on 10-01-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\Logi_MwX.Exe
C:\Programmer\iTunes\iTunesHelper.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\Winamp\winampa.exe
C:\Programmer\Skype\Phone\Skype.exe
C:\Programmer\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\mozilla.org\Mozilla\Mozilla.exe
C:\Programmer\Creative\Shared Files\Media Sniffer\MtdAcq.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\Programmer\Logitech\SetPoint\SetPoint.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\CTSvcCDA.EXE
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Programmer\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Programmer\Fælles filer\Logitech\KHAL\KHALMNPR.EXE
C:\Programmer\Fælles filer\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\msdtc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\Programmer\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\mqsvc.exe
C:\WINDOWS\System32\mqtgsvc.exe
C:\Programmer\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Programmer\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Programmer\Outlook Express\msimn.exe
C:\Programmer\Spybot - Search & Destroy\SpybotSD.exe
C:\Programmer\Mozilla Firefox\firefox.exe
C:\DOCUME~1\Kristian\LOKALE~1\Temp\Midlertidig mappe 2 for hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.dk/0SEDADK/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O1 - Hosts: 127.0.1.10 citrix
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programmer\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\MSN Apps\MSN Toolbar\01.02.4000.1001\da\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\MSN Apps\MSN Toolbar\01.02.4000.1001\da\msntb.dll
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [THGuard] "C:\Programmer\TrojanHunter 4.0\THGuard.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] C:\Programmer\Winamp\winampa.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [Skype] "C:\Programmer\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Programmer\mozilla.org\Mozilla\Mozilla.exe" -turbo
O4 - HKCU\..\Run: [MtdAcq] C:\Programmer\Creative\Shared Files\Media Sniffer\MtdAcq.EXE /s
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmer\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {18D9C485-7EEC-4395-95DA-DC3875B10E81} (TEInstallPlugIn) - http://www.skylinesoft.com/interactive/terraexplorer/install/TEInstallPlugIn.cab
O16 - DPF: {3D6DDD23-870A-4FC8-B3AF-5F67C935A9B7} (Util Class) - https://gandalf.certifikat.dk/csp/authenticode/PrimeInkCSP-1204.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1096275018169
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {D3426292-3750-4D80-9D0F-2816F61A6D15} (SpeedTest Control) - http://81.19.245.211/speedtest/SpeedTest_2.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Programmer\Fælles filer\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Programmer\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programmer\Fælles filer\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

Logfile of HijackThis v1.99.1
Scan saved at 12:59:41, on 10-01-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\Logi_MwX.Exe
C:\Programmer\iTunes\iTunesHelper.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\Winamp\winampa.exe
C:\Programmer\Skype\Phone\Skype.exe
C:\Programmer\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\mozilla.org\Mozilla\Mozilla.exe
C:\Programmer\Creative\Shared Files\Media Sniffer\MtdAcq.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\Programmer\Logitech\SetPoint\SetPoint.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\CTSvcCDA.EXE
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Programmer\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Programmer\Fælles filer\Logitech\KHAL\KHALMNPR.EXE
C:\Programmer\Fælles filer\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\msdtc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\Programmer\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\mqsvc.exe
C:\WINDOWS\System32\mqtgsvc.exe
C:\Programmer\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Programmer\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Programmer\Outlook Express\msimn.exe
C:\Programmer\Spybot - Search & Destroy\SpybotSD.exe
C:\Programmer\Mozilla Firefox\firefox.exe
C:\DOCUME~1\Kristian\LOKALE~1\Temp\Midlertidig mappe 2 for hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.dk/0SEDADK/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O1 - Hosts: 127.0.1.10 citrix
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programmer\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\MSN Apps\MSN Toolbar\01.02.4000.1001\da\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\MSN Apps\MSN Toolbar\01.02.4000.1001\da\msntb.dll
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [THGuard] "C:\Programmer\TrojanHunter 4.0\THGuard.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] C:\Programmer\Winamp\winampa.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [Skype] "C:\Programmer\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Programmer\mozilla.org\Mozilla\Mozilla.exe" -turbo
O4 - HKCU\..\Run: [MtdAcq] C:\Programmer\Creative\Shared Files\Media Sniffer\MtdAcq.EXE /s
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmer\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {18D9C485-7EEC-4395-95DA-DC3875B10E81} (TEInstallPlugIn) - http://www.skylinesoft.com/interactive/terraexplorer/install/TEInstallPlugIn.cab
O16 - DPF: {3D6DDD23-870A-4FC8-B3AF-5F67C935A9B7} (Util Class) - https://gandalf.certifikat.dk/csp/authenticode/PrimeInkCSP-1204.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1096275018169
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {D3426292-3750-4D80-9D0F-2816F61A6D15} (SpeedTest Control) - http://81.19.245.211/speedtest/SpeedTest_2.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Programmer\Fælles filer\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Programmer\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programmer\Fælles filer\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

Kristian
Avatar billede arlet Juniormester
10. januar 2006 - 13:14 #1
kigger
Avatar billede arlet Juniormester
10. januar 2006 - 13:16 #2
Der er ikke noget i loggen.

Download og gem disse scanner på skrivebordet:

Hent denne scanner.
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
(men lad være med at scanne endnu).

-----

Ewido: http://www.ewido.net/en/download/
Klik på Download now. Installer og kør Ewido. Opdater straks efter installationen programmet, (men lad være med at scanne endnu).

----------

Genstart i fejlsikret tilstand. Du skal klikke på f8 tasten under genstarten (ca. lige når der er talt ram), og så vælge fejlsikret tilstand. Er du i tvivl, så klik bare på f8 flere gange. Kør nu en fuld scanning med Ewido. Når den er færdig trykker du save report.

-----

Kør nu en fuld scanning med Ewido. Når den er færdig trykker du save report og gemmer rapporten.

-----

Dobbeltklik på drweb-cureit.exe, den vil køre en expressscan, det siger du ja til.
Når den skriver Done nederst til venstre, skal du klikke på Options->Change settings.
Skift til fanebladet Scan, fjern fluebenet ved Heuristic analysis.
Skift til fanebladet Actions, her skal alle punkter under Malware sættes til Rename.
Klik så på det eller de drev du vil have scannet, der kommer en rød prik for at vise det/de er valgt.

Klik så på den grønne pil ovre til højre på siden, så starter scanningen.
Første gang Dr.Web finder noget, klik "Yes to All", så fjerner den hvad den finder.
Klik så på Start->Søg, find filen drweb32w.log kopier det nederste af teksten herind, startende med:
Scan statistics.
-----

Begge rapporter kopier du herind..
Avatar billede kgpedersen Nybegynder
10. januar 2006 - 22:08 #3
her er ewido rapporten:

---------------------------------------------------------
ewido anti-malware - Scanningsrapport
---------------------------------------------------------

+ Oprettet den:            14:46:34, 10-01-2006
+ Rapport-Checksum:        EBCF646A

+ Scanningsresultat:
    :mozilla.10:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Adtech : Renset med backup
    :mozilla.11:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Adtech : Renset med backup
    :mozilla.12:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Adtech : Renset med backup
    :mozilla.19:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Com : Renset med backup
    :mozilla.20:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Com : Renset med backup
    :mozilla.24:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Mediaplex : Renset med backup
    :mozilla.33:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Hitbox : Renset med backup
    :mozilla.34:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Hitbox : Renset med backup
    :mozilla.35:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Hitbox : Renset med backup
    :mozilla.36:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Renset med backup
    :mozilla.37:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Doubleclick : Renset med backup
    :mozilla.38:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Renset med backup
    :mozilla.83:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.84:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.85:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Advertising : Renset med backup
    :mozilla.97:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Falkag : Renset med backup
    :mozilla.98:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Falkag : Renset med backup
    :mozilla.99:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Falkag : Renset med backup
    :mozilla.103:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Renset med backup
    :mozilla.104:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Renset med backup
    :mozilla.105:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Renset med backup
    :mozilla.141:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.2o7 : Renset med backup
    :mozilla.142:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.2o7 : Renset med backup
    :mozilla.144:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.2o7 : Renset med backup
    :mozilla.185:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Statcounter : Renset med backup
    :mozilla.186:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Statcounter : Renset med backup
    :mozilla.187:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Statcounter : Renset med backup
    :mozilla.193:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Valueclick : Renset med backup
    :mozilla.205:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Atdmt : Renset med backup
    :mozilla.206:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.2o7 : Renset med backup
    :mozilla.210:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Liveperson : Renset med backup
    :mozilla.211:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Liveperson : Renset med backup
    :mozilla.212:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Liveperson : Renset med backup
    :mozilla.213:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Liveperson : Renset med backup
    :mozilla.214:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Adserver : Renset med backup
    :mozilla.215:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Adserver : Renset med backup
    :mozilla.272:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Renset med backup
    :mozilla.311:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Tfag : Renset med backup
    :mozilla.340:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Serving-sys : Renset med backup
    :mozilla.341:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Serving-sys : Renset med backup
    :mozilla.342:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Serving-sys : Renset med backup
    :mozilla.343:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Serving-sys : Renset med backup
    :mozilla.371:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Burstnet : Renset med backup
    :mozilla.383:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Falkag : Renset med backup
    :mozilla.389:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Serving-sys : Renset med backup
    :mozilla.392:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\m2a0jm0c.default\cookies.txt -> Spyware.Cookie.Centrport : Renset med backup
    :mozilla.6:C:\Documents and Settings\Kristian\Application Data\Mozilla\Profiles\default\wvh29j1e.slt\cookies.txt -> Spyware.Cookie.2o7 : Renset med backup
    :mozilla.7:C:\Documents and Settings\Kristian\Application Data\Mozilla\Profiles\default\wvh29j1e.slt\cookies.txt -> Spyware.Cookie.Adtech : Renset med backup
    :mozilla.8:C:\Documents and Settings\Kristian\Application Data\Mozilla\Profiles\default\wvh29j1e.slt\cookies.txt -> Spyware.Cookie.Adtech : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@2o7[2].txt -> Spyware.Cookie.2o7 : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@ad.yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@adopt.specificclick[1].txt -> Spyware.Cookie.Specificclick : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@ads.pointroll[2].txt -> Spyware.Cookie.Pointroll : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@adserver.adtech[1].txt -> Spyware.Cookie.Adtech : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@adtech[1].txt -> Spyware.Cookie.Adtech : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@as-eu.falkag[2].txt -> Spyware.Cookie.Falkag : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@as-us.falkag[1].txt -> Spyware.Cookie.Falkag : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@as1.falkag[1].txt -> Spyware.Cookie.Falkag : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@axa.addcontrol[1].txt -> Spyware.Cookie.Addcontrol : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@banner.commissionpartner[2].txt -> Spyware.Cookie.Commissionpartner : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@bilbo.counted[2].txt -> Spyware.Cookie.Counted : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@bs.serving-sys[1].txt -> Spyware.Cookie.Serving-sys : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@burstnet[2].txt -> Spyware.Cookie.Burstnet : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@casalemedia[2].txt -> Spyware.Cookie.Casalemedia : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@centrport[1].txt -> Spyware.Cookie.Centrport : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@citi.bridgetrack[1].txt -> Spyware.Cookie.Bridgetrack : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@cnn.122.2o7[1].txt -> Spyware.Cookie.2o7 : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@com[2].txt -> Spyware.Cookie.Com : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@ilead.itrack[1].txt -> Spyware.Cookie.Itrack : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@perf.overture[1].txt -> Spyware.Cookie.Overture : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@questionmarket[1].txt -> Spyware.Cookie.Questionmarket : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@sel.as-eu.falkag[1].txt -> Spyware.Cookie.Falkag : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@sel.as1.falkag[1].txt -> Spyware.Cookie.Falkag : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@server.iad.liveperson[1].txt -> Spyware.Cookie.Liveperson : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@serving-sys[2].txt -> Spyware.Cookie.Serving-sys : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@statcounter[2].txt -> Spyware.Cookie.Statcounter : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@tfag[2].txt -> Spyware.Cookie.Tfag : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@track.commissionpartner[1].txt -> Spyware.Cookie.Commissionpartner : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@tradedoubler[2].txt -> Spyware.Cookie.Tradedoubler : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@tribalfusion[2].txt -> Spyware.Cookie.Tribalfusion : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@valueclick[2].txt -> Spyware.Cookie.Valueclick : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@www.burstbeacon[2].txt -> Spyware.Cookie.Burstbeacon : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@www.etracker[2].txt -> Spyware.Cookie.Etracker : Renset med backup
    C:\Documents and Settings\Kristian\Cookies\kristian@z1.adserver[1].txt -> Spyware.Cookie.Adserver : Renset med backup
    C:\Documents and Settings\Kristian\Lokale indstillinger\Temp\Cookies\kristian@adtech[2].txt -> Spyware.Cookie.Adtech : Renset med backup
    C:\Documents and Settings\Kristian\Lokale indstillinger\Temp\Cookies\kristian@ilead.itrack[1].txt -> Spyware.Cookie.Itrack : Renset med backup
    C:\Documents and Settings\Kristian\Lokale indstillinger\Temp\Cookies\kristian@server.iad.liveperson[1].txt -> Spyware.Cookie.Liveperson : Renset med backup
    C:\Documents and Settings\Kristian\Lokale indstillinger\Temp\Cookies\kristian@tradedoubler[2].txt -> Spyware.Cookie.Tradedoubler : Renset med backup


::Rapport slut
Avatar billede kgpedersen Nybegynder
11. januar 2006 - 12:11 #4
Det er ikke lykkedes mig at kopiere drweb rapporten herind. Den er så stor at jeg bliver smidt af dette spørgsmål.

Er der noget af loggen efter scan statistics jeg kan udelade?
Avatar billede arlet Juniormester
11. januar 2006 - 12:21 #5
Jeg skal se der hvor der står hvor mange filer den har slettet osv..
Avatar billede kgpedersen Nybegynder
11. januar 2006 - 18:30 #6
det skulle være det her:

-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 142733
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 2
Objects cured: 0
Objects deleted: 0
Objects renamed: 2
Objects moved: 0
Objects ignored: 0
Scan speed: 193 Kb/s
Scan time: 02:11:18
-----------------------------------------------------------------------------

=============================================================================
Total session statistics
=============================================================================
Objects scanned: 142839
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 2
Objects cured: 0
Objects deleted: 0
Objects renamed: 2
Objects moved: 0
Objects ignored: 0
Scan speed: 199 Kb/s
Scan time: 02:11:43
Avatar billede kgpedersen Nybegynder
11. januar 2006 - 21:02 #7
Spybot viser stadig at jeg har følgende:

windows security center.firewalloverride
windows security center.AntiVirusOverride

Hvad er dette?
Avatar billede arlet Juniormester
11. januar 2006 - 22:07 #8
DEt er en bug i spybot. Fandt denne tråd fra spywarefri: http://www.spywarefri.dk/forum/topic.asp?TOPIC_ID=16765
Avatar billede kgpedersen Nybegynder
11. januar 2006 - 23:01 #9
ok, er der ellers noget i de 2 logs som er suspekt. Har jeg haft noget keylogging eller andet snavs i mit system
Avatar billede arlet Juniormester
12. januar 2006 - 07:58 #10
Jeg kan ikke lige se hvad det er som dr.web har slettet, det er ikke noget der har været aktivt, for så havde vi set det i hijackthis loggen
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Andet sikkerhed kategorien

Titel Indlæg Oprettet Seneste aktivitet
hvilken afløser kan I anbefale? Af jcr18 i Andet sikkerhed 5 17/03/202610:32 18/03/202615:36
Advarsler om datalæk for nogle apps Af nu_igen i Andet sikkerhed 6 02/02/202614:54 03/02/202613:45
Mail fra Yousee ? Svindel? Af nu_igen i Andet sikkerhed 4 13/01/202617:27 14/01/202609:36
Er det sandsynligt, at jeg har været udsat for phishing Af Slettet bruger i Andet sikkerhed 4 13/11/202515:09 14/11/202510:45
Google fake Af johp i Andet sikkerhed 3 27/10/202516:31 28/10/202506:52
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
I dag 10:22 Makro der gemmer vedhæftet fil fra Msg og omdøber filen Af lokesa i Excel
I går 13:45 Kablet forbindelse mellem android telefon og windows 11 pc Af 1Dorte i Android
I går 12:04 Elementtype vises - og ikke billedet? Af hkprofil i Billedbehandling
29/0312:08 Problemer med replay af købte kursusvideoer Af annam i Browsere
28/0311:18 DENVER DVB-tMPEG-4 HD TUNER Af ole falsted i Fjernsyn & projektorer
White papers
Flere white papers »