Hei.Og tusen takk for svar.
Her følger logger fra Hijackthis Ewido Og dr.web. Dr web finner viruset i minne på maskinen min fortsatt,hver gang jeg starter programmet.Det står likevel Cure og Trojan Vanquish.20 eradicated.Samtidig kan jeg ikke bruke Ewido til ikke scanne minne og bare står og spinner hvis jeg forsøker.
Loggene er gjort i Safe mode og da finner ingen programmer hva og hvor filene gjemmer seg.
Men her følger log:
Logfile of HijackThis v1.99.1
Scan saved at 20:52:20, on 22.01.2006
Platform: Windows 2003 SP1 (WinNT 5.02.3790)
MSIE: Internet Explorer v6.00 SP1 (6.00.3790.1830)
Running processes:
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Administrator\Desktop\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://google.com/F2 - REG:system.ini: UserInit=userinit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files (x86)\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [DU Meter] "C:\Program Files (x86)\DU Meter\DUMeter.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [THGuard] "C:\Program Files (x86)\TrojanHunter 4.2\THGuard.exe"
O4 - HKCU\..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EA Downloader\Core.exe -silent
O4 - Startup: MemTurbo.lnk = C:\Program Files (x86)\MemTurbo30\MemTurbo.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1137373287489O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1137835153812O16 - DPF: {94EB57FE-2720-496C-B33F-D9353C6E23F7} (F-Secure Online Scanner 2.1) -
http://support.f-secure.com/ols/fscax.cabO18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~2\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\SYSTEM32\dimsntfy.dll
O20 - Winlogon Notify: EFS - C:\WINDOWS\SYSTEM32\sclgntfy.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe (file missing)
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2saag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing)
O23 - Service: Event Log (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files (x86)\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files (x86)\ewido anti-malware\ewidoguard.exe
O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe (file missing)
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\system32\msdtc.exe (file missing)
O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing)
O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files (x86)\Sygate\SPF\smc.exe
O23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing)
O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)
-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 100822
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 1157 Kb/s
Scan time: 00:25:57
-----------------------------------------------------------------------------
=============================================================================
Total session statistics
=============================================================================
Objects scanned: 100902
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 1163 Kb/s
Scan time: 00:26:12
=============================================================================
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------
+ Created on: 20:51:49, 22.01.2006
+ Report-Checksum: F90933A
+ Scan result:
:mozilla.8:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.17:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
:mozilla.18:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.69:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.87:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.91:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.95:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.97:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.98:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.99:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.100:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.127:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.139:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Revenue : Cleaned with backup
:mozilla.168:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.169:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.170:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.171:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.172:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.173:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.174:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.176:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.177:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.178:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.179:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.183:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.185:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.186:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.187:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.188:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.189:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.190:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.198:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.247realmedia : Cleaned with backup
:mozilla.220:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.255:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.263:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
:mozilla.264:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9dn1vv93.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
C:\Documents and Settings\Administrator\Cookies\administrator@microsofteup.112.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
::Report End
