Søg
Avatar billede aare_o Nybegynder
02. maj 2006 - 21:46 Der er 4 kommentarer og
2 løsninger

Tjek af logfiler

Jeg har også lige denne her computer tjekkes. På forhånd tak.

Dr.Web

Scan statistics

Objects scanned: 192636
Infected objects found: 17
Objects with modifications found: 0
Suspicious objects found: 2
Adware programs found: 2
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 3
Objects cured: 0
Objects deleted: 16
Objects renamed: 7
Objects moved: 0
Objects ignored: 0
Scan speed: 94 Kb/s
Scan time: 00:57:42


C:\WINDOWS\system32\winmyy32.dll - will be cured after reboot - deleted


Total session statistics

Objects scanned: 192772
Infected objects found: 18
Objects with modifications found: 0
Suspicious objects found: 2
Adware programs found: 2
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 3
Objects cured: 0
Objects deleted: 17
Objects renamed: 7
Objects moved: 0
Objects ignored: 0
Scan speed: 110 Kb/s
Scan time: 00:57:47



SUPERAntiSpyware Scan Log
Generated 05/02/2006 at 09:29 PM

Core Rules Database Version : 2908
Trace Rules Database Version: 1040

Memory threats detected  : 0
Registry threats detected : 11
File threats detected    : 97

Adware.Tracking Cookie
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@spylog[2].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@kanoodle[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@free-banners[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@fastclick[2].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@clickbank[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@maxim.122.2o7[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@interclick[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@hitbox[2].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@toyboxxx[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@stat.katalysatormedia[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@doubleclick[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@www.crackfind[2].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@1070614286[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@rabit.carasexe[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@zedo[2].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@clickski[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@revsci[2].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@stats1.reliablestats[2].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@1072556060[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@ad1.emediate[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@1071235637[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@www.serials[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@tribalfusion[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@ad[2].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@1070847646[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@c.enhance[2].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@ads.cdfreaks[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@888[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@statcounter[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@1069440340[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@valueclick[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@www.pcstats[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@ads.neowin[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@yadro[2].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@cz3.clickzs[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@gostats[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@ads.skisport[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@mediaplex[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@as-eu.falkag[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@ad.zanox[2].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@adopt.euroclick[2].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@track.adform[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@ad.bb[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@tacoda[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@xml.bravenetmedianetwork[2].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@warlog[2].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@advertising[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@indextools[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@1069344983[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@atwola[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@ad.yieldmanager[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@1071850805[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@1070791529[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@adsrevenue[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@burstnet[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@www.crackhell[2].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@e2.emediate[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@ad1.bb[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@ads.planetactive[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@revenue[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@oddcast[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@belnk[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@adserver.banneradministration[2].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@highbeam.122.2o7[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@microsofteup.112.2o7[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@dcsx8czs1erp17368wkcsn8pc_9z2q[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@stat.onestat[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@ads1.revenue[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@cz5.clickzs[2].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@optimost[2].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@usenext[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@hotlog[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@dist.belnk[2].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@adtech[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@www.webstat[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@www.statsinaflash[2].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@cgi-bin[2].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@top[2].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@stats.liutilities[2].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@cassava[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@image.masterstats[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@ad.adtoma[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@ads2.jubii[2].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@ehg-nokiafin.hitbox[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@crackfind[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@yieldmanager[2].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@vhost.oddcast[2].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@mb[2].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@www.clickski[2].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@1071793501[2].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@1071944778[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@1071949188[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@1070194600[2].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@www.freeserials[1].txt
    C:\Documents and Settings\Mikkel Oslev\Cookies\mikkel oslev@www.888[1].txt

Trojan.Error Safe Free
    HKLM\Software\Error Safe Free

Adware.ClickSpring/Yazzle
    HKCR\YazzleSudokuGame
    HKCR\YazzleSudokuGame\DefaultIcon
    HKCR\YazzleSudokuGame\shell
    HKCR\YazzleSudokuGame\shell\Open
    HKCR\YazzleSudokuGame\shell\Open\command
    HKLM\Software\Yazzle Sudoku
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/YazzleActiveX.ocx
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/YazzleActiveX.ocx#.Owner
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/YazzleActiveX.ocx#{74CD40EA-EF77-4BAD-808A-B5982DA73F20}
    C:\Programmer\Yazzle Sudoku\License.txt
    C:\Programmer\Yazzle Sudoku
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs#C:\WINDOWS\Downloaded Program Files\YazzleActiveX.ocx [  ]




Logfile of HijackThis v1.99.1
Scan saved at 21:40:01, on 02-05-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmer\Java\jre1.5.0_03\bin\jusched.exe
C:\Programmer\AntiVir PersonalEdition Premium\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\MSN Messenger\MsnMsgr.Exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programmer\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Programmer\AntiVir PersonalEdition Premium\sched.exe
C:\Programmer\AntiVir PersonalEdition Premium\avguard.exe
C:\Programmer\AntiVir PersonalEdition Premium\avesvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Documents and Settings\Mikkel Oslev\Dokumenter\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = prosearching.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = prosearching.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmer\google\googletoolbar1.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmer\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmer\google\googletoolbar1.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmer\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [NVMixerTray] "C:\Programmer\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programmer\AntiVir PersonalEdition Premium\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Acrobat-assistenten.lnk = C:\Programmer\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O8 - Extra context menu item: &Google-søgning - res://C:\Programmer\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Oversæt engelsk ord - res://C:\Programmer\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Lignende sider - res://C:\Programmer\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Tilbage via links - res://C:\Programmer\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Øjebliksbillede af side i cache - res://C:\Programmer\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Broken Internet access because of LSP provider 'avsda.dll' missing
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {3D6DDD23-870A-4FC8-B3AF-5F67C935A9B7} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/PrimeInkCSP-1204.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1143046989390
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winmyy32 - winmyy32.dll (file missing)
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: AntiVir PersonalEdition Premium MailGuard (AntiVirMailService) - Avira GmbH - C:\Programmer\AntiVir PersonalEdition Premium\avmailc.exe
O23 - Service: AntiVir PersonalEdition Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmer\AntiVir PersonalEdition Premium\sched.exe
O23 - Service: AntiVir PersonalEdition Premium Guard (AntiVirService) - AVIRA GmbH - C:\Programmer\AntiVir PersonalEdition Premium\avguard.exe
O23 - Service: AntiVir PersonalEdition Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Programmer\AntiVir PersonalEdition Premium\avesvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
Avatar billede ejvindh Ekspert
02. maj 2006 - 21:47 #1
Jeg kigger den igennem :-)
Avatar billede ejvindh Ekspert
02. maj 2006 - 21:52 #2
-- Kør Hijackthis, vælg "Do a system scan only", sæt flueben ved linierne listet her, luk alle vinduer undtaget Hijackthis, klik på fix checked.
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = prosearching.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
O20 - Winlogon Notify: winmyy32 - winmyy32.dll (file missing)

-- Genstart computeren, og lav en ny log med HJT, som du lægger herind til check.
Avatar billede aare_o Nybegynder
03. maj 2006 - 17:24 #3
Logfile of HijackThis v1.99.1
Scan saved at 17:24:00, on 03-05-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmer\Java\jre1.5.0_03\bin\jusched.exe
C:\Programmer\AntiVir PersonalEdition Premium\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\MSN Messenger\MsnMsgr.Exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programmer\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Programmer\AntiVir PersonalEdition Premium\sched.exe
C:\Programmer\AntiVir PersonalEdition Premium\avguard.exe
C:\Programmer\AntiVir PersonalEdition Premium\avesvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Mikkel Oslev\Dokumenter\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmer\google\googletoolbar1.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmer\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmer\google\googletoolbar1.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmer\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [NVMixerTray] "C:\Programmer\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programmer\AntiVir PersonalEdition Premium\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Acrobat-assistenten.lnk = C:\Programmer\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O8 - Extra context menu item: &Google-søgning - res://C:\Programmer\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Oversæt engelsk ord - res://C:\Programmer\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Lignende sider - res://C:\Programmer\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Tilbage via links - res://C:\Programmer\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Øjebliksbillede af side i cache - res://C:\Programmer\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Broken Internet access because of LSP provider 'avsda.dll' missing
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {3D6DDD23-870A-4FC8-B3AF-5F67C935A9B7} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/PrimeInkCSP-1204.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1143046989390
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: AntiVir PersonalEdition Premium MailGuard (AntiVirMailService) - Avira GmbH - C:\Programmer\AntiVir PersonalEdition Premium\avmailc.exe
O23 - Service: AntiVir PersonalEdition Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmer\AntiVir PersonalEdition Premium\sched.exe
O23 - Service: AntiVir PersonalEdition Premium Guard (AntiVirService) - AVIRA GmbH - C:\Programmer\AntiVir PersonalEdition Premium\avguard.exe
O23 - Service: AntiVir PersonalEdition Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Programmer\AntiVir PersonalEdition Premium\avesvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
Avatar billede ejvindh Ekspert
03. maj 2006 - 20:01 #4
Loggen er ren. Har du også fået løst dit problem?

For at gøre arbejdet helt færdig:
Det kan være en god ide og rydde op i systemgendannelses filerne. Deaktiver systemgendannelse (http://www.spywarefri.dk/virusscannere.htm#alle) - genstart din computer - aktiver systemgendannelse.
Og så kan det også være en god ide at skjule dine systemfiler og -mapper igen, så du ikke ved en fejl kommer til at slette en vigtig fil. Det gør du samme sted, hvor du satte det til at vise alle filer, denne gang vælger du bare: Vis ikke skjulte filer og mapper.

Det kan også være en god ide at få renset ud i dine midlertidige filer. Det kan gøres på en hurtig og nem måde med denne fil
www.spywareinfo.dk/download/cleantempxp2k.bat
---------------------------

For at forhindre gentagelser, vil jeg anbefale dig at lægge nogle små programmer ind, som forhindrer spyware i at komme ind i første omgang. Du finder links og gode råd her:
http://www.spywarefri.dk/manualer/sikkerhedspakke.htm

Jeg vil også foreslå, at du læser denne artikel om hvordan du kan undgå at blive inficeret i fremtiden:
http://www.spywarefri.dk/forum/topic.asp?TOPIC_ID=14414
Avatar billede ejvindh Ekspert
10. maj 2006 - 10:35 #5
Husk at lukke spørgsmålet efter dig :-)
Avatar billede ejvindh Ekspert
07. juni 2006 - 11:59 #6
Husk at lukke spørgsmålet.
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel Indlæg Oprettet Seneste aktivitet
Vil skrifte antivirusprogram. Af ErikHg i Virus 22 26/11/202510:42 23/12/202514:29
Er gratis Bitdefender værd at installere ? Af Ikke-ekspert i Virus 8 31/08/202519:08 01/09/202514:18
Ukendte filer på min Pc Af jonpet i Virus 10 03/02/202514:20 04/02/202511:05
mulig ukendt virus Af jackie18 i Virus 3 18/01/202514:07 18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus 13 18/01/202511:40 20/01/202517:53
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
I går 19:43 Installation af Adobe Photoshop Elements 2019 Af mort1 i Billedbehandling
17/0418:29 Gendanne slettet partition overskrevet med Windows 11 Af Strawberry i Windows
17/0416:11 Samle data fra flere kolonner i 1 Af FinnLauridsen i Excel
17/0414:44 ny fjernbetjening til DVD afspiller fra 2004 Af Nette i Andet hardware
17/0412:36 Manglende kode Af Bent i Windows
White papers
Flere white papers »