Søg
Avatar billede aalling Nybegynder
08. maj 2006 - 20:26 Der er 15 kommentarer

har vist virus tjek min log?

er der en der vil tjekke min log...

og give mig en guite line på hvordan;)
Avatar billede aalling Nybegynder
08. maj 2006 - 20:26 #1
guite med d... ;)
Avatar billede Computer Hjælp (Gratis) Mester
08. maj 2006 - 20:36 #2
Følg guiden herfra:
http://www.eksperten.dk/artikler/954

http://www.spywareinfo.dk/index.htm#/manualer/hijackthis.htm
Avatar billede aalling Nybegynder
08. maj 2006 - 22:35 #3
kunne ikke finde loggen fra dr selvom den fandt en del.
men her er fra sas hijack kommer nu:) gisp det tog lang tid...


SUPERAntiSpyware Scan Log
Generated 05/08/2006 at 10:22 PM

Core Rules Database Version : 2918
Trace Rules Database Version: 1045

Memory threats detected  : 1
Registry threats detected : 103
File threats detected    : 102

Trojan.DCOMCfg
    C:\WINDOWS\SYSTEM32\DCOMCFG.EXE
    C:\WINDOWS\SYSTEM32\DCOMCFG.EXE
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run#dcomcfg.exe [ dcomcfg.exe ]
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP159\A0071729.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP159\A0072742.exe
    C:\WINDOWS\Prefetch\DCOMCFG.EXE-1E780C99.pf

Adware.MyWay
    HKLM\Software\Classes\CLSID\{014DA6C9-189F-421a-88CD-07CFE51CFF10}
    HKCR\CLSID\{014DA6C9-189F-421a-88CD-07CFE51CFF10}
    HKCR\CLSID\{014DA6C9-189F-421a-88CD-07CFE51CFF10}
    HKCR\CLSID\{014DA6C9-189F-421a-88CD-07CFE51CFF10}\InprocServer32
    C:\Programmer\Need2Find\bar\1.bin\ND2FNBAR.DLL

Unclassified.Unknown Origin
    HKLM\Software\Classes\CLSID\{4D1C4E89-A32A-416b-BCDB-33B3EF3617D3}
    HKCR\CLSID\{4D1C4E89-A32A-416b-BCDB-33B3EF3617D3}
    HKCR\CLSID\{4D1C4E89-A32A-416b-BCDB-33B3EF3617D3}
    HKCR\CLSID\{4D1C4E89-A32A-416b-BCDB-33B3EF3617D3}\InprocServer32
    HKCR\CLSID\{4D1C4E89-A32A-416b-BCDB-33B3EF3617D3}\InprocServer32#ThreadingModel
    HKCR\CLSID\{4D1C4E89-A32A-416b-BCDB-33B3EF3617D3}\Programmable
    HKCR\CLSID\{4D1C4E89-A32A-416b-BCDB-33B3EF3617D3}\TypeLib

Trojan.Homepage
    HKLM\Software\Classes\CLSID\{B0398ECA-0BCD-4645-8261-5E9DC70248D0}
    HKCR\CLSID\{B0398ECA-0BCD-4645-8261-5E9DC70248D0}
    HKCR\CLSID\{B0398ECA-0BCD-4645-8261-5E9DC70248D0}
    HKCR\CLSID\{B0398ECA-0BCD-4645-8261-5E9DC70248D0}\InprocServer32
    HKCR\CLSID\{B0398ECA-0BCD-4645-8261-5E9DC70248D0}\InprocServer32#ThreadingModel
    C:\WINDOWS\System32\hp73B6.tmp
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b0398eca-0bcd-4645-8261-5e9dc70248d0}

Trojan.WinSoftware/WinFixer
    HKLM\Software\Classes\CLSID\{B5141620-C2B2-4d95-9F0F-134D99C87AB0}
    HKCR\CLSID\{B5141620-C2B2-4d95-9F0F-134D99C87AB0}
    HKCR\CLSID\{B5141620-C2B2-4d95-9F0F-134D99C87AB0}
    HKCR\CLSID\{B5141620-C2B2-4d95-9F0F-134D99C87AB0}#AppID
    HKCR\CLSID\{B5141620-C2B2-4d95-9F0F-134D99C87AB0}\InprocServer32
    HKCR\CLSID\{B5141620-C2B2-4d95-9F0F-134D99C87AB0}\InprocServer32#ThreadingModel
    HKCR\CLSID\{B5141620-C2B2-4d95-9F0F-134D99C87AB0}\ProgID
    HKCR\CLSID\{B5141620-C2B2-4d95-9F0F-134D99C87AB0}\Programmable
    HKCR\CLSID\{B5141620-C2B2-4d95-9F0F-134D99C87AB0}\TypeLib
    HKCR\CLSID\{B5141620-C2B2-4d95-9F0F-134D99C87AB0}\VersionIndependentProgID
    C:\Programmer\WinAntiVirus Pro 2006\IEFWBHO.dll

Adware.Tracking Cookie
    C:\Documents and Settings\David Wurst\Cookies\david wurst@www.pesttrap[1].txt
    C:\Documents and Settings\David Wurst\Cookies\david wurst@www.adwarepunisher[1].txt
    C:\Documents and Settings\David Wurst\Cookies\david wurst@pphlogger[1].txt
    C:\Documents and Settings\David Wurst\Cookies\david wurst@thespyguard[2].txt
    C:\Documents and Settings\David Wurst\Cookies\david wurst@www.winantivirus[1].txt
    C:\Documents and Settings\David Wurst\Cookies\david wurst@cgi-bin[1].txt
    C:\Documents and Settings\David Wurst\Cookies\david wurst@clicks.hmcampaign[1].txt
    C:\Documents and Settings\David Wurst\Cookies\david wurst@adtech[2].txt
    C:\Documents and Settings\David Wurst\Cookies\david wurst@advertising[1].txt
    C:\Documents and Settings\David Wurst\Cookies\david wurst@statcounter[1].txt
    C:\Documents and Settings\David Wurst\Cookies\david wurst@r72[1].txt
    C:\Documents and Settings\David Wurst\Cookies\david wurst@2o7[2].txt
    C:\Documents and Settings\David Wurst\Cookies\david wurst@atdmt[2].txt

Trojan.SpyFalcon
    HKCR\CLSID\{330A77C2-C15A-43B5-055C-B4E35EAED279}
    HKCR\CLSID\{330A77C2-C15A-43B5-055C-B4E35EAED279}#AppID
    HKCR\CLSID\{330A77C2-C15A-43B5-055C-B4E35EAED279}\AuxUserType
    HKCR\CLSID\{330A77C2-C15A-43B5-055C-B4E35EAED279}\AuxUserType\2
    HKCR\CLSID\{330A77C2-C15A-43B5-055C-B4E35EAED279}\ckHyjkeafr
    HKCR\CLSID\{330A77C2-C15A-43B5-055C-B4E35EAED279}\ctrMulstaa
    HKCR\CLSID\{330A77C2-C15A-43B5-055C-B4E35EAED279}\DataFormats
    HKCR\CLSID\{330A77C2-C15A-43B5-055C-B4E35EAED279}\DataFormats\DefaultSet
    HKCR\CLSID\{330A77C2-C15A-43B5-055C-B4E35EAED279}\DataFormats\GetSet
    HKCR\CLSID\{330A77C2-C15A-43B5-055C-B4E35EAED279}\DataFormats\GetSet\0
    HKCR\CLSID\{330A77C2-C15A-43B5-055C-B4E35EAED279}\DataFormats\GetSet\1
    HKCR\CLSID\{330A77C2-C15A-43B5-055C-B4E35EAED279}\DataFormats\GetSet\2
    HKCR\CLSID\{330A77C2-C15A-43B5-055C-B4E35EAED279}\dctrswyUg
    HKCR\CLSID\{330A77C2-C15A-43B5-055C-B4E35EAED279}\DefaultIcon
    HKCR\CLSID\{330A77C2-C15A-43B5-055C-B4E35EAED279}\Htrqitepd
    HKCR\CLSID\{330A77C2-C15A-43B5-055C-B4E35EAED279}\Implemented Categories
    HKCR\CLSID\{330A77C2-C15A-43B5-055C-B4E35EAED279}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}
    HKCR\CLSID\{330A77C2-C15A-43B5-055C-B4E35EAED279}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}
    HKCR\CLSID\{330A77C2-C15A-43B5-055C-B4E35EAED279}\InprocHandler32
    HKCR\CLSID\{330A77C2-C15A-43B5-055C-B4E35EAED279}\Insertable
    HKCR\CLSID\{330A77C2-C15A-43B5-055C-B4E35EAED279}\KqueaGnsIg
    HKCR\CLSID\{330A77C2-C15A-43B5-055C-B4E35EAED279}\LocalServer
    HKCR\CLSID\{330A77C2-C15A-43B5-055C-B4E35EAED279}\LocalServer32
    HKCR\CLSID\{330A77C2-C15A-43B5-055C-B4E35EAED279}\MiscStatus
    HKCR\CLSID\{330A77C2-C15A-43B5-055C-B4E35EAED279}\PersistentHandler
    HKCR\CLSID\{330A77C2-C15A-43B5-055C-B4E35EAED279}\ProgID
    HKCR\CLSID\{330A77C2-C15A-43B5-055C-B4E35EAED279}\rkshlq
    HKCR\CLSID\{330A77C2-C15A-43B5-055C-B4E35EAED279}\tsnhi
    HKCR\CLSID\{330A77C2-C15A-43B5-055C-B4E35EAED279}\verb
    HKCR\CLSID\{330A77C2-C15A-43B5-055C-B4E35EAED279}\verb\0
    HKCR\CLSID\{330A77C2-C15A-43B5-055C-B4E35EAED279}\verb\1
    HKCR\CLSID\{330A77C2-C15A-43B5-055C-B4E35EAED279}\verb\2
    HKLM\Software\SpyFalcon
    HKLM\Software\SpyFalcon#refid
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP158\A0071494.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP158\A0071499.exe

Trojan.WinAntiSpyware/WinAntiVirus 2006
    HKCR\WAP6.PCheck
    HKCR\WAP6.PCheck\CLSID
    HKCR\WAP6.PCheck\CurVer
    HKCR\WAP6.PCheck.1
    HKCR\WAP6.PCheck.1\CLSID
    HKCR\WinPGIntegrator.IEIntegrator
    HKCR\WinPGIntegrator.IEIntegrator\CLSID
    HKCR\WinPGIntegrator.IEIntegrator\CurVer
    HKCR\WinPGIntegrator.IEIntegrator.1
    HKCR\WinPGIntegrator.IEIntegrator.1\CLSID
    HKCR\CLSID\{B2A3156E-3332-4b47-AF5A-5B121503514F}
    HKCR\CLSID\{B2A3156E-3332-4b47-AF5A-5B121503514F}\Implemented Categories
    HKCR\CLSID\{B2A3156E-3332-4b47-AF5A-5B121503514F}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}
    HKCR\CLSID\{B2A3156E-3332-4b47-AF5A-5B121503514F}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}
    HKCR\CLSID\{B2A3156E-3332-4b47-AF5A-5B121503514F}\InprocServer32
    HKCR\CLSID\{B2A3156E-3332-4b47-AF5A-5B121503514F}\InprocServer32#ThreadingModel
    HKCR\CLSID\{B2A3156E-3332-4b47-AF5A-5B121503514F}\ProgID
    HKCR\CLSID\{B2A3156E-3332-4b47-AF5A-5B121503514F}\Programmable
    HKCR\CLSID\{B2A3156E-3332-4b47-AF5A-5B121503514F}\VersionIndependentProgID
    HKCR\TypeLib\{1234890A-5E6E-4867-8136-CA6F1456B235}
    HKCR\TypeLib\{1234890A-5E6E-4867-8136-CA6F1456B235}\1.0
    HKCR\TypeLib\{1234890A-5E6E-4867-8136-CA6F1456B235}\1.0\0
    HKCR\TypeLib\{1234890A-5E6E-4867-8136-CA6F1456B235}\1.0\0\win32
    HKCR\TypeLib\{1234890A-5E6E-4867-8136-CA6F1456B235}\1.0\FLAGS
    HKCR\TypeLib\{1234890A-5E6E-4867-8136-CA6F1456B235}\1.0\HELPDIR
    HKCR\TypeLib\{367A86A5-D048-4785-86BE-4E2706AAFDD9}
    HKCR\TypeLib\{367A86A5-D048-4785-86BE-4E2706AAFDD9}\1.0
    HKCR\TypeLib\{367A86A5-D048-4785-86BE-4E2706AAFDD9}\1.0\0
    HKCR\TypeLib\{367A86A5-D048-4785-86BE-4E2706AAFDD9}\1.0\0\win32
    HKCR\TypeLib\{367A86A5-D048-4785-86BE-4E2706AAFDD9}\1.0\FLAGS
    HKCR\TypeLib\{367A86A5-D048-4785-86BE-4E2706AAFDD9}\1.0\HELPDIR
    HKCR\Interface\{E18B69D0-7E9E-4C6E-BDD8-879A1FFF7123}
    HKCR\Interface\{E18B69D0-7E9E-4C6E-BDD8-879A1FFF7123}\ProxyStubClsid
    HKCR\Interface\{E18B69D0-7E9E-4C6E-BDD8-879A1FFF7123}\ProxyStubClsid32
    HKCR\Interface\{E18B69D0-7E9E-4C6E-BDD8-879A1FFF7123}\TypeLib
    HKCR\Interface\{E18B69D0-7E9E-4C6E-BDD8-879A1FFF7123}\TypeLib#Version
    HKCR\AppId\WinPGI.DLL
    HKCR\AppId\WinPGI.DLL#AppID
    HKCR\AppId\{367A86A5-D048-4785-86BE-4E2706AAFDD9}
    HKU\S-1-5-21-1177238915-1935655697-854245398-1003\Software\WinAntiVirus Pro 2006
    C:\WINDOWS\system32\stera.job
    C:\Programmer\WinAntiVirus Pro 2006\history.db
    C:\Programmer\WinAntiVirus Pro 2006
    C:\Documents and Settings\David Wurst\Application Data\WinAntiVirus Pro 2006\Logs\update.log
    C:\Documents and Settings\David Wurst\Application Data\WinAntiVirus Pro 2006\Logs
    C:\Documents and Settings\David Wurst\Application Data\WinAntiVirus Pro 2006\PGE.dat
    C:\Documents and Settings\David Wurst\Application Data\WinAntiVirus Pro 2006
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP158\A0071686.dll
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP158\A0071687.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP158\A0071699.exe

Trojan.Security Toolbar
    C:\Documents and Settings\All Users\Menuen Start\Online Security Guide.url
    C:\Documents and Settings\All Users\Menuen Start\Security Troubleshooting.url
    C:\Documents and Settings\David Wurst\Foretrukne\Antivirus Test Online.url

Adware.Best Offers Network
    C:\WINDOWS\tboninst.cfg
    C:\RECYCLER\S-1-5-21-1177238915-1935655697-854245398-500\Dc1\TBONWnd.EXE
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP114\A0062174.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP114\A0063174.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP114\A0063182.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP115\A0063223.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP115\A0063232.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP115\A0063245.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP115\A0063253.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP115\A0063261.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP116\A0064261.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP116\A0064270.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP116\A0064283.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP117\A0064296.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP117\A0064304.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP120\A0064370.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP121\A0064396.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP121\A0064404.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP121\A0065404.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP121\A0065415.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP121\A0066415.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP121\A0066426.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP122\A0066439.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP122\A0066447.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP122\A0066457.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP123\A0066470.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP123\A0066478.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP124\A0066491.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP124\A0066503.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP125\A0066532.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP125\A0066540.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP125\A0066553.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP125\A0066561.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP125\A0066574.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP126\A0066589.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP126\A0067589.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP127\A0067609.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP127\A0067617.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP127\A0067636.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP127\A0067644.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP128\A0067659.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP129\A0067678.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP130\A0067703.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP130\A0067714.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP130\A0067722.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP131\A0067735.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP131\A0067755.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP132\A0067782.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP132\A0067792.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP132\A0067802.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP132\A0067814.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP132\A0067827.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP132\A0067835.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP132\A0067846.EXE
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP132\A0067848.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP132\A0067859.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP133\A0067882.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP133\A0067898.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP133\A0067906.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP133\A0067914.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP133\A0067922.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP134\A0067943.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP135\A0067968.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP136\A0067984.exe
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP158\A0071532.exe

Trojan.Homepage/Puper
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run#wininet.dll [ regperf.exe ]

Adware.Apropos Media
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP158\A0071490.exe

Adware.UCMore/The Search Accelerator
    C:\System Volume Information\_restore{0ABD3650-FC1A-40F8-B7C2-B92A60CB9F4C}\RP158\A0071500.exe
Avatar billede aalling Nybegynder
08. maj 2006 - 22:37 #4
Logfile of HijackThis v1.99.1
Scan saved at 22:37:32, on 08-05-2006
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Programmer\Java\jre1.5.0_01\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Programmer\iTunes\iTunesHelper.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\Fælles filer\Aminova\WordSeeker\WordSeeker.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programmer\MSN Messenger\MsnMsgr.Exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Programmer\ewido anti-malware\ewidoctrl.exe
C:\Programmer\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\iPod\bin\iPodService.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Programmer\Mozilla Firefox\firefox.exe
C:\Documents and Settings\David Wurst\Skrivebord\ting og sager\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: (no name) - {b0398eca-0bcd-4645-8261-5e9dc70248d0} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [Aminova WordSeeker] "C:\Programmer\Fælles filer\Aminova\WordSeeker\Controller.exe" SHORTCUT
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programmer\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programmer\PartyPoker\PartyPoker.exe (file missing)
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Programmer\Fælles filer\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Programmer\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Programmer\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
Avatar billede aalling Nybegynder
08. maj 2006 - 22:50 #5
har du nogle ideer til alle disse (for mig) underlige filer!!!!...
Avatar billede Computer Hjælp (Gratis) Mester
08. maj 2006 - 23:35 #6
... Nøøøøj - at du "tør" rulle uden nogen form for M$ ServicePack + WindowsUpdate ...

"Ubeskyttede pc’er holder i 20 minutter" /|
http://forum.mib-eu.dk/forum_posts.asp?TID=44
Avatar billede Computer Hjælp (Gratis) Mester
08. maj 2006 - 23:35 #7
(Vender tilbage imorgen... ZZZ Z Z Z zzz z z z ...)
Avatar billede aalling Nybegynder
08. maj 2006 - 23:43 #8
okay nat...
ses
Avatar billede aalling Nybegynder
09. maj 2006 - 22:36 #9
kan du besvare igen?:)
Avatar billede Computer Hjælp (Gratis) Mester
10. maj 2006 - 07:45 #10
Sorry - faldt i 'søvn' ...

Umiddelbar ser den nu 'ren ud' mht 'snavs' (Der HAR været noget som nu er ædt!)

1) Deaktiver/Aktiver [Systemgendannelse] http://www.fbeej.dk/Systemgendannelse.htm

2) Alm oprydning:
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

3) Bruger du dette "PartyPoker.com"
Avatar billede Computer Hjælp (Gratis) Mester
10. maj 2006 - 07:47 #11
'Talen ang WindowsUpdate':

Du har ikke opdateret dit Windows XP til ServicePack2 (SP2).
"Ubeskyttede pc’er holder i 20 minutter]":
http://forum.mib-eu.dk/forum_posts.asp?TID=44

Det er ikke så godt, for så er du ikke sikret mod mange af de vira, der suser rundt på nettet og kigger efter uopdaterede maskiner.

Du kan hente ServicePack2 (SP2) her som 'løs' fil (~280Mb):
http://intern.sdu.dk/it-service/tjenester/ftphotel/ftpindhold/
Download/copy til et passende sted på din HD.
Afbryd fra det 'farlige' internet (stikket fysisk UD).
Instaler SP2 pakken.
Når det er så gået godt og efter en genstart eller to - først DA tilslut internettet igen og gå i start ->programmer ->Windowsupdate og lade din maskine scanne for nyeste opdateringer. Installer dem du får anbefalet. Der skal nok være >45 'pakker' ...

(Tja - hvis du ikke får dette gennemført ses vi nok snart igen...i virus kategorien?)

Safe Surfing...

---------------------------------
Avatar billede Computer Hjælp (Gratis) Mester
10. maj 2006 - 07:59 #12
Afsluttende tale:

Det kan også være en god ide at få renset ud i dine midlertidige filer. Det kan gøres på en hurtig og nem måde med denne fil
www.spywareinfo.dk/download/cleantempxp2k.bat
---------------------------

For at forhindre gentagelser, vil jeg anbefale dig at lægge nogle små programmer ind, som forhindrer spyware i at komme ind i første omgang. Du finder links og gode råd her:
http://www.spywarefri.dk/manualer/sikkerhedspakke.htm

Jeg vil også foreslå, at du læser denne artikel om hvordan du kan undgå at blive inficeret i fremtiden:
http://www.spywarefri.dk/forum/topic.asp?TOPIC_ID=14414
Avatar billede aalling Nybegynder
15. maj 2006 - 22:29 #13
tak... kom helt fra det igen, har nemlig været væk.. men har du fået dine point??
Avatar billede Computer Hjælp (Gratis) Mester
16. maj 2006 - 06:41 #14
http://expfaq.1go.dk/?id=3#behandling_af_svar

Har du fået SP2 + WindowsUpdate ind på putter ?
Avatar billede Computer Hjælp (Gratis) Mester
25. maj 2006 - 23:06 #15
<aalling>: Er du der endnu ?
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel Indlæg Oprettet Seneste aktivitet
Vil skrifte antivirusprogram. Af ErikHg i Virus 22 26/11/202510:42 23/12/202514:29
Er gratis Bitdefender værd at installere ? Af Ikke-ekspert i Virus 8 31/08/202519:08 01/09/202514:18
Ukendte filer på min Pc Af jonpet i Virus 10 03/02/202514:20 04/02/202511:05
mulig ukendt virus Af jackie18 i Virus 3 18/01/202514:07 18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus 13 18/01/202511:40 20/01/202517:53
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
I går 13:36 godt råd søges Alternativ styresystem på Mac pc Af luffe1955 i Andre styresystemer
I går 11:32 Hjælp til kontrol af sygefravær Af Maja i Excel
27/0113:59 2 skærme til en stationær computer Af BIRGER i Skærme
26/0119:26 Opstart af ny computer Af Bent i Windows
25/0120:06 Hjemmeside der virker både på mobil og computer Af Strawberry i PHP
White papers
Flere white papers »